Am 04.07.2011 20:59, schrieb P.J. Eby: > At 05:41 PM 7/4/2011 +0200, Martijn Faassen wrote: >>I'd argue d) and e) are not up to the package maintainer to decide >>but to the person who integrates this package into their system. > > Sure... but that doesn't mean the package maintainer is obligated to > support the integrator in that decision. > > >>The person who integrates the package is the one who will need to >>make the judgment call to continue to use old unsupported or broken >>stuff. Integrators should be allowed to make such decisions in their >>own time at their own convenience; the package developer shouldn't >>be able to force such decisions by removing an old release. > > Then the package integrator should darn well keep their own copy > instead of relying on it still being downloadable from a public > server. Not keeping a file uploaded is not equal to forcing anybody > else to do anything. > > Note that there is nothing in your proposal that keeps a package > maintainer from simply never uploading packages to PyPI in the first > place... and is likely to have the perverse effect of encouraging > package authors who are concerned about this issue to make other > hosting arrangements. > > (Certainly, if it looks like your proposal will be adopted, I would > be strongly motivated to *immediately* remove any package from PyPI > that I thought I might need to remove later, but would be unable to > if the proposal were implemented!) > > In short, this proposal is asking PyPI to do a job that is properly > done by either the web archive or your private backups. -1.
I have to agree. Any hosting service that doesn't allow me to remove uploaded content looks extremely fishy to me. I think this list has already discussed the issue of people using PyPI as a dependency for deployment in production, and recommended the use of private package mirrors. Georg _______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
