> On Wed, Feb 16, 2011 at 10:35 AM, Daniele Varrazzo > <[email protected]> wrote: >> Hello, >> >> trying to install psycopg2 via easy_install (distribute 0.6.14), the >> user received the version 2.4 beta2 instead of the latest stable >> 2.3.1. >> >> 2.4 beta2 has never been uploaded on PyPI and is not even listed in >> the http://pypi.python.org/simple/psycopg2/ >> >> I think this is a serious issue. Any solution? Thanks.
Tres Seave Wrote: > easy_install is finding the link to 2.4 beta2 on the homepage > (http://initd.org/psycopg/) listed for the 2.3.2 release. This is > documented behavior, FWIW: > > http://peak.telecommunity.com/DevCenter/EasyInstall#id6 What I read is that "easy_install <name>" "Install a package by name, searching PyPI for the latest version, and automatically downloading, building, and installing it." PyPI has unambiguous specification that the latest stable release is "2.3.2": parsing the download page is a type of intelligence I don't expect to work. Otherwise what is the point of avoiding uploading beta releases on PyPI? > You could work around that issue using '--allow-hosts' to restrict > downloads to those actually on PyPI: > > http://peak.telecommunity.com/DevCenter/EasyInstall#id13 This solution is for the easy_install user installing the module, as much as explicitly specifying a revision. This implies that the user knows there is a problem with easy_install and he may not get what expected (i.e. a production-ready release), which is a possibility that I honestly didn't even consider until yesterday. I am not a module user instead: I am the packager of the module, and I know what the users want in case they don't ask for a specific release in the past or in the future, so I took care to specify it on PyPI. Do I, as a packager, have the possibility to say "what I have specified on PyPI as stable release is exactly what I mean"? On PyPI there is *a single* version not hidden of psycopg. On http://pypi.python.org/pypi/psycopg2 there is a big fat link to a "psycopg2-2.3.2.tar.gz" package. There is really *no temptation to guess*. Why does easy_install follow a page meant for human, containing more than one link, and then download one of them at random? Sorry but I am really not getting the point of this effort. Is there a tool I can suggest to the users instead of easy_install to install the correct version from pypi, and possibly not requiring a writable egg cache (see http://stackoverflow.com/questions/4212240/importerror-cannot-import-name-tz-psycopg2) to further complicate their lives? Thank you. -- Daniele _______________________________________________ Distutils-SIG maillist - [email protected] http://mail.python.org/mailman/listinfo/distutils-sig
