H
Harry George
....at least around here.
I run a corporate Open Source Software Toolkit, which makes hundreds
of libraries and apps available to thousands of technical employees.
The rules are that a) a very few authorized downloaders obtain
tarballs and put them in a depot and b) other users get tarballs from
the depot and build from source.
Historically, python packages played well in this context. Install
was a simple download, untar, setup.py build/install.
Eggs and with other setuptools-inspired install processes break this
paradigm. The tarballs are incomplete in the first place. The builds
sometimes wander off to the internet looking for more downloads. The
installs sometimes wander off to the internet looking for
compatibility conditions. (Or rather they try to do so and fail
because I don't let themn through the firewall.)
These are unacceptable behaviors. I am therefore dropping ZODB3, and
am considering dropping TurboGears and ZSI. If the egg paradigm
spreads, yet more packages will be dropped (or will never get a chance
to compete for addition).
I've asked before, and I'll ask again: If you are doing a Python
project, please make a self-sufficient tarball available as well. You
can have dependencies, as long as they are documented and can be
obtained by separate manual download.
Thanks for listening.
I run a corporate Open Source Software Toolkit, which makes hundreds
of libraries and apps available to thousands of technical employees.
The rules are that a) a very few authorized downloaders obtain
tarballs and put them in a depot and b) other users get tarballs from
the depot and build from source.
Historically, python packages played well in this context. Install
was a simple download, untar, setup.py build/install.
Eggs and with other setuptools-inspired install processes break this
paradigm. The tarballs are incomplete in the first place. The builds
sometimes wander off to the internet looking for more downloads. The
installs sometimes wander off to the internet looking for
compatibility conditions. (Or rather they try to do so and fail
because I don't let themn through the firewall.)
These are unacceptable behaviors. I am therefore dropping ZODB3, and
am considering dropping TurboGears and ZSI. If the egg paradigm
spreads, yet more packages will be dropped (or will never get a chance
to compete for addition).
I've asked before, and I'll ask again: If you are doing a Python
project, please make a self-sufficient tarball available as well. You
can have dependencies, as long as they are documented and can be
obtained by separate manual download.
Thanks for listening.