The problem with packaging in Python

44 pointsby jimsojimover 9 years ago

16 comments

syllogismover 9 years ago

NooooooooThis is a really terrible suggestion.The last thing we need is another way to do things, that only takes care of, say, 70% of the functionality.All that will happen is, someone now has to look through the simple interface, and decide oh wait, I need one feature this doesn't provide. Now your "solution" has made the problem worse, not better.If you're going to provide this sort of simplified interface, you need to make damn sure a super majority of users never need to look past it. Otherwise you've done much more harm than good, by providing yet another competing alternative.The real problem with packaging in Python is that users are asked to write this program, setup.py, that by itself should not be a very difficult program to write. Its tasks simply are not that complicated.What makes it complicated is that they're then told that their program should consist of a single function call --- a call to this monstrously complicated setup() function, with a confusion of conflicting arguments.This is a stupid way to write a program! This design decision is at the heart of the whole problem. The interface to setuptools, distribute, distutils etc is fucked and always will be fucked, because there's no way to provide a good interface to the functionality via a single function call.That's why every semi-complicated setup script ends up having to monkey patch the internals of setuptools or distutils, to say, replace some of the Extension class machinery, or try to correct a compiler flag. It's because the design is fundamentally a failure. The whole idea does not work.Things would be much easier if we had direct, simple control. You can provide a default fall-through, but it should be easy to route the "build_ext", "install", "sdist" etc commands to your own function.Just tell us what our program needs to do and provide us a nice library of building blocks to do it, and we will write this program. Simple.By far the majority of my tickets for my NLP library, spaCy, are related to packaging and installation. Why should putting some files onto a user's computer and zipping up some files on my machine and calling out to a compiler and specifying some dependencies be harder than understanding natural language?

评论 #10411176 未加载

评论 #10411147 未加载

crdoconnorover 9 years ago

One thing that is direly needed in pip is a way to specify system package dependencies. The way packages fail right now if you're missing something like libjpeg is cryptic and nasty. Users need to know that they need to "apt-get install x" or "yum install y" without googling for that cryptic error message.Compared to that, I'd consider the overgrown setup.py interface or need for a MANIFEST.in file to be barely even a problem.I tried writing a package that took care of specifying unix packages in a distro independent way (<a href="https://github.com/unixpackage/unixpackage" rel="nofollow">https://github.com/unixpackage/unixpackage</a>), checked for installation and asked politely via sudo to install if the package wasn't installed.However, in pip, the "ask politely" approach became impossible after v1.5.6 because of this bug/decision:<a href="https://github.com/pypa/pip/issues/2732" rel="nofollow">https://github.com/pypa/pip/issues/2732</a>(a sudo prompt came up but it was not possible to give an indication to the user of why it was there, so I gave up on the idea)

评论 #10411153 未加载

falsedanover 9 years ago

So Perl had the same sort of problem—everyone used the cpan client to install packages by wrapping the calls to<pre><code> perl Makefile.PL make make test make install </code></pre> And package authors would use helper modules to handle the Makefile.PL cruft[0][1]. It sucked.rbjs wrote Dist::Zilla[2], a packaging abstraction tool: you would tell it what was in your package, and it would write the installer for you (and you could choose which of the Makefile.PL helpers to use, if you cared). The end user never sees any remnant of the tool.The closest Python has right now is pbr[3].[0] <a href="https://metacpan.org/pod/ExtUtils::MakeMaker" rel="nofollow">https://metacpan.org/pod/ExtUtils::MakeMaker</a> [1] <a href="https://metacpan.org/pod/Module::Install" rel="nofollow">https://metacpan.org/pod/Module::Install</a> [2] <a href="https://metacpan.org/pod/Dist::Zilla" rel="nofollow">https://metacpan.org/pod/Dist::Zilla</a> [3] <a href="http://docs.openstack.org/developer/pbr/" rel="nofollow">http://docs.openstack.org/developer/pbr/</a>

yen223over 9 years ago

It's funny that a lot of Python's design hinges around having "one right way to do it", which is a strength of the language, and yet there's a million different ways to do packaging.Python really needs one, and only one, true way to do packaging, but I think it's too late for that to happen now.

评论 #10411125 未加载

评论 #10411101 未加载

评论 #10410902 未加载

slavik81over 9 years ago

I actually just built my first python package two weeks ago. It was pure-python and I found it fairly straightforward, starting with the bare-bones LPTHW [1] template, and adding things from the Sharing Your Labor of Love [2] guide.It basically 'just worked' across Python 2, Python 3, Linux, OSX and Windows. There's a lot of outdated examples out there, and it might be more troublesome if I had a more complicated project, but... well, it was ok for me.[1] <a href="http://learnpythonthehardway.org/book/ex46.html" rel="nofollow">http://learnpythonthehardway.org/book/ex46.html</a> [2] <a href="https://hynek.me/articles/sharing-your-labor-of-love-pypi-quick-and-dirty/" rel="nofollow">https://hynek.me/articles/sharing-your-labor-of-love-pypi-qu...</a>

colandermanover 9 years ago

As an outsider to Python/Perl/Ruby/etc., I've never understood why these languages have each their own packaging system, rather than simply relying on the host OS's packaging system. After all, it serves C, C++, and Bash well; and pip packages generally are repackaged as Red Hat/Debian/etc. packages anyway.Making .rpms and .debs is not all that hard, though I admit there are a few too many package formats (and that still leaves non-Linux users without a clean solution). Beside this, what benefits do users of these language-specific packaging systems enjoy that I am missing?

评论 #10411430 未加载

评论 #10411371 未加载

评论 #10411355 未加载

jaywunderover 9 years ago

My biggest takeaway from the article is that you "want something simple", and most people would agree with you. What you don't talk about, or dodge along the lines of is saying "X is how we should do it".Personally I like node's way of using package.json and cargo's Cargo.toml. If someone made that for python that'd be awesome.The other thing node has specifically is the "node_modules" folder, which recursively has all the dependencies and their node_modules folders. While it might not be super space efficient it's really stupid simple.

评论 #10410656 未加载

awinter-pyover 9 years ago

I want to see an 'algebra' approach to packaging -- strongly-typed packaging modeled as types and operators. Package and import systems present a lot of surprising behaviors and edge cases in part because they're not well-defined enough to be well-documented.Also, packaging systems need to get better at integrating with VCS versioning. The elm packaging system goes beyond this to automatically bump versions when your api changes <a href="https://github.com/elm-lang/elm-package#version-rules" rel="nofollow">https://github.com/elm-lang/elm-package#version-rules</a>, whoa cool. But at minimum, make a note of git/hg id.The 'just use npm' approach is interesting too <a href="http://dominictarr.com/post/25516279897/why-you-should-never-write-a-package-manager" rel="nofollow">http://dominictarr.com/post/25516279897/why-you-should-never...</a>. NPM's approach to 'dependencies of dependencies' has a lot of fans.Finally: part of the problem here is that there's no package manager for C. The author dances around this in saying 'C extensions are hard, we should ignore them'. If we had a good C package manager a lot of work linux distros do in supporting C libraries would be simplified and builds of everything would be so much more portable.

评论 #10410803 未加载

评论 #10411133 未加载

评论 #10410761 未加载

objectifiedover 9 years ago

I think that for the majority of use cases when it comes to packaging and shipping Python programs, we really want to ship OS packages. We don't want users (that includes sysadmins/operations teams in this case) to deal with having pip available, understanding what virtualenv is, and so on. We just want them to be able to use apt, yum, or whatever they experience as most common on their system. Yet at the same time, we don't want our application to take in regard ancient versions of OS packages to depend on.I think in the end we want a self contained OS package, to offer a sane install method for any target OS. Why would users have to make a difference between e.g. a C program that they install through apt, or a Python program that all of a sudden requires a completely different way of installing?Here are some interesting thoughts on it: <a href="https://hynek.me/articles/python-app-deployment-with-native-packages/" rel="nofollow">https://hynek.me/articles/python-app-deployment-with-native-...</a>And here's a tool that I wrote to be able to wrap up a virtualenv into an OS package, while specifying a precise list of OS dependencies. It's not perfect by far, and admittedly a bit crude, but it already does the job well for some real life "production" stuff. It's called vdist (virtualenv distribution).<a href="https://github.com/objectified/vdist" rel="nofollow">https://github.com/objectified/vdist</a>Documentation is here:<a href="https://vdist.readthedocs.org/en/latest/" rel="nofollow">https://vdist.readthedocs.org/en/latest/</a>

评论 #10412261 未加载

dikaiosuneover 9 years ago

Having used the combination of Gradle and Capsule in Java-land, I desperately want to equivalent for Python. A tool that can declarative state dependencies and bundle them into a single file (akin to a static binary) which has a single entry point and all dependencies included. For libraries, the JAR model works well too.

评论 #10410877 未加载

评论 #10411163 未加载

评论 #10410817 未加载

Othersover 9 years ago

<a href="https://xkcd.com/927/" rel="nofollow">https://xkcd.com/927/</a>

mkhpalmover 9 years ago

I often skip all that and use native packages with pyinstall, dh_python, and dh_virtualenv (from spotify)For me its much cleaner and controlled than distutils plus the knowledge is largely transferable to other stacks. I wrap our node, java, and ruby applications using the same tooling as well as any services we depend on. (kafka, kibana, spark, etc) After that I can pass off making images, containers, installing, managing stuff, whatever onto anybody in IT or operations that knows linux.Obviously that wouldn't work well for everybody but it sure beats trying to manage 20 different ways to do everything in my case.

pjtrover 9 years ago

I'd prefer docs. And please: PEPs are NOT docs!In the last couple of years setuptools changed / broke so many things that previously worked without documenting anything. Even trying to figure out what the relevant docs would be, and who maintains them is hard. As Nick Coghlan mentions in the comments: Even the people maintaining this stuff have no idea what it all does.And still, the correct (but incredibly boring and frustrating) solution is for someone to sit down and figure this stuff out and document it. Definitely not me though. :)

moonbugover 9 years ago

Use Anaconda and be done with it.

评论 #10410688 未加载

harlowjaover 9 years ago

Openstack uses PBR (no not the beer):"""Python Build Reasonableness"""<a href="http://docs.openstack.org/developer/pbr/" rel="nofollow">http://docs.openstack.org/developer/pbr/</a>It is pretty nice and helps a ton with packaging sanity...

sigsergvover 9 years ago

We don't need to get rid of setuptools/distutils/etc. We need something like debhelper but for python, set of tools that generates and maintains proper setup.py and relatives.