[Catalog-sig] [Proposal] Registered packages must provide the source code distribution on PyPI
pje at telecommunity.com
Fri Jun 18 23:13:40 CEST 2010
At 12:01 PM 6/18/2010 -0500, Ian Bicking wrote:
>On Fri, Jun 18, 2010 at 11:47 AM, Mark Ramm
><<mailto:mark at geek.net>mark at geek.net> wrote:
>On Thu, Jun 17, 2010 at 5:41 PM, "Martin v. LÃ¶wis"
><<mailto:martin at v.loewis.de>martin at v.loewis.de> wrote:
> >> It does? Â I thought PyPI kept everything around (but hidden) unless the
> >> author went in and manually deleted old stuff. Â You just need to go to a
> >> deep link, e.g.,
> > Sure, but owners *do* manually delete old stuff.
>Am I wrong in remembering that old packages get dropped from the
>I'm not saying they get deleted from the server, but they are made
>unavailable to easy_install without special knowledge of how to get
>them, Â So old packages can have requirements in setup.py which become
>unavailable Â for simple install.
>If you give pip or easy_install (or I assume buildout) a requirement
>like Foo==0.1, then they will look at
easy_install doesn't do that, unless you explicitly add that URL via
-f or --find-links. Is that a feature you added in pip?
>and if the release is hidden that will still return the links for
>that version of the package.Â If you give a version like Foo<=0.1
>then it won't work (assuming 0.1 is hidden), as there's no deep link
>that either installer will look at.
>A weird case is that links in long_description in old releases will
>show up regardless, so if you actually want to purge a link (e.g.,
>to a non-existent repository) then it require editing all versions
>of the package.Â This might be unintentional.
It's at least consistent -- all URLs for all versions (whether hidden
or not) show up when you access the packagewide page.
There was some discussion in the past about whether this was
appropriate; IMO it's not, as it was an effective API change from the
pre-/simple days. Before, if a release was hidden, there was no way
for easy_install to find it except via explicit -f usage. Now, there
is no way for an author to hide a release from automatic installation
and still allow for manual installation.
More information about the Catalog-SIG