[Zope3-dev] Re: Removed zope.security 3.4b4
Darryl Cousins
darryl at darrylcousins.net.nz
Sat Aug 18 20:33:19 EDT 2007
Hi,
On Sat, 2007-08-18 at 09:16 -0400, Benji York wrote:
> Darryl Cousins wrote:
> > On Fri, 2007-08-17 at 19:24 +0200, Martijn Faassen wrote:
> >> I think my next step is to fix some dependencies for Grok to hard
> >> version numbers...
> >
> > I think that this is a good thing. I recently gave myself quite a bit
> > grief with a careless bin/buildout which broke my application. To avoid
> > that I need to be more specific in setup.py. (I haven't attempted it yet
> > though).
>
> Specifying versions should be done by the application (buildout for
> example), not setup.py. If versions are put in setup.py they limit what
> others can do with the version requirements (e.g., relaxing them).
Thanks for pointing this out. I was thinking of setup.py for the (my)
application, but you are right in any case.
Regards,
Darryl
>
> > I haven't noticed that any of the maintained packages on svn.zope.org
> > have specified egg version numbers in the dependencies.
> > (install_requires).
> >
> > Should perhaps example be set by beginning to do so?
>
> I prefer versions be specified (by buildout) for my packages, it helps
> make development a lot more deterministic. One downside is that bugs
> (including incompatibilities) in packages are found later because new
> version uptake is much slower with nailed versions. One upside, as
> you've discovered, is that you don't have version changes forced upon you.
>
> A nice mix of the two approaches will be possible when buildout supports
> the "only use release eggs" option.
More information about the Zope3-dev
mailing list