[Python-Dev] PyPI comments and ratings, *really*?

Steven D'Aprano steve at pearwood.info
Sat Nov 14 16:25:54 CET 2009

On Sun, 15 Nov 2009 01:52:21 am P.J. Eby wrote:

> > > I don't want to create a PyPI account (more account details I'll
> > > rarely use to remember) just to vote. I can see why anonymous
> > > votes are bad, but the sample's going to be self-selecting -
> > > people like me who don't want to create an account will be
> > > excluded.
> >
> >This is indeed intentional: people like you won't upload packages to
> >PyPI, nor will they take part in the rating system, as both require
> >a PyPI account.
> Which is bizarre, since Paul belongs to the group of people you say
> you care most about - i.e., those people browsing the index and
> looking for packages.  The *consumers* of the comments, in other
> words.

Not bizarre at all, practical. Without authenticated votes, gaming the 
system goes from technically challenging to simple enough anyone can do 
it. Martin may have the best interests of "consumers" in mind, but he 
can't force them to act in their best interest. If they choose to not 
vote, that's their choice to make.

Think of it as voting registration. Even in countries like Australia 
with compulsory voting, you have to register first, to ensure that 
people make a single vote.

Since Paul doesn't have an account, he can't make comments, or rate 
packages, or cast a vote. This is by design, not out of a desire to 
defranchise people like Paul, but because the alternatives -- easy 
comment spam, people voting multiple times -- are worse than some 
proportion of users being unable to vote.

Steven D'Aprano

More information about the Python-Dev mailing list