From 28fbb59b1ca86cc3b017605477fc36e8ab876bbb Mon Sep 17 00:00:00 2001
From: Sumana Harihareswara <sh@changeset.nyc>
Date: Mon, 24 Aug 2020 15:00:02 -0400
Subject: [PATCH 1/2] PEP 480: Fix status, author, discuss, reference

Move from Deferred to Draft status, update discussion venue and author
list, and fix an obsolete reference to Distutils.

Signed-off-by: Sumana Harihareswara <sh@changeset.nyc>
---
 pep-0480.txt | 38 ++++++++++++++++++++------------------
 1 file changed, 20 insertions(+), 18 deletions(-)

diff --git a/pep-0480.txt b/pep-0480.txt
index 3a168755775..6ad94622e6e 100644
--- a/pep-0480.txt
+++ b/pep-0480.txt
@@ -4,10 +4,10 @@ Version: $Revision$
 Last-Modified: $Date$
 Author: Trishank Karthik Kuppusamy <karthik@trishank.com>,
         Vladimir Diaz <vladimir.diaz@nyu.edu>,
-        Justin Cappos <jcappos@nyu.edu>
-BDFL-Delegate: Richard Jones <r1chardj0n3s@gmail.com>
-Discussions-To: DistUtils mailing list <distutils-sig@python.org>
-Status: Deferred
+        Justin Cappos <jcappos@nyu.edu>, Marina Moore <mm9693@nyu.edu>
+BDFL-Delegate: Paul Moore <p.f.moore@gmail.com>
+Discussions-To: Packaging category on Python Discourse <https://discuss.python.org/c/packaging>
+Status: Draft
 Type: Standards Track
 Content-Type: text/x-rst
 Requires:  458
@@ -56,8 +56,12 @@ distributions.
 PEP Status
 ==========
 
-Due to the amount of work required to implement this PEP, it is deferred until
-appropriate funding can be secured to implement the PEP.
+The community discussed this PEP from 2014 to 2018. Due to the amount
+of work required to implement this PEP, discussion was deferred until
+after approval for the precursor step in PEP 458. As of mid-2020 PEP
+458 is approved and implementation is in progress, and the PEP authors
+aim to gain approval so they can secure appropriate funding for
+implementation.
 
 
 Rationale
@@ -276,7 +280,7 @@ Files, and Key Management) cover the cryptographic components of the developer
 release process.  That is, which key type PyPI supports, how keys may be
 stored, and how keys may be generated.  The two subsections that follow the
 first three discuss the PyPI modules that SHOULD be modified to support TUF
-metadata.  For example, Twine and Distutils are two projects that SHOULD be
+metadata.  For example, Twine and Distlib are two projects that SHOULD be
 modified.  Finally, the last subsection goes over the automated key management
 and signing solution that is RECOMMENDED for the signing tools.
 
@@ -341,14 +345,11 @@ distributions, and prevents MITM attacks on usernames and passwords.
 __ https://github.com/pypa/twine
 
 
-Distutils
----------
+Build backends
+--------------
 
-`Distutils`__ MAY be modified to sign metadata and to upload signed distributions
-to PyPI.  Distutils comes packaged with CPython and is the most widely used
-tool for uploading distributions to PyPI.
-
-__ https://docs.python.org/2/distutils/index.html#distutils-index
+Build backends MAY be modified to sign metadata and to upload signed
+distributions to PyPI.
 
 
 Automated Signing Solution
@@ -410,7 +411,7 @@ management is preferred (e.g., ssh-copy-id).
 
 The `repository`__ and `developer`__ TUF tools currently support all of the
 recommendations previously mentioned, except for the automated signing
-solution, which SHOULD be added to Distutils, Twine, and other third-party
+solution, which SHOULD be added to Distlib, Twine, and other third-party
 signing tools.  The automated signing solution calls available repository tool
 functions to sign metadata and to generate the cryptographic key files.
 
@@ -894,9 +895,10 @@ conclusions or recommendations expressed in this material are those of the
 author(s) and do not necessarily reflect the views of the National Science
 Foundation.
 
-We thank Nick Coghlan, Daniel Holth, Donald Stufft, and the distutils-sig
-community in general for helping us to think about how to usably and
-efficiently integrate TUF with PyPI.
+We thank Nick Coghlan, Daniel Holth, Donald Stufft, Sumana
+Harihareswara, and the distutils-sig community in general for helping
+us to think about how to usably and efficiently integrate TUF with
+PyPI.
 
 Roger Dingledine, Sebastian Hahn, Nick Mathewson,  Martin Peck and Justin
 Samuel helped us to design TUF from its predecessor Thandy of the Tor project.

From 7723321ef0610227d3da0e78f8e7062be78b1d8d Mon Sep 17 00:00:00 2001
From: Sumana Harihareswara <sh@changeset.nyc>
Date: Wed, 28 Oct 2020 13:25:35 -0400
Subject: [PATCH 2/2] PEP 480: Fix author and tools references

Co-Authored-By: Paul Moore <p.f.moore@gmail.com>
---
 pep-0480.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pep-0480.txt b/pep-0480.txt
index 6ad94622e6e..d5252f9a494 100644
--- a/pep-0480.txt
+++ b/pep-0480.txt
@@ -5,7 +5,7 @@ Last-Modified: $Date$
 Author: Trishank Karthik Kuppusamy <karthik@trishank.com>,
         Vladimir Diaz <vladimir.diaz@nyu.edu>,
         Justin Cappos <jcappos@nyu.edu>, Marina Moore <mm9693@nyu.edu>
-BDFL-Delegate: Paul Moore <p.f.moore@gmail.com>
+BDFL-Delegate: Donald Stufft <donald@stufft.io>
 Discussions-To: Packaging category on Python Discourse <https://discuss.python.org/c/packaging>
 Status: Draft
 Type: Standards Track
@@ -280,7 +280,7 @@ Files, and Key Management) cover the cryptographic components of the developer
 release process.  That is, which key type PyPI supports, how keys may be
 stored, and how keys may be generated.  The two subsections that follow the
 first three discuss the PyPI modules that SHOULD be modified to support TUF
-metadata.  For example, Twine and Distlib are two projects that SHOULD be
+metadata.  For example, Twine and Distutils are two projects that SHOULD be
 modified.  Finally, the last subsection goes over the automated key management
 and signing solution that is RECOMMENDED for the signing tools.