-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/15/2012 11:01 PM, Richard Jones wrote: > "impossible to safely extract requirements in a 100% generic way." > > It has nothing to do with it being the de facto standard and > everything to do with executing untrusted code on pydotorg systems > with no guarantee that we'll even get the setup.py to work in our > environment anyway. > > Sent from my portable device, please excuse the brevity. On Jun 16, > 2012 2:41 AM, "Chris Withers" <[email protected]> wrote: > >> On 13/06/2012 13:20, Donald Stufft wrote: >> >>> setuptools is a non standard addition to Python packaging which is >>> impossible to safely extract requirements in a 100% generic way.
You can avoid executing 'setup.py' by looking for 'requires.txt' in the egg-info directory within the sdist. Tres. - -- =================================================================== Tres Seaver +1 540-429-0999 [email protected] Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/eBKYACgkQ+gerLs4ltQ6vjQCg0h8HL6wX/1KjPNpXBQqQJwK1 SGAAn2EW0HK6eUYRVsE1UtFP+RjsmiaE =+THe -----END PGP SIGNATURE----- _______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
