On Tue, 2007-03-06 at 02:08 +0100, Piotr Ozarowski wrote: > [Cliff Wells, 05.03.2007]
> > In fact, if I install a Pylons app written > > around Pylons 0.9.x, it's almost guaranteed that letting the system > > package manager update Pylons will break that app at some point in the > > not-so-distant future (in fact this exact issue around TurboGears was > > the very reason I moved solely to easy_install). > > package maintainer will not upload new upstream version to stable > (production) distribution. So if you created your app with 0.9.x and > distribution contains Pylons 0.9.x - you don't have to worry. And how will you know that *my* application (which is custom and not deployed via apt) requires a particular version? What about the other 50 custom Pylons and TurboGears applications on my shared hosting environment, each of which depends to some degree or another on a particular version of those frameworks? You seem to assume that all software installed on a system comes from an approved package repository. Those sorts of systems may exist, but I expect they are mostly useful for sending email and word processing. > > > Sure, developers like ez_install. System administrators don't! > > > > That's odd, because I do equal parts of both and greatly prefer > > easy_install. On my shared hosting boxes, I can use easy_install to > > maintain specific versions of Python packages as required by specific > > applications for specific users, something not easily doable (or doable > > at all) using the system packaging tools. > > You know Python, you know how to fix bugs in apps written in Python. And I also install custom versions of PostgreSQL and yet I haven't programmed in C for many years and I doubt I could fix many bugs in that particular software even were I currently doing so. But as an sysadmin, I understand how to do ./configure && make && make install (or else I'm not much of an administrator). > Now, lets imagine this: User does not know Python and Pylons at all, he > does not follow sqlalchemy, routes, etc. mailing lists and thus will not > be aware of security bugs in these modules. He just saw an outstanding > app. on a website and decided to install it on his server. He's > regularly updating his system, because he knows that if there will be a > serious bug discovered in one of his apps or in one of dependencies - > update will be available soon. He don't need new fancy version, all he > wants is working app. Will you still recommend him to install this app. > with ez_install? Absolutely. People who fail to understand even the basics of the software they are putting on a public-facing website are the reason such a large portion of the web is currently owned by IRC bots and spammers. If a "sysadmin" isn't capable of installing software via easy_install then they probably aren't qualified to install it under any circumstances. > Now lets say there's new stable version of distribution he uses and our > User decides to dist-upgrade to the new version. Will you recommend him > to do this upgrade with ez_install? Will you tell him to remove old app > first? Will you tell him to reinstall his system first? Will x (and x is > a lot) users test this upgrade first? I would expect him to do what any capable admin would do: upgrade the OS and then test his critical applications one-by-one. > > Note that I'm not suggesting that for *some* people using the system > > tools might not be preferable to easy_install nor that pursuing the > > packaging of Python libraries and apps as debs/rpms/ebuilds or whatever > > is a waste. I am, however, contesting the blanket assertions that using > > easy_install leads to chaos (it doesn't) or that system administrators > > prefer the system tools over easy_install (this is pure speculation > > based on the assumption that the sysadmin is clueless about > > easy_install/gems/PEAR/cpan/et al). > > I have no idea how gems work, but I still want to use apps written in > Ruby. Will you tell me to learn how to use them? (Please note that I > already know how to use debs) If you asked nicely, perhaps. If you asked like this I'd probably tell you to RTFM. I personally despise Perl and yet *somehow* I'm able to work my way through CPAN which is at least 10x harder to use than easy_install or gems. If I weren't able to do so, I'd hand over any notion of being a sysadmin to someone who was actually capable of living up to the title. > My point is: not everyone wants newest software. Some people want > *stable* software and there are lots of system administrators among them. What is "stable" software? I've been using open source software since around 94 and quite often the "stable" version of any particular open source package was far buggier than the development versions. In fact, I'd say this is the case more often than not. The acknowledged curse of OSS is that developers tend to work on what interests them and that is very rarely the "stable" version. In fact, most developers consider "stable" to refer only to API stability, not system stability. > PS I really should be sleeping now :-( And I should be having a beer :P Regards, Cliff --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
