[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#54737] gnu: python-multipart: Update to 0.2.4.
From: |
Peter Polidoro |
Subject: |
[bug#54737] gnu: python-multipart: Update to 0.2.4. |
Date: |
Sat, 30 Jul 2022 08:19:01 -0400 |
Hi. Good catch. I may have made a mistake when choosing between these two
unfortunately named pypi packages. I need one of these two as a dependency for
another Guix package. I am traveling at the moment, but I will double check
this when I return in a few days. If I do need multipart instead of
python-multipart, perhaps there is a better way to name the Guix packages to
cause less confusion. Thanks!
> On Jul 29, 2022, at 3:38 PM, Maxime Devos <maximedevos@telenet.be> wrote:
>
>
>>
>> (define-public python-multipart
>> (package
>> (name "python-multipart")
>> - (version "0.0.5")
>> - (source (origin
>> - (method url-fetch)
>> - (uri (pypi-uri "python-multipart" version))
>> - (sha256
>> - (base32
>> - "0hzshd665rl1bkwvaj9va4j3gs8nmb478fbvligx20663xhmzfzp"))))
>> + (version "0.2.4")
>> + (source
>> + (origin
>> + (method url-fetch)
>> + (uri (pypi-uri "multipart" version))
>> + (sha256
>> + (base32 "1jr24lm931pkh4x0amr19w5qknrckcg4z3k1zvz9cw5wc19j1fh6"))))
>
> What's the reason for changing from the python-multipart to multipart? I've
> looked at the home page and the pypi page, and it doesn't state that the
> latter is a successor of the former, so these look like unrelated projects or
> a typosquatting attack.
>
> Greetings,
> Maxime.
OpenPGP_0x49E3EE22191725EE.asc
Description: Binary data
OpenPGP_signature
Description: Binary data