Skip to content

Commit

Permalink
PEP 665: address feedback (#2134)
Browse files Browse the repository at this point in the history
- Clarify some things.
- Remove the format requirement for `created-at`.
- List the current tools which have said they support the PEP.
  • Loading branch information
brettcannon authored Nov 5, 2021
1 parent 026d74b commit 4b865b9
Showing 1 changed file with 33 additions and 18 deletions.
51 changes: 33 additions & 18 deletions pep-0665.rst
Original file line number Diff line number Diff line change
Expand Up @@ -32,12 +32,13 @@ Terminology
There are several terms whose definition must be agreed upon in order
to facilitate a discussion on the topic of this PEP.

A *package* is something you install as a dependency and use via an
``import`` statement. The packages on PyPI are an example of this.
A *package* is something you install as a dependency and use via the
import system. The packages on PyPI are an example of this.

An *application* or *app* is an end product that other bits of code do
not directly rely on and are not imported. Desktop applications,
command-line tools, etc. are examples.
An *application* or *app* is an end product that other external code
does not directly rely on via the import system (i.e. they are
standalone). Desktop applications, command-line tools, etc. are
examples.

A *lock file* records the packages that are to be installed for an
app. Traditionally, the exact version of the package to be installed
Expand All @@ -61,9 +62,10 @@ Motivation
==========

Applications want reproducible installs for a few reasons (we are not
worrying about package development in this use case, as you actually
want your installation requirements to be as *flexible* as possible in
that situation).
worrying about package development, integration into larger systems
that would handle locking dependencies external to the Python
application, or other situations where *flexible* installation
requirements are desired over strict, reproducible installations).

One, reproducibility eases development. When you and your fellow
developers all end up with the same files on a specific platform, you
Expand Down Expand Up @@ -245,14 +247,14 @@ thanks to its adoption by PEP 518 for ``pyproject.toml``, but also
assists in making lock files more human-readable.

Lock files MUST end their file names with ``.pylock.toml``. The
``.toml`` part unambiguous distinguishes the format of the file, and
helps tools like code editors support the file appropriately. The
``.toml`` part unambiguously distinguishes the format of the file,
and helps tools like code editors support the file appropriately. The
``.pylock`` part distinguishes the file from other TOML files the user
has, to make logic easier for tools to create functionalities specific
to Python lock files, instead of TOML files in general.

The following sections are the top-level keys of the TOML file data format.
Any field not listed as required is considered optional.
The following sections are the top-level keys of the TOML file data
format. Any field not listed as required is considered optional.


``version``
Expand Down Expand Up @@ -284,12 +286,9 @@ but the lock file specifies ``"2.0"``).

This field is **required**.

The timestamp for when the lock file was generated. It MUST be
recorded using the UTC time zone. For ease of use with the
``datetime.datetime.fromisoformat()`` method, the format MUST specify
the timestamp as ``YYYY-MM-DDTHH:MM[:SS[.ffffff]]+00:00`` (i.e.
using the ``T`` separator and ``+00:00`` to denote UTC; seconds are
optional).
The timestamp for when the lock file was generated (using TOML's
native timestamp type). It MUST be recorded using the UTC time zone to
avoid ambiguity.



Expand Down Expand Up @@ -538,6 +537,21 @@ The expected algorithm for resolving what to install is:
What constitues the "best-fitting wheel file" is an open issue.


========================
(Potential) Tool Support
========================

The pip_ team has `said <https://github.com/pypa/pip/issues/10636>`__
they are interested in supporting this PEP if accepted. The current
proposal for pip may even
`supplant the need <https://github.com/jazzband/pip-tools/issues/1526#issuecomment-961883367>`__
for `pip-tools`_.

PDM_ has also said they would
`support the PEP <https://github.com/pdm-project/pdm/issues/718>`__
if accepted.


=======================
Backwards Compatibility
=======================
Expand Down Expand Up @@ -843,6 +857,7 @@ CC0-1.0-Universal license, whichever is more permissive.
.. _JSON: https://www.json.org/
.. _npm: https://www.npmjs.com/
.. _PDM: https://pypi.org/project/pdm/
.. _pip: https://pip.pypa.io/
.. _pip-tools: https://pypi.org/project/pip-tools/
.. _Pipenv: https://pypi.org/project/pipenv/
.. _platform compatibility tags: https://packaging.python.org/specifications/platform-compatibility-tags/
Expand Down

0 comments on commit 4b865b9

Please sign in to comment.