On 11 February 2024 19:50:17 GMT, Matthias Koeppe <matthia...@gmail.com> wrote:
>I think it's a bit too quick to already call a vote. I would suggest that
>you take the time to collect and link previous discussions on this topic,
>so that participants can review the known arguments, viewpoints, and
>requirements.
>
>Example (from my previous
>post): https://groups.google.com/g/sage-devel/c/C7-ho1zvEYU/m/S2n8d5rOAgAJ
>(2016)
I don't think arguments from 2016 are very relevant today, given how much python packaging evolved since then.
I'll make an attempt to quantify this cost
On 11 February 2024 22:47:24 GMT, Matthias Koeppe <matthia...@gmail.com> wrote:
>On Sunday, February 11, 2024 at 1:46:40 PM UTC-8 Matthias Koeppe wrote:
>
>I'll make an attempt to quantify this cost
>
>Here's an illustration of the workflow for making python_build a standard
>"wheel" package, as proposed in
>https://groups.google.com/g/sage-devel/c/MIU-xo9b7pc:
What you outlined is the initial one-time cost.
There is also a cost of maintenance, which eventually gets bigger than the initial cost: the thing gets outdated, its dependencies get outdated, this all requires updates, tests, conflict resolutions ---something that you get largely for free if you let go of the package dependency micromanagement, relying instead on the Python universe out there to do the job.
> Pinning packages to a set of tested working versions is a standard practice, and as a matter of fact part of best practices to achieve stability in various deployment situations, reproducibility, etc.
>
> In the Python world, such pinning is done using requirements.txt, Pipfile.lock, and environment.yml files.
> In the Sage distribution, we pin using package-version.txt and tiny requirements.txt files.
as well as install-requires.txt and spkg-configure.m4 - they also in
some cases pin versions, strictly,or not.
Now, at last, tell us what makes Sage so special that we must vendor
sphinx and jupyter [...]
> A question to ask is what tooling is available to update the version pins, and what the cost of using the tools is. For a typical upgrade, by improving our tooling, we have reduced the work to just typing "./sage -package update-latest sphinx --commit". In the Sphinx upgrade, https://github.com/sagemath/sage/pull/37129/files (needs review), I ended up updating 25 packages, so I had to use a command like this 25 times. It's repetitive, maybe it takes 20 minutes total, but it's not remotely something that I would use the phrase "Sage has shot itself in the foot" for.
The whole thing of a zillion vendored packages [...]
requirements.txt might as well specify the range, and this is used too e.g.build/pkgs/phitigra/requirements.txt hasphitigra>=0.2.6
So this is all [...] confusing
> 2. Also the large Sage source tarball does not "vendor". It is a shipment of a distribution. Distributions don't "vendor". It's the job of a distribution to ship its components.This is not correct. Sage is not a distribution
In any use cases with internet connectivity, people will be better off by just cloning the git repo, not use the release tarball.If there are relevant use cases without internet connectivity (I have no opinion to offer on this), then the release tarball has exactly the right contents.Proposed action items:A. Change https://github.com/sagemath/sage/blob/develop/README.md so that "git clone" is described as the primary way to obtain the Sage sources. That the big release tarball is available can be a footnote in the Installation Guide (https://deploy-livedoc--sagemath.netlify.app/html/en/installation/source#installation-steps) for the limited no-internet connectivity use case.
B. Likewise, get rid of all of these "Download Sage source code" pages (https://www.sagemath.org/download-source.html, https://www.sagemath.org/download-latest.html), mirror selection, etc. from the Sage website.
On Mon, Feb 12, 2024 at 11:52 PM Matthias Koeppe
<matthia...@gmail.com> wrote:
> If there are relevant use cases without internet connectivity (I have no opinion to offer on this), then the release tarball has exactly the right contents.
This won't be true any more if we allow standard packages to be pip packages.
As far as I understand, the proposal is to allow sage "packages" to be closer to more standard python prerequisites by letting them be resolved by pip packages.
By default the package content would be fetched, as pip does,
and that would mean the default configuration for sage would require internet at install time.
By default the package content would be fetched, as pip does,Not just as pip does, but by actually calling "pip" to contact PyPI.and that would mean the default configuration for sage would require internet at install time.That's right.
By default the package content would be fetched, as pip does,Not just as pip does, but by actually calling "pip" to contact PyPI.and that would mean the default configuration for sage would require internet at install time.That's right.Then Dima's proposal implies assuming internet at install time. Right?
Dima mentioned "tox" [1] as an example of a "standard" package that would benefit from being switched to a "pip" package. The "tox" package is pure python, so could also made a "wheel" package, which are already allowed for standard package, for example [2].
I'm having difficultly understanding the practical differences between a "wheel" package and a "pip" packages in this setting.
With "wheel", the wheel is downloaded from PyPI and put in upstream/ by various GH actions and put in the sage tarball and copied over to the sage mirrors, whereas with "pip" it is only downloaded by pip itself when an end-user builds Sage. But in terms of developer effort, the only difference I see between "wheel" and "pip" is that the former has a few extra checksums, compare [2] and [3].
What distinctions am I missing? Is it that a "wheel" must be pinned to a specific release on PyPI whereas "pip" can specify a range?
there are ways to use pip without internet, with the necessary wheels pre-fetched.
That's what Sage does with wheel packages.
The difference between wheel packages vs pip packages is that the latter don't require pre-fetched wheels, and absence of the need for package (micro)management.
If one does not care about the use case without internet access, then it's just the following:- Pinning, as you mentioned (see also https://groups.google.com/g/sage-devel/c/5kmxaw105lg/m/9rF77fvFAAAJ above, where I discussed some details of this, including risks of leaving packages unpinned)- Dependencies: "pip" packages can pull some of their build-time and run-time dependencies directly from PyPI, without us mirroring these dependencies in SageMath metadata. That's a mild convenience for developers, of importance if one wants to leave the version range wide open; but also has risks of instability.
On Friday, February 16, 2024 at 11:17:37 PM UTC-6 Matthias Koeppe wrote:If one does not care about the use case without internet access, then it's just the following:- Pinning, as you mentioned (see also https://groups.google.com/g/sage-devel/c/5kmxaw105lg/m/9rF77fvFAAAJ above, where I discussed some details of this, including risks of leaving packages unpinned)- Dependencies: "pip" packages can pull some of their build-time and run-time dependencies directly from PyPI, without us mirroring these dependencies in SageMath metadata. That's a mild convenience for developers, of importance if one wants to leave the version range wide open; but also has risks of instability.Matthias, thanks for the clarification. I think pinning the version of a "standard" package, including all its dependencies and down to the minor release, is likely the best approach. Based on my experience with snappy [1], not pinning things will result in CI runs failing "out of the blue" because one of the dependencies got updated. With a small project like snappy, this is pretty occasional and serves as a way to flag issues with new upstream releases, but with Sage my guess is that such failures would be frequent. Suppose that each time the CI runs on a new PR, there's a 10% chance of it failing because some completely unrelated dependency shifted; that would be a major annoyance to seasoned Sage developers and very discouraging to newcomers.
On 17 February 2024 17:16:07 GMT, Matthias Koeppe <matthia...@gmail.com> wrote:
>I share the same concern based on the amplification of the failure
>probability, due to the large number of dependencies in Sage.
My proposal is in fact aimed at reducing the number of pinned Sage dependecies, drastically.
Because most of them are either dependencies of Jupyterlab, or of Sphinx, or of Python build system, and none of the them should be Sage's concern to package, with all their dependencies.
If you itch to pack the said dependencies, please do it in a separate repo/PyPI package, which can be consumed by sagelib to get the desired pinned dependencies (and test all this in the existing CI, why not?)
But stop tying them up with sagelib - which in effect forces people interested in sagelib to slave away on packaging 300 dependencies, most of which aren't even tested by CI in any way, besides building.
Please liberate sagelib from the cabal of the ftontend, etc.
Sagemath is not a disto - no sane distro puts everything in one flat directory structure.
Sagemath is an insane pile of needlessly vendored packages.
My proposal is in fact aimed at reducing the number of pinned Sage dependecies, drastically.
Because most of them are either dependencies of Jupyterlab, or of Sphinx, or of Python build system, and none of the them should be Sage's concern to package, with all their dependencies.
If you itch to pack the said dependencies, please do it in a separate repo/PyPI package, which can be consumed by sagelib to get the desired pinned dependencies (and test all this in the existing CI, why not?)
But stop tying them up with sagelib - which in effect forces people interested in sagelib to slave away on packaging 300 dependencies, most of which aren't even tested by CI in any way, besides building.
It seems to me that the "wheel" type Sage packages, each of which is primarily just the version number of a file on PyPI and its hash, is like a "requirements.txt" file (or "conda-lock" file, for that matter) spread over multiple directories. Personally, I don't view that as packaging a dependency, but rather saving some metadata to aid reliability/reproducibility.
I cannot imagine CI breaking down by, say, pytest.
Besides, you can pin down or limit the version of a pip package, just as well. E.g. pin down the version of Cython. But leave its dependencies out of Sage, as much as possible.
On 17 February 2024 23:31:43 GMT, Matthias Koeppe <matthia...@gmail.com> wrote:
>On Saturday, February 17, 2024 at 3:04:49 PM UTC-8 Nathan Dunfield wrote:
>"wheel" type Sage packages, each of which is
>primarily just the version number of a file on PyPI and its hash, is like a
>"requirements.txt" file (or "conda-lock" file, for that matter) spread over
>multiple directories. Personally, I don't view that as packaging a
>dependency, but rather saving some metadata to aid
>reliability/reproducibility.
>
>I'll note that in addition to aiding reliability/reproducibility, the
>metadata in build/pkgs is also important for discoverability and
>attribution.
Merely pinning down the versions doesn't magically brings you reproducibility, unless you are also willing to pin down the OS version, and the hardware. [...]
Besides, to create a pinning of all the versions of Python packages, just run the appropriate pip command, it will produce a full list of all the versions, ready to be used to reproduce the environment. No need to maintain these pinnings by hand.
Yes, metadata is important, it's just make-work to maintain it manually. We don't need to carry out this make-work.
1) you can even just get a binary wheel of pytest installed - it is very fast, and robust.
2) The major improvement is that sagelib will be easier to install into an existing venv, and that's a wish of quite a number of users. Much more Pythonic, too.
On Sunday, February 18, 2024 at 9:07:04 AM UTC-8 Dima Pasechnik wrote:1) you can even just get a binary wheel of pytest installed - it is very fast, and robust.Yes, that's what my PR https://github.com/sagemath/sage/pull/37301 does. It installs pytest as a "wheel" package.
Whether you install a package from an sdist or from a wheel, you still have the same runtime dependencies ("install-requires").What goes away when you use a wheel is only the build-time dependencies ("build-system requires").
2) The major improvement is that sagelib will be easier to install into an existing venv, and that's a wish of quite a number of users. Much more Pythonic, too.The pip-installability of sagelib has absolutely nothing to do with this discussion.
--
You received this message because you are subscribed to the Google Groups "sage-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sage-devel/3299fe86-fa67-4830-9f3c-1386235c37c8n%40googlegroups.com.
On Sun, Feb 18, 2024 at 5:24 PM Matthias Koeppe <matthia...@gmail.com> wrote:On Sunday, February 18, 2024 at 9:07:04 AM UTC-8 Dima Pasechnik wrote:1) you can even just get a binary wheel of pytest installed - it is very fast, and robust.Yes, that's what my PR https://github.com/sagemath/sage/pull/37301 does. It installs pytest as a "wheel" package.there are wheels and wheels.Binary wheels don't need any building, Sage's wheel packages still do building from source - in case the package has C extensions, possibly cythonizing or running a similar built processs involving compilation/linking.
The wheel you talk about is just another packaging of a source package, isn't it?
On Sunday, February 18, 2024 at 4:40:35 AM UTC-8 Dima Pasechnik wrote:On 17 February 2024 23:31:43 GMT, Matthias Koeppe <matthia...@gmail.com> wrote:
>On Saturday, February 17, 2024 at 3:04:49 PM UTC-8 Nathan Dunfield wrote:
>"wheel" type Sage packages, each of which is
>primarily just the version number of a file on PyPI and its hash, is like a
>"requirements.txt" file (or "conda-lock" file, for that matter) spread over
>multiple directories. Personally, I don't view that as packaging a
>dependency, but rather saving some metadata to aid
>reliability/reproducibility.
>
>I'll note that in addition to aiding reliability/reproducibility, the
>metadata in build/pkgs is also important for discoverability and
>attribution.
Merely pinning down the versions doesn't magically brings you reproducibility, unless you are also willing to pin down the OS version, and the hardware. [...]This is an instance of the "all or nothing" fallacy, and simultaneously a "straw man" fallacy (note that both Nathan and I said it "aids" reproducibility etc.)
Besides, to create a pinning of all the versions of Python packages, just run the appropriate pip command, it will produce a full list of all the versions, ready to be used to reproduce the environment. No need to maintain these pinnings by hand.
Yes, metadata is important, it's just make-work to maintain it manually. We don't need to carry out this make-work.Exactly, it matters what tooling is available. And every single little improvement of our tooling will likely have more value than this entire thread.
Yes, we don't want to maintain the metadata "manually".And we don't! We use the "sage --package" script (https://deploy-livedoc--sagemath.netlify.app/html/en/developer/packaging#utility-script-to-create-and-maintain-packages)Yes, "pip freeze" will output the current versions of installed Python packages, to be saved as a requirements.txt file.What's missing is the tooling that would feed this version information back to our version files.
That's wishlist item https://github.com/sagemath/sage/issues/37314, estimated effort: 15 minutes of work. Any takers?
--
You received this message because you are subscribed to the Google Groups "sage-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sage-devel/16525787-4dec-4ded-b2c1-4019683a930an%40googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "sage-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sage-devel/e87b2425-e69c-42d6-8534-519e5eddaa63n%40googlegroups.com.
Reading: https://deploy-livedoc--sagemath.netlify.app/html/en/developer/packaging#package-source-typesThe wheel you talk about is just another packaging of a source package, isn't it?No.Well, I might have used incorrect terminology, but our wheels are always "build from source" wheels.
Best,Nathan
--
You received this message because you are subscribed to the Google Groups "sage-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sage-devel/9775f89c-4901-4a0f-a0e0-91b38c215f18n%40googlegroups.com.
On Sun, Feb 18, 2024 at 5:24 PM Matthias Koeppe <matthia...@gmail.com> wrote:On Sunday, February 18, 2024 at 9:07:04 AM UTC-8 Dima Pasechnik wrote:2) The major improvement is that sagelib will be easier to install into an existing venv, and that's a wish of quite a number of users. Much more Pythonic, too.The pip-installability of sagelib has absolutely nothing to do with this discussion.Of course it does, a lot. As having less deps pinning will model installability and useability of sagelib in a "foreign" venv. At the moment using sagelib in a foreign venv is complicated and error-prone, and untested.
This discussion about the need to fix the version of pytest and its runtime dependencies is almost comical.
--
You received this message because you are subscribed to the Google Groups "sage-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sage-devel/e6477c9c-9a52-4b71-829d-b718cbbd5402n%40googlegroups.com.
I'll now offer:Opinion 1. Nobody needs to care in the slightest what the size of that release tarball is.In any use cases with internet connectivity, people will be better off by just cloning the git repo, not use the release tarball.If there are relevant use cases without internet connectivity (I have no opinion to offer on this), then the release tarball has exactly the right contents.Proposed action items:A. Change https://github.com/sagemath/sage/blob/develop/README.md so that "git clone" is described as the primary way to obtain the Sage sources. That the big release tarball is available can be a footnote in the Installation Guide (https://deploy-livedoc--sagemath.netlify.app/html/en/installation/source#installation-steps) for the limited no-internet connectivity use case.B. Likewise, get rid of all of these "Download Sage source code" pages (https://www.sagemath.org/download-source.html, https://www.sagemath.org/download-latest.html), mirror selection, etc. from the Sage website.On Sunday, February 11, 2024 at 11:23:42 AM UTC-8 Dima Pasechnik wrote:Currently the standard packages cannot be pip packages, i.e. we must, in effect, vendor them. This entails an extra effort which is often not needed, in particular as we patch only very few Python packages.
Pip packages are on the other hand installed straight from PyPI.
Good examples of standard packages which can become pip ones are tox, pytest (not yet standard).
The other difference is that by default these packages are not included in the Sage releases source tarball.
Rather than adding them there I propose to split the upstream/* part of the tarball into something optional - which is represented by a list of files to download, and which is just not needed if you build while connected to the internet.
This is a huge saving on the tarball size: with upstream/* in, Sage 10.2 tarball is 1.3Gb, and without it is smaller than 0.25Gb.
Note that as William writes, the desire to have Sage buildable without an internet connection was a requirement by a past Sage funder, gone about 10 years ago. Thus there's no longer an obligation to have this option.
I am not aware of a similar to Sage which provides tarballs allowing for an offline build.
Thus, I would like to call a vote on these two topics:
1) allow standard packages to be pip packages
2) drop the contents of upstream/ from the Sage source tarballs.
---
Dima
This (A and B below) has the advantage of being quite explicit. The original proposal1) allow standard packages to be pip packages
2) drop the contents of upstream/ from the Sage source tarballs.sounds explicit, but the more the discussion goes on, the more I feel that there are hidden pieces. Does the proposal also mean removing version restrictions and all of the other claimed maintenance burden for various components of Sage?
Regarding item (2): if I clone the github repository, there is no upstream directory at the start, but after building Sage, it ends up being almost as large as in the current tarballs. (This is on OS X with a lot of homebrew packages installed.) So how much savings are we actually talking about? (Maybe it's not savings for the end user that are important, so *what* are we saving? Disk space on the mirrors?) Dima, can you please provide data? If we convert (according to (1)) to pip packages, those still need to be downloaded, and while they may not end up in "upstream" — I don't actually know how they work — don't they still take up disk space? So again, how much savings are we talking about? Please provide data.
By the way, the git clone yields a package that is 616M on my machine. A good chunk of that is the .git directory. Are you proposing that we do not distribute this? (A recent beta tarball is 1.4G, unpacked 1.6G.)
Regarding item (1): can you provide a list of packages that would become pip packages? Or describe how you would come up with a list?
On Monday, February 12, 2024 at 3:52:29 PM UTC-8 Matthias Koeppe wrote:I'll now offer:Opinion 1. Nobody needs to care in the slightest what the size of that release tarball is.In any use cases with internet connectivity, people will be better off by just cloning the git repo, not use the release tarball.If there are relevant use cases without internet connectivity (I have no opinion to offer on this), then the release tarball has exactly the right contents.Proposed action items:A. Change https://github.com/sagemath/sage/blob/develop/README.md so that "git clone" is described as the primary way to obtain the Sage sources. That the big release tarball is available can be a footnote in the Installation Guide (https://deploy-livedoc--sagemath.netlify.app/html/en/installation/source#installation-steps) for the limited no-internet connectivity use case.B. Likewise, get rid of all of these "Download Sage source code" pages (https://www.sagemath.org/download-source.html, https://www.sagemath.org/download-latest.html), mirror selection, etc. from the Sage website.On Sunday, February 11, 2024 at 11:23:42 AM UTC-8 Dima Pasechnik wrote:Currently the standard packages cannot be pip packages, i.e. we must, in effect, vendor them. This entails an extra effort which is often not needed, in particular as we patch only very few Python packages.
Pip packages are on the other hand installed straight from PyPI.
Good examples of standard packages which can become pip ones are tox, pytest (not yet standard).
The other difference is that by default these packages are not included in the Sage releases source tarball.
Rather than adding them there I propose to split the upstream/* part of the tarball into something optional - which is represented by a list of files to download, and which is just not needed if you build while connected to the internet.
This is a huge saving on the tarball size: with upstream/* in, Sage 10.2 tarball is 1.3Gb, and without it is smaller than 0.25Gb.
Note that as William writes, the desire to have Sage buildable without an internet connection was a requirement by a past Sage funder, gone about 10 years ago. Thus there's no longer an obligation to have this option.
I am not aware of a similar to Sage which provides tarballs allowing for an offline build.
Thus, I would like to call a vote on these two topics:
1) allow standard packages to be pip packages
2) drop the contents of upstream/ from the Sage source tarballs.
---
Dima
--
You received this message because you are subscribed to the Google Groups "sage-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sage-devel/0a3c1c0b-ed3f-41eb-ab4a-5235432475dbn%40googlegroups.com.
On Mon, Feb 19, 2024 at 7:42 PM John H Palmieri wrote:This (A and B below) has the advantage of being quite explicit. The original proposal1) allow standard packages to be pip packages
2) drop the contents of upstream/ from the Sage source tarballs.sounds explicit, but the more the discussion goes on, the more I feel that there are hidden pieces. Does the proposal also mean removing version restrictions and all of the other claimed maintenance burden for various components of Sage?No, this is simply FUD spread by certain parties here.
On Mon, Feb 19, 2024 at 7:42 PM John H Palmieri <jhpalm...@gmail.com> wrote:If we convert (according to (1)) to pip packages, those still need to be downloaded, and while they may not end up in "upstream" — I don't actually know how they work — don't they still take up disk space? So again, how much savings are we talking about? Please provide data.
as far as I can tell, by default pip package wheels are not stored in upstream/.Perhaps there is an easy way to change this, I don't know.
An option to "./configure" could work too, except that the "bootstrap" phase already downloads the "configure" tarball into that directory.
--
You received this message because you are subscribed to the Google Groups "sage-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sage-devel/ab2b37cb-e44c-4489-bb88-8ba834064661n%40googlegroups.com.
By the way, I just cloned the Sage repo and ran "make configure", which runs `./bootstrap`. The upstream directory is empty after that.
On Mon, Feb 19, 2024 at 10:29 PM Matthias Koeppe <matthia...@gmail.com> wrote:An option to "./configure" could work too, except that the "bootstrap" phase already downloads the "configure" tarball into that directory.an option to ./bootstrap then would be logical
You said: "The difference between wheel packages vs pip packages is that the latter don't require pre-fetched wheels, and absence of the need for package (micro)management." The implication is that changing the package management system is, maybe not part of this proposal, but a next step. In other words, I'm getting this impression from your words, not by other "certain parties."You said: "My proposal is in fact aimed at reducing the number of pinned Sage dependecies, drastically." (You have made similar comments elsewhere in this thread.) How does (1) accomplish this? Either I'm missing something or you have not spelled everything out in your proposal.You said '"Allow" does not mean "Make all of the", it should be obvious.'"Allow" does not cause any changes to happen drastically. So what exactly are you proposing to accomplish these drastic changes? If you have a roadmap in mind, it would be helpful if you described it.
The number of dependencies has grown to the point it has gotten too hard to maintain,
especially if one aims to support as many Python versions as we do.
These dependencies force one to have fragile, and temporary, version-dependent workarounds in the configuration.
On 20 February 2024 17:28:31 GMT, Matthias Koeppe <matthia...@gmail.com> wrote:
>On Tuesday, February 20, 2024 at 1:43:27 AM UTC-8 Dima Pasechnik wrote:
>The number of dependencies has grown to the point it has gotten too hard to
>maintain,
>
>No. It's easier than it has ever been in the past because of our improved
>tooling.
You keep adding more dependencies to justify ever growing tooling, it seems.
Only you know what it does and how to use it.
What if we just don't want it?
I certainly don't care about the guts of Jupyterlab and Sphinx, I just want to use them.
On Tuesday, February 20, 2024 at 11:43:07 AM UTC-8 Dima Pasechnik wrote:On 20 February 2024 17:28:31 GMT, Matthias Koeppe <matthia...@gmail.com> wrote:
>On Tuesday, February 20, 2024 at 1:43:27 AM UTC-8 Dima Pasechnik wrote:
>The number of dependencies has grown to the point it has gotten too hard to
>maintain,
>
>No. It's easier than it has ever been in the past because of our improved
>tooling.
You keep adding more dependencies to justify ever growing tooling, it seems.No, Dima, that's absurd.I have been doing the vast majority of this maintenance work in the past 4 years, and I have been improving the tooling to reduce the workload associated with it -- and to make it more accessible to other contributors.
Source:echo " commit | date | author | subject"; echo " -- | -- | -- | --"; git --no-pager log --since 2020 --no-merges --format=" %h | %as | %<(24)%aN | %s" build/pkgs/*/{package-version.txt,spkg-*.in,patches}Only you know what it does and how to use it.It's well-documented in our Developer Guide (https://deploy-livedoc--sagemath.netlify.app/html/en/developer/packaging).I strongly encourage others to read it -- and welcome requests for improvements and PRs -- but I certainly can't force anyone to read it.What if we just don't want it?Who is "we"?
I certainly don't care about the guts of Jupyterlab and Sphinx, I just want to use them.That's OK. That's what most users and developers do.
--
You received this message because you are subscribed to the Google Groups "sage-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sage-devel/3cf3e70e-91c6-43f0-bc2a-bb633acc9b55n%40googlegroups.com.
On Tue, Feb 20, 2024 at 8:13 PM Matthias Koeppe <matthia...@gmail.com> wrote:I have been doing the vast majority of this maintenance work in the past 4 years, and I have been improving the tooling to reduce the workload associated with it -- and to make it more accessible to other contributors.testing and reviewing this endless stream of updates and new packages, etc. is also work, a lot.
And you also are not shy in outsourcing your "vast majority" either.E.g. I got totally fed up with this at this point:- where you kindly invited me to add few hundred text files by hand, copy-pasting from the repology repo - all thanks to your truly wonderful labour-reducing tooling... Wondeful tooling - homo sapience with vi and mouse - very flexible, reliable.
Prompted by the discussion of space use on the local machines of users and developers, I propose another item in addition to A and B:C. Advertise use of "git worktree" and recommend symlinking the "upstream" directory. For testing a new release when you have an existing clone of the repository, using "git clone" another time is overkill as it creates another copy of the .git directory. And there is no point in having multiple copies of the "upstream" directory, as the filenames of the tarballs change whenever the contents change.
On Monday, February 12, 2024 at 3:52:29 PM UTC-8 Matthias Koeppe wrote:Proposed action items:A. Change https://github.com/sagemath/sage/blob/develop/README.md so that "git clone" is described as the primary way to obtain the Sage sources. That the big release tarball is available can be a footnote in the Installation Guide (https://deploy-livedoc--sagemath.netlify.app/html/en/installation/source#installation-steps) for the limited no-internet connectivity use case.
That's now https://github.com/sagemath/sage/pull/37309 (needs review)
B. Likewise, get rid of all of these "Download Sage source code" pages (https://www.sagemath.org/download-source.html, https://www.sagemath.org/download-latest.html), mirror selection, etc. from the Sage website.
That's now https://github.com/sagemath/website/pull/466
A pretty safe second choice would be to have "make download" also download the relevant files for pip installation and tell pip where to find them. If we implemented this second choice [...]
As Nathan points out, this will likely lead to instability. Someone will upgrade some component, and most of the time that will be fine, but occasionally it will break something on some platform, and it could be annoying to track down the cause. If this leads to Sage failing to build, that's not great, but it would be far worse if Sage built and ran but produced some mathematically incorrect answers. Being able to control all of the versions means that our doctests are pretty robust. If we really want to go down the road of unpinning version requirements, I propose that we always pin version requirements for the mathematical components of Sage. If Jupyter or Sphinx doesn't work right, it doesn't affect the mathematics, but if linbox or pari don't work right (or ore_algebra, if you want a pip package), people could be getting different answers on different platforms and we might not know about it for a while. To maintain the mathematical integrity of the project, we should keep very careful control of the mathematical components of Sage.
In any event, switching to a pip package for e.g. jupterlab doesn't affect the final size or complexity of Sage as installed, just how many moving pieces there appear to be if you look in "sage/build/pkgs".Best,Nathan
--
You received this message because you are subscribed to the Google Groups "sage-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sage-devel/f81b8284-cb48-44fe-a3f7-158be2438335n%40googlegroups.com.