PEP 621: how to specify dependencies?

Administrative note: I’ve gone into full-on PEP delegate mode at this point. No-one has objected to me making the decision on this PEP, or pushed to take on the role in my place, so I plan on making the decision myself. So please consider my comments from now on in that context¹.

All of this discussion is still circling around the key point, which is that ultimately, someone has to submit a PEP and that will get accepted or rejected. @brettcannon presented PEP 621 in this thread, so I expect him to be the one to formally submit the PEP for approval. He’ll have to get acceptance for what gets submitted from the various co-authors, or reduce the list of authors to reflect the people who do support the submitted PEP.

The decision will be made solely on the basis of what gets submitted. And if nothing gets submitted, nothing gets approved.

One of the key features of the PEP process is that at some point, the PEP authors make a unilateral decision that the PEP is good to go, and submit it. The decision on the PEP has to take into account whether the PEP accurately addresses community comments, but it’s absolutely acceptable for a PEP author to say "there was a lot of discussion between X and Y, but ultimately I chose X and this is why"². The PEP delegate then decides, and sometimes that means accepting something that didn’t achieve consensus. That’s fine, it’s how we avoid paralysis on difficult decisions.

There is, of course, another option. One group of people could submit a PEP that says “PEP 508 strings” and another group submit a PEP saying “exploded format”. The decision then goes to me as to which to approve³.

To be clear, even the option to not include dependencies needs some significant work. It would weaken the PEP significantly (in my view) if it simply stated that dependencies were omitted from the PEP “because we couldn’t reach consensus”. Some things that would need to be covered, for example:

  • The PEP would need to explicitly say that backends MUST provide a tool-specific means for projects to declare dependencies
  • The PEP would need updating to reflect the fact that it was covering all core metadata except Requires-Dist.
  • Would projects be required to state dynamic = ["dependencies"]? If not, what happens when we later introduce dependencies? Will projects suddenly have no dependencies (because they don’t specify the dependencies key, and don’t mention it in dynamic)?
  • Should the [project] table be versioned, to allow for dependencies to be added later?

How would such an A/B comparison work? Assuming you’re using the term in the way I understand it, you’d need to have two implementations of setuptools, one with PEP 508 dependencies and one with expanded tables. You’d need to split a sample of users in two, impartially, with one group getting the PEP 508 version, and the other group getting the expanded tables, and then you’d need to measure the effectiveness of each approach (whatever “effectiveness” means). And if you don’t do something as rigorous as that, what’s to stop people challenging the validity of the results you get? That’s even if we assume you get significantly different results - if the difference is small, we’re back to square one.

I understand the desire to break the deadlock by appealing to objective facts. But I really don’t think “objective facts” are something we can determine in this situation (at least not in a way that will allow us to conclusively decide the issue).

Maybe this debate just demonstrates that there is no correct answer here, and we shouldn’t be standardising this at all - leave tools able to make their own choices, and let them innovate and explore options freely. To be honest, I think the current version of the PEP is weak in this regard - it doesn’t present a strong argument for why we need a standard input format, and maybe that’s the real issue here.


¹ On that note, I’ll formally confirm here that I would like to be removed from the list of authors, so that I can take on the role of PEP delegate without a conflict of interest.
² Pun intended :wink:
³ I would expect anyone submitting a PEP to do so in good faith, that is, to accept the decision if their PEP gets rejected. So this isn’t just a way of escalating the stakes.

1 Like