> Betreff: Re: [Zope-dev] zope.password
> 2009/3/10 Roger Ineichen <d...@projekt01.ch>:
> > Hi Steering group, Hanno, Dan
> >> Betreff: Re: [Zope-dev] zope.password
> >> Dan Korostelev wrote:
> >> > 2009/3/10 Hanno Schlichting <hanno...@hannosch.eu>:
> >> >> Either you have a dependency and declare it or you don't have a
> >> >> dependency. Since we don't want to use "extras" anymore, I
> >> think this
> >> >> calls for another package which depends on zope.password
> >> and zope.schema.
> >> >
> >> > I still don't like/get the idea of creating and
> maintaining extra
> >> > package that merely contains a vocabulary factory for
> >> another package.
> >> > Whatever, I reverted that change. Roger, just exclude
> >> > zope.app.authentication's "password.zcml" file, include
> >> > "zope.password" explicitly and define your own vocabulary.
> >> I don't quite like the idea of extras and we decided to
> avoid them.
> >> We also decided to avoid tests_require from what I understand.
> >> What you did was to not specify an extra nor a hard
> dependency, but
> >> still add zope.schema to the test extra section.
> >> That feels wrong. Either you have a dependency and so have
> the tests
> >> or you don't.
> >> I think extras have been created for this kind of use-case of
> >> providing an "optional feature" from a package. Either we use that
> >> mechanism and declare it, or we don't want this mechanism and live
> >> with creating extra packages instead.
> > Hanno,
> > Can you propose something else to solve our problem?
> > The problem is, zope.password offers password manager which
> get used
> > by zope.app.testing, zope.app.authentication, z3c.authenticator and
> > other packages. zope.app.authentication configures the
> vocabulary for
> > the password managers in zope.password.
> > That's defently a no go.
> > Write another package for just define and register them is I think
> > also a no go.
> > Probably we should depend zope.password on zope.schema too and
> > configure the vocabulary and managers registry there.
> > Dan,
> > I think we should not be to excessive with the dependency
> cleanup and
> > stop ourself. It would be nice to use zope.password without the
> > zope.schema package but that's right now no use case for
> our refactoring.
> I'd like to be able to use zope.password without
> zope.component for some of my tiny old Pylons-based projects,
> that's why I'm trying to avoid dependency on it. I believe
> that repoze guys will also be quite happy, if it didn't pull
> unneeded (for them) dependency.
I think that's a valid reason for your use case. But that's
a problem for the zope framework ;-)
> I'd be fine with an "extra" requirement, but others seem to
> be against that. :-/
I think we don't have any replacement pattern for extra_requires.
The extra_requires where developed for exactly that reason.
We should use that pattern till someone will show us a better
I also think to add an additional package for register a vocabulary
is very ugly.
Probably we should think about zope.app.security or something
like that and move the password managers and vocabulary to
someting like that.
Zope-Dev maillist - Zope-Dev@zope.org
** No cross posts or HTML encoding! **
(Related lists -