[Python-Dev] Standard library vs Standard distribution?
Antoine Pitrou
solipsis at pitrou.net
Fri Nov 30 05:38:28 EST 2018
On Fri, 30 Nov 2018 11:14:47 +1100
Steven D'Aprano <steve at pearwood.info> wrote:
>
> There are plenty of other languages that come with a tiny stdlib and
> leave everything else to third parties. Outside of those like
> Javascript, which has a privileged position due to it being the standard
> browser scripting language (and is backed by an ISO standard and at
> least one major companies vigourously driving it), how is that working
> out for them?
And even for Javascript, that seems to be a problem, with the myriad of
dependencies JS apps seem to have for almost trivial matters, and the
security issues that come with relying on so many (sometimes
ill-maintained) third-party libraries.
Actually, PyPI is also been targeted these days, even though hopefully
it didn't (yet?) have the ramifications such attacks have had in the JS
world (see e.g. the recent "event-stream" incident:
https://blog.npmjs.org/post/180565383195/details-about-the-event-stream-incident )
I agree with you that the stdlib's "batteries included" is a major
feature of Python.
Regards
Antoine.
More information about the Python-Dev
mailing list