Consider handing PyPI package over to dwolfpi that hosts a more maintained py3 compat version

[graingert]

https://github.com/dwolfhub/zxcvbn-python/issues/23

[graingert]

/cc @rpearl

[rpearl]

I no longer work at Dropbox and don't have any say over this repo at this point, sorry!

[graingert]

@rpearl could you add dwolfpi to https://pypi.python.org/pypi/zxcvbn ?

[graingert]

@rpearl ping

[rpearl]

While I control the zxcvbn package on pypi, given that the IP belongs to Dropbox, please contact them. https://www.dropbox.com/contact

[thedrow]

I just pinged @gvanrossum directly. I'm hoping he can help speed this up.

[gvanrossum]

The trail of issues that don't say much is dizzying. Can you please explain in plain language what you want us to do? Is this about ownership of the PyPI entry, or about control of the GitHub repo?

[graingert]

This is about ownership of the PyPI entry. Currently zxcvbn is unmaintained by @rpearl and python-zxcvbn is maintained by @dwolfhub

[gvanrossum]

But even if I wanted to I couldn't change the PyPI entry's ownership, because it's @rpearl's. Given that Dropbox itself uses @dwolfhub's version, I think it's reasonable to say that if @rpearl agrees he can transfer ownership to @dwolfhub, as long as you keep the original https://pypi.python.org/pypi/zxcvbn/1.0 entry around (for those poor souls who want to try out the original).

Or do you want an official legal opinion from Dropbox? I can ask our lawyer but it will take a while. Let me know if you need this.

[dwolfhub]

@gvanrossum I see no reason to remove 1.0. I'm sure there are projects still using it.

@rpearl my pypi username is dwolfpi FYI

Is it possible to add a message to the README in this repository to note that this version is deprecated? Just trying to avoid confusion.

[gvanrossum]

OK, I added a note to the README (https://github.com/dropbox/python-zxcvbn/pull/20). @rpearl you have my blessing to had over the PyPI project to @dwolfhub.

[rpearl]

Okay, with that word @gvanrossum / Dropbox, I've added @dwolfhub as an owner of the pypi project. Sorry for the confusion here; I just didn't want to hand over a thing which (while in my control) was developed solely while at Dropbox.

[gvanrossum]

Thanks @rpearl! You did the right thing here.