Jonathan Crall <erotemic@gmail.com> ezt írta (időpont: 2023. júl. 24., H, 15:29):
If popular packages weren't favored that would be a problem. Popularity should be correlated with "trustworthiness" or whatever the metric this curated repo seeks to maximize. I think the important thing is that the packages are both popular and have passed some sort of vetting procedure.
For instance, for a very long time Python2 was far more popular than Python3, but any expert in the field would encourage users to move to Python3 sooner rather than later. Python2 is popular, but it wouldn't have made the cut on some expert-curated list.
So it helps in that it reranks popular packages (and also excludes some) for those who want to adopt a more strict security / reliability posture.
By no means do I think this would replace pypi as the de-facto packaging repository. Its low barrier to entry is extremely important for a thriving community, but I also wouldn't mind having something a bit more robust.
I also think this project would have to careful not to become yet another "awsome-python-package" collection. Those certainly have value, but based on the initial proposal, I'm interested in something a tad more robust.
... some old stuff cut ... Hi Folks, it has got to my mind that even just grouping similar / same goal packages could help the current situation. Unfortunately searching by name or category is not enough, and takes much time. By linking similar packages together would give the users the possibility to evaluate all / several of them. Additionally perhaps the users could give relative valuation, for example there are A, B, C, D similar packages, users could say: I tried out A and B, and found that A is better then B, and could have some valuation categories: simple, easy, powerful etc. This would show for example that package A is simple, but B is more powerful BR, George