Because my proposal back in 2010 [1] and Richard Jones's PEP-439 [2] from 2013 were about the same thing - bootstrap script to get latest version of package management tool, and were rejected, I'd like to discuss the concept of mini-pip separately, as I believe not all points were addressed.

Let's define what a mini-pip is. When pip is not installed:

  $ python -m pip install django
  pip package management tool is not installed on this system.
  Would you like to download and install pip first? [Yn] Y
  ...
  pip version x.x.x is installed successfully.
  Removing pip bootstrap script.
  Done installing pip.

  Proceeding with 'install django'.
  ...

mini-pip is the human name for pip.py module that is bundled with Python. It is packaged as pip.py to allow users do 'python -m pip'. This script does two things:

  1. informs users that pip is not installed
  2. proposes to install pip and does this stuff if user agrees

Algorithm is the following:

  1. Start
  2. Propose
  3 Download or 4 Exit
  3.1 Check server certificate
  3.2 Check package signature
  3.3 Unpack
  3.4 Run python setup.py install
  3.5 Remove itself
  3.6 Continue to run user command

* When pip.py is removed, "python -m pip" will start serving from pip/__main__.py
* PEP 439 was rejected, because bootstrap script didn't ask user for permission, this proposal includes that

More issues are below:

On Sun, Sep 15, 2013 at 11:02 PM, Donald Stufft <donald@stufft.io> wrote:
On Sep 15, 2013, at 3:56 PM, Alex Burke <alexjeffburke@gmail.com> wrote:
Instead of a copy of pip, could there not be minimal code to simply fetch the wheel and install that or perhaps even use it directly (a la what was possible with eggs)?
Basically three reasons:
    - There's a lot of code to handle a variety of situations in pip, it would
       be much harder to extract this code and keep it up to date in a way
       that the "mini pip" could use it. It would also not be as battle worn as
       the pip code.

mini-pip doesn't need share or import anything with pip - it is a standalone bootstrap script, the basic parts of which - certificate checking, downloading, unpacking - should already be available from stdlib, so it is no different from shell script or any other system script except that it is cross-platform.

There is no "variety of situations" in mini-pip - it doesn't do any argument processing, postponing it to the phase when main pip library can take the flag.
 
    - On top of the one time cost there is the ongoing cost. As the packaging
       ecosystem progresses the stdlib implementation will need to be kept
       up to date as well as the pip code.

pip code, yes, but not mini-pip bootstrap script. All it ever needs is a location of main pip package and it's signature.

    - We need to include a copy of pip in order to support offline installs either
       way. Since we have the private copy there to support offline we might as
       well use it to handle everything.

Offline installation is not an option - bootstrap script is for bootstrapping and it requires "external media" with the rest of "operating system" to be present.

1. https://mail.python.org/pipermail/distutils-sig/2010-March/015894.html
2. http://www.python.org/dev/peps/pep-0439/
--
anatoly t.