[Catalog-sig] If PyPI is more strict with its packages, may be we can build binary packages from them directly.

li wang charlesw123456 at gmail.com
Mon Oct 6 13:59:59 CEST 2008


2008/10/6 "Martin v. Löwis" <martin at v.loewis.de>:
>> I'm writing pypi2pkgsys: http://code.google.com/p/pypi2pkgsys/ .
>> I noticed that the name, license of python modules registered in PyPI
>> is really a miss. Such as 'Are You Human?', even easy-install can not
>> install them with these strange name.
> I don't really see the problem. Sure, it is very difficult to fetch this
> record from PyPI. But then, it's the package author's fault if his
> package is inaccessible.

Sure, of course it is a problem of the author. And this policy may help PyPI
to collect more packages for users. But this fault will defeat the user but not
the author, why user have to bear the the fault of the author? Now there are
many packages in PyPI already, may be it is a time to let the author care about
this problem to make the user more comfortable? :)

> If you have an automated tool to access packages, just skip over the
> packages that you cannot access. This wouldn't be very different from
> the case where PyPI would have been more strict: just presume that the
> package is not there if you don't like its name.
>> If PyPI is more strict in name, license and its format, automatically
>> package install within the distribution package management system should
>> be possible.
> But it is possible already! See above.
> While I can sympathize with a desire to enforce a certain package name
> syntax, I am unsure what licenses have to do with it. Why should PyPI
> enforce a policy on the license field, and what should that policy be?

In fact, pypi2pkgsys can scan PyPI catalog automatically and log all broken
packages automatically. There is the log statistics:

$ sudo pypi-logstats.py /var/tmp/pypi/pypi2pkgsys.log
/var/tmp/pypi/pypi2pkgsys.log: 2902(59.95%) ok, 0( 0.00%) manual,
1939(40.05%) bad.

The reason of the damage is diversity, may be broken by bad name, may
be broken by
unrecognized license (Somebody use GPL, somebody use
somebody use http://www.opensource.org/licenses/gpl-license.php).
Somebody embedded all of
the text into license argument of setup...... And the site of many
packages are not accessable, and
I can not get any code from them.

As I known, gentoo ebuild require a standardizied format on license.
I'm not want to apply the rule of
ebuild to PyPI, but just hope to refine it. As you see, for GPL, there
are many varieties in PyPI:
GPL, general public licence, http://www.gnu.org/licenses/gpl.txt,

Charles  Oct 6th, 2008

More information about the Catalog-SIG mailing list