[Python-Dev] PEP 453 Round 4 - Explicit bootstrapping of pip in Python installations

Donald Stufft donald at stufft.io
Thu Sep 19 15:54:08 CEST 2013

On Sep 19, 2013, at 9:50 AM, Antoine Pitrou <solipsis at pitrou.net> wrote:

> Le Thu, 19 Sep 2013 09:27:24 -0400,
> Donald Stufft <donald at stufft.io> a écrit :
>> We've updated PEP453 based on some of the early feedback we've gotten
>> from -dev and Martin.
>> Major changes:
>> * Removal of the option to fetch pip from PyPI in order not to modify
>> the trust model of the Python installers
>> * Consequently rename the model from ``getpip`` to ``extractpip``
> "ensurepip" ?
> What happens if there is already a higher pip version installed?
> I suppose "extractpip" doesn't do anything in that case?
> (sorry, perhaps it's mentioned in the PEP and I haven't seen it.
> The PEP has become so long that I've only skimmed through it.)

We could explicitly call this out but it's implied it will do nothing
because it's going to just call out to to the privately installed pip
to actually install itself, and pip itself won't "upgrade" to an older

Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mail.python.org/pipermail/python-dev/attachments/20130919/154ea63d/attachment.sig>

More information about the Python-Dev mailing list