Re: [Distutils] PyPA Roadmap
FYI, I went ahead and merged it. https://www.pypa.io/en/latest/roadmap/ Again, help appreciated from anyone to keep it accurate as things change (and they surely will) --Marcus ___ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
Re: [Distutils] Which Build Distribution Formats do exist?
On 11/4/2015 15:13, Thomas Güttler wrote: From http://python-packaging-user-guide.readthedocs.org/en/latest/glossary/ Egg A Built Distribution format introduced by setuptools, which is being replaced by Wheel. Which other Built Distribution formats do exist beside egg and wheel? Regards, Thomas Güttler EXE installers for windows. ___ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
Re: [Distutils] The Update Framework, integrate into PyPI?
> > answering basic questions can take time away from making important > improvements? > to be fair, distutils-sig is mentioned as a user support list on the "Python Packaging User Guide" a few years back, there was a debate on splitting it between a user and planning list, but no traction there. one concern was that the user list wouldn't have enough experts participating to answer the questions. --Marcus ___ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
Re: [Distutils] The Update Framework, integrate into PyPI?
On Wed, Nov 4, 2015 at 8:00 PM, Thomas Güttler wrote: > I read the RoadMap (Thank you Marcus Smith) and came across this: > > > An effort to integrate PyPI with the “The Update Framework” (TUF). This > is specified in PEP458 > > I see a trend to immutable systems everywhere. Not everywhere. Keep in mind that there are a *lot* of different usecases for packaging/deployment. Not just web app, not just CLI tools, etc... For example, it is common for modern end user applications to use an auto-update feature (e.g. chrome). David ___ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
Re: [Distutils] The Update Framework, integrate into PyPI?
Hi Thomas, It's great you're so enthusiastic about python packaging and distribution, but it might be good to keep in mind that there are a lot of people reading these lists, and answering basic questions can take time away from making important improvements? In this case, a quick google of "the update framework" or skimming of the referenced PEP 458 would have revealed that TUF is totally orthogonal to the kinds of updates that you're worried about -- it's about building a cryptographic framework to let you reliably identify what the latest version of some software is, even if e.g. someone has broken into pypi and tried to add backdoors to the software there, which is important no matter what strategy you then use to deploy those updates. In fact possibly the largest deployment of TUF is the version built into docker's latest release, to help you securely pick a good base image. -n On Nov 4, 2015 12:06 PM, "Thomas Güttler" wrote: > I read the RoadMap (Thank you Marcus Smith) and came across this: > > > An effort to integrate PyPI with the “The Update Framework” (TUF). This > is specified in PEP458 > > I see a trend to immutable systems everywhere. Updates are a pain. Building > new systems is easier. With current hardware and good software it is easier > to build new systems instead of updating existing systems. > > It is like from pets to cattle: > > - pets: you give them names and care for them (do updates) > - cattle: you give them numbers and if they get ill you get rid of them. > > Maybe I am missing something. But why is there an > effort to create "The Update Framework”, and why integrate > it with pypi? > > Regards, > Thomas Güttler > > -- > http://www.thomas-guettler.de/ > ___ > Distutils-SIG maillist - Distutils-SIG@python.org > https://mail.python.org/mailman/listinfo/distutils-sig > ___ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
Re: [Distutils] Why github and bitbucket?
As I understand it, some people prefer Mercurial. Those projects tend to live on bitbucket. Git projects can live in either place although I suspect they tend to live on GitHub instead. On Wed, Nov 4, 2015 at 2:07 PM, Thomas Güttler wrote: > From: http://python-packaging-user-guide.readthedocs.org/en/latest/glossary/ > >> Python Packaging Authority (PyPA) >> PyPA is a working group that maintains many of the relevant projects in >> Python packaging. They maintain a site at https://www.pypa.io, host projects >> on github and bitbucket, and discuss issues on the pypa-dev mailing list. > > Why are there pypa on github and bitbucket? > > Is one the master and the other the mirror? > > Or does one host part A and the other hosts part B? > > Regards, > Thomas Güttler > > > > -- > http://www.thomas-guettler.de/ > ___ > Distutils-SIG maillist - Distutils-SIG@python.org > https://mail.python.org/mailman/listinfo/distutils-sig ___ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
[Distutils] Which Build Distribution Formats do exist?
From http://python-packaging-user-guide.readthedocs.org/en/latest/glossary/ > Egg > A Built Distribution format introduced by setuptools, which is being replaced > by Wheel. Which other Built Distribution formats do exist beside egg and wheel? Regards, Thomas Güttler -- http://www.thomas-guettler.de/ ___ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
[Distutils] Why github and bitbucket?
From: http://python-packaging-user-guide.readthedocs.org/en/latest/glossary/ > Python Packaging Authority (PyPA) > PyPA is a working group that maintains many of the relevant projects in > Python packaging. They maintain a site at https://www.pypa.io, host projects > on github and bitbucket, and discuss issues on the pypa-dev mailing list. Why are there pypa on github and bitbucket? Is one the master and the other the mirror? Or does one host part A and the other hosts part B? Regards, Thomas Güttler -- http://www.thomas-guettler.de/ ___ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
[Distutils] The Update Framework, integrate into PyPI?
I read the RoadMap (Thank you Marcus Smith) and came across this: > An effort to integrate PyPI with the “The Update Framework” (TUF). This is > specified in PEP458 I see a trend to immutable systems everywhere. Updates are a pain. Building new systems is easier. With current hardware and good software it is easier to build new systems instead of updating existing systems. It is like from pets to cattle: - pets: you give them names and care for them (do updates) - cattle: you give them numbers and if they get ill you get rid of them. Maybe I am missing something. But why is there an effort to create "The Update Framework”, and why integrate it with pypi? Regards, Thomas Güttler -- http://www.thomas-guettler.de/ ___ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
Re: [Distutils] PyPA Roadmap
On 4 November 2015 at 05:06, Marcus Smith wrote: > I'm wary that trying to maintain "design principles" is too much for this > document (at least more than I'd want to maintain). That was my concern too. Let's wait & see how things play out. > btw, I just added a sentence to the sdist section about the static metadata > discussion. Thanks! That sounds like a good place to put this point. Paul ___ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
