On 2023-07-05 07:13, Chris Angelico wrote:
Right; hence the question of how a "vetted Python package collection"
would compare. I can type "sudo apt install python-" and add the name
of a package, and I get some assurance that:
1) The package works
2) The package is useful enough
3) It's not malware
4) The specific*version* of the package works along with the versions
of everything else.
In my experience this is how conda-forge is too. The level of
assurance is somewhat lower, but there is still a level of assurance
about all those things. For point 4, the assurance is about the version
you install working with the conda environment you install it into.
This is an advantage over systemwide installs like debian packages
because it means you can have multiple environments and know each one is
consistent.
Most of the problems arise when you circumvent conda's consistency
checking, for instance by installing a package with pip rather than with
conda.
--
Brendan Barnwell
"Do not follow where the path may lead. Go, instead, where there is no
path, and leave a trail."
--author unknown
_______________________________________________
Python-ideas mailing list -- [email protected]
To unsubscribe send an email to [email protected]
https://mail.python.org/mailman3/lists/python-ideas.python.org/
Message archived at
https://mail.python.org/archives/list/[email protected]/message/B6ASNFCW2K47UKXAWM3LWWH2UTKUPSUE/
Code of Conduct: http://python.org/psf/codeofconduct/
