Re: [Distutils] Outdated packages on pypi

2016-07-22 Thread Nick Coghlan
[Good replies from Donald, Paul, et al already, but rather than replying to individual points, I figure it's best to just respond to Chris's original question with my own thoughts] On 23 July 2016 at 01:47, Chris Barker - NOAA Federal wrote: > Right now, the barrier to

Re: [Distutils] Outdated packages on pypi

2016-07-22 Thread Nick Timkovich
A more conservative approach might be to flag high-risk, typo-prone package names as requiring moderator approval to register. Some combination of looking at common 404s (or whatever happens when a client asks for a non-existent package), some string metrics (Levenshtein, Jaro, whatever) to an

Re: [Distutils] Outdated packages on pypi

2016-07-22 Thread Randy Syring
On 07/22/2016 12:39 PM, Donald Stufft wrote: On Jul 22, 2016, at 11:47 AM, Chris Barker - NOAA Federal wrote: If the core devs think it's fine and dandy like it is, we can all stop talking about it. I think they’re certainly a problem. The current solutions that have

Re: [Distutils] Outdated packages on pypi

2016-07-22 Thread Leonardo Rochael Almeida
We've been discussing here at least two different problems related to package maintainership: 1. Abandoned/no-longer-maintained, but previously useful packages 2. namespace and package idea space pollution due to tests/aborted attempts/packaginginexperience. I don't have a good idea about 1,

Re: [Distutils] Warehouse re: Celery < 4

2016-07-22 Thread Donald Stufft
This should be fine. We pin versions in the deployment and we can’t land changes without passing tests. > On Jul 20, 2016, at 12:24 AM, Wes Turner wrote: > > From @asksol "Time to pin your versions if you haven’t already. Celery 4 is > out soon: https://t.co/XpZqbjt91t

Re: [Distutils] Outdated packages on pypi

2016-07-22 Thread Donald Stufft
> On Jul 22, 2016, at 11:47 AM, Chris Barker - NOAA Federal > wrote: > > > If the core devs think it's fine and dandy like it is, we can all stop > talking about it. I think they’re certainly a problem. The current solutions that have been proposed have their own

Re: [Distutils] Outdated packages on pypi

2016-07-22 Thread Donald Stufft
> On Jul 22, 2016, at 11:47 AM, Chris Barker - NOAA Federal > wrote: > > > If the core devs think it's fine and dandy like it is, we can all stop > talking about it. I think they’re certainly a problem. The current solutions that have been proposed have their own

Re: [Distutils] Outdated packages on pypi

2016-07-22 Thread Paul Moore
On 22 July 2016 at 16:47, Chris Barker - NOAA Federal wrote: > But it's totally unclear to me whether the core devs don't think these > are problems worth addressing, or think they can only be addresses > with major effort that no one has time for. Speaking for myself,

Re: [Distutils] Outdated packages on pypi

2016-07-22 Thread Chris Barker - NOAA Federal
Getting to this thread late, but it didn't seem that was resolved in the least, so I'll as my $0.02 > That overall got me thinking about namespace pollution in pip, that > once something is pushed in, it's like to stay there forever. This REALLY is a problem, and one that will only get worse. It