[Python-Dev] Overriding stdlib http package

[Demian Brecht]

On 2015-01-24 7:17 AM, Donald Stufft wrote:
> It’s not just power users that it’s good for, it makes it harder for
> even beginners to use things like backports of modules.

What about cases where new module versions are put in as dependencies of
other packages and they stomp standard library packages unbeknownst to
the user installing the higher level package?

For example, let's say packageB overrides stdlib's packageA. packageC
requires packageB, which stomps packageA at import time. Now, author of
packageD requires packageC but is unaware of the fact that packageB
overrides packageA, but heavily uses packageA directly and expects the
stdlib behavior, not the modified behavior in packageB.

(Hope I got the hierarchy right in that description ;))

This would likely cause unexpected behavior and I can only assume that
it would likely be quite difficult to track down, even for a power user.
The same logic applies to unrelated stdlib modules that depend on the
stdlib behavior of packageA as Brett pointed out.

As someone who's recently faced the problem, while making it easier
would have been immediately beneficial to me as the module author, I can
understand the reasoning behind making this a difficult thing to do.

I /do/ think that it might be worthwhile to invest some time in making
it easier to do while still satisfying the safety of other packages, but
I would venture to say it would definitely be non-trivial.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/python-dev/attachments/20150126/b3a245eb/attachment.sig>