[Python-ideas] Package reputation system

Tue Mar 29 16:51:45 EDT 2016

In days of yore, before package managers, people used to download source code and read it. Maybe not all of it, but enough to feel not terribly scared when running that code. In modern times, with centralized package repositories and convenient installer tools, we want a better way to know "what’s the right package to use for this task?" It's a "first-world problem" in a sense. There are too many products in my supermarket aisle! On a personal note, I have on occasion spent twenty minutes choosing a toothpaste at Target.

If I care enough, I'll take a moment to look at how many downloads have been counted recently, how many issues there are (usually on GitHub), how many contributors, etc. I'll read the docs. I might even poke around in the source. I'll also check Google rankings to see if people are chatting about the module and linking to it.

I'm not sure if there's a good centralized solution to this problem, but it's a question many people are asking: How do I know which non-stdlib module to use?

Back at Georgia Tech, my professor [0] once told me that the way to get rich is to invent an index. He was referring to Richard Florida's "Creative Class" book and the subsequent "Creativity Index" consulting that Florida provided to various municipalities. People who score high on the index pay you to speak. People who score low on the index pay you to consult.

There are a few companies who sell a Python package reputation service, along with some distribution tools. Continuum's Anaconda, Enthought's Canopy, and ActiveState's ActivePython come to mind. There's clearly value in helping people answer this question.

[0] http://www.coa.gatech.edu/people/david-sawicki

> On Mar 29, 2016, at 1:13 PM, Michel Desmoulin <desmoulinmichel at gmail.com> wrote:
> Le 29/03/2016 17:48, Koos Zevenhoven a écrit :
>> On Tue, Mar 29, 2016 at 2:22 PM, Sven R. Kunze <srkunze at mail.de> wrote:
>>> offtopic
>>> 
>>> I wonder if it would be possible/necessary for the stdlib to include a set
>>> of libraries marked as "featured". Not like "provisional" but more like "You
>>> should use this one and be aware that it may upgrade faster than normal
>>> stdlib modules".
>>> 
>>> Basically like a "pull module". Just a third-party module pulled from the
>>> source and upgraded with each Python version. That would maintain the
>>> maintainers flexibility and the increase the availability of these "defacto
>>> stdlib" modules.
>>> 
>> 
>> +1.
>> 
>> It is a different thing to find a random module on PyPI and depend on
>> it, than to depend on something that is ~officially recommended. Or
>> maybe some kind of package reputation system on PyPI? More threads? :)
> 
> 
> Stop growing the stdlib and make Python a distribution is a topic I
> already read here. It may be time to revive it again.
> 
> Last time, it was deeply linked with packaging and battery included
> philosophy.