[Catalog-sig] Stable-releases-only PyPi
Ben Finney
ben+python at benfinney.id.au
Tue Jul 12 23:55:52 CEST 2011
Tres Seaver <tseaver at palladion.com> writes:
> On 07/12/2011 09:25 AM, Éric Araujo wrote:
> >> On 07/11/2011 08:41 AM, Éric Araujo wrote:
> >>> I was under the impression that PEP 386 only defined the syntax of
> >>> version numbers and a comparison algo, but no semantics. IOW there
> >>> is no way for a tool to know that 2.6.33 is devel and 2.6.34
> >>> stable, or that 1.0.4 does not break compatibility with 1.0.2, or
> >>> anything else of the sort.
[…]
>
> Hmm? In what sense would 2.6.33 ever be used for a "devel" release?
Why should it not be? Projects are not bound to insert words anywhere in
their version strings for any state of the code.
I find inserting words into a version string to be ugly and overly
complicated, and I don't recommend it for any project. Fortunately,
conforming with PEP 386 doesn't require anyone to do that.
Nor does PEP 386 define what a version string like “2.6.33” means. It
only says how that version string will sort against other version
strings.
> If my application got broken by a project that made such a release, I
> would be busy ripping out a dependency produced by such an unreliable
> project, not arguing whether PyPI could / should implement some
> "technical measure" to make everything happy.
That expectation (that a development version must have a particular word
inserted in the version string) is unreasonable and has no foundation in
PEP 386.
A tool for automatically producing a “stable-only” mirror can't rely on
the version string containing any information about the development
status of a version; not even one which conforms perfectly to PEP 386.
> If your point is that a "stable-only" mirror could still induce breakage
> on projects which use it blindly, I certainly concur. In fact, I have
> long asserted that any "integrator" whose production builds uses PyPI
> directly is solely responsible for the breakage, when (not if) it occurs.
+1. This is what OS distributions are good for: selecting which package
versions are suitable for the stability of the OS as a whole.
--
\ “I stayed up all night playing poker with tarot cards. I got a |
`\ full house and four people died.” —Steven Wright |
_o__) |
Ben Finney
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/catalog-sig/attachments/20110713/87ac8f34/attachment.pgp>
More information about the Catalog-SIG
mailing list