It serves two purposes:
@itemize
-@item hosting of private locally uploaded packages (conforming to
- @url{https://www.python.org/dev/peps/pep-0503/, PEP-0503} (Simple
- Repository API))
@item proxying and caching of missing packages from upstream
- @url{https://pypi.org/, PyPI}
+ @url{https://pypi.org/, PyPI}, conforming to
+ @url{https://www.python.org/dev/peps/pep-0503/, PEP-0503}
+ (Simple Repository API)
+@item hosting of private locally uploaded packages, conforming to
+ @url{https://warehouse.pypa.io/api-reference/legacy/, Warehouse Legacy API}
@end itemize
Initially it was created as a fork of
but nearly all the code was rewritten. It has huge differences:
@itemize
-@item proxying and caching of missing packages
+@item proxying and caching of missing packages, including GPG signatures
@item atomic packages store on filesystem
-@item SHA256-checksummed packages (both uploaded and proxied one)
+@item SHA256-checksummed packages: storing checksums, giving them back,
+ verifying stored files integrity, verifying checksum of uploaded
+ packaged
@item graceful HTTP-server shutdown
@item no YAML configuration, just command-line arguments
@item no package overwriting ability (as PyPI does)
@end itemize
+Also it contains @file{pyshop2packages.sh} migration script for
+converting @url{https://pypi.org/project/pyshop/, Pyshop} database into
+GoCheese one, including private packages.
+
GoCheese is free software, licenced under
@url{https://www.gnu.org/licenses/gpl-3.0.html, GNU GPLv3}:
see the file COPYING for copying conditions.
twine upload
--repository-url http://gocheese.host:8080/simple/ \
--username spam \
- --passwd foo dist/tarball.tar.gz
+ --password foo dist/tarball.tar.gz
@end verbatim
+If @command{twine} sends SHA256 checksum in the request, then uploaded
+file is checked against it.
+
+@option{-gpgupdate} is useful mainly for migrated from Pyshop
+repositories. It forces GPG signature files downloading for all existing
+package files.
+
@node Passwords
@unnumbered Password authentication