Summary
This PEP details how the Python package should specify its dependencies when it is run on a selected Build system. This specification introduces a new configuration file that specifies the build dependencies of a software package (assuming future configurations will use the same configuration file as a reference).
Fundamental
When Python first developed a tool for building projects, software distribution, distutils [1] was the chosen solution. Over time, setuptools [2] has become more and more popular, adding some functionality to distutils. Both apply the concept of a setup.py file. Project maintainers implement this file to build a distribution of their software (allowing users to also install the above distribution).
Distutils is part of the Python standard library, so using an executable file to specify build conditions under distutils is fine. Including the build tool as part of Python means that if the project maintainer wants to build a release of a project, there is no need to worry about external dependencies of setup.py. The only dependency is Python, so there is no need to specify any dependency information.
But when a project chooses to use setuptools, the use of executables like setup.py becomes a problem. You cannot execute it without knowing the dependencies of the setup.py file. However, there is currently no standard way to automatically understand what dependencies it has without executing the setup.py file that stores dependency information. This raises the paradox: you can't know its contents without running this file; you can't run it without knowing the contents of the file.
Setuptools tries to solve this problem with the setup_requires parameter of its setup() function [3]. There are many problems with this solution, such as:
In addition to the setuptools itself, there is no tool to access this information without executing setup.py, but if these items are not installed, setup.py will fail to execute.
Although setuptools itself installs everything listed in setup.py, they will not be installed during the execution of the setup() function, which means that the only way to actually use anything added here is through increasingly complex The mechanism is to delay the import and use until later execution of the setup() function.
This program does not include setuptools itself, nor can it include replacements for setuptools. This means that projects like numpy.distutils are largely incapable of using it, and projects cannot take advantage of newer setuptools features until the user naturally sets the version of setuptools. Upgrade to a newer version.
The items listed in setup_requires will be installed as soon as setup.py is executed, but the common way to execute setup.py is through another tool, such as pip, which is already responsible for managing dependencies. This means that commands such as pip install spam may eventually cause pip and setuptools to download and install packages. Eventually, the user needs to configure both tools (and call controltools uncontrolled) to change settings such as the repository it installed. This also means that users need to understand the discovery rules for both tools, because each tool may support different software package formats or determine the latest version in different ways.
This leads to the situation where setup_requires is rarely used, in which case the project tends to just copy and paste code snippets between multiple setup.py files, or skip it completely, and only record it somewhere. - I hope that users have installed these items manually before attempting to create or install their project.
All of this makes pip [4] assume that setuptools exists when executing the setup.py file. But the problem is that if another project starts to get attention in the community like setuptools, the project has no scalability. This will prevent other projects from getting the attention they deserve. Because when pip cannot infer that the project needs something other than setuptools, using setuptools can create conflicts.
This PEP attempts to explicitly list the minimum dependencies of a project's build system in a declarative manner in a particular file to resolve the current situation. This allows the project to list what kind of build dependencies it must have. For example, the source code is checked out to the wheel without falling into the paradox of setup.py. That is, the tool cannot infer what the project needs to build on its own. Implementing this PEP will allow the project to pre-specify the build systems on which they depend so that tools like pip can ensure that all dependencies have been installed in order to run the build system to build.
In order to provide more context and promote this PEP, the required (majority) steps can be seen as the process of generating a manual project:
Source code checkout of the project
Build system installation
Build system operation
This PEP covers step 2. It is expected that the future PEP will include Step 3, including how to make the build system dynamically specify more dependencies that the build system needs to perform its work. However, the purpose of this PEP is to specify the minimum required for the build system to begin operation.
specification
The dependencies of the build system are stored in a file called pyproject.toml, which is written in TOML format [6]. This format was chosen because it is available to humans (unlike JSON [7]), and it is flexible enough (unlike configparser [9]) to originate from a standard (also not like configparser [9]), but not so complicated. (Unlike YAML [8]). The TOML format has been used by the Rust community as part of its package manager [14]. According to private emails, they are very satisfied with the choice of TOML. A more detailed discussion of why alternatives are not selected can be read in the sections of the other file formats below.
There will be a [build-system] table in the configuration file to store the build-related data. Initially, only one keyword in the table is valid and required: Requires. This key will contain a list of string values ​​that represent the PEP 508 dependencies required to execute the build system (meaning what dependencies are required to execute the setup.py file).
The following JSON schema [15] will match the data format and represent a specific type of result data. This data comes from a demo-only TOML file:
For most Python projects that rely on setuptools, the pyproject.toml file looks like this:
The use of setup tools and wheels in the community is very extensive, so when the pyproject.toml file does not exist, the build tool will use the above sample configuration file as their default semantics.
In addition to the [tool] form, all other top-level keys and forms are retained for future use by other PEPs. In the [tool] table, the tool allows users to specify their configuration data as long as the subtools in [tool] are used. For example, a tool named flit stores its configuration in [tool.flit].
We need some mechanism to assign names in the tool.* namespace in the tool to ensure that different projects will not try to use the same child table to create conflicts. Our rule is: The subtable tool.$NAME can be used if and only if a project has a $NAME entry in Cheeseshop/PyPI.
Some unaccepted ideas
Semantic version number
In order to verify the structure of the configuration file in the future, a semantic version number is initially proposed. The default is 1, and the idea behind this is that if a semantic change to a previously defined key or table occurs and the changes are not backwards compatible, the semantic version will add a new number.
But in the end it was decided that this was an immature optimization. Our expectation is that changes to the semantically pre-defined content in the configuration file will be fairly conservative. In the event of backward incompatible changes, different names can be used as new semantics to avoid breaking old tools.
A deeper nested namespace
The early draft of this PEP had a top-level [Package] table. The idea is to scope the semantic version scheme (see Semantic Version Keyword to understand why this idea was rejected). As the scope is no longer required, the importance of having top-level tables becomes superfluous.
Another name for the other table name [build-system] table is [build]. The alternative name is shorter but does not express the intent of the information stored in the table. After the vote initiated on the distutils-sig mailing list, the current name wins.
Other file formats
Several other file formats have been proposed for consideration and have been rejected for various reasons. The key requirement is that the format can be edited by people and can be landed through the project. This completely ruled out some formats, such as human-friendly XML, and has never been seriously discussed.
JSON
The JSON format [7] was initially considered but quickly rejected. Although the human-readable data exchange format as a string is very good, the grammar itself is not suitable for humans to do simple editing (for example, the syntax is more verbose than required and does not allow comments).
The sample JSON file for the proposed data would be:
YAML
The YAML format [8] was designed as a superset of JSON [7] and it is easier to use by hand. YAML has three major problems.
One is too many specifications: 86 pages if printed on letter-size paper. This makes it possible for someone to use YAML's functionality to work with a parser instead of another parser. It has been proposed to standardize on a subset, but this basically means creating a new standard that is specific to the file, which is not easily handled for a long time.
The second is that YAML itself is not safe by default. This specification allows you to avoid arbitrary code execution when dealing with configuration data. Of course you can avoid this behavior - for example, PyYAML provides a safe_load operation - but if any tool accidentally uses load, then they will open any code to execute on their own. Although this PEP focuses on building projects that inherently involve code execution, other configuration data (such as project names and version numbers) may end up executing arbitrary code in the same file.
Finally, the most popular YAML Python implementation is PyYAML [10], which is a large project containing thousands of lines of code and is an optional C extension. Although not necessarily a problem in itself, for projects like pip, this is more of a problem because they are likely to need PyYAML as a dependency provider to be completely independent (otherwise, it will eventually lead to your installation needs Tools for installing the tool will work properly. A proof of concept for PyYAML has been completed. See how simple it is to supply a simple version of a library. All this shows a possibility.
A YAML sample file:
Configparser
A configparser INI-style configuration file was examined [9]. Unfortunately, there is no specification of what configparser accepts, resulting in inconsistent support between versions. For example, ConfigParser in Python 2.7 accepts something different from what configparser in Python 3 accepts. Although it is possible to standardize what Python 3 accepts and simply supply the backport of the configparser module, this does mean that the PEP must be coded and that all projects wish to use configparser's backport to use this PEP-specified metadata. This is over-restrictive, and if someone does not know that a specific version of configparser is expected to cause confusion.
A sample INI file is:
Python syntax
It was proposed to use Python syntax as the configuration format. The file will contain a dictionary at the top level, the data is all in the dictionary, and is defined by the key. All Python programmers are accustomed to this format, and do not need third-party dependencies to read the configuration data, which may be safe if parsed with ast.literal_eval() [13]. Python syntax can be the same as JSON, with trailing commas and comments. In addition, Python's richer data model may be useful for certain future configuration needs (eg, non-string dictionary keys, floating-point numbers, and integer values).
However, Python syntax is a Python-specific format, and we expect that this data may need to be read by a packaging tool that is not written in Python.
An example of a proposed Python grammar file is as follows:
Other file names
Several other file names were not accepted after consideration (this is a very similar topic, and the final decision is mainly based on preferences).
Pysettings.toml
The most reasonable choice.
Pypa.toml
Although reference to PyPA [11] makes sense, it is a somewhat useful term. Without specific domain knowledge, it is best to make the file name meaningful.
Pybuild.toml
From the perspective of this PEP's restriction, this file name makes sense, but if any non-building metadata is added to the file, the name no longer makes sense.
Pip.toml
Tool specific.
Meta.toml
Too generic; the project may wish to have its own metadata file.
Setup.toml
While maintaining the traditional appreciation of setup.py, it doesn't necessarily match what the future file might contain (eg, does .eg know if the project name is part of its setup?).
Pymeta.toml
Not obvious to newbies.
Pypackage.toml&pypackaging.toml
Concept confusion, consider what is a "package"? (Difference between project and package)
Pydevelop.toml
This file may contain details that are not specific to the development.
Pysource.toml
There is no direct relationship with the source code.
Pytools.toml
This document (currently) is misleading because it is for project management.
Dstufft.toml
Individual correlation is too large
ZGAR AZ Vape Pods 5.0S
ZGAR electronic cigarette uses high-tech R&D, food grade disposable pod device and high-quality raw material. All package designs are Original IP. Our designer team is from Hong Kong. We have very high requirements for product quality, flavors taste and packaging design. The E-liquid is imported, materials are food grade, and assembly plant is medical-grade dust-free workshops.
From production to packaging, the whole system of tracking, efficient and orderly process, achieving daily efficient output. WEIKA pays attention to the details of each process control. The first class dust-free production workshop has passed the GMP food and drug production standard certification, ensuring quality and safety. We choose the products with a traceability system, which can not only effectively track and trace all kinds of data, but also ensure good product quality.
We offer best price, high quality Pods, Pods Touch Screen, Empty Pod System, Pod Vape, Disposable Pod device, E-cigar, Vape Pods to all over the world.
Much Better Vaping Experience!
Pods, Vape Pods, Empty Pod System Vape,Disposable Pod Vape Systems
ZGAR INTERNATIONAL(HK)CO., LIMITED , https://www.zgarecigarette.com