Unless I’m missing it, the PEP 610 “specification” section doesn’t define what specifically should go into the URL, but given that it’s only relevant when installing a from a “direct URL” specifier, it clearly is the URL in that specifier. But for other cases, that doesn’t apply. Technically, ./app isn’t a direct URL specifier, it’s an implementation specific extension pip supplies.
So I think this PEP does need to explicitly specify.
An example section isn’t normative, though - implementations don’t have to follow them. As a procedural point, I wouldn’t particularly look at example sections when reviewing a PEP for completeness.
Yes. But it also means that consumers cannot assume the file is present. Hence my comment about SBOM use cases - I don’t know anything about the requirements there, but something that produces a SBOM report from this data has to be prepared to say something like “package XXX is installed but does not include data about where it came from”.
I understand why you’re doing it, I’m just saying that I don’t look at comments made on the PR, and if anyone wants their comments to be considered (by me, for the PEP review/approval, at least) they need to be made here, not there.