[Grok-dev] grokproject: version pinning in setup.py

Philipp von Weitershausen philipp at weitershausen.de
Tue Jul 1 07:43:42 EDT 2008

As stated in https://bugs.launchpad.net/bugs/242370, grokproject now  
pins the versions of its dependencies (PasteScript etc.) in its  
setup.py. Also, apparently a generated sandbox also pins the grok  
version in setup.py.

Why was this done? The issue report says that it should be done, but  
not why. I also don't recall ever discussing this, though I haven't  
been following every thread on the list. Was there ever a problem with  
installing grokproject due to the lack of pinned versions? The issue  
doesn't seem to include an actual bug report and I don't recall a  
similar incident either. Quite frankly, I fail to see the benefit of  
pinning PasteScript etc. We already used to specify a lower bound  
(e.g. >=1.6) where necessary, which ensured people got *at least* a  
working version. Pinning the version with == is likely to go wrong  
anyway, e.g. when you install grokproject and it wants  
PasteScript==1.6 and then some other package wants 1.7, setuptools  
will simply install the 1.7 version and grokproject's pinning will be  
broken, without any error message telling you (I just verified this).

I'd also like to know why it's necessary now to pin the grok version  
in a generated sandbox's setup.py.
Have we had problems that are solved by pinning it in setup.py *in  
addition* to buildout.cfg? Again, the checkin message just says  
"Pinned the required grok version in the generated setup.py.", but it  
doesn't say why.

(Btw, while I'm sure I'm guilty of this as well, I'd like to remind  
everybody that checkin messages shouldn't say *what* was done but  
*why*. If somebody wants to know what was done, they can always 0look  
at the diff. ;))

More information about the Grok-dev mailing list