-----BEGIN PGP SIGNED MESSAGE-----
Martijn Faassen wrote:
>> I think that replacing 'index_url' with a "gated community" of packages
>> is the only path to sanity here: the contract of the Cheeseshop (share
>> new releases of all packages with everyone ASAP") is incompatible with
>> our goals ("ensure that users can install a given package and its
>> dependencies, and have them work").
> Why don't you think it can be solved by having packages themselves
> state preferred versions? The cheeseshop can be a festering pool of
> madness, as long as the packages I pull from it have reasonable
> preferred versions, I should be fine, right?
A few things:
- Your solution requires a new feature in setuptools, whose development
velocity has dropped off pretty sharply of late. Maybe you've got a
patch in hand already, at which point you could offer a temporary
fork while the feature makes it way into an official release.
- The proposed feature makes solving the package dependency graph
harder, rather than easier: what if grok recommends a different
version of 'zope.interface' than some other component recommends?
- People do remove releases from the Cheeseshop, with various
justification. If you want to guarantee that somebody will be
able to recreate the known environment, even in the face of missing
distributions, you have to mirror the "blessed" distributions.
Tres Seaver +1 540-429-0999 [EMAIL PROTECTED]
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Zope3-dev mailing list