-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey all,
I propose adding a bit to the PEP 376 metadata that indicates whether a
package was installed by user request or as a dependency of another
package. This would allow (un)installer tools to intelligently remove
orphaned dependencies, if they
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey all,
I propose adding a bit to the PEP 376 metadata that indicates whether a
package was installed by user request or as a dependency of another
package. This would allow (un)installer tools to intelligently remove
orphaned dependencies, if they s
On Thu, Oct 8, 2009 at 11:39 AM, Carl Meyer wrote:
> I propose adding a metadata file REQUIRED within the .egg-info
> directory. The presence of this file indicates that the user
> specifically required this distribution. The absence of the file
> indicates that the distribution was installed as
2009/10/8 Carl Meyer :
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hey all,
>
> I propose adding a bit to the PEP 376 metadata that indicates whether a
> package was installed by user request or as a dependency of another
> package. This would allow (un)installer tools to intelligently re
On Thu, Oct 08, 2009 at 12:39:33PM -0400, Carl Meyer wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hey all,
>
> I propose adding a bit to the PEP 376 metadata that indicates whether a
> package was installed by user request or as a dependency of another
> package. This would allow
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ian Bicking wrote:
> I can imagine adding a little information, basically a log of when and
> why and who installed the package. For instance:
>
> agent: pip 0.5
> install-date: 2009-10-08T13:44:00UTC
> installed-for-user: False
> installed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gediminas Paulauskas wrote:
> Debian's Apt has this capability, see
> https://wiki.ubuntu.com/PackageDependencyManagement . It keeps a
> separate file to track the manually installed packages, and the flag
> is named "Auto-Installed". REQUIRED is an am
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Toshio Kuratomi wrote:
> Note that Linux distributions have discussed this for ages and it's not
> always as useful as a naive first thought would imply. For instance, there
> are often many scripts written by a system administrator (or a user) that
>
On Thu, Oct 08, 2009 at 03:41:44PM -0400, Carl Meyer wrote:
> > Also note that a package manager should be able to tell required status from
> > what is currently installed. So it might make more semantic sense to record
> > what was requested by the user to be installed instead of what was requir
Ian Bicking wrote:
> I can imagine adding a little information, basically a log of when and
> why and who installed the package. For instance:
>
> agent: pip 0.5
> install-date: 2009-10-08T13:44:00UTC
> installed-for-user: False
> installed-for-package: OtherPackage==0.3
>
> Potentially a
2009/10/8 Carl Meyer :
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Gediminas Paulauskas wrote:
>> Debian's Apt has this capability, see
>> https://wiki.ubuntu.com/PackageDependencyManagement . It keeps a
>> separate file to track the manually installed packages, and the flag
>> is named "
Ian Bicking wrote:
I can imagine adding a little information, basically a log of when and
why and who installed the package. For instance:
agent: pip 0.5
install-date: 2009-10-08T13:44:00UTC
installed-for-user: False
installed-for-package: OtherPackage==0.3
I think this is a great i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gediminas Paulauskas wrote:
> For backwards compatibility already installed packages have to be
> treated as manually installed, because it is not known why they were
> installed. So the presence of a new file or flag has to signify that
> it was AUTO_
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Toshio Kuratomi wrote:
> I would say REQUESTED due to my arguments for not recording
> installed-as-package-dependency.
REQUESTED is fine, but I don't understand how the arguments apply, given
that I'm not proposing to record information like _which_
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chris Withers wrote:
> Ian Bicking wrote:
>> I can imagine adding a little information, basically a log of when and
>> why and who installed the package. For instance:
>>
>> agent: pip 0.5
>> install-date: 2009-10-08T13:44:00UTC
>> installed-for
Carl Meyer kirjoitti:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Toshio Kuratomi wrote:
I would say REQUESTED due to my arguments for not recording
installed-as-package-dependency.
REQUESTED is fine, but I don't understand how the arguments apply, given
that I'm not proposing to re
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alex wrote:
> REQUESTED is fine, but I don't understand how the arguments apply, given
> > that I'm not proposing to record information like _which_ package it was
> > a dependency of. The same single bit (literally) of information is
> > tracked eith
On 01:45 pm, c...@dirtcircle.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alex wrote:
REQUESTED is fine, but I don't understand how the arguments apply,
given
> that I'm not proposing to record information like _which_ package it
was
> a dependency of. The same single bit (litera
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
exar...@twistedmatrix.com wrote:
> By doing this, I think you're dooming any Python package uninstaller to
> be unpleasantly slow.
The process of searching for orphaned packages may be relatively slow on
a system with many installed packages. I'm no
Carl Meyer wrote:
The downside here is that it introduces one more wrinkle for installers
to worry about handling correctly.
How so?
Chris
--
Simplistix - Content Management, Batch Processing & Python Consulting
- http://www.simplistix.co.uk
___
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chris Withers wrote:
> Carl Meyer wrote:
>> The downside here is that it introduces one more wrinkle for installers
>> to worry about handling correctly.
>
> How so?
Write some more metadata, figure out whether to write it to
already-installed pac
On Fri, Oct 09, 2009 at 09:21:29AM -0400, Carl Meyer wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Chris Withers wrote:
> The downside here is that it introduces one more wrinkle for installers
> to worry about handling correctly. There are strong use cases for the
> single bit "req
On 9 Oct, 2009, at 15:45, Carl Meyer wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alex wrote:
REQUESTED is fine, but I don't understand how the arguments apply,
given
that I'm not proposing to record information like _which_ package
it was
a dependency of. The same single bit (li
2009/10/11 Ronald Oussoren :
> What about packages that are installed as a dependency of some other package
> and then used in user scripts without an explict depency on them?
>
> That is, I install "SuperWebFramework==1.0" which happens to depend on
> peak-rules. I later start using peak-rules in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ronald Oussoren wrote:
> That is, I install "SuperWebFramework==1.0" which happens to depend on
> peak-rules. I later start using peak-rules in my own simple scripts
> (without a setup.py or other explicit dependency information), and yet
> later dec
On 11 Oct, 2009, at 16:27, Lennart Regebro wrote:
2009/10/11 Ronald Oussoren :
What about packages that are installed as a dependency of some
other package
and then used in user scripts without an explict depency on them?
That is, I install "SuperWebFramework==1.0" which happens to depend
Ronald Oussoren kirjoitti:
On 11 Oct, 2009, at 16:27, Lennart Regebro wrote:
2009/10/11 Ronald Oussoren :
What about packages that are installed as a dependency of some other
package
and then used in user scripts without an explict depency on them?
That is, I install "SuperWebFramework==1.0
2009/10/11 Ronald Oussoren :
>>> That is, I install "SuperWebFramework==1.0" which happens to depend on
>>> peak-rules. I later start using peak-rules in my own simple scripts
>>> (without
>>> a setup.py or other explicit dependency information), and yet later
>>> decide
>>> to uninstall "SuperWebF
On 11 Oct, 2009, at 20:58, Lennart Regebro wrote:
2009/10/11 Ronald Oussoren :
That is, I install "SuperWebFramework==1.0" which happens to
depend on
peak-rules. I later start using peak-rules in my own simple scripts
(without
a setup.py or other explicit dependency information), and yet lat
As usual, these debates are based on a ot of assumptions that seem
obvious to one part but not the other. I assumed that when you
mentioned uninstalling the framework, you meant to go through the
procedure of actually uninstalling all parts of it. Instead you seem
to have meant the case that any co
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ronald Oussoren wrote:
> With proposal of tracking which packages are installed as a dependency
> of other packages and automaticly uninstalling them when the package
> that depends on them gets uninstalled
Allow me to note (again) that the current
On Sun, Oct 11, 2009 at 9:50 PM, Carl Meyer wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
>
> Ronald Oussoren wrote:
>> With proposal of tracking which packages are installed as a dependency
>> of other packages and automaticly uninstalling them when the package
>> that depends on t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tarek Ziadé wrote:
> I am starting to think when reading back this whole thread, that
> there's a missing API:
> a way to read and write arbitrary files in the egg-info directory of
> an installed distribution.
I thought of that as well when writing
Ronald Oussoren wrote:
On 11 Oct, 2009, at 20:58, Lennart Regebro wrote:
2009/10/11 Ronald Oussoren :
That is, I install "SuperWebFramework==1.0" which happens to depend on
peak-rules. I later start using peak-rules in my own simple scripts
(without
a setup.py or other explicit dependency inf
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Eric Smith wrote:
> You really need to evaluate the dependency graph when uninstalling,
Of course. As I've stated quite clearly already in this thread, in
response to exactly the same example you provided.
> a simple bit doesn't help.
It doesn't
Ronald Oussoren wrote:
2) Notice that simplejson gets installed and is a useful module, then
use that in your own scripts
At this point, you specify your scripts' dependencies on simplejson.
Look at it another way:
You follow you process above, but after step 2, your development machine
su
On 20 Oct, 2009, at 14:11, Chris Withers wrote:
Ronald Oussoren wrote:
2) Notice that simplejson gets installed and is a useful module,
then use that in your own scripts
At this point, you specify your scripts' dependencies on simplejson.
Look at it another way:
You follow you process abo
Ronald Oussoren wrote:
Code should always specify their dependencies, not doing so will cause
you problems down the line...
Sure, and I do that for for any real code. But do you really expect that
users are careful to specify dependencies for each and every script they
write.
Yes, becau
38 matches
Mail list logo