On Mon, Jun 1, 2015 at 3:43 AM, Ralf Gommers wrote:
>
>
> On Fri, May 29, 2015 at 7:28 PM, Benjamin Root wrote:
>
>> Speaking from the matplotlib project, our binaries are substantial due to
>> our suite of test images. Pypi worked with us on relaxing size constraints.
>> Also, I think the new c
On Fri, May 29, 2015 at 7:28 PM, Benjamin Root wrote:
> Speaking from the matplotlib project, our binaries are substantial due to
> our suite of test images. Pypi worked with us on relaxing size constraints.
> Also, I think the new cheese shop/warehouse server they are using scales
> better, so s
On 28 May 2015 at 10:05, David Cournapeau wrote:
>
>
> On Fri, May 29, 2015 at 2:00 AM, Andrew Collette
> wrote:
>>
>> > Here is their lame excuse:
>> >
>> >
>> > https://sourceforge.net/blog/gimp-win-project-wasnt-hijacked-just-abandoned/
>> >
>> > It probably means this:
>> >
>> > If NumPy inst
Speaking from the matplotlib project, our binaries are substantial due to
our suite of test images. Pypi worked with us on relaxing size constraints.
Also, I think the new cheese shop/warehouse server they are using scales
better, so size is not nearly the same concern as before.
Ben Root
On May 2
On May 28, 2015 7:06 PM, "David Cournapeau" wrote:
> On Fri, May 29, 2015 at 2:00 AM, Andrew Collette <
andrew.colle...@gmail.com> wrote:
>>
>> In any case I've always been surprised that NumPy is distributed
>> through SourceForge, which has been sketchy for years now. Could it
>> simply be hoste
28.05.2015, 21:52, Julian Taylor kirjoitti:
> there is no guarantee that github will not do this stuff in future too,
> also PyPI or self hosting do not necessarily help as those resources can
> be compromised.
> The main thing that should be learned this and the many similar
> incidents in the pas
On 28.05.2015 19:46, Pauli Virtanen wrote:
> 28.05.2015, 20:35, Sturla Molden kirjoitti:
>> Pauli Virtanen wrote:
>>
>>> Is it possible to host them on github? I think there's an option to add
>>> release notes and (apparently) to upload binaries if you go to the
>>> "Releases" section --- there's
28.05.2015, 20:35, Sturla Molden kirjoitti:
> Pauli Virtanen wrote:
>
>> Is it possible to host them on github? I think there's an option to add
>> release notes and (apparently) to upload binaries if you go to the
>> "Releases" section --- there's one for each tag.
>
> And then Sourceforge will
Pauli Virtanen wrote:
> Is it possible to host them on github? I think there's an option to add
> release notes and (apparently) to upload binaries if you go to the
> "Releases" section --- there's one for each tag.
And then Sourceforge will put up tainted installers "for the benefit of
NumPy us
28.05.2015, 20:05, David Cournapeau kirjoitti:
[clip]
>> In any case I've always been surprised that NumPy is distributed
>> through SourceForge, which has been sketchy for years now. Could it
>> simply be hosted on PyPI?
>>
>
> They don't accept arbitrary binaries like SF does, and some of our
>
On Fri, May 29, 2015 at 2:00 AM, Andrew Collette
wrote:
> > Here is their lame excuse:
> >
> >
> https://sourceforge.net/blog/gimp-win-project-wasnt-hijacked-just-abandoned/
> >
> > It probably means this:
> >
> > If NumPy installers are moved away from Sourceforge, they will set up a
> > mirror
> Here is their lame excuse:
>
> https://sourceforge.net/blog/gimp-win-project-wasnt-hijacked-just-abandoned/
>
> It probably means this:
>
> If NumPy installers are moved away from Sourceforge, they will set up a
> mirror and load the mirrored installers with all sorts of crapware. It is
> some so
David Cournapeau wrote:
> IMO, this really begs the question on whether we still want to use
> sourceforge at all. At this point I just don't trust the service at all
> anymore.
Here is their lame excuse:
https://sourceforge.net/blog/gimp-win-project-wasnt-hijacked-just-abandoned/
It probably m
Migrating from SourceForge seems worth considering. I also
agree this is a breach of trust with the open source community.
It is my impression that the GIMP team stopped using SF for
downloads some time ago in favour of using their own website,
leaving the SF account live to maintain the old relea
Julian Taylor wrote:
> It has been reported that sourceforge has taken over the gimp
> unofficial windows downloader page and temporarily bundled the
> installer with unauthorized adware:
> https://plus.google.com/+gimp/posts/cxhB1PScFpe
WTF?
___
NumP
IMO, this really begs the question on whether we still want to use
sourceforge at all. At this point I just don't trust the service at all
anymore.
Could we use some resources (e.g. rackspace ?) to host those files ? Do we
know how much traffic they get so estimate the cost ?
David
On Thu, May 2
hi,
It has been reported that sourceforge has taken over the gimp
unofficial windows downloader page and temporarily bundled the
installer with unauthorized adware:
https://plus.google.com/+gimp/posts/cxhB1PScFpe
As NumPy is also distributing windows installers via sourceforge I
recommend that whe
17 matches
Mail list logo
