[Cliff Wells, 05.03.2007] > On Mon, 2007-03-05 at 23:42 +0100, Piotr Ozarowski wrote: > > You can install your Pylons app. and forget about dependencies for next 2 > > years. > > Package maintainers will fix all bugs in related packages. > > There is almost zero chance of that happening in the Python world, no > matter who's working on it.
Gaupol package (subtitle editor) will be shipped with version 0.7.1 in Debian Etch. This version does not work with new PyGTK. I, as a package maintainer, will make sure [1] that even if someone decides to upload new PyGTK, Gaupol users will have working app. [1] by applying fix from 0.7.2 or forcing new upstream into Etch > In fact, if I install a Pylons app written > around Pylons 0.9.x, it's almost guaranteed that letting the system > package manager update Pylons will break that app at some point in the > not-so-distant future (in fact this exact issue around TurboGears was > the very reason I moved solely to easy_install). package maintainer will not upload new upstream version to stable (production) distribution. So if you created your app with 0.9.x and distribution contains Pylons 0.9.x - you don't have to worry. > > Sure, developers like ez_install. System administrators don't! > > That's odd, because I do equal parts of both and greatly prefer > easy_install. On my shared hosting boxes, I can use easy_install to > maintain specific versions of Python packages as required by specific > applications for specific users, something not easily doable (or doable > at all) using the system packaging tools. You know Python, you know how to fix bugs in apps written in Python. Now, lets imagine this: User does not know Python and Pylons at all, he does not follow sqlalchemy, routes, etc. mailing lists and thus will not be aware of security bugs in these modules. He just saw an outstanding app. on a website and decided to install it on his server. He's regularly updating his system, because he knows that if there will be a serious bug discovered in one of his apps or in one of dependencies - update will be available soon. He don't need new fancy version, all he wants is working app. Will you still recommend him to install this app. with ez_install? Now lets say there's new stable version of distribution he uses and our User decides to dist-upgrade to the new version. Will you recommend him to do this upgrade with ez_install? Will you tell him to remove old app first? Will you tell him to reinstall his system first? Will x (and x is a lot) users test this upgrade first? > Note that I'm not suggesting that for *some* people using the system > tools might not be preferable to easy_install nor that pursuing the > packaging of Python libraries and apps as debs/rpms/ebuilds or whatever > is a waste. I am, however, contesting the blanket assertions that using > easy_install leads to chaos (it doesn't) or that system administrators > prefer the system tools over easy_install (this is pure speculation > based on the assumption that the sysadmin is clueless about > easy_install/gems/PEAR/cpan/et al). I have no idea how gems work, but I still want to use apps written in Ruby. Will you tell me to learn how to use them? (Please note that I already know how to use debs) My point is: not everyone wants newest software. Some people want *stable* software and there are lots of system administrators among them. PS I really should be sleeping now :-( -- -=[ Piotr Ozarowski ]=- -=[ http://www.ozarowski.pl ]=-
pgp49IKdFUBHF.pgp
Description: PGP signature
