Revision 1 as of 2008-09-28 12:09:36

Clear message

Create a new package in python called pypi

Abstract

This PEP describes how the commands that are used to register and upload a package to PyPI can be extracted from distutils and put in a new independant package in Python called pypi, that would also describe the PyPI protocol.

Motivation

distutils is responsible for too many things, and the register and upload commands are completely standalone. In other words they can be extracted from distutils and placed into a new package that would also provide the protocol used by the PyPI server.

Secondly, there are a lot interactions in those two commands. They are interacting with the user when the .pypirc file is created, and they implement an authentication mecanism that push the user login and password values into the HTTP requests. This is done by picking a clear text password in .pypirc and pushing it into the request. So users have to call a very precise sequence of command in order to upload or even upgrade their packages.

Let's improve all of this ! Let the user be able to use better password handling if he wishes, using hashes for instance. Let the user control that his long_description compiles in reST for example.

Let's define clearly in this new package what is the PyPI protocol. This would let anyone implement this protocol for the client-side or the server-side, by using this package as a base.

A first refactoring was made a few months ago to allow users to handle several PyPI logins and servers in .pypirc (http://bugs.python.org/issue1858) and the code responsible for .pypirc managment and for handling the registering and the upload was isolated. But this is a first step.

Features the pypi module should bring

What ?

Let's drop the setup.py command line to register and upload a package. The pypi module can handle this as long as the package is pointed. A high-level script can be provided in the Scripts/ folder of Python, and a developer can use it to control, register or upload a package.

Here's a example

    $ cd my.package
    $ pypi check
    Checking metadata...
    Warning : The 'url' metadata is missing
    Warning: The long_description seem to be in reStructuredText, 
    but does not compile

    $ pypi register -r tarek
    Registering the package using "tarek" account in .pypirc
    ...
    Registered !

    $ pypi upload 
    What kind of release do you want to upload ?
    Available releases:
        sdist   Source release
        bdist   Binary release
        ....

    Type the desired released, separated by a space [sdist] : _

The pypi command could also let you browse PyPI, like the Yolk project does (see http://pypi.python.org/pypi/yolk)

How ?

The first action would be to create a new package called pypi and to copy the code from distutils, in order to make it work on its own.

The files to use are:

We can add deprecated flags into distutils, just to warn people to use the new module instead.

Then the new described features could be added there.

Detailed description

XXX Will be done if people like the idea

Unable to edit the page? See the FrontPage for instructions.