[Bug 1127974] New: Review Request: twine - Collection of utilities for interacting with PyPI
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1127974
Bug ID: 1127974
Summary: Review Request: twine - Collection of utilities for
interacting with PyPI
Product: Fedora
Version: rawhide
Component: Package Review
Severity: medium
Priority: medium
Assignee: nobody(a)fedoraproject.org
Reporter: e(a)mayorgalinux.com
QA Contact: extras-qa(a)fedoraproject.org
CC: package-review(a)lists.fedoraproject.org
Spec URL: https://mayorga.fedorapeople.org/twine.spec
SRPM URL: https://mayorga.fedorapeople.org/twine-1.3.1-1.fc20.src.rpm
Description: Twine is a utility for interacting with PyPI.
The biggest reason to use twine is that python setup.py upload uploads
files over plaintext. This means anytime you use it you expose your
username and password to a MITM attack. Twine uses only verified TLS to
upload to PyPI protecting your credentials from theft.
Secondly it allows you to precreate your distribution files. python
setup.py upload only allows you to upload something that you’ve created
in the same command invocation. This means that you cannot test the
exact file you’re going to upload to PyPI to ensure that it works before
uploading it.
Finally it allows you to pre-sign your files and pass the .asc files
into the command line invocation (twine upload twine-1.0.1.tar.gz
twine-1.0.1.tar.gz.asc). This enables you to be assured that you’re
typing your gpg passphrase into gpg itself and not anything else since
you will be the one directly executing gpg --detach-sign -a <filename>.
Fedora Account System Username: mayorga
--
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
7 years, 10 months
[Bug 1065627] New: Review Request: pire - Perl Incompatible Regular Expressions library
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1065627
Bug ID: 1065627
Summary: Review Request: pire - Perl Incompatible Regular
Expressions library
Product: Fedora
Version: rawhide
Component: Package Review
Severity: medium
Priority: medium
Assignee: nobody(a)fedoraproject.org
Reporter: cickumqt(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: package-review(a)lists.fedoraproject.org
Spec URL: http://cicku.me/pire.spec
SRPM URL: http://cicku.me/pire-0.0.5-1.fc21.src.rpm
Description: Pire is developed in Yandex (http://company.yandex.ru/) as a part
of its web crawler. It aims at checking a huge amount of text against
relatively many regular expressions. Roughly speaking, it can just check
whether given text
maches the certain regexp, but can do it really fast (more than 400 MB/s on
our hardware is common). Even more, multiple regexps can be combined together,
giving capability to check the text against apx.10 regexps in a single pass
(and mantaining the same speed).
Since Pire examines each character only once, without any lookaheads
or rollbacks, spending about five machine instructions per each character,
it can be used even in realtime tasks.
On the other hand, Pire has very limited functionality (compared to
other regexp libraries). Pire does not have any Perlish conditional
regexps, lookaheads & backtrackings, greedy/nongreedy matches; neither
has it any capturing facilities.
Fedora Account System Username: cicku
--
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
7 years, 10 months