[Distutils] [Bulk] Re: formencode as .egg in Debian ??
Vincenzo Di Massa
hawk78_it at yahoo.it
Fri Nov 25 15:23:15 CET 2005
(Sorry for the prevoius empty post)
Alle 13:52, venerdì 25 novembre 2005, hai scritto:
> Le vendredi 25 novembre 2005 à 11:54 +0100, Vincenzo Di Massa a écrit :
> > Alle 11:04, venerdì 25 novembre 2005, David Arnold ha scritto:
> > > But, if compatible versions of those dependencies are already installed
> > > as Debian packages *without* egg metadata, will these be ignored?
> >
> > Yes, they will.
>
> Why?
The reason is explained by Phillip in the previous e-mails.
> > > Even if it was possible for Debian to extend this downloading mechanism
> > > so that it looked for dependencies via apt-get before trying to install
> > > from the raw source or egg or whatever, it would usually be the case
> > > that the user running the newly downloaded Python application would not
> > > have permission to install system packages.
> >
> > I think easy_install coud be patched by debian packagers (or made
> > configurable by Phillip) to add a further check on dependency checking:
> > it could check if a dependency is already provided by system packages.
>
> It could do it by simply trying to import the module.
But it will not know about the version of the module that is imported!
I know we who are using debian packaged modules don't care to have this checks
at runtime.
But there are circumstances where it is not possible/wanted to install a
debian packaged python module (maybe becouse: you have not root access, you
want to install a personal/test/unpackaged version in your home... you are
not a debian user, (thus you are using something that is inferior to
Debian ;-) ).
Python developers need a way to check deps at runtime becose python MUST work
on platforms inferior to debian. So they put and will put code in theyr
projects that does this: check for versin X of modlule foo.
Distributors (where vensions are already taken care of) can safely remove that
checks (monky patching every upcoming python module released). But if they
don't remove the checks (and simply manage them in a custom and wise way)
they will allow thir users to install local copies of new/unpackages software
that plays well with packaged modules (and the don't need to pathc
evey(maybe) single new python app!).
This seems a *real benefit*, no?
> > easy_install (and pkg_resources.require()) could have a config file
> > telling what code execute to test for dependencies, configurable in a way
> > that when I require foo-1.2.3 it can:
> > 1) optionally check if apt (or urpmi or anything else) can provide that
> > depenedency and, if apt has them, promt the user to either:
> > 1.1) run apt-get as root
> > 1.2) skip this step ( 1) ) and go to directly to 2)
>
> No. If the dependency is missing, this is a bug in the Debian package.
> No more, no less.
You are not understanding... I'm talking about unpackaged modules. So there is
no buggy package: there is no package at all, just a freshly downloaded (from
somewere) python app or lib that you want to run from (for example) your
home.
Is it desiderable that an user can test a new app by just downloading the
python source and installing it in his home using easy_install without the
need to also install in his home the dependencies debian already satisfies
correctly . No?
> Furthermore, it is a bad idea for a python script to mess up with the
> packaging system.
In fact I'm not proposing this! The python script will just tell the user to
run apt-get as root if needed.
> Not only querying it is very slow, but it implies to
> make assumptions about the versioning scheme, that can become wrong at
> any time.
The query can be cached, or the post-install script could populate a fastly
searcheble (module,version) database of installed modules. It is not so
difficolt, is it?
> > 2) check if it can find this dep like setuptools does today (installing
> > them as eggs somewhere in the user's home)
>
> I consider this as a security risk. I hope this can be disabled by
> default.
That ha nothing to do with the system: this fallback will just execute for
software that is not already provided by Debian. So you are not going to
accidentally install something becouse of this. Moreover the user is expected
to insert the path where the fallback mecanism can install deps as egg. That
could be similar to a make install in C world: if you don't specify a
destination things go to /usr/local.
> Regards,
Vincenzo
___________________________________
Yahoo! Mail: gratis 1GB per i messaggi e allegati da 10MB
http://mail.yahoo.it
More information about the Distutils-SIG
mailing list