On Friday, May 31, 2024 at 11:38:34 AM UTC-5 Dima Pasechnik wrote: Before looking at https://groups.google.com/g/sage-devel/c/lPLoA7zaoyg/m/dGE1B1jQEQAJ we should look at this proposal again, as pytest is a very suitable candidate for the kinds of packages (standard pip packages) proposed here.
Indeed, nothing (save for a very marginal case of a complete offline install - and this can be helped if there is a will to allow such packages) is gained by mechanically adding the pytest dependencies into Sage the distro. And doing this an extra code bloat, with stuff we don't patch, and don't even know what's there. E.g. we can add a backdoored,or otherwise broken, version of one of these into the distro, giving it extra legitimacy for no reason. If we kept pytest as a pip package, and did not explicitly add its additional dependencies (iniconfig and exceptiongroup), that makes it harder to quickly check whether a backdoored/broken package is even part of Sage. Also, in the original discussion in this thread in February, some argued that there was no reason to pin the version of pytest. As Matthias points out elsewhere, since then the release of pytest 8.* broke Sage's preliminary pytest support [1]. Best, Nathan [1] https://github.com/sagemath/sage/pull/37999 -- You received this message because you are subscribed to the Google Groups "sage-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/sage-devel/d534ea73-2ced-4d11-be74-9ca214989735n%40googlegroups.com.
