[Python-Dev] pip: cdecimal an externally hosted file and may be unreliable [sic]

[Paul Moore]

On 9 May 2014 05:34, Donald Stufft <donald at stufft.io> wrote:
> On May 8, 2014, at 5:22 PM, Donald Stufft <donald at stufft.io> wrote:
>
>>> Socially, this change does not seem to be having the effect of
>>> persuading more package developers to host on PyPI. The stick doesn't
>>> appear to have worked, maybe we should be trying to find a carrot?
>>
>> Do you have any data to point to that says it hasn’t worked? Just to see
>> what impact it has had, I’m running my scripts again that I ran a year
>> ago to see what has changed, already I can see they are processing
>> MUCH faster than last year.
>
> The data has finished processing, it represents a time diff of approximately
> one year. The pip release that caused all of this was released about 4-5 months
> ago.
>
> Overall PyPI has seen a 50% growth in installable projects in that time. If the
> change would have had no effect we'd expect to see a ~50% increase across the
> board. However what we've seen is a a 60% (+10% of expected) increase in
> projects that can only be installed from PyPI and a 12% decrease in projects
> that have any unsafe files (-62% of expected).

Donald,
Thanks for taking the time to get those figures. It does appear that
there are less cases that would be affected than the number of
complaints would imply.

The only concern I have about this type of analysis is that it doesn't
"weight" projects. It may be (and again, I have no data to back this
up) that the projects that are affected detrimentally by this change
are unusually popular or otherwise significant. There's obviously no
way to assess this sensibly other than by making a judgement on the
level of complaints.

But arguing numbers was never my intention here, so let's just say
that I concede that the change has had a positive effect, which is
great.
Paul