[Distutils] Removing dependency_links
ncoghlan at gmail.com
Sun Oct 27 05:30:24 CET 2013
On 27 October 2013 14:13, Donald Stufft <donald at stufft.io> wrote:
> On Oct 26, 2013, at 11:59 PM, Donald Stufft <donald at stufft.io> wrote:
>> Ok here’s the real list: https://gist.github.com/dstufft/7177500
> Quick note that this list is a list of projects that have *ever* used
> dependency links on PyPI. Some of these projects are no longer
> using them.
Am I correct in thinking that providing a flag to disable them
completely will be enough to get ensurepip to behave itself?
If so, then the bare minimum is to provide such a flag in the bundled
versions of pip and setuptools and have ensurepip use it.
I also think it is reasonable to continue offering a feature like
dependency_links on an opt-in basis for controlled environments (I see
it as analagous to the direct references feature in PEP 440).
That would make the migration look something like:
pip 1.5 (and associated minimum required version of setuptools):
- add a disable switch for dependency link handling
- add at least a per-project opt-in for dependency link handling
(and perhaps a global opt-in)
- deprecate implicit handling of dependency links
- dependency links are disabled by default, must opt-in to process them
Nick Coghlan | ncoghlan at gmail.com | Brisbane, Australia
More information about the Distutils-SIG