[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [RFC] DPT Policy: Canonise recommendation against PyPi-provided upstream source tarballs

On 2021-06-25 16 h 42, Nicholas D Steeves wrote:
> Hi Team!
> I feel like there is probably consensus against the use of PyPi-provided
> upstream source tarballs in preference for what will usually be a GitHub
> release tarball, so I made an MR to this effect (moderate recommendation
> rather than a "must" directive):
>   https://salsa.debian.org/python-team/tools/python-modules/-/merge_requests/16

I don't often use PyPi releases because of the issues mentioned in the
MR, but I think Jeremy's point is valid. IMO, rewording the text so that
it clearly says "should" and not "must" would fix the issues at hand, as
long as people justify their usage of PyPi when it's "The Right Thing"
in a file somewhere.

To me, the most important thing is that all packages must at least run
the upstream testsuite when it exists (I'm planning on writing a policy
proposal saying this after the freeze). If PyPi releases include them, I
think it's fine (but they often don't).

  ⣾⠁⢠⠒⠀⣿⡁  Louis-Philippe Véronneau
  ⢿⡄⠘⠷⠚⠋   pollo@debian.org / veronneau.org

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply to: