I discussed this a bit this afternoon with Stephan and we came up with an idea that we think might help. Stephan is going to try to prototype it. I'll try to explain it.

The basic idea is to provide a custom index. There will be such an index for each "known good set" (KGS). An example of a KGS would be the KGS corresponding to the Zope 3.4 release. A KGS would have a set of controlled projects. A KGS index will have manually-managed project pages for all controlled projects. For other projects, it will mirror PyPI.

The prototype will build on my cheeseshop mirroring software. We will add a controlled projects list as configuration data. The mirroring software will ignore updates for controlled projects. This is a very small change to existing simple software. (The controlled project directories could be managed by either editing index pages or by placing approved distros into a server directory.) The custom index will be a static web site.

With this in place, we can establish KGSs and, for controlled projects, the index pages will only be updated when a distribution for a known project has been carefully vetted.

Users can set up buildout or easy_install to use the specific KGS as their index server. Each KGS will have a release manager who will be responsible for maintaining the KGS.

We will also create a buildout that tests packages in the KGS. When one wants to test a change to a core package, they would:

- check out the buildout
- maybe change the index option to point to a particular KGS
- check out the project(s) they want to test and configure them as develop eggs
- run the buildout test script.

Hopefully, this will give us much greater stability than we've had up to now.

Jim Fulton
Zope Corporation

Zope3-dev mailing list
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com

Reply via email to