On Tue, May 29, 2012 at 9:02 AM, Nick Coghlan email@example.com wrote:
Once again, you're completely ignoring all existing knowledge and expertise on open collaboration and trying to reinvent the world. It's *not going to happen*.
It's too boring to live in a world of existing knowledge and expertise, and yes, I am not aware of any open collaboration stuff expertise. Any reading recommendations with concentrated knowledge that can fit my brain?
The standard library is just the curated core, and *yes*, it's damn hard to get anything added to it (deliberately so). There's a place where anyone can post anything they want, and see if others find it useful: PyPI.
The major drawbacks of remote packages in general is that it bring back project compilation from the old days. The biggest Python advantage at all times was "copy and run" ability.
The drawbacks of PyPI for this proposal are: 1. every function you need will require a separate upload to PyPI 2. you can't upload function with the same stdlib name, but slightly different implementation as it is used in different projects 3. you can't find functions that people recommend to be included into stdlib 4. it is hard (impossible) to gather feedback on the quality of these proposals
The standard library provides tools to upload to PyPI, and, as of 3.3, will even include tools to download and install from it.
I am glad 3.3 is giving virtualenv and bootstrap stuff. It would really rock, if the new feature won't be settled in stone right after release and will gain a few UX iterations with allowed break-ability.
As for PyPI, the major drawback of it is security - DNS attack for a couple of minutes, and one of your automatically deployed nodes is trojan ready. I remember PyPI password are stored in clear-text on developer's machine, but I don't remember if anyone turned off HTTP basic authorization on PyPI to protect passwords travelling to PyPI with every upload from intercepting. It would be an interesting exercise to sniff PyPI passwords over WiFi during next conference (i.e. https://ep2012.europython.eu/) and match those to the developer's accounts on *.python.org ;)
If you don't like our ecosystem (it's hard to tell whether or not you do: everything you post is about how utterly awful and unusable everything is, yet you're still here years later).
You're absolutely right - I like the Python ecosystem, otherwise I wouldn't stick there. It is like a vintage car - awesome, nice looking, and there is even this new twisted pyusion engine inside, but.. well - it's not for youngsters.
If you think the PyPI UI is awful or inadequate, follow the example of crate.io or pythonpackage.com and *create your own*. There's far more to the Python universe than just core development, stop trying to shoehorn everything into a place where it doesn't belong.
I have absolutely no idea how aforementioned post touches PyPI UI. Speaking about PyPI enhancements and ecosystem, instead of reinventing bicycles I'd rather patch existing one. The only problem is that patches are not accepted. https://bitbucket.org/loewis/pypi/pull-request/1/fix-imports-add-logging-to-...