4 Jan
2022
4 Jan
'22
11:13 p.m.
On Tue, 4 Jan 2022 21:20:24 +0000 Jeremy Stanley <fungi@yuggoth.org> wrote: Thanks for the detailed explanations, I think I understood everything. One thing caught my attention:
It's expected that the place to obtain new git-review tarballs is PyPI, as mentioned in our release announcements on the service-announce mailing list:
http://lists.opendev.org/pipermail/service-announce/2021-November/000028.htm...
As it happens, just a short time back, I ran into an issue with PyPI.[1] Basically, it's possible to upload something there and nobody knows anything about it. Is that loss of audit trail a concern for our releases? -- Pete [1] https://zaitcev.livejournal.com/263602.html