pip install -i https://restricted.crate.io/
(Restricted is an endpoint of Crate that _only_ lists uploaded files) Not exactly what you were looking for, but it's *a* solution. On Friday, June 22, 2012 at 8:21 PM, Aaron Meurer wrote: > Hi. > > I'm following up on a discussion on the pip mailing list > (https://groups.google.com/forum/#!topic/python-virtualenv/PZNj9pC6aKA/discussion), > where I was directed here. > > Would it be possible to add some kind of a flag to PyPI that would let > package maintainers tell pip to install only the uploaded file (or > possibly also the file given by a direct link), and no others? > > Currently, pip aggressively tries to find the latest version of a > package by crawling all links on the PyPI page, even those from older > versions. This is a headache to me as a package maintainer because it > means that pip is quite often installing the wrong thing. Recently, > pip was trying to install our html docs because we had a file uploaded > at Google Code named "sympy-0.7.1-html-docs", which it deemed to be a > newer version than "sympy-0.7.1". There's also the issue that every > time we put out a release candidate for a new version, pip starts > installing that, when I would prefer it to only install stable final > releases. It's also, as I noted on the other discussion list, a bit > of a security risk. > > According to the pip guys (namely, Carl Meyer), this is not so easy to > change from their end because of backwards compatibility issues. I > suggested that such a flag be added to PyPI, and they told me that if > it were, they would accept a patch supporting it in pip. This would > make it much less of a headache for me as a package maintainer, > because I could know that pip will always install exactly what I want. > It could be off by default to enable backwards compatibility. > > Aaron Meurer > _______________________________________________ > Catalog-SIG mailing list > [email protected] (mailto:[email protected]) > http://mail.python.org/mailman/listinfo/catalog-sig > >
_______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
