On 9 May 2014 00:52, "M.-A. Lemburg" firstname.lastname@example.org wrote: >
On 08.05.2014 15:57, Nick Coghlan wrote:
(even the question of "does this software actually work?" is in our sights if you consider a long enough time span). That's hard enough with just a couple of service providers (Fastly and Rackspace) in the mix - it quickly becomes impossible if every new dependency from an installation request adds a new point of failure.
Like I said: the best option is to use a local directory which only contains packages files that you have inspected and actually trust :-)
Correct, but that raises the barrier to entry too high. The pip defaults are aimed at providing an experience with the fewest points of failure that is currently achievable, with a minimal learning curve.
We still have a long way to go, but if people want to influence those design decisions, the relevant lists are pypa-dev (for pip specific discussions) and distutils-sig (for higher level cross-tool design decisions)
-- Marc-Andre Lemburg eGenix.com
Professional Python Services directly from the Source (#1, May 08 2014)
::::: Try our mxODBC.Connect Python Database Interface for free ! ::::::
eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48 D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg Registered at Amtsgericht Duesseldorf: HRB 46611 http://www.egenix.com/company/contact/