[Catalog-sig] What is the point of pythonpackages.com?
faassen at startifact.com
Tue Feb 7 20:51:19 CET 2012
On Tue, Feb 7, 2012 at 8:39 PM, "Martin v. Löwis" <martin at v.loewis.de> wrote:
>> That a package that only exists in a version control system can be
>> listed on PyPI makes sense to me. That a package without any source
>> code is listed on PyPI makes less sense to me; are there examples
>> where that does or did make sense?
> I think there are still a number of packages listed on PyPI that
> are not free software, so the only way to "download" them is to pay
> for a license (and you may then get a CD-ROM instead of a download).
> I consider that a reasonable use case (despite encouraging software
> developers to develop all their software as free software).
Sure, but PJE said "without any source code *written*", a commercially
available package would still have source code somewhere presumably.
>> But if at some point there *was* a release of the package listed in
>> PyPI and now, without author intent involved (to leave out the moral
>> arguments) the release cannot be found anymore, I'd say PyPI is
> Very true. However, PyPI is always incorrect in many respects: the
> package descriptions may be incorrect or incomplete, the classifiers
> may be incorrect, and author information may become out of date after
> some time.
Yes, that's true. I guess there are different levels of incorrectness.
> By design, getting correct information into the index is the task
> of the package authors, not of the PyPI infrastructure. The only
> exception are cases where the information is maliciously misleading,
> and then the information is deleted, not corrected.
I'm talking about the scenario where the authors did get correct
information into the index, and
information such as package description, authors, classifiers etc are
still all correct, and the only thing that broke is
the download link. I.e. all the information *managed* by PyPI is
correct but what PyPI is pointing to isn't any more. This is an
incorrectness that isn't under PyPI's control. It's similar to the
situation where a website URL that a PyPI page points to breaking, but
with more serious consequences for tools. This is because release
files are a bit more like package metadata than they are like links.
More information about the Catalog-SIG