[Zope-CMF] Re: Eggification redux

[Tres Seaver]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jim Fulton wrote:

>>>> * When package A depends on Y and package B also depends on Y,  
>>>> but with some version restrictions, buidout will first try to get  
>>>> the newest version of Y when installing A. But then when  
>>>> installing B, it is likely that it has to get a different version  
>>>> of Y. The result is a version conflict. This could also easily be  
>>>> fixed with a working set that dictates which versions would be  
>>>> used from the beginning.
>>> IN the long run, this would be better served by a better algorithm  
>>> for constructing setuptools working sets.
>> ... which would require having access to the dependency data before  
>> installation.
> 
> No, not really, at least not in buildout's case.  It's really not  
> that big a deal to download a distribution that you ultimately don't  
> use.  

If we can keep setuptools from prematurely installing downloaded eggs,
sure;  at the moment, it is trivial to get setuptools into a "false
conflict" situaltion, because it processes dependencies incrementally,
rather than solving the "transitive closure" of the graph before
attempting to install anything.

> I agree it might be better if the index made dependency data  
>> available.

Not exposing the dependency information in the index seems like a
missing-feature-is-really-a-bug to me.



Tres.
- --
===================================================================
Tres Seaver          +1 540-429-0999          tseaver at palladion.com
Palladion Software   "Excellence by Design"    http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFG+RLj+gerLs4ltQ4RAobUAJ9Fj52kb9SqHJ5rbYVNCkxUr0XRZACeKNs2
kTPVmL+rwbYixYDCm/X1LIc=
=1WIX
-----END PGP SIGNATURE-----