[Catalog-sig] Dependencies

"Martin v. Löwis" martin at v.loewis.de
Sat Jun 16 08:42:51 CEST 2012

On 16.06.2012 05:01, Richard Jones wrote:
> "impossible to safely extract requirements in a 100% generic way."
> It has nothing to do with it being the de facto standard and everything
> to do with executing untrusted code on pydotorg systems with no
> guarantee that we'll even get the setup.py to work in our environment
> anyway.

Of course, it would be possible to extract the information in a safe way
from packages for which pre-built distributions have been uploaded.


More information about the Catalog-SIG mailing list