Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Pursuit thoughts

upload process

  • user runs pulp publish, or something
  • JSON dump is generated by psc-package-upload
  • Uploaded to
  • Verification URL sent back in response, and printed to stdout
  • User visits verification URL in browser and is authenticated via GitHub OAuth
  • After authentication, HTML is generated etc and the package appears on pursuit.

I think this is better from a UX perspective, and still enables us to associate a GitHub user with each uploaded package for accountability.

handling undeclared dependencies

In order for people to be able to trust the dependencies listed on the website, we should fail while generating the JSON package dump if there are any undeclared dependencies. This is too hard; out of scope (for now).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment