Anyone packaged python-ldap as part of a bigger package ?
michael at stroeder.com
Mon Apr 6 16:21:07 CEST 2009
Jens Vagelpohl wrote:
> On Apr 6, 2009, at 14:55 , Michael Ströder wrote:
>> Jens Vagelpohl wrote:
>>> On Apr 6, 2009, at 14:10 , Michael Ströder wrote:
>>>>> It's not always wise to go with the latest.
>>>> At the moment it is (within the 2.3 series).
>>> Unfortunately that's not true. I've ben in many situations where I
>>> really needed older versions (like 2.0.8 or 2.1.x),
>> Can you please tell us why?
> Simple example: A server with an old version of OpenLDAP on it, like
> 2.2.x, which I don't control and cannot upgrade.
I suspected something like this. ;-)
> For the customers' needs it's perfectly fine to just go with an older
> version of python- ldap.
As long as there aren't any security holes in older versions of
python-ldap and/or libldap. Nobody will fix them.
> Sometimes I've had to resort to building OpenLDAP separately, just to
> use python-ldap, and just because I wanted to use the python-ldap egg
> and the only eggs available are 2.3.x. Seems a bit silly, don't you
No, personally I don't think so. Given that even OpenLDAP 2.3 is almost
out-of-service it's wiser to go with a more recent version.
> I'm not asking you to spend extra time and put old versions onto PyPI
> now. What I would like to see is a policy of making sure once a
> release is on PyPI it's not removed, ever. That way automated
> buildouts can rely on finding the versions they have configured in.
Hmm, will think about it. If someone has a urgent need I could provide
> And if you wanted to share PyPI admin duties I'd be happy to find
> older versions and upload them to PyPI as well.
More information about the python-ldap