"Shadowing" upstream repositories
Hi there, We're using devpi in production and we have some internal libraries that we don't really plan on releasing to the public. Some of them are named in a way that clashes with pypi's upstream packages (though they are in no way shape or form related). How can I achieve this with devpi? I wasn't able to really get a clear answer and the documentation on "shadowing" -- which is presumably what this feature that I'm inquiring about -- says "TODO." :) Any tips would be appreciated on how to workaround this issue! Cheers & thanks for devpi! Mahmoud
Hi Mahmoud, On Mon, Dec 30, 2013 at 17:55 -0800, Mahmoud Abdelkader wrote:
Hi there,
We're using devpi in production and we have some internal libraries that we don't really plan on releasing to the public. Some of them are named in a way that clashes with pypi's upstream packages (though they are in no way shape or form related).
Hum. On first sight i'd advise to choose a non-conflict name to avoid any confusion. But then again a new name might appear in PyPI any time ...
How can I achieve this with devpi? I wasn't able to really get a clear answer and the documentation on "shadowing" -- which is presumably what this feature that I'm inquiring about -- says "TODO." :)
Here shadowing refers to a release file shadowing another release file from a base index. It does not mean that you can shadow or substitute a whole project.
Any tips would be appreciated on how to workaround this issue!
A: You could create a pristine index that does not inherit from pypi's big bowl of packages and then push all needed releases to your pristine index. If need be devpi could be enhanced to ease this process i guess. B: Alternatively maybe some form of project-granular shadowing or masking is possible. I am not sure on the UI or semantics for it though. Intuitively i think it'd be best to introduce a per-project setting which allows to say "don't look any further in the inheritance index chain", effectively allowing to have a base per-company index which ensures that Pypi's bowl of packages never interferes. However, devpi currently provides no "per-project" configuration although there are already REST-endpoints which you can look at with e.g. devpi use https://devpi.net/hpk/dev/ devpi getjson pytest Allowing to add information there like "+noinherit"->True would instruct devpi-server to not consider bases for this project. FYI What is already there is per-index json data that you can manipulate with "devpi index". See e.g. devpi use https://devpi.net/hpk/dev/ devpi index We could add an entry noinherit=[list_of_packagenames] or some wild-cardable expression or so. What is your current inheritance topology at your site, btw? holger
Cheers & thanks for devpi!
Mahmoud
-- You received this message because you are subscribed to the Google Groups "devpi-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to devpi-dev+...@googlegroups.com. To post to this group, send email to devp...@googlegroups.com. Visit this group at http://groups.google.com/group/devpi-dev. For more options, visit https://groups.google.com/groups/opt_out.
participants (2)
-
holger krekel
-
Mahmoud Abdelkader