-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Fabio Tranchitella wrote:
Happy New Year to everybody,
I'm working to isolate a core set of ZTK packages which are independent from Zope and reusable outside the Zope community. One of them is zope.security, which can be used (and it is useful, indeed) with non-zope frameworks too.
While doing it, I'm trying to remove dependencies which are zope-specific, to minimize the overhead for developers who are using the whole zope stack (like me :)).
I have such a subset in mind myself, which I call the "bicycle seat repair kit": - zope.interface - zope.coponent - zope.configuration - their dependencies.
zope.security depends on zope.exceptions because it imports this symbol in zope.security.checker:
from zope.exceptions import DuplicationError
zope.exceptions defines DuplicationError as:
class IDuplicationError(Interface): pass
class DuplicationError(Exception): """A duplicate registration was attempted""" implements(IDuplicationError)
The zope.exceptions package contains "exception interfaces and implementations which are so general purpose that they don't belong in Zope application-specific packages.", as stated by the README.
I propose to make the remove the dependency between zope.security and zope.exceptions with a conditional import:
* if zope.exceptions is available, use DuplicationError from it;
* if it is not available, define a zope.security-specific DuplicationError (which inherits from ValueError, maybe).
As using zope.exceptions only make sense if you are checking the exception type importing its interface from the zope.exceptions package, and thus depending on it, I see no risk in such a change.
Thoughts? Comments?
+1. I wouldn't have thought zope.security useful elsewhere, but I take it you are using it in applications which don't use the rest of the stack. Tres. - -- =================================================================== Tres Seaver +1 540-429-0999 tseaver@palladion.com Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAktD2N8ACgkQ+gerLs4ltQ7G0wCfVu0KZAZ5xzUXarXUO2nT6bIm LXQAoIYxT6lKDGgGeCq/ec7Xh+X+4WBo =dErh -----END PGP SIGNATURE-----