On 11.02.2013 08:16, Ronald Oussoren wrote: > > On 10 Feb, 2013, at 0:37, Stephen Thorne <[email protected]> wrote: > >> On Sat, Feb 9, 2013 at 11:28 PM, Jesse Noller <[email protected]> wrote: >> On Feb 9, 2013, at 6:13 PM, Stephen Thorne <[email protected]> wrote: >> >>> Hello, >>> >>> One of my concerns with the recent pip dramas that have seen some excellent >>> and timely action from catalog-sig and others, is that 'setuptools' is >>> still widely distributed and used instead of distribute/pip. >> >> Well, lets back up: these aren't pip specific problems: just about every >> client side tool for installing from pypi suffers from lax security. >> >>> >>> Setuptools either needs to be sunset, notices put on pypi, warnings given >>> to its users, out of linux distros, or it has to upgraded to be feature >>> compatible with the security updates. >>> >>> That's a strong statement I've made, but I feel strongly that something has >>> to be done. I would like to solicit opinions here before an action plan is >>> composed. >> >> This is a bit of a question mark to me: the reality is that >> easy_install/setup tools usage is probably still dramatically higher than >> that of more modern tooling. That, and AFAIK, there are still features of >> them that the alternatives do not support (binary eggs, which are a must for >> windows). >> >> Yikes. This is something I didn't fully understand until now. Our windows >> users prefer to use setuptools and eggs? That make sense I guess. > > I'm not on windows but don't use pip either. The primary reason for that is > that pip doesn't offer a compelling enough feature set, as far as I'm > concerned it just provides a different way to spell the installation command > ("pip install foo" instead of "easy_install foo").
AFAIK, the main reason for a lot of users is the fact that you can uninstall packages with pip, which easy_install does not support. -- Marc-Andre Lemburg eGenix.com Professional Python Services directly from the Source (#1, Feb 11 2013) >>> Python Projects, Consulting and Support ... http://www.egenix.com/ >>> mxODBC.Zope/Plone.Database.Adapter ... http://zope.egenix.com/ >>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/ ________________________________________________________________________ ::::: Try our mxODBC.Connect Python Database Interface for free ! :::::: eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48 D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg Registered at Amtsgericht Duesseldorf: HRB 46611 http://www.egenix.com/company/contact/ _______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
