-----BEGIN PGP SIGNED MESSAGE-----
Martijn Faassen wrote:
> [eggs in debian]
> Okay, I can see this as an additional, more stably maintained resource
> of eggs than the cheeseshop. That might indeed be helpful.
>> Now, how would you use the Grok gated community with the sqlalchemy
>> gated community if they had common dependencies, and those dependencies
>> were at different versions in the two communities?
> I don't know. :) I don't know how a gated community is supposed to work.
>> Of course, you could make one _very_ large gated community and "freeze"
>> it as a release every now and then. Er, basically the same as what
>> distros are doing, hopefully making their life much easier;)
> One of the issues is that it doesn't solve my problem if you just have
> a big one. You'd need a gated community per *version* of Grok in order
> to make sure no newer eggs sneak into the project after release.
Correct. Such a "protected mirror" provides repeatability: for
instance, if someone installs from the cheeseshop, and then reports a
bug which can't be reproduced when installing from the mirror, then the
fix is obvious. If no distribution of a given project is available in
the mirror, then the user should know that "caveat emptor" applies: the
mirror defines the "supported" package set.
Essentially, the mirror externalizes the 'install_requires' with pinned
version numbers into an external website, along with the guarantee that
the specified distributions will remain available, even in the event
that somebody makes a release management booboo on the cheeseshop.
I can envision URLs which look like:
- Copies of all distributions ever used with grok:
- Symlinks of the specific distributions known to work with grok 0.10:
- Generated 'simple' API page for grok 0.10 ('--index-url' target):
One could of course write a webapp to manage these sets, but that feels
like it might be overkill, unless the application did more stuff as well
(like maybe generating buildout.cfg files, or virtualenv derivatves).
Tres Seaver +1 540-429-0999 [EMAIL PROTECTED]
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Zope3-dev mailing list