[Distutils] .egg-info metadata
Donald Stufft
donald.stufft at gmail.com
Fri Sep 21 21:25:46 CEST 2012
On Friday, September 21, 2012 at 3:09 PM, PJ Eby wrote:
> On Fri, Sep 21, 2012 at 12:59 PM, Donald Stufft <donald.stufft at gmail.com (mailto:donald.stufft at gmail.com)> wrote:
> > How would you take ``requires: tastypie`` and turn it into
> > `django-tastypie`?
> >
>
>
> By matching Requires with Provides at the index level. That is, by
> having PyPI index packages' Provides so that you can search for
> packages that match a given Requires.
>
>
And when you have 2 packages that both provides: tastypie? Which is a real
world occurence. I actually got my projects switched up, it's haystack and
django-haystack which have different names on PyPI (and entirely different functions)
but are both ``import haystack`` and thus would both be Provides: haystack.
https://crate.io/packages/haystack/
https://crate.io/packages/django-haystack/
> > This makes them better than I thought, but still have the "installability"
> > and
> > security.
> >
>
>
> How is this any different than any other part of PyPI?
I hate it there too and I've done a little bit to try and make it more obvious
to people when people rely on dependencies that aren't hosted on PyPI and
I plan to do more in the future. (I realize the historical significance of it, I just
don't think it should bind us to be stuck with it forever). But that's a separate
argument for a different day.
> I would have to dig into the code to be sure, actually. But I don't
> see any problem with restricting them to the dependency subtree being
> resolved. It's possible that the current easy_install implementation
> leaks dependencies to sibling installs, but if it does, it's probably
> not hard to fix.
I only asked this because if it works for siblings I could imagine a case
where someones install set worked, but then they remove a dependency
and suddenly unrelated installs stopped working. Not really pertinent to the
discussion at hand, just a possible bug (or surprising behavior) that popped
into my head.
> Again: the entire point of dependency_links is to have an in-band,
> automated way to ship third-party indexing information that would
> otherwise require manual, out-of-band, *recursive* distribution.
> Dependency links are download locations, and are independent of
> version specifications.
Yea I get that, I think at this point it's just a differing of opinion about
wether that is a desirable trait for a system to have or not. Obviously
I think not, and you I believe think it is. Setuptools isn't (and shouldn't)
be removing them and as you said they don't belong in PKG-INFO so I
I think we are in agreement about that :)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20120921/cdee377d/attachment.html>
More information about the Distutils-SIG
mailing list