[Catalog-sig] an immutable mirror of PyPI

Martijn Faassen faassen at startifact.com
Tue Jul 5 20:24:21 CEST 2011

Hi there,

On Tue, Jul 5, 2011 at 8:00 PM, "Martin v. Löwis" <martin at v.loewis.de> wrote:
>> What's the proportional benefit for those who put stuff in the system?
>> How much effort is involved in putting things into the system? How would
>> immutability hinder the benefit?
> TO give a specific example: I'm getting tired of people asking for PyXML
> support, despite all pages where they could possibly get it from stating
> that it's deprecated and unmaintained. At times, I think the best
> solution would be to completely delete the software.

An interesting example.

I'm not convinced deleting PyXML would stop these people. :)

We're talking about proportional benefit here, though. This sounds
like a very rare case.

It seems that "not wanting to support software" is somehow connected
to "not providing the software for download" in people's minds - this
is exactly the reason why the maintainer of the package that triggered
this discussion for me removed these older versions. And as a result
he probably got more support issues than if if he'd left them around.

You can also see this as a historical record or version control issue.
Just because version 0.7 is in a version control system somewhere
doesn't mean that the developers are going to support this version.
But in this case, I don't see developers argue there that this
historical version should therefore be removed.

With dependencies, my project in version control (or in released
tarball form) has a dependency on an external system. I could instead
check all dependencies into my version control system, or I could
depend on an external system with more guarantees. That's the feedback
I'm getting: either use a system with more guarantees such as a Debian
release, or check everything into my own version control system. But
this isn't always feasible.

* debian might not have my dependencies available yet, or a different version,

* I want to hack on the stable and development version of my project
without having to install a virtual linux for each to make sure the
debian dependencies are right

* I want to automate the installation procedure, and therefore can't
write an INSTALL.txt which says "apt-get this"

* I want have a cross distribution compatible installation instructions

Checking stuff into my own version control system has less issues and
is indeed workable. There is a paradox there though:

I want to release my package to PyPI in a reusable form and therefore
can't include all Python dependencies inside it. So I'm not relying on
PyPI to download packages myself but I'm asking consumers of my
package to do so?



More information about the Catalog-SIG mailing list