At 09:44 PM 3/21/2008 -0400, A.M. Kuchling wrote: >On Fri, Mar 21, 2008 at 06:41:00PM -0400, Phillip J. Eby wrote: > > I'm making the assumption that the author(s) of PEP 262 had good > > reason for including what they did, rather than assuming that we > > should start the entire process over from scratch. > >The goal *was* originally to provide for RPM-like verification of file >content, but I don't know that the verification feature really matters >that much; OSes with packaging systems already support such a feature, >probably, and it probably isn't particularly useful for systems >without a packaging system. Actually, it's the places where there's no packaging system that it's most useful. For example, an application that installs plugins to itself. A development environment with multiple virtual pythons. Users installing stuff to their PYTHONPATH, etc. In these cases, having the Python-specific tools be able to verify content signatures is useful, to make sure that you know what you're updating or removing. This is particularly important if one installs anything just by unpacking it into the target directory; you could overwrite something and then have only size/signature info to sort out whose version of the file is actually there. I more question the permissions and uid/gid stuff; I'm not really clear on what I'd use that stuff for in easy_install/uninstall/etc.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4