Packaging and dependencies

Steve Holden steve at holdenweb.com
Wed Sep 26 09:36:31 EDT 2007 

Ben Finney wrote:
> "Diez B. Roggisch" <deets at nospam.web.de> writes:
> 
>> In my opinion, python is steering here to a direction like Java with
>> it's classpath: scripts like workingenv and it's successor (forgot
>> the name) provide hand-tailored environments for a specific
>> application.
> 
> What a silly waste of resources. So, if fifteen different programs
> depend on library X, we'd have fifteen *separate* installations of
> library X on the same machine?
> 
You need to get your opinions up to date. Fifteen copies of a single 
library is nothing in terms of the code bloat that has happened over the 
last forty years, and most of that bloat is for programmer convenience, 
either in package development or distribution.

While it's all very well to say that there should only ever be one true 
version of a library this requires that developers constrain themselves 
(sometimes in ways they consider unreasonable) to backwards 
compatibility for the entire lifetime of their code.

> And when it comes time to upgrade library X because a security flaw is
> discovered, each of the fifteen instances must be upgraded separately?
> 
Yes. Better than upgrading a single library shared between fifteen 
applications and having two of them break.

>> So maybe you should rather try and bundle your app in a way that it
>> is self-contained.
> 
> That entirely defeats the purpose of having packages declare
> dependencies on each other. The whole point of re-usable library code
> is to *avoid* having to re-bundle every dependency with every separate
> application.
> 
Agreed, but until we reach the ideal situation where everybody is using 
the same package dependency system what's your practical solution? 
"Self-contained" has the merit that nobody else's changes are going to 
bugger about with my application on a customer's system. The extra disk 
space is a small price to pay for that guarantee.

regards
  Steve
-- 
Steve Holden        +1 571 484 6266   +1 800 494 3119
Holden Web LLC/Ltd           http://www.holdenweb.com
Skype: holdenweb      http://del.icio.us/steve.holden

Sorry, the dog ate my .sigline

More information about the Python-list mailing list