[Distutils] distlib and wheel metadata

Nick Coghlan ncoghlan at gmail.com
Thu Feb 23 07:32:42 EST 2017

On 23 February 2017 at 18:53, Paul Moore <p.f.moore at gmail.com> wrote:

> On 23 February 2017 at 08:44, Nick Coghlan <ncoghlan at gmail.com> wrote:
> > That gets us back into the world of defining what the various package
> types
> > mean, and I really don't want to go there :)
> And yet I still don't understand what's wrong with "application",
> "library", and "metapackage" (the latter saying to me "complex thing
> that I don't need to understand"). Those terms are clear enough -
> after all, they are precisely the ones we've always used when debating
> "should you pin or not"?
> Sure, there's a level of judgement involved - but it's precisely the
> *same* judgement as we're asking authors to make when asking"should I
> pin", just using the underlying distinction directly.

Thinking about it further, I may be OK with that, especially since we can
point to concrete examples.

  component: a library or framework used to build Python applications.
Users will mainly interact with the component via a Python API. Examples:
requests, numpy, pytz
  application: an installable client application or web service. Users will
mainly interact with the service via either the command line, a GUI, or a
network interface. Examples: ckan (network), ansible (cli), spyder (GUI)
  metapackage: a package that collects specific versions of other
components into a single installable group Example: PyObjC

And then we'd note in the spec that public index servers SHOULD warn when
components use pinned dependencies, while other tools MAY warn about that

Going down that path would also end up addressing this old RFE for the
packaging user guide:

> > Instead, I'm thinking in terms of a purely capability based field:
> > "allow_pinned_dependencies", with the default being "False", but actually
> > checking the field also only being a SHOULD for public index servers and
> a
> > MAY for everything else.
> How would the user see this? As a magic flag they have to set to "yes"
> so that they can pin dependencies? Because if that's the situation,
> I'd imagine a lot of authors just cargo-culting "add this flag to get
> my package to upload" without actually thinking about the
> implications. (They'll search Stack Overflow for the error message, so
> putting what it's for in the docs won't help...)

Pre-answering questions on SO can work incredibly well, though :)


Nick Coghlan   |   ncoghlan at gmail.com   |   Brisbane, Australia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20170223/e76fae7f/attachment-0001.html>

More information about the Distutils-SIG mailing list