diff --git a/pep-0658.rst b/pep-0658.rst index ea0c98ed9ae..b7c5fcafc5e 100644 --- a/pep-0658.rst +++ b/pep-0658.rst @@ -1,5 +1,5 @@ PEP: 658 -Title: Static Distribution Metadata in the Simple Repository API +Title: Serve Distribution Metadata in the Simple Repository API Author: Tzu-ping Chung Sponsor: Brett Cannon PEP-Delegate: Donald Stufft @@ -48,19 +48,16 @@ inspection. The metadata file defined by the Core Metadata Specification [core-metadata]_ will be served directly by repositories since it contains the necessary information for common use cases. The metadata -served must be completely static, i.e. identical to the ``METADATA`` -file in the ``.dist-info`` directory [dist-info]_ if the distribution -is installed. The repository can provide this for any distributions, -but it is expected they will only provide them for wheels [wheel]_ -at the current time, since an sdist [sdist]_ does not yet have a way -to promise the metadata will stay the same after it is built. - -Since not all distributions have static metadata, an HTML attribute -on the distribution file's anchor link is needed to indicate whether a -client is able to choose the separately served metadata file instead. -The attribute is also used to provide the metadata file's hash, so -clients can verify the file after download. If the attribute is -missing from an anchor link, static metadata is not available for the +must only be served for standards-compliant distributions such as +wheels [wheel]_ and sdists [sdist]_, and must be identical to the +distribution's canonical metadata file, such as a wheel's ``METADATA`` +file in the ``.dist-info`` directory [dist-info]_. + +An HTML attribute on the distribution file's anchor link is needed to +indicate whether a client is able to choose the separately served +metadata file. The attribute is also used to provide the metadata +content's hash for client-side verification. The attribute's absence +indicates that a separate metadata entry is not available for the distribution, either because of the distribution's content, or lack of repository support.