Hash: SHA1

Martijn Faassen wrote:

>> I think that replacing 'index_url' with a "gated community" of packages
>> is the only path to sanity here:  the contract of the Cheeseshop (share
>> new releases of all packages with everyone ASAP") is incompatible with
>> our goals ("ensure that users can install a given package and its
>> dependencies, and have them work").
> Why don't you think it can be solved by having packages themselves
> state preferred versions? The cheeseshop can be a festering pool of
> madness, as long as the packages I pull from it have reasonable
> preferred versions, I should be fine, right?

A few things:

 - Your solution requires a new feature in setuptools, whose development
   velocity has dropped off pretty sharply of late.  Maybe you've got a
   patch in hand already, at which point you could offer a temporary
   fork while the feature makes it way into an official release.

 - The proposed feature makes solving the package dependency graph
   harder, rather than easier:  what if grok recommends a different
   version of 'zope.interface' than some other component recommends?

 - People do remove releases from the Cheeseshop, with various
   justification.  If you want to guarantee that somebody will be
   able to recreate the known environment, even in the face of missing
   distributions, you have to mirror the "blessed" distributions.

- --
Tres Seaver          +1 540-429-0999          [EMAIL PROTECTED]
Palladion Software   "Excellence by Design"    http://palladion.com
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

Zope3-dev mailing list
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com

Reply via email to