Anyone packaged python-ldap as part of a bigger package ?

Michael Ströder michael at
Mon Apr 6 16:21:07 CEST 2009

Jens Vagelpohl wrote:
> On Apr 6, 2009, at 14:55 , Michael Ströder wrote:
>> Jens Vagelpohl wrote:
>>> On Apr 6, 2009, at 14:10 , Michael Ströder wrote:
>>>>> It's not always wise to go with the latest.
>>>> At the moment it is (within the 2.3 series).
>>> Unfortunately that's not true. I've ben in many situations where I
>>> really needed older versions (like 2.0.8 or 2.1.x),
>> Can you please tell us why?
> Simple example: A server with an old version of OpenLDAP on it, like  
> 2.2.x, which I don't control and cannot upgrade.

I suspected something like this. ;-)

> For the customers' needs it's perfectly fine to just go with an older
> version of python- ldap.

As long as there aren't any security holes in older versions of
python-ldap and/or libldap. Nobody will fix them.

> Sometimes I've had to resort to building OpenLDAP separately, just to  
> use python-ldap, and just because I wanted to use the python-ldap egg  
> and the only eggs available are 2.3.x. Seems a bit silly, don't you  
> think?

No, personally I don't think so. Given that even OpenLDAP 2.3 is almost
out-of-service it's wiser to go with a more recent version.

> I'm not asking you to spend extra time and put old versions onto PyPI  
> now. What I would like to see is a policy of making sure once a  
> release is on PyPI it's not removed, ever. That way automated  
> buildouts can rely on finding the versions they have configured in.

Hmm, will think about it. If someone has a urgent need I could provide
older releases.

> And if you wanted to share PyPI admin duties I'd be happy to find  
> older versions and upload them to PyPI as well.

Noted. Thanks.

Ciao, Michael.

More information about the python-ldap mailing list