[Catalog-sig] disallowing the removal of packages?

P.J. Eby pje at telecommunity.com
Mon Jul 4 20:59:21 CEST 2011

At 05:41 PM 7/4/2011 +0200, Martijn Faassen wrote:
>I'd argue d) and e) are not up to the package maintainer to decide 
>but to the person who integrates this package into their system.

Sure...  but that doesn't mean the package maintainer is obligated to 
support the integrator in that decision.

>The person who integrates the package is the one who will need to 
>make the judgment call to continue to use old unsupported or broken 
>stuff. Integrators should be allowed to make such decisions in their 
>own time at their own convenience; the package developer shouldn't 
>be able to force such decisions by removing an old release.

Then the package integrator should darn well keep their own copy 
instead of relying on it still being downloadable from a public 
server.  Not keeping a file uploaded is not equal to forcing anybody 
else to do anything.

Note that there is nothing in your proposal that keeps a package 
maintainer from simply never uploading packages to PyPI in the first 
place...  and is likely to have the perverse effect of encouraging 
package authors who are concerned about this issue to make other 
hosting arrangements.

(Certainly, if it looks like your proposal will be adopted, I would 
be strongly motivated to *immediately* remove any package from PyPI 
that I thought I might need to remove later, but would be unable to 
if the proposal were implemented!)

In short, this proposal is asking PyPI to do a job that is properly 
done by either the web archive or your private backups.  -1.

More information about the Catalog-SIG mailing list