PyCon 2014

Las novedades que vienen para los paquetes de Python

Noah Kantrowitz  · 

Presentación

Vídeo

Transcripción

Extracto de la transcripción automática del vídeo realizada por YouTube.

welcome everyone we've got a great speaker ahead of us this is noah can turrets with python packaging a zeitgeist alright welcome I apologize for anyone that saw this was originally called what's coming in Python packaging but unfortunately or fortunately

in the roughly six months since I wrote the proposal most of the stuff that I was going to say is coming soon has actually happened so this will be more of a review of the last 18 to 24 months thank you so rude last 18 to 24 months of Python packaging development

but first a little bit about me the infrastructure lead for the Python Software Foundation and one of the organizers of Pike on by day I do server automation and operations work for balance payments very involved in the chef community and I really like making

things also a disclaimer this list is not in any specific order not chronological not order of importance it's just the order that I could weave best into a presentation so don't take this as an endorsement or disparagement of any particular features

so getting started we have a couple of org chart changes in the Python community the first major one was the creation of the python packaging Authority or pie PA this is now a group operating outside of the C Python development team although there is some

overlap some people participate in both groups that's handling most of the non-standard lib packaging tool development and organizations that's things like pip setuptools virtual and all of that now lives under the pie PA umbrella organization second

was the appointment of the new packaging btfl Nick Coughlin hopefully I pronounced that correctly he demoed it for me earlier but never insure with these things anyway he was appointed by Guido as the packaging btfl just means that he can directly accept peps

related for packaging without the discussion moving on to Python dev anyone who's on python dev probably understands why this is a very good thing additionally rich jones has taken back the mantle of BD FL for the python package index itself so he's

back on the saddle for managed doing anything where we need to break compatibility we do try to file peps and he's allowed to accept those if necessary so on to the actual features most of you probably use the Python package index or pi PI for short either

to host your own packages or to find libraries to use we made a lot of improvements to that biggest one in my mind is a lot of TLS improvements we actually use HTTPS now and we support all the latest goodies like strict Transport Security so you'll automatically

default to https trying to keep it much more secure we also now offer perfect forward secrecy so that if keys are leaked how would that ever happen no one can decrypt past recorded traffic this one not actually as recent as some of the other stuff I'm

mentioning but a lot of people don't know it exists there is a JSON API of sorts for the Python package index if you just add / JSON to the end of either a package or version URL you will get all the data of that page in JSON format so if you have a reason

to need all the packaging information you could ever possibly want here's a really easy way to grab it we now have a CDN powering the Python package index so it's run by fastly who gloriously sponsors it for us they do a geo distributed caching system

based around varnish with an automated static fall back so if our servers self-destruct we move to a Bandersnatch managed static mirror in another data center this has led to vastly improve performance for people that don't live outside the US since the

servers are no longer a single box somewhere in Oregon and just generally improve stability because of the CDN combined with the fact that a lot of the public mirrors were becoming increasingly fragile many of them were breaking or no longer updating had to

be kicked every couple weeks or they'd fall out of sync we've now deprecated the public mirror Network so if you've previously read jacob kaplan mosses wonderful post on how to use mirrors please disregard all of that my love to jacob and i'm

[ ... ]

Nota: se han omitido las otras 1.977 palabras de la transcripción completa para cumplir con las normas de «uso razonable» de YouTube.