-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 01/26/2011 04:07 PM, Alexis Métaireau wrote:
> Le 26/01/2011 20:44, "Martin v. Löwis" a écrit :
>> FWIW, another copy of the PyPI metadata is available in FluidDB, which
>> is also a rest-based database:
>>
>> http://www.fluidinfo.com/
>> http://fluiddb.fluidinfo.com/about/pypi-fluiddb-mirror
>> http://fluiddb.fluidinfo.com/namespaces/loewis?returnNamespaces=True
>> http://fluiddb.fluidinfo.com/namespaces/loewis/cheeseshop?returnTags=True
>
> Great !
>>
>>> +1. eggs are unfortunately a hell to deal with when it comes to
>>> metadata: we are forced to downlad the distributions and extract the
>>> metadata using the setuptools egg_info command.
>>
>> It's your (catalog-sig reader's) choice that this is a hell to deal
>> with: I offered to provide the metadata on PyPI, and the proposal
>> was shot down. Had I been allowed to implement the feature, the data
>> would have been available to everybody without downloading.
>
> As stated before, the problem with those metadata is they are os
> specific, and one version can't be determined once for all. Putting
> those metadata on PyPI could be wrong, because not accurate.
>
> PEP 345 deals with those os specific issues and propose a metadata
> format to statically describe those os specific informations.
I think the SIG's response in September was a good example of "the
perfect is the ene good":
- - A miniscule fraction of all PyPI releases actually declare PEP 345
metadata. I see no evidence that the number is growing[1].
- - A very significant number of the packages on PyPI declare
dependencies via setuptools'requires.txt'; "practicality beats
purity."
- - Of the packages which were made with setuptools metadata, the number
for which one distribution of a given release has different
dependencies than another of the same release is likely insignificant.
- - Resolving conflicts in favor of source distributions would be the
simplest and most useful heuristicc (binary eggs suck as a sharing
format!)
Exposing even imperfect dependency data while we await PEP 345 adoption
would have been a useful, pragmatic thing to do.
[1] Of the forty most recent releases on PyPI as of this writing:
- Nnot one* correctly declared a PEP 345 'Requires-Dist' (one
seemed to want that, but used 'Requires' with a version string).
- Twenty-six of the forty used setuptools to declare
dependencies;
- Four had no package uploaded.
- Five used PEP 314-style 'Requires' (no versions, not necessarily
project names
- FIve were "bare" distutils with no dependency metadata at all.
Tres.
- --
===================================================================
Tres Seaver +1 540-429-0999 tsea...@palladion.com
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk1ArNoACgkQ+gerLs4ltQ6PowCePYji/AAlT/ORVI3InWIxqko+
6rgAnjFJEAtjl8bTbqqEngCz1QwqmNF/
=lMhZ
-----END PGP SIGNATURE-----
_______________________________________________
Catalog-SIG mailing list
Catalog-SIG@python.org
http://mail.python.org/mailman/listinfo/catalog-sig
