Differences between revisions 21 and 22
Revision 21 as of 2018-03-22 18:39:55
Size: 10677
Comment: improvements thanks to Ernest
Revision 22 as of 2018-03-22 19:31:36
Size: 10730
Comment: wording changes per Ernest
Deletions are marked like this. Additions are marked like this.
Line 11: Line 11:
[[https://pypi.python.org|The legacy PyPI site https://pypi.python.org]] started in the early 2000s, before modern web frameworks. The legacy codebase has made it hard to maintain and even harder to develop new features, and past maintainers put in tremendous effort to reduce outages. [[https://pypi.python.org|The legacy PyPI site https://pypi.python.org]] started in the early 2000s, before modern web frameworks. The legacy codebase has made it hard to maintain and even harder to develop new features, and past maintainers put in tremendous effort to continuously reduce outages.
Line 20: Line 20:
'''Users''': On Windows and Linux: no change necessary. `pip install` works as normal. '''Users''': On Windows and Linux: no change necessary as long as your version of OpenSSL supports TLSv1.2. `pip install`s should work as normal.
Line 22: Line 22:
On macOS: upgrade to [[https://pypi.org/project/pip/9.0.3/|the latest pip (9.0.3)]] to connect to PyPI securely. macOS/OS X users running version 10.12 or older need to upgrade to [[https://pypi.org/project/pip/9.0.3/|the latest pip (9.0.3)]] to connect to PyPI securely.
Line 25: Line 25:
shell
Line 28: Line 27:
'''Package maintainers''': If you specify an upload URL when [[https://packaging.python.org/tutorials/distributing-packages/#uploading-your-project-to-pypi|uploading releases]], you must update that URL. If you use `setup.py upload` to upload releases, we recommend you switch to [[https://pypi.org/project/twine/|Twine]]. New PyPI takes the same username/password as legacy PyPI did. Follow [[https://packaging.python.org/guides/migrating-to-pypi-org/|the packagers' migration guide]]. '''Package maintainers''': If you use `setup.py upload` to [[https://packaging.python.org/tutorials/distributing-packages/#uploading-your-project-to-pypi|upload releases]], we recommend you switch to [[https://pypi.org/project/twine/|Twine]]. New PyPI takes the same username/password as legacy PyPI did. If you have problems, follow [[https://packaging.python.org/guides/migrating-to-pypi-org/|the packagers' migration guide]].

DRAFT

PyPI beta announcement

[This page is a draft and not to be used/publicized until we close out the "publicize beta" milestone. That'll probably be by March 25, 2018.]

The new Python Package Index is now in beta at https://pypi.org/. We predict the full switch will happen in April 2018 (roadmap), so here's a heads-up about why we're switching, what's changed, and what to expect. To get an email when the new site replaces the old one, please sign up for the low-traffic PyPI announcements email list.

Context

The legacy PyPI site https://pypi.python.org started in the early 2000s, before modern web frameworks. The legacy codebase has made it hard to maintain and even harder to develop new features, and past maintainers put in tremendous effort to continuously reduce outages.

The new PyPI http://pypi.org/ (codebase: Warehouse) looks more modern, and is up-to-date under the hood too. A modern web framework (Pyramid), 100% backend test coverage, and a Docker-based development environment make it easier for current and new developers to maintain and run it and add features.

Thanks to Mozilla's Open Source Support funding, we have designed and added new features, overhauled infrastructure, and worked towards redirecting traffic to the new site and shutting down the old one. The full switch will include redirecting browser and pip install traffic from the old site; then, sometime in late April or early May, the legacy site will be entirely shut down.

Migrating

You may not need to change anything right away. Thanks to redirects, your sites, services, and tools will probably be able to seamlessly switch to the new site.

Users: On Windows and Linux: no change necessary as long as your version of OpenSSL supports TLSv1.2. pip installs should work as normal.

macOS/OS X users running version 10.12 or older need to upgrade to the latest pip (9.0.3) to connect to PyPI securely.

curl https://bootstrap.pypa.io/get-pip.py | python

Package maintainers: If you use setup.py upload to upload releases, we recommend you switch to Twine. New PyPI takes the same username/password as legacy PyPI did. If you have problems, follow the packagers' migration guide.

API users: follow the API users' migration guide.

If you're affected by a deprecation (below), you should adapt and migrate by early April 2018. For help, come to a livechat or contact us. Sign up for the low-traffic PyPI announcements email list to get a heads-up when we have a more precise date.

New PyPI Features

Deprecations

Things that already have gone away (sometimes for policy or spam-fighting reasons) include:

Things that will go away once legacy PyPI shuts down:

Late 2018 or later:

Future plans

See our issue tracker. Includes:

For updates, please sign up for the low-traffic PyPI announcements email list.

Security

If you find any potential security vulnerabilities, please follow our published security policy. Please don't report security issues in Warehouse via GitHub, IRC, or mailing lists. Instead, please directly email the security team.

Please test!

The point of the beta is to find and fix bugs. Please help us. Most of these workflows you can test on pypi.org, using the same login as you use on pypi.python.org (legacy PyPI). For testing destructive actions, like removing an owner, deleting a project, or deleting a release, please use test.pypi.org.

Workflows

Package users:

  • Register/confirm a new user
  • Login/logout
  • Reset password
  • Search for projects
  • `pip install` a package

  • Download release files via browser
  • Call JSON, RSS, Simple, and XML-RPC APIs

Project maintainers:

  • Add/remove a maintainer
  • Add/remove an owner
  • Transition ownership
  • Remove a project
  • Remove a release
  • View journals for a project
  • View journals for a release
  • Upload a new release (source distribution and wheel; upgrade your versions of twine and setuptools first)

  • Confirm display of project description, release history, download files, project links, maintainers, tags, and classifiers (example)

IRC/Twitter livechat hours

Warehouse developers will be in IRC, in #pypa-dev on Freenode, and on Twitter (#newpypi), available to talk about problems you run into, or about how to hack on Warehouse:

  1. Tuesday, March 27th, 9am-noon PDT, noon-1pm EDT, 18:00-19:00 CEST, 9:30pm-10:30pm India, 16:00-17:00 UTC

  2. Friday, March 30th, 10-11am EDT, 16:00-17:00 CEST, 7:30pm-8:30pm India, 14:00-15:00 UTC

  3. Tuesday, April 3rd, 8am-9am PDT, 11am-noon EDT, 17:00-18:00 CEST, 8:30pm-9:30pm India, 15:00-16:00 UTC

  4. Thursday, April 5th, 5pm-6pm PDT, 8pm-9pm EDT, (April 5th) 8am-9am Manila, (April 5th) 10am-11am Melbourne, (April 5th) 0:00-1:00 UTC

Feel free to drop in! (By participating, you agree to abide by the PyPA Code of Conduct.)

Contact us

Security issues: email security @ python dot org

GitHub for all other bug reports & feature requests:https://github.com/pypa/warehouse/issues/new

IRC: #pypa-dev on Freenode (someone's usually there 10am-5pm Central Time on weekdays, or during a livechat)

Email: pypa-dev mailing list

(By participating, you agree to abide by the PyPA Code of Conduct.)

Thank you for using PyPI!

https://pypi.org/static/images/logo-large.svg

PackagingWG/PyPIBetaAnnouncement (last edited 2018-03-26 16:13:31 by SumanaHarihareswara)

Unable to view page? See the FrontPage for instructions.