[Catalog-sig] Deprecate External Links
Donald Stufft
donald.stufft at gmail.com
Thu Feb 28 01:42:31 CET 2013
On Wednesday, February 27, 2013 at 7:20 PM, PJ Eby wrote:
> On Wed, Feb 27, 2013 at 4:50 PM, Donald Stufft <donald.stufft at gmail.com (mailto:donald.stufft at gmail.com)> wrote:
> > Development snapshots are a use case that i'm not sure makes sense
> > for PyPI, but if they do should require specific opt-in to install them.
> > Does easy_install have a command line flag that adds extra links?
> >
>
>
> *chuckle*. Yes, it's the original source of the --find-links option,
> emulated in pip to ease migration.
>
>
I guessed as much, but I don't remember easy_install all that well, it's
been awhile since I used it.
>
> > can your instructions simply state to do the equivalent of
> > `pip install --find-links=http://setuptools.com/dev-snapshopts/`?
> >
>
>
> The problem with find-links is that if you push them off of PyPI, they
> have to go somewhere else, which is setuptools' "dependency-links"
> feature. Now you have an even *harder* problem to update or remove
> those links, because they're not under the control of the author nor
> visible on PyPI.
>
>
Why would they go in dependency-links? I mean I understand that
people might do that to remove the need to direct their users to
enter a full url. But that is outside of the realm of PyPI at that point
and can be fixed in the tooling.
easy_install / pip / buildout / etc should *never* fetch anything outside
of PyPI without the *user* (not the package author) directing them
to that url, either directly via tarball, or implicitly with --index-url/--find-links
and PyPI shouldn't make that an exposed part of the workflow.
>
>
> > Alternatively I would like to get the tooling smarter about not installing
> > pre-release versions unless asked as well.
> >
>
>
> Yes, and that discussion doesn't have much to do with PyPI per se,
> because again, it's up to the tools.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/catalog-sig/attachments/20130227/61b141a3/attachment.html>
More information about the Catalog-SIG
mailing list