[Python-Dev] PEP 594: Removing dead batteries from the standard library
The PEP title is prejudicial and inaccurate. These aren't "dead
batteries", these are *working batteries* that you want to remove.
If you want a fair and open debate on this, please change the title to
something less prejudicial. If this were my PEP, I'd call it "Removing
unloved batteries from the standard library".
On Mon, May 20, 2019 at 10:15:22PM +0200, Christian Heimes wrote:
> Times have changed. The introduction of the cheese shop (PyPI), setuptools,
> and later pip, it became simple and straight forward to download and install
> packages. Nowadays Python has a rich and vibrant ecosystem of third party
> packages. It's pretty much standard to either install packages from PyPI or
> use one of the many Python or Linux distributions.
Christian, I'm glad that you are privileged enough to find it simple and
straight forward to download and install, but for many Python users, it
is not so simple or straight forward.
Many Python users don't have the privilege of being able to install
arbitrary, unvetted packages from PyPI. They get to use only packages
from approved vendors, including the stdlib, what they write themselves,
and nothing else. Please don't dismiss this part of the Python community
just because they don't typically hang around in the same forums we do.
I've worked with organisations where downloading and installing software
from the internet was grounds for instant dismissal. I've worked with
organisations with regulatory requirements to do due-dilegance on their
entire software stack, and getting permission to install an unapproved
library could take 3-6 months elapsed time and dozens of person-hours,
including a full review of the licencing and copyright by lawyers.
I've also worked with kids using school computers who don't have either
the legal permission or the knowledge to use pip install.
Sometimes their school administrators are ... how shall I put this
kindly? ... over zealous in their efforts to protect the students from
malware and spyware (apart from the school's own spyware, of course...)
and rather lacking in their understanding of the difference between
piracy and Open Source software. Getting Python installed by the school
admiinistrator is one thing, but allowing the kids to run pip and
install software themselves is unthinkable.
And remember, in some juristictions, installing software from the
internet can put you in breach of some draconian laws. At the very
least, kids may face expulsion.
Despite all the advances in packaging and installation, many people
still do have trouble installing third-party software. Internet forums
are full of people asking for help troubleshooting pip install.
"Simple and straight forward" it might be for an expert, but many Python
users are not experts. The Internet is full of difficult, conflicting
and/or bad advice about installing software ("just use sudo pip
install"). Let's look at this advice from Red Hat:
If you want to use third-party packages, create a virtual
environment using python3 -m venv --system-site-packages myenv
(or for Python 2, install python2-virtualenv and run python2
-m virtualenv --system-site-packages myenv). Then, activate
the environment using source myenv/bin/activate, and install
packages into it using pip install. The packages will then be
available as long as the environment is activated.
That's some serious barrier to entry right there. We're going from:
what's a virtual enviroment? what's activation? why isn't pip
working for me?
I know that saying anything against pip and virtual environments is
heresy, but honestly, "just install it from PyPI" is not friendly to
beginners or those who just want something that works without a load of