[e-lang] Module naming and identification
Brian Warner
warner at lothar.com
Mon Apr 13 23:49:43 EDT 2009
On Sun, 12 Apr 2009 21:48:09 -0600
zooko <zooko at zooko.com> wrote:
> Another is the Python "setuptools" tool, which accepts an optional
> md5sum in the fragment of a package URL, and if that fragment is
> present then setuptools rejects the package downloaded from that URL
> if its doesn't match the md5sum.
Note that this is an immutable "strong name": there's no facility to say
"accept any version of the package which is signed by the following key".
From what I've seen, this makes developers reluctant to declare a "strong
name" dependency upon some package, because sooner or later that will fail,
when the upstream supplier stops hosting that old version (in preference of a
newer one).
> And then there is the wildcard: git.
The thing that pleases me the most about Git is that it's starting to teach a
new generation of users about secure identifiers, and that symbolic names are
merely local references to those identifiers. It's pleasantly surprising that
most people seem to understand it without much trouble.
cheers,
-Brian
More information about the e-lang
mailing list