
Pip 10 has been released - ognyankulev
https://blog.python.org/2018/04/pip-10-has-been-released.html
======
no_wizard
Yes! Very excited about this as it really feels like pip 9 was long overdue
for an upgrade. Now if we can get the rest of the packaging story down for
python it’d be great :)

On another note: I thought Pipenv was going to supplant pip?
[https://packaging.python.org/tutorials/managing-
dependencies...](https://packaging.python.org/tutorials/managing-
dependencies/) It felt like they were gearing up for it to be that way anyways

~~~
ubernostrum
The tl;dr:

* pip is the tool for installing packages

* pipenv is the tool for managing an environment in which you _develop_ a package (and wraps pip and virtualenv to make that convenient)

* twine is the tool for uploading packages to the Python Package Index

~~~
Rotareti
pip, pipenv, pipfile, pipfile.lock, twine, project.toml, setup.py, setup.cfg,
setuptools, requirements.txt... I'd prefer a proper package manager.

~~~
ubernostrum
So build one. If it's good, people will use it!

~~~
Rotareti
Luckily I don't have to! I rather contribute to this, which looks promising:

[https://github.com/sdispater/poetry](https://github.com/sdispater/poetry)

~~~
no_wizard
Oh man I did not know this existed I am completely aligned with this.

Easily this is what I love About the python community is that so many awesome
folks just step up and do something when they seen deficiencies vs waiting for
someone else to get around to it (lookin at you Swift)

I myself am prototyping a tool chain that will compile python to static C code
and then compile that (with the interpreter embedded) into a binary that can
be easily distributed.

Nothing on GitHub yet but it’s what I hope one day soon will fix the
distribution story once and for all!

~~~
BerislavLopac
I'd love to see something like what you're describing, but why C? How about
Rust or something similar, closer to Python's paradigms?

------
piinbinary
Presumably it still supports Python 2.7, so this isn't actually the end of
Python 2 support.

~~~
ognyankulev
Python 2.6 was 2% of pip downloads and apparently this was the rationale for
dropping its support:
[https://github.com/pypa/pip/pull/4343](https://github.com/pypa/pip/pull/4343)
. This led to some Python libraries to also drop 2.6, as shown by library
commits referencing this pull request.

~~~
ams6110
RHEL/CentOS 6 stock python is 2.6, IIRC.

~~~
lozenge
I doubt anybody running it is interested in upgrading their pip.

~~~
progval
You would be surprised at the requests I get from people running CentOS 6.

~~~
Redoubts
Is there any reason those people can't leave their system python to the
system, and otherwise bring their own?

~~~
pletnes
They don’t know how.

But anaconda python will work nicely on centos 6 I suspect.

~~~
kalefranz
Quite nice. And likely faster and more secure. Do an independent check for
yourself. Look at the compile flags. Along with what’s statically linked, vs
what conda manages as dynamically linked. Also don’t miss what all the pip-
installed wheels are statically linking.

------
mistrial9
right in the middle of pip-conda-deb / py27-py35-py36 conflicts here.. I was
startled to see a pip 9.0.3 msg "urllib3- download is not secure, get the
newest version of python"

first thanks very much for all the work in the ecosystem.. not kidding. huge
respect to the SciPy stack .. and others coming up now..

second, is this pip 9 msg really a veiled coercian to use Python 3x !?!
really? using security cert FUD .. I really hope this is not the right
interpretation of the msgs I saw on an ubuntu server yesterday.. It is a
breach of trust, and so wrong on so many levels.. DO not become what you
despise.

~~~
lvh
PyPI has started requiring modern, secure TLS (TLS 1.2) to download stuff. You
don't need Python 3, but you do need a more recent Python or at least one
compiled against a more recent libssl. Which one are you running and do you
have the exact error message?

