Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Avoid Package Overwrite #3

Open
lovato opened this issue Oct 27, 2014 · 1 comment
Open

Avoid Package Overwrite #3

lovato opened this issue Oct 27, 2014 · 1 comment

Comments

@lovato
Copy link

lovato commented Oct 27, 2014

I did a cron script to chmod 444 all files inside packages directory.
With this, the user get a HTTP 500 if he tries to upload a new package with same name/version.

Obviously, you cannot be root to do that. Root simply ignores 444 for himself.

If after an upload, a chmod can be issued, this kind of solve this, for now.
Or a file.exists may solve it too.

What do you think?

Best,
Marco
@steiza
Copy link
Owner

steiza commented Oct 28, 2014

Hi @lovato - this was actually intentional. The way we were using simplepypi at work we would sometimes need to re-submit a patched package with the same version number as the unpatched one, and we wanted simplepypi to silently overwrite the old package.

However, I can see why other people would not want that to be the case. If someone wanted to submit a pull request that supported 1) deleting a package and 2) have simplepypi return some sort of sane error when you try to resubmit a package with the same name / version, I think that'd be reasonable way to support both use cases.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@steiza @lovato