Open Stack

Excerpts from Thomas Goirand's message of 2013-03-20 09:46:38 -0700:
> On 03/20/2013 07:53 PM, Sean Dague wrote:
> > I noticed yesterday with the cinder review that pep8 was listed as >=
> > 1.3, and not pinned. I think this is a really bad idea.
> 
> I do think it always should be this way, and not only with pep8, but
> with as much python tools as possible, including all the test suite.
> 
> > After a large amount of pep8 churn at the end of Folsom, we agreed to
> > pin pep8 for Grizzly, and it was good. It prevented huge numbers of
> > churn patches because a new pep8 minor release came out and now we
> > needed an extra space somewhere to pass the scanner.
> 
> Well, from a distribution standpoint, imposing such a restrictive
> build-dependency is just crazy. In Debian, there's either pep8 1.2 (in
> Wheezy which is frozen) or 1.4.4 (in SID). It's like that, and it wont
> change soon, unless there is a new upstream release. There will never be
> a 1.3.3. This kind of situation is likely to happen in other
> distributions than Debian.

Which is why we have tox to run things like pep8 in a virtualenv that
isolates the tools from the distribution code. I understand that the
fact that developers would like to take responsibility for their own
tools infuriates distributors, but I don't think it is warranted.

This particular issue feels like it is worthy of a special case and that
distributors should not worry about pep8/hacking.py/etc.

> 
> > I realize that we're trying to uncap as many deps as possible, but I
> > think doing that for pep8 isn't the right call, because of the amount of
> > code churn it causes.
> 
> Then pep8 is either a bad software, or it isn't updated to Openstack.
> IMO, it should always be backward compatible, and be able to validate
> the same old code it did validate few versions ago.
> 

Indeed, a backward compatibility mode would be beneficial for a number
of reasons. Right now, that backward compatibility mode is pinning.

> > I think at the beginning of every release cycle we should bump pep8 to
> > the latest release version
> 
> PLEASE DON'T !!!
> 
> Openstack already made my Debian package maintainer life miserable,
> because there was only version 1.2 in SID. I don't want to have to spend
> my life convincing the maintainer of pep8 to upload a new release.
> 

For pep8, not other things, why should Debian, Ubuntu, Fedora, or
Mary-Joe-Cloud-Distributor care? Downstream is too late to run pep8.