Re: python3 modules -- apt vs pip?

[Joe Pfeiffer <pfeiffer@cs.nmsu.edu>]

Alex Mestiashvili <amestia@rsh2.donotuse.de> writes:

> On 4/3/20 11:54 PM, Joe Pfeiffer wrote:
>> I've been using apt (and friends) to maintain my systems, including
>> python.  Today I discovered the Debian version of the more-itertools
>> module is on version 4.2.0 and is three years old.  Meanwhile, the
>> version documented on pypi.org is at version 8.2.0, and has at least one
>> recipe whose arguments  are in a different order from the Debian
>> packaged version (grouper, whose order of arguments changed in version
>> 6.0.0).  This causes problems, as you might imagine, with other modules!
>> 
>> So... do people generally use pip to maintain their python libraries,
>> rather than apt?  What's the recommended best practices here?
>> 
>
> I'd say the right course of actions would be to open a bug report that
> there is a new upstream version available for python3-more-itertools.

Good point -- just did it.

> In general there are tons of modules which will never be packaged. So
> depending on your needs you might need to maintain local modules.
>
> Python provides virtualenv, plus one can install most of the modules
> locally with pip3 install --user <blabla> which will install the modules
> in ~/.local/lib and tools in ~/.local/bin, so don't forget to add this
> to your PATH.
>
> I'd also say that one shouldn't use sudo pip3 since there are high
> chances to mess up packages and system.
>
> Also should be careful with names of python packages since mistyping can
> lead to installation of malicious software and with sudo it makes it
> even more fun - google for "python malicious packages"

Thanks for the warning!