this post was submitted on 16 Jul 2023
700 points (92.3% liked)
Programmer Humor
32410 readers
998 users here now
Post funny things about programming here! (Or just rant about your favourite programming language.)
Rules:
- Posts must be relevant to programming, programmers, or computer science.
- No NSFW content.
- Jokes must be in good taste. No hate speech, bigotry, etc.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Are you sure your knowledge of Python's package management isn't out of date? easy_install has been deprecated for years. There are a few mechanisms that the Python community now has for dependency management and installation. My favorite solution is Poetry, which like npm maintains a separate dependency (pyproject.toml) and lock (poetry.lock) file.
I didn't think anyone was using easy_install anymore, but I still see it in docs for stuff.
Poetry looks interesting, but does it support private-only dependencies, where the system will reject a library or version if it has not been previously approved and cached?
I think this is what you're looking for, where you can configure both the resolution order and whether to just pull from a private repository.
Ah, yeah. Pretty awesome. Looks like they added that in 2019. I wonder why I've not seen that behavior used much at all.
Is there also good repo-mirror functionality to keep it easy to curate the private source?
I'm not sure why it's not done as much. But yes, there's tooling to maintain a mirror. I'm not sure about quality, since I haven't done it myself.