Yeah, I remember now. the name squatting was from people putting malicious packages under misspelled names of well known packages, like “requets” instead of requests.
- 0 Posts
- 8 Comments
Joined 1 year ago
Cake day: August 2nd, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
packages installing but not working due to missing dependencies
This is the fault of the package author/maintainer
packages installing but not working due to broken dependencies
Sometimes the fault of the package author/maintainer. Sometimes this is the fault of a different package you’re also trying to use in tandem. Ultimately this is a problem with the shared library approach python takes and it can be ‘solved’ by vendoring within your own package.
packages not building and failing with obscure errors
Assuming the package is good, this is a problem with your build system. It’s like complaining a make file won’t run because your system doesn’t have gcc installed.
one package was abandoned and using Python 2.7
Unfortunately there’s a ton of this kind of stuff. I suppose you can blame pypi for this, they should have some kind of warning for essentially abandoned projects.
I don’t think it’s fair to blame pip for some ancient abandoned packages you tried to use.
I believe that was just name squatting.
One of my favorites was along the lines of “An evil wizard wrote this. Attempt to replace it at your peril, but never try to modify it”.
I have this argument with other devs all the time.
Hey, you know this 200 line nested if statement that suddenly returns in the middle of the condition is “7”? Yeah, that needs a refactor or at least a fucking comment.
I get a pull request that adds a log line that reads something like “special case 7 triggered.”.
bad habits are hard to break.
The Apothecary Diaries. it’s pretty good.