On Sat, Dec 26, 2009 at 11:17, Steffen Mueller <smuel...@cpan.org> wrote: > This is clearly a case of citation rape. ;)
Possibly, but I tried to extract the essence of the misunderstanding. Maybe I was boiling too hard. :) > Sorry, but I'm not being philosophical when I say you have to authorize access > to things. But the discussion was not "things". The discussion was specifically *namespaces*. > Same for CPAN. You automatically register an exact namespace by uploading a > file > that contains it. But you don't get it recursively. Please recall my > explanation > of how in Perl a namespace == package name == class name. It isn't in Python. > That we do out meta data stuff on package/namespace/class names as opposed to > distribution names has the huge benefit of interoperability between > distributions. What problems would that be? > We're not pretending anything. We're not forcing anything except that you > don't > override somebody elses work. We advise on proper choice of namespaces. But in > the end, we never force anybody to adhere to our preferences. By "our", I mean > an arbitrary bunch of experienced contributors who offer advice for new > contributors. Most of those wouldn't even have the power to impose any > restrictions. Those who do, use it only extremely sparely. For example, when > somebody has passed away or simply asks for help in passing maintainership to > someone else. Then there simply is no difference between PyPI and CPAN in this regard. > You're wrong. The Perl/PAUSE/CPAN system works exceptionally well. But it does > so because we regulate a lot less than you think. The question then becomes why it is claimed that PyPI needs to regulate *more* when it's pretty obvious once the confusion has cleared that the only regulation on both systems is that you can't upload a new version of somebody else's package. It's just that you call packages namespaces and we don't. (Or well, on CPAN it canbe uploaded, but it won't be visible, in PyPI it can't be uploaded). >> > This is a safeguard against insanity and it's the thing that means >> > that you can trust "cpan PAR" to always install the Perl Archive >> > Toolkit that was released by Autrijus Tang, Roderich Schupp, or myself >> > (we share co-maintenance). It's never going to be some random junk. >> > And that you auto-register a namespace on upload is the guarantee. >> >> And obviously on PyPI, it's first come first serve as well. But nobody >> would call a db package "db" if one already exists. Why would they do >> that? What's the point? Why would I make a completely new package >> called "Twisted" for example? There already is one. It's just a >> mindset that is completely incomprehensible to me. > > Then you clearly do not understand what it is like to be > a) malicious > b) new, young, inexperienced > c) stupid. So? What does that have to do with anything? Why would PyPI need more regulation/organisation to handle that? Especially if CPAN doesn't? As far as I can see, this is another case of: "Python needs CPAN!" "We have it already." :-) -- Lennart Regebro: http://regebro.wordpress.com/ Python 3 Porting: http://python-incompatibility.googlecode.com/ +33 661 58 14 64 _______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org http://mail.python.org/mailman/listinfo/distutils-sig
