[Distutils] Other ideas from today's packaging meetup at EuroPython

Nick Coghlan ncoghlan at gmail.com
Fri Jul 25 10:36:15 CEST 2014 

On 25 Jul 2014 17:46, "Chris Withers" <chris at simplistix.co.uk> wrote:
>
> On 24/07/2014 17:44, Daniel Holth wrote:
>>
>> Also, reject uploads that are not released under a DFSG license
>
>
> What's a DFSG license>
>
>> or lack
>> man pages.
>
>
> Are you serious?

I took it as a sarcastic comment cryptically expressing disagreement with
the notion of accommodating reasonable requests from redistributors by
positing a slippery slope argument where we start asking upstream to
enforce evermore of our policy guidelines to make our lives easier, even
when those changes aren't of any benefit to *arbitrary* redistributors (let
alone folks doing their own system integration). With a Linux vendor
employee responsible for approving the packaging metadata PEPs, I think
it's a reasonable concern (although it could have been better expressed).

However, while access to a source tarball (or the ability to create one) is
indeed a gating criterion for entry to downstream build systems, I don't
think *mandating* source package upload to PyPI is a necessary part of the
answer. We can nudge people in that direction, and make uploading source in
addition to binaries the path of least resistance, but I don't think we
need to cross the line into enforcement. Packages without readily available
source uploads just won't be redistributed (except in cases like OpenStack
where we get the original source from somewhere else).

Cheers,
Nick.

>
> Chris
>
>>
>> On Jul 24, 2014 11:57 AM, "Donald Stufft" <donald at stufft.io
>> <mailto:donald at stufft.io>> wrote:
>>
>>     On July 24, 2014 at 7:28:55 AM, Richard Jones
>>     (r1chardj0n3s at gmail.com <mailto:r1chardj0n3s at gmail.com>) wrote:
>>>
>>>     Several great ideas came out of today's meetup. Some of those I'll
>>>     leave to the proponents themselves to post about, but a couple of
>>>     little nuggets for thought:
>>>
>>>     1. reject wheel uploads in the absence of an sdist in the index
>>>     (the linux guys were really happy about that as a proposal ;)
>>
>>
>>     This is gonna make openstack sad I think… They were relying on the
>>     fact that pip prior to 1.4 didn’t install Wheels, and pip 1.4+ has
>>     the pre-releases are excluded by default logic to publish
>>     pre-releases safely to PyPI.
>>
>>     I’m not generally opposed though. Just stating that this will
>>     prevent that “trick” from working.
>>
>>>
>>>     2. add a system-wide configuration option to pip etc. so that
>>>     there could be a system-wide override of the package index to use
>>
>>
>>     Yea this was already on my list of things to do when I refactor the
>>     configuration stuff to use locations which are more in line with
>>     what the OS norms are (XDG on *nix, ~/Library on OSX, %AppData%
>>     stuff on Windows).
>>
>>     --
>>     Donald Stufft
>>     PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9
>>     3372 DCFA
>>
>>     _______________________________________________
>>     Distutils-SIG maillist  - Distutils-SIG at python.org
>>     <mailto:Distutils-SIG at python.org>
>>     https://mail.python.org/mailman/listinfo/distutils-sig
>>
>>
>> ______________________________________________________________________
>> This email has been scanned by the Symantec Email Security.cloud service.
>> For more information please visit http://www.symanteccloud.com
>> ______________________________________________________________________
>>
>>
>>
>> _______________________________________________
>> Distutils-SIG maillist  -  Distutils-SIG at python.org
>> https://mail.python.org/mailman/listinfo/distutils-sig
>>
>
> --
> Simplistix - Content Management, Batch Processing & Python Consulting
>             - http://www.simplistix.co.uk
>
> _______________________________________________
> Distutils-SIG maillist  -  Distutils-SIG at python.org
> https://mail.python.org/mailman/listinfo/distutils-sig
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20140725/4fa3ce5c/attachment-0001.html>

More information about the Distutils-SIG mailing list