On Thu, Jan 02, 2025 at 10:03:59AM +0100, Dominik George wrote: > >> Everyone has their own kink. I ignore Python modules that are not in > >> Debian and others ignore Python modules not on PyPI. > >> > >> My reasons for ignoring PyPI: > >> [long list of arguments] > > I somehow don't get the point here. > > Usually, I don't get to choose my build dependencies, so if an > application I want to package depends on some module, I will have to > package it. What point is there in discussing whether PyPI has a lot of > crap around it, or whether it is a bad dependency? If an application I > am packaging depends on a module and that module is low-quality or > malware, what point is there in pulling it from GitHub instead?
Exactly. The reasons listed are for an app upstream, not for a module packager. -- WBR, wRAR
signature.asc
Description: PGP signature