[openstack-dev] pip requirements externally host (evil evil stab stab stab)

Salvatore Orlando sorlando at nicira.com
Sat Jul 20 16:10:56 UTC 2013


I reckon the netifaces package is only used in Neutron's Ryu plugin.
At a first glance, it should be possible to replace its current usage with
the iplib module which has been developed within neutron itself.

Unless we hear otherwise from contributors to the Ryu plugin it is my
opinion that we should move towards replacing netifaces.

Salvatore


On 19 July 2013 20:04, Monty Taylor <mordred at inaugust.com> wrote:

> Hey guys!
>
> PyPI is moving towards the world of getting people to stop hosting stuff
> via external links. It's been bad for us in the past and one of the
> reasons for the existence of our mirror. pip 1.4 has an option to
> disallow following external links, and in 1.5 it's going to be the
> default behavior.
>
> Looking forward, we have 5 pip packages that host their stuff
> externally. If we have any pull with their authors, we should get them
> to actually upload stuff to pypi. If we don't, we should strongly
> consider our use of these packages. As soon as pip 1.4 comes out, I
> would like to moving forward restrict the addition of NEW requirements
> that do not host on pypi. (all 5 of these host insecurely as well, fwiw)
>
> The culprits are:
>
> dnspython,lockfile,netifaces,psutil,pysendfile
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130720/4247bd72/attachment.html>


More information about the OpenStack-dev mailing list