[Product-Developers] pypi vs plone.org releases

Alex Clark aclark at aclark.net
Sun Oct 16 00:41:40 UTC 2011


Hi,

On 10/13/11 4:17 AM, Dylan Jay wrote:
> On 13/10/2011, at 6:01 PM, Wichert Akkerman wrote:
>
>> On 2011-10-13 05:31, Jon Stahl wrote:
>>> In the longer term, I do think we want to seriously consider shifting
>>> Plone.org to be more of a selective Pypi scraper. We'd have to think
>>> about how to best include the ultra-important Plone version
>>> compatibility metadata, but I assume that with so many smart folks
>>> running around, that is solveable.
>>
>> It would be pretty simple to do this as a trove classifier:
>>
>> classifiers = [
>> 'Framework :: Plone :: 4.1',
>> 'Framework :: Plone :: 4.2',
>> 'Natural Language :: Dutch',
>> 'Programming Language :: Python :: 2.6',
>> 'Programming Language :: Python :: 2.7',
>> ]
>>
>> that is exposed directly on the pypi UI and can be used as a search
>> key when searching for packages.
>
>
> Actually looking at it, my nagger idea is the same if not harder to
> extend PSC to pull in the classifiers as suggested by wiggy, and the
> releases.
>
> There is an xmlrpc interface defined here
>
> http://wiki.python.org/moin/PyPiXmlRpc
>
> For each product we define a sync view which looks up pypi for a package
> of the same name and pulls in the any new releases + classifiers.
>
> Then we define a PSC global sync that does the whole lot, once per night.
>
> If this was done Alex would it still take awhile before plone.org PSC
> could be upgraded?

My suggestion would be to do the work, then open a website component 
ticket when you are ready for new PSC -> plone.org. In the meantime, I 
have begun to poke at plone.org -> 4.2 again here:


- https://github.com/aclark4life/Products.PloneOrg/commits/master



>
> The only issues I can see is that one massive transaction is likely to
> be cause conflicts. And breaking it down to small transactions would be
> best done via some kind of task queue :(


Celery FTW! :-)


> Also, is there a security issue if the same named package is owned by
> two different people? or perhaps there needs to be an opt in the
> plone.org side, e.g. a url to the pypi package to sync.


We already have code/UI for this in PSC, AFAIK.


Alex


>





>
>>
>> Wichert.
>>
>> --
>> Wichert Akkerman <wichert at wiggy.net> It
>> is simple to make things.
>> http://www.wiggy.net/ It is hard to make things simple.
>> _______________________________________________
>> Product-Developers mailing list
>> Product-Developers at lists.plone.org
>> https://lists.plone.org/mailman/listinfo/plone-product-developers


-- 
Alex Clark · http://aclark.net



More information about the Product-Developers mailing list