Re: PyPI account

[Daniel P . Berrangé]

On Wed, Jan 12, 2022 at 12:47:01PM -0500, John Snow wrote:
> On Wed, Jan 12, 2022 at 12:34 PM Daniel P. Berrangé <berrange@redhat.com> 
> wrote:
> >
> > On Wed, Jan 12, 2022 at 12:25:16PM -0500, John Snow wrote:
> > > On Wed, Jan 12, 2022 at 5:56 AM Stefan Hajnoczi <stefanha@redhat.com> 
> > > wrote:
> > > >
> > > > [Context: John created a PyPI QEMU user in order to publish the qemu.qmp
> > > > package. If anyone wants to publish additional Python packages from
> > > > qemu.git, please contact him for PyPI access.]
> > > >
> > > > On Tue, Jan 11, 2022 at 03:42:23PM -0500, John Snow wrote:
> > > > > Account made: https://pypi.org/user/QEMU/
> > > > >
> > > > > I can't update the wiki, I lack admin perms to edit
> > > > > https://wiki.qemu.org/AdminContacts
> > > > >
> > > > > I assume in the event that I fall into a black hole or get launched
> > > > > out of a cannon into the sun, any mails sent to jsnow@redhat.com can
> > > > > be recovered by Red Hat in general, so there's a sufficient recourse
> > > > > for recovering the account in that circumstance.
> > > >
> > > > Thanks, I have added the PyPI QEMU user and added you as the admin
> > > > contact:
> > > > https://wiki.qemu.org/AdminContacts#Other_resources
> > > >
> > > > Stefan
> > >
> > > Thanks, Stefan!
> > >
> > > As additional context, there is currently a single package that
> > > belongs to that user, "qemu.qmp" [1]. I published it "in advance" to
> > > be able to test integration in an RFC patch set I posted to the list
> > > just before the winter break [2]. The package is an "alpha prerelease"
> > > and is at a very low-risk to be installed by accident. The version
> > > chosen here will be considered "less than" any other valid version
> > > string chosen, and can be deleted permanently from PyPI after
> > > consensus on list review. Please forgive the mid-review publishing.
> > > The exact metadata, wording of the README, etc is still under review
> > > here [3].
> > >
> > > As for the PyPI account itself, I have volunteered to administer it.
> > > If anyone wants access (esp. a leadership committee member from
> > > another employer), please contact me - I'm happy to share.
> >
> > As a general rule we should ensure we always have 2 nominated people
> > with access to any account held on behalf of the QEMU project, so we
> > have some redundancy in case of unexpected events. So we definitely
> > ought to have a 2nd person with access to PyPI even if they do nothing
> > with it.
> >
> 
> I'm perfectly fine with that. It'd increase the fault tolerance to
> have someone from outside of RH be the paper-admin there. Any
> volunteers?
> 
> (I can add your email as a secondary contact to the account such that
> you would be able to use that email to initiate an account recovery,
> but you wouldn't receive email from PyPI concerning the comings and
> goings of the account. Your name and email would not show up on any
> PyPI package pages, so it should very hopefully not involve really any
> actual maintainership on your part.)

In my case I expect it could complain that my email(s) are already
in use for other PyPI accounts of my own.

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|