On 05-08-2013, Jonathan Vanasco wrote: > ------=_Part_2536_2351262.1375718004634 > Content-Type: text/plain; charset=ISO-8859-1 > > Production and Development should really always be done on a virtualenv. > > I'll second the requriements.txt > > Debian & Ubuntu's `apt` system tends to be seriously out-of-date for Python > packages , as the packages are ported to Debian and only that version is > available. For example, SqlAlchemy is 0.7.8 on debian. > > The only 'security' that you get from the debian packages, is that they've > been configured for install or approved by the debian security standards. > The cost is that you'll need to wait for it to be ported, and it can be an > entire version behind.
You will not believe me but most of the time my first interest with virtualenv is to keep old packages ! Each time i need to upgrade my server to the next debian stable it's a pain to upgrade all my apps in one shot... For this requirements.txt will be really fine. > > If you're truly concerned about security, you'll get immediate upgrades via > PyPi (requirements.txt). The debian security stuff is useful for Python , > PostgreSQL , Memcached, etc -- when it comes to Python packages though... > I've found it silly and limiting. > Ok, i'm agree, specialy that i just use few libraries. But how do you know about packages to upgrade eventualy ? Should i use pip-review and look about each packages individualy to see what's proposed ? -- William Dodé Informaticien Indépendant -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to pylons-discuss+unsubscr...@googlegroups.com. To post to this group, send email to pylons-discuss@googlegroups.com. Visit this group at http://groups.google.com/group/pylons-discuss. For more options, visit https://groups.google.com/groups/opt_out.