wheel (GitLab)
wheel (GHA via nightly.link)
An intolerant to bullshit package installer for python.
Python software ecosystem is mad, let's fix it.
Disadvantages of installing packages via pip.
- Usage of centralysed repository PyPI by default. Noone reads code in it. One can put clean code into VCS and malicious one into PyPi and noone will notice before it's too late.
- When using
gitversion control system as a sourcepipfetches the full history. It is slow and unneeded. - PEP 517 was a mistake resulting in a zoo of package build systems a user has to have on an own machine. Package authors tend to put any shiny bullshit into their package dependencies just because they want.
<=,<,~=and==conditions exist and are obeyed. Package authors tend to insert<conditions just to ensure THEIR package won't break, but as a user I'm more interested in the whole system of packages and programs being secure, bug-free, cheap to operate, operating, newest possible. In this order. If their package breaks - I will tolerate it, I'll just fix it. If their package causes downgrade of other packages from the ones having the needed features to the ones don't, breaking the whole system, I will not tolerate it.- The bullshit solution to the problem proposed by python folks is using
virtualenvs. It is bullshit because it doesn't solves any problem, instead of fixing the packages it just allows software authors to demand installation of dependencies they want in their virtual envs. What if I need 2 packages requiring 2 different versions of deps? I still have to fix them then. What if I need any tool I'm familiar with tool globally, everywhere? They propose to activate the needed venvs. And when I need another tool, activate its venv. So venvs just waste my time, RAM, disk space and CPU cycles. Absolute bullshit solution instead of doing the fucking work and fixing the fucking packages. And they dare to recommend this bullshit to everyone!
Instead we propose the following workflow as a workaround of current python ecosystem issues.
- a developer publish his source code on a public platform like GitHub.
- someone publish somewhere a file called
packages_petnames.tsv
ipi https://github.com/KOLANICH-tools/ipi.git- A user of the package manager subscribes to the repo
ipi repo add https://raw.githubusercontent.com/KOLANICH/packages_petnames/master/packages_petnames.tsv- The tool downloads the files.
- The tool matches the package names to repos
- The tool fetches the default branch from the repo, and builds the package and caches it.
- The tool installs the package using pip.
Also a tool can generate the list of petnames by taking user's account and using the service API to fetch the list of his repos and build a registry from it.
- bootstrap python packaging
python3 -m ipi bootstrap packaging- bootstrap self
python3 -m ipi bootstrap self- create a bare virtualenv
./tests/createTestEnv.sh shit- activate it
. ./shit/bin/activate- run bootstrap sequence