On Mar 04, 2013, at 10:29 PM, Mark McLoughlin wrote: >The approach that some Fedora folks are trying out is called "Software >Collections". It's not Python specific, but it's basically the same as a >virtual environment.
It's a serious problem, and I think it will be made more so by the incursions into mobile platforms, where app isolation is actually an important feature. The security implications of duplication are bad enough, but in many cases, it's an issue of just plain functionality. On some platforms, often a PyPI version of a package will not work out of the box, and has to be patched to deal with various platform issues. The advantage of having packages come from the distro is because there's a higher likelihood that it will both continue to be secure *and* continue to work! As you point out, this isn't necessarily Python specific. We see much hand-wringing about Go packaging in Debian, and static linking for mobile apps. It would however be nice if Python itself had a better story for concurrent multiversion libraries, even better if it could be made compatible with schemes that the distros are coming up with to deal with this issue. -Barry _______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org http://mail.python.org/mailman/listinfo/distutils-sig