[Python-Dev] PyPI comments and ratings, *really*?

Wolodja Wentland wentland at cl.uni-heidelberg.de
Fri Nov 13 11:19:06 CET 2009

On Fri, Nov 13, 2009 at 18:00 +1100, Ben Finney wrote:
> Steven D'Aprano <steve at pearwood.info> writes:
> > In my opinion, the community is best served by a good comment/review 
> > system, one which avoids the worst trolling, and allows authors the 
> > right of reply, but does not allow authors to censor inconvenient but 
> > honest reviews. 

> I also think, though, that the community is best served by an objective
> repository of third-party Python packages, with information derived only
> directly from the package itself and objective data. That allows the
> least barrier to having a package maintainer want to register their
> package with such a service, which is in the interest of having it be as
> complete a registry of packages as can be.
> A community forum, on the other hand, has many characteristics that will
> be *disincentives* to a package manager for having their package appear
> there. It's never going to attract as many package maintainers as an
> impartial, objective registry; the many reasons already given here as to
> why some package maintainers *don't* want their packages in such a
> system are evidence of that.

I think that there are a lot of things that could be done to make PyPi a
place where users can find *high wuality* packages and one that makes it
desirerably for developers to have their packages listed there.
Unfortunately comments *on the package main page* is not among them.

I think the PyPi/Python developers should consider the following points:

* PyPi is the de facto *official* repository of third party packages
  that form the "enhanced" stdlib

* I as a developer chose PyPi to be the *official* website of my
  projects and I want to have control over this website.

I could name a plethora of things I would do to enhance PyPi and here
are some ideas:

Better UI

Right now the package consists of a single page and all information is
cramped in there. I would suggest having a "tab-style" bar containing
things like:

    * Package description/Home (default)
    * Documentation

      Right now I have to place a link to the documentation I uploaded
      to PyPi in the package description myself? Why? Include that
      automatically on the package site as soon as it is uploaded and
      tell the developers about that feature!

    * Issue tracker (either hosted on PyPi or somewhere else)
    * Downloads (for different releases)
    * Comments

      Place comments on a different page, give developers the possibilty
      to enable this feature and react to comments. Maybe include a way
      to rate comments and those with a higher rating will bubble up
      reddit style.

    * Changelog
    * ...

Automatic Package testing

What I really like on PyPi is that my packages are tested automatically
with Cheesecake and the order of packages when searching is determined
by this rating. This gives a huge incentive to work on the package
quality, which is a great thing IMHO. Ratings by users could influence
this ranking as well...

I would take this idea even further.

All packages should be tested automatically and *REJECTED* if they don't
meet certain quality criteria. PyPi should become a place where high
quality packages can be found, not a dump for every single "Hello World"
ever developed.

Debian will run lintian (a Debian package checker) automatically against
newly uploaded packages and reject those that don't meet a basic set of

Tests could reject packages that:

    * FTBFS
    * do not install/uninstall cleanly
    * miss important files (README, CHANGELOG, .. )
      This could leverage platform specific information as in: If it is
      a *nix package and includes scripts, it should have man pages for
      them, ....

    * rate poorly on automatic tests (pep8, cheesecake, pylint, ...)
    * are not GPG signed
    * have not specified a license
    * ...

I admit that this makes PyPi a much stricter place and suggest that
sections are introduced that define different rules for inclusion (like
Debian's stable, testing, unstable - main, contrib, non-free). There
could be sections like this:

    * main - manually checked packages of high quality
      This would comprise packages of a high enough quality to be deemed
      acceptable in the stdlib 

    * tested - packages not in main that rank high on automatic tests
    * ...
    * junk (better name required)

Users could then decide which parts they want pip to retrieve packages
from. We could even encourage github, bitbucket, sourceforge, ... to
provide ways to automatically query their repositories from pip so they
could be included in pip's "sources.list" and used to install
dev-versions, packages of por quality.

*IF* Python plans to develop a fully fledged platform agnostic package
manager for Python programs/libraries it would be wise to learn from the
solutions people came up with until now (aptitude, yum, pkg_add, emerge,

kind regards

    Wolodja Wentland
  .''`.     Wolodja Wentland    <wentland at cl.uni-heidelberg.de> 
 : :'  :    
 `. `'`     4096R/CAF14EFC 
   `-       081C B7CD FF04 2BA9 94EA  36B2 8B7F 7D30 CAF1 4EFC
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://mail.python.org/pipermail/python-dev/attachments/20091113/ce03fba5/attachment.pgp>

More information about the Python-Dev mailing list