X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;ds=sidebyside;f=gocheese.texi;h=17bcbedfdcd98fb03a86243e74f4d1c93df75466;hb=4b49f65744b823da2903583ab348167a1e2756ac;hp=fac8df0e4c564c3652a1e4043224be30c5dc4f38;hpb=508cad6b690c7057c98b5f4c3dabaa9fa55e9219;p=gocheese.git

diff --git a/gocheese.texi b/gocheese.texi
index fac8df0..17bcbed 100644
--- a/gocheese.texi
+++ b/gocheese.texi
@@ -10,11 +10,12 @@ GoCheese is Python private package repository and caching proxy.
 It serves two purposes:
 
 @itemize
-@item hosting of private locally uploaded packages (conforming to
-    @url{https://www.python.org/dev/peps/pep-0503/, PEP-0503} (Simple
-    Repository API))
 @item proxying and caching of missing packages from upstream
-    @url{https://pypi.org/, PyPI}
+    @url{https://pypi.org/, PyPI}, conforming to
+    @url{https://www.python.org/dev/peps/pep-0503/, PEP-0503}
+    (Simple Repository API)
+@item hosting of private locally uploaded packages, conforming to
+    @url{https://warehouse.pypa.io/api-reference/legacy/, Warehouse Legacy API}
 @end itemize
 
 Initially it was created as a fork of
@@ -22,14 +23,20 @@ Initially it was created as a fork of
 but nearly all the code was rewritten. It has huge differences:
 
 @itemize
-@item proxying and caching of missing packages
+@item proxying and caching of missing packages, including GPG signatures
 @item atomic packages store on filesystem
-@item SHA256-checksummed packages (both uploaded and proxied one)
+@item SHA256-checksummed packages: storing checksums, giving them back,
+    verifying stored files integrity, verifying checksum of uploaded
+    packaged
 @item graceful HTTP-server shutdown
 @item no YAML configuration, just command-line arguments
 @item no package overwriting ability (as PyPI does)
 @end itemize
 
+Also it contains @file{pyshop2packages.sh} migration script for
+converting @url{https://pypi.org/project/pyshop/, Pyshop} database into
+GoCheese one, including private packages.
+
 GoCheese is free software, licenced under
 @url{https://www.gnu.org/licenses/gpl-3.0.html, GNU GPLv3}:
 see the file COPYING for copying conditions.
@@ -65,6 +72,13 @@ twine upload
     --password foo dist/tarball.tar.gz
 @end verbatim
 
+If @command{twine} sends SHA256 checksum in the request, then uploaded
+file is checked against it.
+
+@option{-gpgupdate} is useful mainly for migrated from Pyshop
+repositories. It forces GPG signature files downloading for all existing
+package files.
+
 @node Passwords
 @unnumbered Password authentication