[Zope-dev] zope.password
Dan Korostelev
nadako at gmail.com
Tue Mar 10 13:17:26 EDT 2009
2009/3/10 Roger Ineichen <dev at projekt01.ch>:
> Hi Steering group, Hanno, Dan
>
>> Betreff: Re: [Zope-dev] zope.password
>>
>> Dan Korostelev wrote:
>> > 2009/3/10 Hanno Schlichting <hannosch at hannosch.eu>:
>> >> Either you have a dependency and declare it or you don't have a
>> >> dependency. Since we don't want to use "extras" anymore, I
>> think this
>> >> calls for another package which depends on zope.password
>> and zope.schema.
>> >
>> > I still don't like/get the idea of creating and maintaining extra
>> > package that merely contains a vocabulary factory for
>> another package.
>> > Whatever, I reverted that change. Roger, just exclude
>> > zope.app.authentication's "password.zcml" file, include
>> > "zope.password" explicitly and define your own vocabulary.
>>
>> I don't quite like the idea of extras and we decided to avoid
>> them. We also decided to avoid tests_require from what I understand.
>>
>> What you did was to not specify an extra nor a hard
>> dependency, but still add zope.schema to the test extra section.
>>
>> That feels wrong. Either you have a dependency and so have
>> the tests or you don't.
>>
>> I think extras have been created for this kind of use-case of
>> providing an "optional feature" from a package. Either we use
>> that mechanism and declare it, or we don't want this
>> mechanism and live with creating extra packages instead.
>
> Hanno,
> Can you propose something else to solve our problem?
>
> The problem is, zope.password offers password manager which get
> used by zope.app.testing, zope.app.authentication, z3c.authenticator
> and other packages. zope.app.authentication configures the vocabulary
> for the password managers in zope.password.
>
> That's defently a no go.
>
> Write another package for just define and register them is
> I think also a no go.
>
> Probably we should depend zope.password on zope.schema too
> and configure the vocabulary and managers registry there.
>
> Dan,
> I think we should not be to excessive with the dependency cleanup
> and stop ourself. It would be nice to use zope.password without the
> zope.schema package but that's right now no use case for our refactoring.
I'd like to be able to use zope.password without zope.component for
some of my tiny old Pylons-based projects, that's why I'm trying to
avoid dependency on it. I believe that repoze guys will also be quite
happy, if it didn't pull unneeded (for them) dependency.
I'd be fine with an "extra" requirement, but others seem to be against that. :-/
Steering group? ;-)
--
WBR, Dan Korostelev
More information about the Zope-Dev
mailing list