Message 415193 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	illia-v
Recipients	illia-v
Date	2022-03-14.21:21:37
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1647292897.69.0.328290401406.issue47016@roundup.psfhosted.org>
In-reply-to

Content
Bundled pip and setuptools wheels have to be verified manually at the moment when they are upgraded. We can automate this by comparing their checksums to ones provided by Warehouse’s JSON API (e.g., https://pypi.org/pypi/pip/json.) Since such a check requires network activity and not to slow down tests, creating a GitHub Actions workflow that runs only when the files are changed is a good option. I suggested this in https://github.com/python/cpython/pull/30178#issuecomment-998765841 originally.

Bundled pip and setuptools wheels have to be verified manually at the moment when they are upgraded.
We can automate this by comparing their checksums to ones provided by Warehouse’s JSON API (e.g., https://pypi.org/pypi/pip/json.)

Since such a check requires network activity and not to slow down tests, creating a GitHub Actions workflow that runs only when the files are changed is a good option.

I suggested this in https://github.com/python/cpython/pull/30178#issuecomment-998765841 originally.

History
Date	User	Action	Args
2022-03-14 21:21:37	illia-v	set	recipients: + illia-v
2022-03-14 21:21:37	illia-v	set	messageid: <1647292897.69.0.328290401406.issue47016@roundup.psfhosted.org>
2022-03-14 21:21:37	illia-v	link	issue47016 messages
2022-03-14 21:21:37	illia-v	create