[Pythonmac-SIG] PackageManager / Python 2.3.x - 2.4 ideas
Kevin Ollivier
kevino at tulane.edu
Wed Jul 30 17:04:37 EDT 2003
On Wednesday, July 30, 2003, at 03:25 PM, Jack Jansen wrote:
> First a comment: initially I thought that doing a PEP on the client
> side of
> PackMan would be good enough, but now that I have had the experience
> of doing a
> database three times, with months in between, I think that the
> scapegoat
> side is important too. We also need to come up with tools or procedures
> that make it easier for multiple people being responsible for a single
> database,
> and also for a single person to keep information that is going to be
> helpful
> the next time the database is updated.
IMO, what we need here is to have a package metadata file for Python
packages, possibly in setup.py, or whatever. Then, using a command
(i.e. setup.py update_ppm), folks could "synch" that metadata with the
main Package Manager database on Python.org. I've seen a PEP on
something similar to this, but more limited - I think it was a way to
specify trove classification data, description, etc. in setup.py and
update it with PyPI. But this would be a simple and logical extension
to that functionality.
> Scapegoat-side could be integrated into distutils. One day I think
> this is
> a very good idea, the next day I think it is a very bad idea. I will
> ponder
> on this, and I would like input.
I personally think it is a good idea, at least today. ;-) The core idea
behind PyPI and other tools like it is that each package maintainer
should be expected to promote and update their own package, and I think
Package Manager should be the same way.
Thanks,
Kevin
> On woensdag, jul 30, 2003, at 23:01 Europe/Amsterdam, Bob Ippolito
> wrote:
>
>> These are some ideas for future versions of Package Manager and
>> friends...
>>
>> Should remove shell executable dependencies because python does these
>> tar
>> unzip
>> zip
>> curl
>> (not sure if it uses there or not)
>> rm
>> mv
>
> Definitely.
>
>> Should leverage metadata from PyPI in some way
>
> This is scapegoat-side. If we go for a distutils-based solution we get
> it automatically,
> as distutils has support for the PyPI metadata (I think?).
>
>> Should read proxy settings from OS X rather than using environment
>> variables.. allow a user override, store this as a preference
>
> Not a PackMan problem, this is a urllib problem. There's a bug filed
> already.
>
>> Should allow user to override 'scratch area', they might not always
>> have space in /tmp .. store this as a preference
>
> Definitely. Especially for people doing source installs you want to
> keep things around.
>>
>
>> We should write a cross-platform "preferences" module for python that:
>> Uses the registry in win32 to determine a folders for global/user
>> plists, and then uses that :)
>> Uses ~/Library/Preferences/plists and /Library/Preferences/plists in
>> OS X
>> Uses somewhere/plists for global settings on unix and
>> ~/.dotfolder/plists in UNIX
>
> While I agree we need it I think it isn't a PackMan problem. There are
> numerous
> other packages that want this (bgen, for instance). This could be the
> subject of a
> separate PEP.
>
>> Not have separate plist files for each distutils.util.get_platform()
>> -- this is only semi-useful for binary OS X packages, and not useful
>> at all for other operating systems.
>
> This one I disagree with, and I disagree with it strongly. The central
> philosophy of PackMan
> is accountability (in other words: the scapegoat). We may need to
> structure things differently, with major/minor OS release in the
> filename and within the database entries a list of micro releases that
> are known to work, but we definitely need the functionality.
>
> Binary packages are the reason for PackMan's existence, source
> releases are a service to the developer community. They already have
> PyPI.
>
>> Have a cryptographically authenticated way of determining the
>> authenticity of 'stuff'. [...]
>
> This is serious reading, I will come back to this later.
>
>> Keep receipts for installed packages, even if we don't write an
>> uninstaller.
>
> Parts are already in place, but they don't get written out to disk. It
> turned out to be a harder problem than I thought. But I agree we need
> to do something about this.
>
>> Keep track of dependency versions.. for example, FooBar 2.0 might
>> require a minimum BarBaz of 1.0 and is tested compatible up to BarBaz
>> 1.5. BarBaz might release a wonderful 1.6 version that breaks some
>> behavior that FooBar 2.0 or whatever other packages depended on.
>> Upgrading to BarBaz 1.6 should warn the user that "FooBar 2.0 and
>> SuperAlice 1.5 are dependent on BarBaz 1.0-1.5, but are not tested to
>> work with BarBaz 1.6. This upgrade may require upgrades to these
>> dependencies". Dependency graphs are a lot of fun, but we're all
>> good programmers here and we can't be lazy all the time.
>
> This should all be in there already. You can depend on a package, a
> specific version of a package, or even a specific flavor
> (pil-1.1.4-source).
>
>> Package Manager should be able to install distutils-based setup.py
>> source distributions that a user has on his harddrive or at any
>> arbitrary URL (i.e. not in the plist) either by dragging the tgz/zip
>> to PackageManager, picking a folder with a setup.py in it, or picking
>> a setup.py.
>
> Definitely. And similarly for bdist_dumb distributions. And it needs a
> "recipy" file format, so system administrators can standardise large
> numbers of machines in one fell swoop. We can
> even automate this for them: have a tool that takes a PackMan recipe
> and a Python distribution, and what comes out is a .mpkg that first
> installs Python and then feeds the recipe to PackMan.
>
>> Package Manager should be organized categorically, like PyPI. (i.e.
>> they should be heavily integrated).
>
> Yes, I think we do, indeed. On the other hand I want the database to
> remain manageable in size, both for the user and for the maintainer.
> The PyPI database has already become unmanageable:-)
>
>> We should test upgrades to Package Manager :)
>
> Definitely.
>
>> All of Package Manager's functionality should really be in platform
>> independent "designed" modules (meaning they don't have to support
>> other platforms yet, just designed with that intent).
>
> It's all there. Untested, but it's there.
>
>> Package Manager should be a responsive application, either by using
>> nonblocking methods to speak with spawned processes. Threading sucks
>> in python, let's not try and use it too much.
>
> I agree with the responsive bit, not with the threading bit. I think
> switching to MVC should make threading a lot easier. Only the log
> remains a problem (but not a very big one, on unix).
>
>> Speaking more with regard to separating the model and view of Package
>> Manager, we should think about making the Package Manager GUI speak
>> with Package Manager over sockets.. imagine managing python
>> installations for everyone on your LAN (that trusts you by SSH, or
>> whatever).
>
> I'm not sure we need to go this far, see above.
> --
> - Jack Jansen <Jack.Jansen at oratrix.com>
> http://www.cwi.nl/~jack -
> - If I can't dance I don't want to be part of your revolution -- Emma
> Goldman -
>
>
> _______________________________________________
> Pythonmac-SIG maillist - Pythonmac-SIG at python.org
> http://mail.python.org/mailman/listinfo/pythonmac-sig
>
More information about the Pythonmac-SIG
mailing list