[Distutils] RFC PEP 386 : Version comparisons
Tres Seaver
tseaver at palladion.com
Mon Jul 6 19:53:01 CEST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Tarek Ziadé wrote:
> On Sun, Jul 5, 2009 at 6:26 PM, Tres Seaver<tseaver at palladion.com> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Tarek Ziadé wrote:
>>> On Sat, Jul 4, 2009 at 8:12 PM, Tres Seaver<tseaver at palladion.com> wrote:
>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>> Hash: SHA1
>>>>
>>>> Tarek Ziadé wrote:
>>>>
>>>>> back to that discussion, after re-reading all the threads I have a proposal :
>>>>>
>>>>> 1- let's add as we said "install_requires" in PEP 345 and describe in
>>>>> it that people can define requirements,
>>>>> but without giving them rules for the version schemes.
>>>>>
>>>>> We will just write in that PEP that it's up to the *dependency
>>>>> manager* (pip, setuptools, zc.buildout, etc)
>>>>> to provide a cmp() for the version.
>>>>>
>>>>> The only rule will be that each dependency is described like this :
>>>>>
>>>>> dist_name [<|>|==|!=|>=|<=] version
>>>>>
>>>>> where version is free and dist_name in [a-zA-Z0-9]
>>>>>
>>>>> 2- let's drop PEP 386 completely
>>>> - -1. I would rather exclude some use cases (post releases), than drop
>>>> standardization altogether.
>>> Would you be OK to say in PEP 345 that a suggested tool to compare
>>> versions could be
>>> verlib (released as a third-party software), but that any system could
>>> also be used to compare versions ?
>> The purpose of defining the 'Requires-Dist' field in PEP 345 is to allow
>> for a standardized way of spelling dependences. If we don't standardize
>> on the versioning, then we won't have gained any ground: we might as
>> well punt and keep using setuptools, and *forbid* putting versions into
>> 'Requires-Dist' at all.
>
> The purpose of 'Requires-Dist' is to allow spelling dependencies so that
> a package manager can use these declaration to work. Distutils is not
> that package
> manager. I don't see what is wrong in not forcing a version comparison
> function, but just specifying the "dist_name [<|>|==|!=|>=|<=] version" field
> where the "version" part sorting order is decided by a package manager.
If we allow versions in that field without defining their semantics, and
therefore constraining the available spellings, *nobody* can write tools
which use them, except perhaps for managing only the packages which the
author himself writes.
>>> So we can move on and propose the PEP 345 change unindependantly from
>>> a version comparison tool.
>> I don't understand why we can't just settle on the reduced set: the
>> exotic cases aren't supported today (in distutils), and are mappable
>> onto the verlib case with some effort.
>>
>
> To allow a developer that has created his own package manager on the
> top of Distutils, to work with
> his own way with versions numbers, without being forced by Distutils
> to follow any particular
> version scheme if he wants to use 'Requires-Dist'.
>
> If we force the rule at distutils level, that means we are are saying
> that distutils *is* a package manager .
Not at all: we are trying to make it possible to develop interoperable
packaging tools, which was the whole point of adding those fields to
PKG-INFO in the first place, If *package authors* stick to the minimal
rules, and don't depend on / provide anything which can't be spelled
with standard rules, then *any* packaging tool which understands those
rules can manage their packages.
This was the point of PEPs 345 and 386: Debian maintainers, RPM
packagers, people writing custom tools, all need a regular, uniform,
unambiguous scheme for representing versions. I am arguing that the
overwhelming majority of released packages do fit into such constraints:
dumping the constraints for the "benefit" of the tiny handful of
exceptions removes any motivation for having version info in those
fields at all.
Interoperable tools would just drop non-coforming versionson the floor,
with a warning, making the field equivalent to an unversioned distribution.
Tres.
- --
===================================================================
Tres Seaver +1 540-429-0999 tseaver at palladion.com
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFKUjn9+gerLs4ltQ4RAvRPAJ9BvsI5Em0l0D41mVKKyKXf1+w9VQCgvy5z
t1HC1rU5ANlIG5pwnNRA1WU=
=jmNE
-----END PGP SIGNATURE-----
More information about the Distutils-SIG
mailing list