On Mon, Mar 11, 2013 at 4:07 PM, Carl Meyer <c...@oddbird.net> wrote: > On 03/11/2013 01:57 PM, PJ Eby wrote: >> I'm saying that if someone objects to the presence of links they >> don't actually use, they are speaking nonsense. Might as well ask to >> ban all packages from PyPI that they don't personally like -- it's the >> same request. Nobody is forcing you to depend on packages that don't >> host on PyPI, so there is no point to the censorship. >> >> If you don't use the links, you can't argue that their presence is >> causing you harm. > > You can, of course, argue that the mere presence of those links > (combined with the current behavior of easy_install/pip) is an > "attractive nuisance" that indirectly causes harm to unsuspecting new > users of Python who never even consider the possibility that tools like > easy_install and pip might spider off PyPI to arbitrary websites
Which is why I think removing rel="" spidering is a good idea. In fact, I'm the one who suggested that. I also suggested moving to turning it off by default in future versions of easy_install, adding warnings, etc. But that's not the same thing as agreeing that it should be *banned* for people to publish machine-readable download information on PyPI for a file that's hosted off-PyPI. ISTM that Python's "consenting adults" standard sets a higher bar for banning a feature than it does for marking it, "here there be dragons" and offering a better alternative. Heck, even in Python the language, the mere removal of a feature in a new version of Python, doesn't stop people from continuing to use the old one. Here we're talking about infrastructure that everybody uses; it's not like there's a PyPI X.1 that people can keep using if X.2 comes out. _______________________________________________ Catalog-SIG mailing list Catalog-SIG@python.org http://mail.python.org/mailman/listinfo/catalog-sig
