iSharkFly-Open
/
python-peps
mirror of https://github.com/python/peps.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

PEP 665: address feedback (#2134) 

- Clarify some things.
- Remove the format requirement for `created-at`.
- List the current tools which have said they support the PEP.
This commit is contained in:
Brett Cannon 2021-11-05 16:08:49 -07:00 committed by GitHub
parent 026d74bde7
commit 4b865b95a7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 33 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
pep-0665.rst
View File

@ -32,12 +32,13 @@ Terminology
There are several terms whose definition must be agreed upon in order There are several terms whose definition must be agreed upon in order
to facilitate a discussion on the topic of this PEP. to facilitate a discussion on the topic of this PEP.
A *package* is something you install as a dependency and use via an A *package* is something you install as a dependency and use via the
``import`` statement. The packages on PyPI are an example of this. import system. The packages on PyPI are an example of this.
An *application* or *app* is an end product that other bits of code do An *application* or *app* is an end product that other external code
not directly rely on and are not imported. Desktop applications, does not directly rely on via the import system (i.e. they are
command-line tools, etc. are examples. standalone). Desktop applications, command-line tools, etc. are
examples.
A *lock file* records the packages that are to be installed for an A *lock file* records the packages that are to be installed for an
app. Traditionally, the exact version of the package to be installed app. Traditionally, the exact version of the package to be installed
@ -61,9 +62,10 @@ Motivation
========== ==========
Applications want reproducible installs for a few reasons (we are not Applications want reproducible installs for a few reasons (we are not
worrying about package development in this use case, as you actually worrying about package development, integration into larger systems
want your installation requirements to be as *flexible* as possible in that would handle locking dependencies external to the Python
that situation). application, or other situations where *flexible* installation
requirements are desired over strict, reproducible installations).
One, reproducibility eases development. When you and your fellow One, reproducibility eases development. When you and your fellow
developers all end up with the same files on a specific platform, you developers all end up with the same files on a specific platform, you
@ -245,14 +247,14 @@ thanks to its adoption by PEP 518 for ``pyproject.toml``, but also
assists in making lock files more human-readable. assists in making lock files more human-readable.
Lock files MUST end their file names with ``.pylock.toml``. The Lock files MUST end their file names with ``.pylock.toml``. The
``.toml`` part unambiguous distinguishes the format of the file, and ``.toml`` part unambiguously distinguishes the format of the file,
helps tools like code editors support the file appropriately. The and helps tools like code editors support the file appropriately. The
``.pylock`` part distinguishes the file from other TOML files the user ``.pylock`` part distinguishes the file from other TOML files the user
has, to make logic easier for tools to create functionalities specific has, to make logic easier for tools to create functionalities specific
to Python lock files, instead of TOML files in general. to Python lock files, instead of TOML files in general.
The following sections are the top-level keys of the TOML file data format. The following sections are the top-level keys of the TOML file data
Any field not listed as required is considered optional. format. Any field not listed as required is considered optional.
``version`` ``version``
@ -284,12 +286,9 @@ but the lock file specifies ``"2.0"``).
This field is **required**. This field is **required**.
The timestamp for when the lock file was generated. It MUST be The timestamp for when the lock file was generated (using TOML's
recorded using the UTC time zone. For ease of use with the native timestamp type). It MUST be recorded using the UTC time zone to
``datetime.datetime.fromisoformat()`` method, the format MUST specify avoid ambiguity.
the timestamp as ``YYYY-MM-DDTHH:MM[:SS[.ffffff]]+00:00`` (i.e.
using the ``T`` separator and ``+00:00`` to denote UTC; seconds are
optional).
@ -538,6 +537,21 @@ The expected algorithm for resolving what to install is:
What constitues the "best-fitting wheel file" is an open issue. What constitues the "best-fitting wheel file" is an open issue.
========================
(Potential) Tool Support
========================
The pip_ team has `said <https://github.com/pypa/pip/issues/10636>`__
they are interested in supporting this PEP if accepted. The current
proposal for pip may even
`supplant the need <https://github.com/jazzband/pip-tools/issues/1526#issuecomment-961883367>`__
for `pip-tools`_.
PDM_ has also said they would
`support the PEP <https://github.com/pdm-project/pdm/issues/718>`__
if accepted.
======================= =======================
Backwards Compatibility Backwards Compatibility
======================= =======================
@ -843,6 +857,7 @@ CC0-1.0-Universal license, whichever is more permissive.
.. _JSON: https://www.json.org/ .. _JSON: https://www.json.org/
.. _npm: https://www.npmjs.com/ .. _npm: https://www.npmjs.com/
.. _PDM: https://pypi.org/project/pdm/ .. _PDM: https://pypi.org/project/pdm/
.. _pip: https://pip.pypa.io/
.. _pip-tools: https://pypi.org/project/pip-tools/ .. _pip-tools: https://pypi.org/project/pip-tools/
.. _Pipenv: https://pypi.org/project/pipenv/ .. _Pipenv: https://pypi.org/project/pipenv/
.. _platform compatibility tags: https://packaging.python.org/specifications/platform-compatibility-tags/ .. _platform compatibility tags: https://packaging.python.org/specifications/platform-compatibility-tags/