[Distutils] providing a way for pip to communicate extra info to users
Chris Jerdonek
chris.jerdonek at gmail.com
Mon Apr 9 19:47:42 EDT 2018
On the pypa-dev Google group, a suggestion was raised about giving pip
a way to communicate extra info to users.
This was during a thread started by Matthew Brett about pip breaking
for certain macOS users due to certain TLS changes ("Impending silent
breakage of pip / macOS likely to cause severe confusion"). Donald
said this behavior is governed by PEP 503 and that the topic was best
discussed on distutils-sig:
https://groups.google.com/d/msg/pypa-dev/Oz6SGA7gefo/RRXQBQSBBAAJ
so I'm raising the suggestion here to continue the discussion.
One of Donald's comments in response to the idea (and that occurred to
me too and that I agree with) is that providing a way to communicate
messages to users introduces another possible avenue for attack.
A possible middle-ground could be to hard-code a message in pip. Pip
could display the message in certain circumstances, e.g. in response
to certain types of failures. For example, the message could tell
users to check a certain URL maintained by PyPA for further
information / possible announcements.
What do people think?
--Chris
More information about the Distutils-SIG
mailing list