Since last time, I landed a PR which did the following:
Improved wording in the rationale to make it clear that community organizations can reserve namespaces.
Used “paid” organization over “corporate” organization to ease understanding for non-native speakers and reduce concern among those who consider the word corporate to have a negative connotation.
Removed expectation that grants for communities should be open.
Improved language around why reviews for paid organizations are prioritized.
Included PEP 541 in the expected teaching process.
I missed this and will include directives to make that easy in the next PR, thanks!
Paid organizations I think should have that ability. If you want I can make it optional and opt-in by default but there are operational challenges to exposing such a page. I’ll ask someone to comment on this (if they are able) who works on a similar project to this proposal.
I added a buy-in section and am trying to have more people comment.
It’s a trade-off. Official packages have (unless mistakes happen) a 0% chance of distributing malicious code whereas unofficial packages do not have the same guarantee. I think the benefit outweighs the minor inconvenience of having to be cautious even for popular unofficial packages.
This will be in the next PR, thanks!
I don’t think the grandfathering-in will be very impactful because the PEP 541 process may be judiciously used in applicable scenarios such as bad actors and unmaintained packages with no users. What remains would dwindle over time.
The open namespace concept doesn’t detract from the guarantee because the most common scenario I envision would be a private root grant with an open child such as namespace-contrib.
This is my thinking as well although it will be significantly more than just two companies. I’m trying to have people repeat publicly in this discussion what was spoken about in private but it’s tricky
It’s possible that this gives our community enough funding to attempt work on the explicit namespaces feature in future.
