[Distutils] distlib and wheel metadata

Paul Moore p.f.moore at gmail.com
Wed Feb 15 09:58:01 EST 2017


On 15 February 2017 at 14:11, Nathaniel Smith <njs at pobox.com> wrote:
>> It's mainly a matter of incorporating
>> https://caremad.io/posts/2013/07/setup-vs-requirement/ into the core
>> data model, as this distinction between abstract development
>> dependencies and concrete deployment dependencies is incredibly
>> important for any scenario that involves
>> publisher-redistributor-consumer chains, but is entirely non-obvious
>> to folks that are only familiar with the publisher-consumer case that
>> comes up during development-for-personal-and-open-source-use.
>
> Maybe I'm just being dense but, umm. I don't know what any of these
> words mean :-). I'm not unfamiliar with redistributors; part of my
> confusion is that this is a concept that AFAIK distro package systems
> don't have. Maybe it would help if you have a concrete example of a
> scenario where they would benefit from having this distinction?

I'm also finding this discussion bafflingly complex. I understand that
distributions need a way to work with Python packages, but the issues
involved seem completely divorced from the basic process of a user
using pip to install a package with the dependencies it needs to work
in their program.

The package metadata standardisation process seems to be falling foul
of a quest for perfection. Is there no 80% solution that covers the
bulk of use cases (which, in my mind, are all around some user wanting
to say "pip install" to grab some stuff off PyPI to build his
project)? Or is the 80% solution precisely what we have at the moment,
in which case can't we standardise what we have, and *then* look to
extend to cover the additional requirements?

I'm sure I'm missing something - but honestly, I'm not sure what it is.

If I write something to go on PyPI, I assume that makes me a
"publisher"? IMO, my audience is people who use my software (the
"consumers" in your terms, I guess). While I'd be pleased if a
distributor like Ubuntu or Fedora or Anaconda wanted to include my
package in their distribution, I wouldn't see them as my end users -
so while I'd be OK with tweaking my code/metadata to accommodate their
needs, it's not a key goal for me. And learning all the metadata
concepts related to packaging my project for distributors wouldn't
appeal to me at all. I'd be happy for the distributions to to that and
send me PRs, but the burden should be on them to do that. The
complexities we're debating here seem to be based on the idea that *I*
should understand the distributor's role in order to package my code
"correctly". I'm not at all sure I agree with that.

Maybe this is all a consequence of Python now being used in "big
business", and the old individual developer scratching his or her own
itch model is gone. And maybe that means PyPI is no longer a suitable
place for such "use at your own risk" code But if that's the case,
maybe we need to acknowledge that fact, before we end up with people
getting the idea that "Python packaging is too complex for the average
developer". Because it's starting to feel that way :-(

Paul


More information about the Distutils-SIG mailing list