[Distutils] Python people want CPAN and how the latter came about

Tres Seaver tseaver at palladion.com
Fri Dec 25 05:54:34 CET 2009

Hash: SHA1

Ben Finney wrote:
> "Martin v. Löwis" <martin at v.loewis.de> writes:
>> Ben Finney wrote:
>>> That isn't a good argument. By the same logic, PyPI should not
>>> reject *any* upload, to avoid “forcing” uploaders to do extra work.
>> PyPI's rejection of certain uploads is primarily to prevent spam from
>> being uploaded.
> Am I wrong, then, in thinking that PyPI will reject an upload with
> malformed metadata?
> To my understanding, this discussion is about arguing whether an upload
> that is missing the package should be rejected by PyPI.

In the language of distutils, recording the metadata about a release is
"registration";  registration and upload happen in separate transactions
for relatively good reasone:

- - There is not a one-to-one relationsihp between metadata sets
(registrations) and distributions (e.g., source dist + windows MSI).

- - PiPI only has to parse the PKG-iNFO file, and doesn't need to unpack a
distribution to look for it.

- - Package authors can choose to keep the actual distribution files
elsewhere, e.g., to allow for payment, etc.:  one might debate the
desirability of such a use case for the community at large, but it is
certainly part of the historical use of the cheeseshop.

- --
Tres Seaver          +1 540-429-0999          tseaver at palladion.com
Palladion Software   "Excellence by Design"    http://palladion.com
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the Distutils-SIG mailing list