going to be 3.5+
anyways. It seems like trying to fit as many of these compatibility things as
Python is willing to do into 3.5 is the best possible solution since it’s
likely that for a lot of these hanger-ons 3.5 is likely to be a minimum target
anyways.
---------
Donald Stufft
PGP: 0x
On Apr 18, 2014, at 6:37 PM, Nick Coghlan wrote:
> On 18 April 2014 18:28, Donald Stufft wrote:
>>
>> On Apr 18, 2014, at 6:24 PM, Nick Coghlan wrote:
>>
>>> On 18 April 2014 18:17, Paul Moore wrote:
>>>> On 18 April 2014 22:57, Donald Stufft w
On Apr 18, 2014, at 6:24 PM, Nick Coghlan wrote:
> On 18 April 2014 18:17, Paul Moore wrote:
>> On 18 April 2014 22:57, Donald Stufft wrote:
>>> Maybe Nick meant ``pip install ipython[all]`` but I don’t actually know
>>> what that
>>> includes. I’ve never
). And the 1.x
> versions were just as simple.
>
> Paul
Maybe Nick meant ``pip install ipython[all]`` but I don’t actually know what
that
includes. I’ve never used ipython except for the console.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E
On Apr 18, 2014, at 5:08 PM, Nick Coghlan wrote:
> On 18 April 2014 16:50, Donald Stufft wrote:
>> So I’m not really worried about a competition or anything. I’m mostly worried
>> about confusion of users. What you’re suggestion we give to use is *two* ways
>> to install P
On Apr 18, 2014, at 4:50 PM, Donald Stufft wrote:
> So I’m not really worried about a competition or anything. I’m mostly worried
> about confusion of users. What you’re suggestion we give to use is *two* ways
> to install Python packages (and 2 or 3 ways to virtualize a Python
On Apr 18, 2014, at 4:22 PM, Nick Coghlan wrote:
> On 18 April 2014 15:39, Donald Stufft wrote:
>>
>> On Apr 18, 2014, at 3:18 PM, Nick Coghlan wrote:
>>
>>> At this point, however, I'm mainly looking for consensus that there
>>> *are* two diffe
lop something to make it easier
like a build farm).
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Python-Dev ma
_
> Python-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
Fastly logs are stored in Dreamhost so we could make those num
s not all startup related, often comes as an additional slap in the face. :-(
>
> Best regards,
>Jurko Gospodnetić
>
> ___
> Python-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/pyt
on.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
Possibly Glyph meant installing a Python *stack*, which likely includes
setuptools and
pip in order to actually get other things installable. Possibly also a compiler
set
On Apr 14, 2014, at 4:39 PM, Guido van Rossum wrote:
> On Mon, Apr 14, 2014 at 4:02 PM, Donald Stufft wrote:
>
> On Apr 14, 2014, at 3:53 PM, Terry Reedy wrote:
>
> > On 4/14/2014 11:32 AM, Steve Dower wrote:
> [...]
> >> However unfair
> >> and incorr
ying a core developer full time, but
>> it's the starting point that some companies will need to be able to
>> become comfortable with employing a core dev.
>
> Let's hope some act on your invitation.
>
> --
> Terry Jan Reedy
>
> __
On Apr 9, 2014, at 10:30 PM, Senthil Kumaran wrote:
> Mentioned about https://pypi-preview.a.ssl.fastly.net/
For what it’s worth, https://warehouse.python.org/ is a somewhat easier to
remember demo url for that :]
-----
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5
on.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
Probably infrastructure-st...@python.org
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372
> Python-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
Is that what it’s called? “character” >:]
-
Donald Stufft
P
ormational
> Content-Type: text/x-rst
> Created: 23-Mar-2014
> Post-History: 23-Mar-2014, 24-Mar-2014, 25-Mar-2014, 26-Mar-2014
>
>
This looks reasonable to me still and still solves the major problems that
trying to securely
use the 2.7 series has.
+1 From me.
--
n,
> and has thus been replaced by the current more explicit proposal.
>
>
> Open Questions
> ==
>
> * MvL has indicated he is not prepared to tackle the task of trying to
> integrate a newer OpenSSL into the also aging Python 2.7 build
> infrastructu
> > Unsubscribe:
> > https://mail.python.org/mailman/options/python-dev/ncoghlan%40gmail.com
> ___
> Python-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.or
On Mar 25, 2014, at 1:16 PM, Guido van Rossum wrote:
> On Tue, Mar 25, 2014 at 9:46 AM, Donald Stufft wrote:
>
> On Mar 25, 2014, at 12:35 PM, Guido van Rossum wrote:
> [...]
>>
>> I do note that the PEP seems to have some weasel-words about breaking
>> back
he sense that APIs can’t change
their default behavior and such. In other words we can’t suddenly flip on
hostname checking or anything like that.
>
> --
> --Guido van Rossum (python.org/~guido)
> ___
> Python-Dev mailing list
> Pyth
ent of
influential members who still want to treat Python as a hobbyist project and
not a critical piece of the infrastructure of the Internet as a whole. I
*don't* want to get help from downstream users, especially on important but
"boring" or hard issues such as security, and then have
ython.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Descrip
/mailman/options/python-dev/donald%40stufft.io
I agree, the bulk of the alternative suggestions feel more like trying to
adhere to a policy for policy’s sake rather than actually figure out what is
best for the users.
Adding new APIs to 2.7 feels to me like a pretty backwards compat
stinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
On Mar 23, 2014, at 11:55 AM, Mark Lawrence wrote:
> On 23/03/2014 15:46, Antoine Pitrou wrote:
>> On Sun, 23 Mar 2014 11:37:25 -0400
>> Donald Stufft wrote:
>>>
>>> I already did open an issue and write a patch :)
>>>
>>> There’s someone on
-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message si
On Mar 23, 2014, at 11:46 AM, Antoine Pitrou wrote:
> On Sun, 23 Mar 2014 11:37:25 -0400
> Donald Stufft wrote:
>>
>> I already did open an issue and write a patch :)
>>
>> There’s someone on that issue saying that flipping that without a way to
>&g
thon.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
I already did open an issue and write a patch :)
There’s someone on that issue saying that flipping that without a way to flip
it back
would brea
ed OpenSSL module?
>
> * Are there any other security relevant modules that should be covered
> by either a blanket or conditional exemption?
>
>
> Disclosure of Interest
> ==
>
> The author of this PEP cu
mail.com | Brisbane, Australia
> ___
> Python-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/brett%40python.org
if it
requires any work at
all. Going from 2.7 to 3.4 is often times a significant investment in resources
that has
to be taken by *every* network using project.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Descript
ib. CPython isn’t our only target and C dependencies don’t work very
well on PyPy (if at all) and it makes the situation much more difficult on
platforms where there are no compiler toolchains (Windows).
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A92
They detect for ssl to have the SSLContext and use it if it's available.
> On Mar 22, 2014, at 7:54 PM, Paul Moore wrote:
>
>> On 22 March 2014 23:49, Donald Stufft wrote:
>> In the case of requests they already have an optional dependency on
>> pyopenssl. It&#x
Also important to remember that pip itself uses the OpenSSL binding in the ssl
module so there is a chicken and egg problem.
> On Mar 22, 2014, at 7:49 PM, Donald Stufft wrote:
>
> In the case of requests they already have an optional dependency on
> pyopenssl. It's just m
In the case of requests they already have an optional dependency on pyopenssl.
It's just many people either don't know they should use it, are unable to use
it, or unwilling to use the python packaging tool chain because of its current
flaws.
> On Mar 22, 2014, at 7:42 PM, Ben Darnell wrote:
those situations affect more people than just the developers and users of
>> the affected application: their existence becomes something that developers
>> of secure networked services need to take into account as part of their
>> security design. By making it more feasible to enh
"Just use Python 3.4" ignores the reality of production software. I wish it
were that simple because I love 3.4
> On Mar 22, 2014, at 6:16 PM, "Martin v. Löwis" wrote:
>
> Am 22.03.14 22:17, schrieb Cory Benfield:
>> I am 100%, overwhelmingly in favour of this. Without this PEP, Python 2.7
>> i
I think the pep doesn't mandate that someone does. It still requires someone to
care enough to actually write the patch. It just allows such a patch to be
merged.
> On Mar 22, 2014, at 5:32 PM, Benjamin Peterson wrote:
>
> Does anyone really want to backport features to Python 3.1?
__
___
> Python-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B
ail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
AFAIK the www.python.org PEP stuff just isn’t done yet, and the legacy redirect
is
a temporary stopgap.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7
some extra cleaning at the 4.0
>> boundary, just for mental convenience.)
>>
> What does "irregardless" mean?
http://www.merriam-webster.com/dictionary/irregardless
> ___
> Python-Dev mailing l
ough. I
*do* believe that calling it fixed is misleading to people who will assume it
means they no longer have to worry about a trivial DoS via hash collisions when
they still do need to, just slightly different than before.
In the end, it’s good that it was fixed in 3.4, I wish it had been back
On Feb 25, 2014, at 8:17 AM, Antoine Pitrou wrote:
> On Tue, 25 Feb 2014 08:08:09 -0500
> Donald Stufft wrote:
>>
>> Hash randomization is broken and doesn’t fix anything.
>
> Not sure what you mean with "doesn't fix anything". Hash collisions were
&
Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
More information available here: http://legacy.python.org/dev/peps/pep-0456/
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Desc
ail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
Hash randomization is broken and doesn’t fix anything. It’s only SipHash in
3.4+ that actually fixes it.
-
Donald Stufft
PGP: 0x6E3CBCE93372DC
/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
It is in 3.4.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
__
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
Does it affect 3.4?
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signa
man/options/python-dev/donald%40stufft.io
So right now pip doesn’t work without TLS, we’re working on that and our 1.6
release
should have that. I *thought* that Nick (I think?) had made it so that you just
didn’t get pip
if you didn’t have TLS enabled, but apparently not.
You can suppress
On Jan 23, 2014, at 10:09 PM, Donald Stufft wrote:
>
> On Jan 23, 2014, at 10:06 PM, Stephen J. Turnbull wrote:
>
>> Wes Turner writes:
>>>> But if it's only the already security-conscious developers and
>>>> managers who go WTF?, and other env
urity of the network
> remains broken yet there aren't warnings out to avoid these platforms.
> (BTW, my employer prides itself on being Matz's alma mater ... they
> actually might do something if Ruby was breaking things!)
Ruby has verified the peer by default since Ruby
Never mind. If someone else cares they can propose it. I withdraw.
> On Jan 22, 2014, at 4:29 PM, Brett Cannon wrote:
>
>
>
>
>> On Wed, Jan 22, 2014 at 3:56 PM, Benjamin Peterson
>> wrote:
>>
>>
>> On Wed, Jan 22, 2014, at 12:25 PM, Nick Coghlan wrote:
>> > On 23 Jan 2014 00:39, "Benjam
gt; applications I write, but I can careless until it breaks. So as we moving
>> forward, we can break it. For those stuck behind, deprecation is the right
>> approach.
>
> They're disabled by default, so a lot of people simply don't know they
> exist because they a
store that worked on platforms such as
Windows and Python was unwilling to ship it’s own certificate bundle.
Christian has improved this situation so that it appears that this issue has
been largely resolved.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F0
oo.
Last time I tried the reasoning was that Python couldn’t ship root certs
and we couldn’t get to the OS certs everywhere. Thanks to you this
is fixed now, so “once more unto the breach”.
>
> Can't we just mark these things as pending deprecated in Python 3.4 so
> people start fixi
t; about it at one stage. If I *were* to set up an index, it's definitely
> why I'd use http rather than bothering with https.)
>
> Paul
> ___
> Python-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/p
On Jan 22, 2014, at 9:19 AM, Paul Moore wrote:
> On 22 January 2014 13:55, Donald Stufft wrote:
>>
>> As an additional side note, anecdotal evidence and what not, but
>> *every* time I bring this up somewhere I get at least one reply that
>> looks similar to ht
e, anecdotal evidence and what not, but
*every* time I bring this up somewhere I get at least one reply that
looks similar to https://twitter.com/ojiidotch/status/425986619879866368
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2
On Jan 22, 2014, at 6:58 AM, Nick Coghlan wrote:
> On 22 January 2014 21:36, Donald Stufft wrote:
>> On Jan 22, 2014, at 6:30 AM, M.-A. Lemburg wrote:
>>> The change would also disable all services using self-signed
>>> certificates which are very common in inter
On Jan 22, 2014, at 7:03 AM, Paul Moore wrote:
> On 22 January 2014 11:29, Donald Stufft wrote:
>>> 1. To be "like the browser" we'd need to use the OS certificate store,
>>> which isn't the case on Windows at the moment (managing those
>>>
On Jan 22, 2014, at 6:45 AM, Nick Coghlan wrote:
> On 22 January 2014 21:21, Paul Moore wrote:
>> On 22 January 2014 10:30, Donald Stufft wrote:
>>> Python 3.4 has made great strides in making it easier for applications
>>> to simply turn on these settings, howeve
ure flag for applications
that don’t provide one. I really don’t like the idea of doing that, but
it would be better than not validating by default.
-----
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message
On Jan 22, 2014, at 6:30 AM, M.-A. Lemburg wrote:
> On 22.01.2014 11:56, Donald Stufft wrote:
>>
>> On Jan 22, 2014, at 5:51 AM, M.-A. Lemburg wrote:
>>
>>> On 22.01.2014 11:30, Donald Stufft wrote:
>>>> I would like to propose that a backwards inco
On Jan 22, 2014, at 6:21 AM, Paul Moore wrote:
> On 22 January 2014 10:30, Donald Stufft wrote:
>> Python 3.4 has made great strides in making it easier for applications
>> to simply turn on these settings, however many people are not aware
>> at all that they need t
On Jan 22, 2014, at 5:51 AM, M.-A. Lemburg wrote:
> On 22.01.2014 11:30, Donald Stufft wrote:
>> I would like to propose that a backwards incompatible change be made to
>> Python to make
>> verification of hostname and certificate chain the default instead of
>> r
secure
resource to be educated on the fact that they need to flip some switch to
do what most of them would expect.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
On Jan 13, 2014, at 5:31 PM, Donald Stufft wrote:
> %s not accepting str is the major thing I’d personally be against.
To be more clear
b”%s” % “abc” == No
b”%s” % 123 == Fine
-----
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 D
t would give us a large "compatibility surface" in common
> with Python 2.
%s not accepting str is the major thing I’d personally be against. %s taking
numeric
types and bytes would be fine. The main thing i’d be worried about is where the
RHS
may possibly contain something non A
(how could it? :-), nor does
> plain string concatenation using +.
I think disallowing %s is the right thing to do, but I definitely think numbers
and %b should be allowed.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 33
g exceptions then I think you are strange. It makes
> porting really difficult while you are still trying to figure out
> where the bytes/str boundaries are. I am now deeply suspicious of all
> % formatting.
> ___
> Python-Dev mailing
On Jan 13, 2014, at 1:59 AM, Nick Coghlan wrote:
> On 13 January 2014 16:52, Donald Stufft wrote:
>>
>> On Jan 13, 2014, at 12:45 AM, Glenn Linderman wrote:
>>
>> So then the question is whether to proceed with 3.4, delay this feature to
>> 3.5, or to delay
Python 3
> porting target for recalcitrant module authors, sooner than later.
I really hope this can make it in 3.4, needing to wait another 2 years or so
until this is available would be a shame.
-----
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BC
consistent -- it always produces text in ASCII
> encoding (by default). The same applies to the http module, which IIUC
> adheres to the standard by treating headers as Latin-1.
>
> --
> --Guido van Rossum (python.org/~guido)
> ___________
> Python-Dev mailing list
> Python-Dev@python.
hat actually did it. Giving bytes a format method would not have affected
that either way I don’t believe.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message
_
> Python-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F
e
> if it msiexec still tries to go out to the network. That would confirm
> it is ensurepip that is the issue (although that does seem most likely).
>
> --David
> ___
> Python-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org
Isn't changing it in 2.7.6 which is already released and then reverting in
2.7.7 worse? Either way 2.7.6 will have this change and be in the wild and
broken for people who depend on it
> On Dec 17, 2013, at 5:54 PM, Benjamin Peterson wrote:
>
> 2013/12/17 Antoine Pitrou :
>> On Tue, 17 Dec 201
n-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BC
o reliable story for CA certs.
>
> I'd like to move to "secure by default". The CA cert situation is solved
> on most platforms.
Please Yes, secure by default +1000
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 33
hence ``pip``).
> ========
>
> Regards,
> Nick.
>
> --
> Nick Coghlan | ncogh...@gmail.com | Brisbane, Australia
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message
artin
>
> ___
> Python-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
Let me echo Nick's th
.
>
> ___
> Python-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
-
Donald Stufft
PGP:
-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9
t; Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
Awesome! I find Github way nicer for reading source than hg.python.org's web
interface, any chance I coul
On Sep 30, 2013, at 5:01 AM, "Martin v. Löwis" wrote:
> Signed PGP part
> Am 25.09.13 23:33, schrieb Donald Stufft:
> > An early draft of this did not have the backport to 2.7 and when I
> > showed *that* version around to get feedback people were less
> > e
happen to be met by the stdlib).
> _______
> Python-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
On Sep 27, 2013, at 9:20 PM, Brett Cannon wrote:
>
>
>
> On Fri, Sep 27, 2013 at 5:16 PM, Zachary Ware
> wrote:
> On Fri, Sep 27, 2013 at 3:29 PM, Donald Stufft wrote:
> >
>
> >
> > If it lives in the source tree how are you going to provent it from
On Sep 27, 2013, at 4:09 PM, Terry Reedy wrote:
> On 9/27/2013 3:10 PM, Donald Stufft wrote:
>>
>> On Sep 27, 2013, at 2:50 PM, Terry Reedy wrote:
>>
>>> I add: for 2.7/3.3, there is consequently no need for _ensurepip to be in
>>> /Lib after installa
features' policy. The optional installation of pip is not a change to Python
> itself.
This sounds like a really bad idea to me. You're going to end up with a
different stdlib not only by minor release, but by if they installed through an
installer or not.
-
tever they are
trying
to do with all of their libraries are ported to Python3. I still think Python
2.7 is a better
target for new users because if you're using Python 3.x theirs a high chance
you'll
need to port a library or two still.
-
Donald Stufft
PGP: 0x6E3CBC
able to find
> vcvarsall.bat" message and then gone off to find a suitable binary download.
Going forward Wheels are binary packages that pip can install.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Descripti
On Sep 26, 2013, at 10:28 AM, Antoine Pitrou wrote:
> Le Thu, 26 Sep 2013 10:22:55 -0400,
> Donald Stufft a écrit :
>> Ideally people won't be typing either of them because it'll be
>> installed automatically. They might in some cases (accidentally
>> unin
Ideally people won't be typing either of them because it'll be installed
automatically. They might in some cases (accidentally uninstalled pip?)
I agree that it seems there is paranoia going on here and that the risk is low
and making it just be a special cased new feature is ok. However the poi
ls a pip and apt-get playing nicely is on my stack of PEPs to do)
-----
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Python
e installers) would break someones use any other module? If
they don't import it (which the vast bulk of people won't directly, nor at all
during
the operation of their applications) how does it's existence on the file system
risk a breakage to their system?
-
Donald
Lives
> Better.
Because with PEP453 you can just ``pip install enum34`` it :)
---------
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
_
On Sep 25, 2013, at 5:51 PM, Barry Warsaw wrote:
> On Sep 25, 2013, at 05:33 PM, Donald Stufft wrote:
>
>> I think it should be placed in the source tree for the stable releases. The
>> reasoning is that 2.7 is going to stick around for a long time. Immediately
>> this
ortant
data point, especially given how long 2.7.LASTEVER is going to be
relevant to end users.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
happy to defer to
> Martin's judgement on this.
After your concern was raised I went ahead and emailed VanL.
-----
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed w
On Sep 23, 2013, at 8:12 PM, Donald Stufft wrote:
>>
>>
>>> A common source of Python installations are through downstream distributors
>>> such as the various Linux Distributions [#ubuntu]_ [#debian]_ [#fedora]_,
>>> OSX
>>> package manager
301 - 400 of 497 matches
Mail list logo
