On 13.05.09 18:44, Jim Fulton wrote: > > On May 13, 2009, at 12:41 PM, Andreas Jung wrote: > >> On 13.05.09 18:38, Jim Fulton wrote: >>> On May 13, 2009, at 12:04 PM, Tres Seaver wrote: >>> >>> >>>> -----BEGIN PGP SIGNED MESSAGE----- >>>> Hash: SHA1 >>>> >>>> Patrick Gerken wrote: >>>> >>>> >>>>> I start being scared of using pypi. >>>>> >>> I wonder why. >>> >>> >>>> You should be *very* afraid of depending on PyPI for softare rolled >>>> into >>>> production. >>>> >>> Why do you think he should be afraid? >> Packages or releases might disappear - intentionally or >> unintentionally - >> in both cases a buildout with fixed pinned version may fail. > > > That's a minor issue at this point, because: > > - We now know not to remove releases.
Jup, we know but some package maintainers outside the Zope world don't. > > - If you are using something in production, you should archive the > necessary > source releases, using a tool like zc.sourcerelease. One option or Tres solution: having a dedicated local index on a per-project basis or a local egg server or a (partial) local PyPI mirror. Andreas
begin:vcard fn:Andreas Jung n:Jung;Andreas org:ZOPYX Ltd. & Co. KG adr;quoted-printable:;;Charlottenstr. 37/1;T=C3=BCbingen;;72070;Germany email;internet:i...@zopyx.com title:CEO tel;work:+49-7071-793376 tel;fax:+49-7071-7936840 tel;home:+49-7071-793257 x-mozilla-html:FALSE url:www.zopyx.com version:2.1 end:vcard
_______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )