Paul Tagliamonte <paul...@debian.org> wrote: >On Wed, Sep 18, 2013 at 05:41:52PM +0200, Piotr Ożarowski wrote: >> ok, I forgot to add ";)", but... > >Sure, but let's be more careful - I don't want people quoting "Debian >Python" people telling people they're going to purge pip from the >archive... > >It's all too often I hear people complain about Debian at PyCon, and >I'm >getting sick and tired of it.
Hostile proposals like this don't exactly help build peace, love, and understanding. >> > 1) pip isn't for global package management, for this is stupid. >If we >> > disabled root use of pip, I think we'd all be a bit happier. >> >> tell that to most (sic!) Python app/library authors who recommend to > >I don't need to - this is a pretty commonly accepted fact with >pythonistas. Most people know not to run pip with sudo on a sane linux >system. > >> "sudo pip/ez_install ..." in their README files in order to install >> their software (and tools like pip do not care that given files >exist, >> they just overwrite them (did rpm or dpkg do this 10 years ago?), not >to >> mention that they do that in /usr and not in ~/.local or at least >> /usr/local (which they should not touch as well, BTW, only admins >can, >> but how can they know that? Why should developer on Windows care >about >> FHS?) >> > > >> Don't get me wrong, I think pip has some valid use cases (f.e. inside >> virtalenv), I even recommend it sometimes, but forcing us to use it >> instead of our (much better) tools / breaking things we carefully >> prepared for our users is just not acceptable. > >I don't disagree, but this isn't a reason to hate on pip. This is a >reason to tell the people who wrote this proposal we'd likely not >comply, but leave it as an installable component for development work. If I understood the proposal correctly, security is to be bolted on later. Given the global threat environment, I am against introducing a new code installation mechanism that is not cryptographically verified. It might enter the archive once that's fixed, but I think not before. Scott K -- To UNSUBSCRIBE, email to debian-python-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/870d94a5-2cf2-4474-8118-2624f990d...@email.android.com