On Thu, Jan 02, 2025 at 10:03:59AM +0100, Dominik George wrote:
> >> Everyone has their own kink. I ignore Python modules that are not in
> >> Debian and others ignore Python modules not on PyPI.
> >>
> >> My reasons for ignoring PyPI:
> >> [long list of arguments]
> 
> I somehow don't get the point here.
> 
> Usually, I don't get to choose my build dependencies, so if an
> application I want to package depends on some module, I will have to
> package it. What point is there in discussing whether PyPI has a lot of
> crap around it, or whether it is a bad dependency? If an application I
> am packaging depends on a module and that module is low-quality or
> malware, what point is there in pulling it from GitHub instead?

Exactly.
The reasons listed are for an app upstream, not for a module packager.

-- 
WBR, wRAR

Attachment: signature.asc
Description: PGP signature

Reply via email to