[Distutils] GUI for Python package Management

Leonardo Santagada santagada at gmail.com
Thu Jan 29 22:38:21 CET 2009


On Jan 29, 2009, at 7:01 PM, Mark Sienkiewicz wrote:

> david.lyon at preisshare.net wrote:
>>> I don't think that the missing of a gui is what is the problem today
>>> for python. Package uninstall is something that bothers some  
>>> (maybe a
>>> lot) of users.
>>
>> Yeah. Me too. Possibly made easier by having a GUI.
>>
>
> The biggest problem is that the installer does not save the  
> information necessary to perform the uninstall.  A secondary problem  
> is accounting for dependencies between packages.
>
> A GUI does not help either of these problems.  If you can implement  
> an uninstall in the GUI, you can implement it from the command line.
>
>>> Another point is to have something like webstart for
>>> java. If I understand how it works, running an application goes like
>>> this: If you open an app and it depends on another package not
>>> installed on your system java goes around and download the missing
>>> modules for you (and stores them in a relative place to the  
>>> package or
>>> the user package dir) so the application can run. This would be cool
>>> for python, the problem being that there is no security to guarantee
>>> that those modules are not malicious in any way...
>>>
>>
>> I agree with that strongly.
>>
>
> I very much dislike things that automatically download and install  
> software.  An automatic installer may find a different version of a  
> supporting package every time I install software on another machine.

if the application asks for the different version then yes it should  
download the version that was asked for and installed for that  
application. It will only find a different version each time if the  
application asks for it.

> I keep careful track of what is installed on all my machines.  If  
> the tool automatically installs any version other than the one I  
> specified, then the tool is working _against_ me.  I don't need that.

No it is working like the application writer specified it.

> Ideally, there would be a flag that says "if you can't find  
> something, give me an error -- do not attempt to download/install  
> anything".  But it would be helpful if it can tell me "Package xyzzy  
> is missing, but you can get it from here:..."

This I agree, it should have a way to ignore some requests or even all  
requests of the application that is launched, maybe even have a  
configuration file somewhere (or a registry key, or a plist file  
depending on the os) that override the default, which I think should  
be give the running application the version that it specifies  
(standard packaging version rules apply, if it asks for package >=1.0  
then any version newer than 1.0 is sufficient)

But this is just a proposition that I think will never be able to work  
with python without security or only signed and pre approved packages  
on pypi.

> Mark S.
>

--
Leonardo Santagada
santagada at gmail.com





More information about the Distutils-SIG mailing list