On the pypa-dev Google group, a suggestion was raised about giving pip
a way to communicate extra info to users.
This was during a thread started by Matthew Brett about pip breaking
for certain macOS users due to certain TLS changes ("Impending silent
breakage of pip / macOS likely to cause severe confusion"). Donald
said this behavior is governed by PEP 503 and that the topic was best
discussed on distutils-sig:
https://groups.google.com/d/msg/pypa-dev/Oz6SGA7gefo/RRXQBQSBBAAJ
so I'm raising the suggestion here to continue the discussion.
One of Donald's comments in response to the idea (and that occurred to
me too and that I agree with) is that providing a way to communicate
messages to users introduces another possible avenue for attack.
A possible middle-ground could be to hard-code a message in pip. Pip
could display the message in certain circumstances, e.g. in response
to certain types of failures. For example, the message could tell
users to check a certain URL maintained by PyPA for further
information / possible announcements.
What do people think?
--Chris
___
Distutils-SIG maillist - Distutils-SIG@python.org
https://mail.python.org/mailman/listinfo/distutils-sig