[Catalog-sig] [Proposal] Registered packages must provide the source code distribution on PyPI
lists at zopyx.com
Thu Jun 17 18:57:18 CEST 2010
-----BEGIN PGP SIGNED MESSAGE-----
M.-A. Lemburg wrote:
> Andreas Jung wrote:
>> Tres Seaver wrote:
>>> Note however that Andreas' proposal was to require that 'sdists' be
>>> uploaded. I personally won't use binary-only packages, but it has
>>> historically been true that PyPI was intended to support them, as well
>>> as to support registration of packages hosted offsite. Andreas'
>>> proposal doesn't address either of those cases.
>> A more precise requirement would be:
>> - upload the sdist if your package is open-source
>> - upload the official distribution package if you are package
>> is commercial
>> Basically...upload everything that you would also keep on your own
>> server as official distribution.
> We cannot force authors to do this. There may be other reasons
> why they can't upload such things to PyPI, e.g. crypto, trademark
> and copyright laws, or even corporate rules if the author is
> maintaining the package as part of his or her job.
You are once again talking about edge cases. In general the majority of
all externally hosted packages are not affected by such issues and
should be hosted on PyPI.
Everything that is currently available on external
> If more package authors start shipping egg files for
> the various Unix platforms as both UCS2 and UCS4 and for 3 or
> 4 different Python versions and keep those files around for
> several releases, we'll run into problems with having
> to mirror all those download files.
There is in general zero need for uploading eggs for various
Python versions if the module is Python only. I have seen packages
with upload for Python 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 3.0, 3.1 for
Python-only packages. This is really nonsense...a single sdist
is usally good enough...I bring it to the point: a bunch of Python
developer have no idea about package hygiene and use PyPI as package toilet.
ZOPYX Limited | zopyx group
Charlottenstr. 37/1 | The full-service network for Zope & Plone
D-72070 Tübingen | Produce & Publish
www.zopyx.com | www.produce-and-publish.com
E-Publishing, Python, Zope & Plone development, Consulting
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 316 bytes
Desc: not available
More information about the Catalog-SIG