[Twisted-Python] Twisted 9.0.0?

Thu Mar 4 11:53:17 EST 2010

On Thu, Mar 4, 2010 at 10:31 AM, Glyph Lefkowitz <glyph at twistedmatrix.com>wrote:

>
> On Mar 4, 2010, at 7:59 AM, Jonathan Lange wrote:
>
> On Thu, Mar 4, 2010 at 10:45 AM, Mark van Lent
> <m.van.lent at zestsoftware.nl> wrote:
>
> Hi everyone!
>
> I am a bit puzzled about the way new version of Twisted is released. Or
>
> better: the way the old version seems to be taken out of service.
>
> Last weeks I've been developing agains version Twisted 9.0.0. Yesterday I
>
> wanted to deploy my code to my production server, but to my surprise I
> could
>
> not easy_install that version anymore:
>
> $ easy_install Twisted==9.0.0
>
> Searching for Twisted==9.0.0
>
> Reading http://pypi.python.org/simple/Twisted/
>
> Reading http://www.twistedmatrix.com
>
> Reading http://twistedmatrix.com/products/download
>
> Reading http://twistedmatrix.com/projects/core/
>
> Reading http://twistedmatrix.com/
>
> No local packages or download links found for Twisted==9.0.0
>
> Best match: None
>
> (Okay, actually I'm using buildout to setup my environment, but the above
>
> demonstrates my problem more clearly.)
>
> I'm sure the new version of Twisted is better and improved but I still
>
> wonder why version 9.0.0 has effectively been decommissioned. Or am I
>
> missing something and is it still possible to easy_install version 9.0.0?
>
>
> It's an oversight.
>
>
> I think it's actually a bug in easy_install, or at least a mis-design.
>
> To make something easy_installable, you don't provide structured
> information in PyPI; there may be a way to do that, but most packages I've
> seen (Twisted included) just provide a link to a page which then provides a
> link to a file with a filename of vaguely the appropriate shape.
>  easy_install works by screen-scraping that link.
>
> In our case, the "home page", http://twistedmatrix.com, links directly to
> a Twisted-<version>.tar.bz2, which is then used.
>
> If someone (perhaps Mark van Lent!) could point us at how to provide the
> correctly structured information to easy_install via PyPI so it will _stop_
> screen-scraping our website, and just point at the correct files, this
> problem could be addressed.
>
> However, as exarkun says: screen-scraping a plain-text wiki and then
> executing code out of whatever comes out of it is not the most reliable or
> secure way to deploy code.  You may want to specify the URL directly - you
> can still use easy_install for that if you want, like this:
>
>     $ easy_install
> http://tmrc.mit.edu/mirror/twisted/Twisted/9.0/Twisted-9.0.0.tar.bz2
>
> I don't know how the PyPI announcement was done (although I'd love to!),
> but I think you can announce new versions without decommissioning old ones.
>
>
> I assume you'll write it down on a web page, when you figure it out :).
>
> The old version, from PyPI's perspective, wasn't decommissioned.  It's
> here: <http://pypi.python.org/pypi/Twisted/9.0.0>.  The problem is that it
> also just points at twistedmatrix.com, not a version-specific download
> page, and there is no Twisted-<version>.tar.bz2 which matches "9.0.0" any
> more.
>
> (I believe that another way to fix this, although I would be significantly
> less happy about it, would be to add some hidden links to
> twistedmatrix.com that had the right filenames.  If this is a real problem
> for many users though, perhaps we should just live with an ugly fix.)
>
>
Is there any particular reason Twisted doesn't upload packages to PyPI
itself?

Kevin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://twistedmatrix.com/pipermail/twisted-python/attachments/20100304/9ccf3ed1/attachment.htm 