[Distutils] Package Meta-information Patch
Tue, 18 Jan 2000 04:20:02 -0800 (PST)
On Mon, 17 Jan 2000, Fred L. Drake, Jr. wrote:
> Greg Ward writes:
> > What I'm a little leery about is using Python code as a data format.
> > It's attractive because we all know the syntax and don't have to write a
> > parser. But using a general-purpose language for *such* a specific,
> > tightly-targeted task seems ... I dunno ... overkill-ish. And I wonder
> > if there are security holes lurking in the concept of using code for
> > system catalog data.
> > Does anyone else share my reservations (which are vague, ill-defined,
> Yes. This stuff should not require any exec or eval. It might be
> reasonable to use something like the .ini format; this can be handled
> using ConfigParser. This way we still don't need to write a parser.
I second Fred here... use a format compatible with ConfigParser. Simple,
clean, and easily handled.
DBM or central databases are probably a bit bogus. What's the speed for?
If you want to *locate* the _pkginfo files, then just append a pathname to
a central file. Let the tool go and see if it is still there. Or the tool
can be invoked with "do a filetree walk -- the log file may be out of
Greg Stein, http://www.lyra.org/