grok

Bug #242370
Comment #4

Comment 4 for bug 242370

Revision history for this message

Maurits van Rees (maurits-vanrees) wrote on 2008-07-02: Re: grokproject should pin versions in setup.py

I have removed the dependency on zc.buildout as we already have code in place (in grokproject/utils.py:run_buildout) that downloads zc.buildout if it is not available.

We could make a small change there to require a known-good version:

- ws.require('zc.buildout')
+ ws.require('zc.buildout==1.0.6')

We could make the same change in grokproject/template/bootstrap.py; we already have some customizations there to use the grok-eggs-*.tgz.

The same might have to be done for setuptools.

On the grok-dev list Philipp makes a case for not pinning PasteScript. If you do not agree, discussion can continue there, where I think it is handier.

For recipes it might also be dangerous to pin them; for example infrae.subversion has had some (development) releases that were removed from the cheeseshop later. Me grok smash package thieves. ;-)

We use 6 recipes in the generated buildout.cfg now. We could let grokproject append pinned versions of them at the end of versions.cfg.

Hm, maybe we should pin the python version. ;-)