support gpg keys #2172
support gpg keys #2172
Conversation
graingert
force-pushed
the
support-gpg-keys
branch
2 times, most recently
from
afa16a5 to
1bc03c1
Compare
graingert
force-pushed
the
support-gpg-keys
branch
from
1bc03c1 to
3ca2bb2
Compare
|
@dstufft not sure how to add a migration for this? I sort of assumed it would work if it used to be in legacy. |
|
Hey there! Sorry for the delay in getting back to you on this. I'm actually going to close this PR, because I don't think that we want to support PGP keys in the long term so improving them is not something that I'm super interested in at this point. However, thanks for the contribution even if it wasn't ultimately accepted! |
|
As far as I can tell this reply by Donald is the closest thing we have to a record of the Warehouse policy decision (raised but not settled by Donald in this thread) that we will not be displaying GPG/PGP signatures for packages and will not give users a way to manage their public GPG keys. Also see #2935 (comment) and the followups, and:
Noting this for others' reference in case anyone is doing research. |
|
There's also https://mail.python.org/pipermail/distutils-sig/2016-May/028933.html which has some thoughts on the place of GPG in PyPI/Warehouse on a longer timeframe, but isn't rally specific to displaying or managing keys. |
|
Yes, people discussed the question in a few places. The comment above seems to be the place where you publicly communicated that the decision was now final. |
|
Yea that is probably about right. |
No description provided.