On 01/16/2017 02:02 PM, Chris Rose wrote:
That depends on policy. I don't want to go too far down the trap of privileging my specific use case, but as a company that vendors *everything* we depend on, our accesses to PyPi for dependencies are pretty rare, which means we might run afoul of these changes when ingesting packages.
If you have everything vendored then you should be able to easily fall back to older versions that you already have available. Maybe run your own PyPI server internally?
I'm going to ask the pointed question: is there actually any serious value to allowing the replacement of a name for anything that was ever in wide usage?
Possibly not, but with automated downloads to various distributions I suspect it becomes very difficult to tell if packages are actually "being used".
[...] -- why should abandonment result in replacement, as long as the existing code has ever been in use?
Because PyPI is not an archaeological site? Although, having said that, perhaps there could be a PyPI/archaeological page for packages that have been replaced. -- ~Ethan~ _______________________________________________ Distutils-SIG maillist - [email protected] https://mail.python.org/mailman/listinfo/distutils-sig
