It inspires great trepidation and ambivalence when I find something new that belongs in my “What to do when the bug is in someone else’s code” talk (, but I think patchy has earned a slide.

Or, as the kids say, “Thanks! I hate it!”

We are in progress of adding support for CPython 3.10. Due to this unfinished change, there will be no release for this week.
Unfortunately, some packages are pinned at old versions, which do not support 3.10 build. In particular, those packages are:

  • PyYAML (pinned by awscli)
  • pywin32 (pinned by docker)

Should these packages that hard-pin other packages for too long (in this case, awscli and docker) be removed from the distribution?
Can you suggest another solution in comment?

Hi all,

A bit later than usual, the 13th week's release has been published at

This week we have significantly reduced the gap between the versions of
PyPI and IPWHL. As of today (04-04), only 59 packages are outdated,
many of which are hard pinned by some other packages.

We also have new packages:

  • types-urllib3: typing stubs for urllib3
  • wsaccel: a websocket accelerator
  • cogapp: content generator
  • argon2-cffi-bindings: binding for argon2-cffi

Dear patrons,

Another week, another update. You can find this week update at

Roughly 50 packages get updated this week, including several
common development tools like pylint, as well as tools to work with
cloud services like botocore or elasticsearch.

A new package, dill, is added and the some missing wheels for
MacOS and Windows are also added.

Dear patrons,

A new weekly(*) snapshot of the cheese wheels has been published at

Thanks to the aide of some shell hack, a mass update of 163 packages
was possible. PyOpenSSL, cryptography, pip, Django, and many other
popular libraries are included.

The IPWHL utility package introduced in the latest release has also
enjoyed an update to version 1.1.0 in this release.

Til next week,

(*): not so weekly, unfortunately.
Join efforts to keep IPWHL packages up-to-date at

@be, IMHO this sort of vendor-lockin, albeit perhaps unintentional, will hurt the ecosystem. This shall radically encourage application developers to make Flathub as the only easy source of installation with the hope of getting more funding, whilst it’s unsure if it will actually get more people to donate. As a result, software will be less integrated across different versions of libraries due to testing them being discouraged, while end-users will need to spend more bandwidth and disk space (they are not that cheap if one does not live in a fist world). As this evolves, upstream shall become the sole tech support for end-users (as the role of distros start to fade away) and lose valuable time that can have been utilized for development.

I think it’d be much healthier if a protocol can be worked out instead so that developers can embed a button in the about dialog (or a subcommand for CLI programs) launching a program or web page for donation. Assuming people will donate more to FLOSS in the future, distros can also split more funding to upstream based on popularity or something, and this also helps libraries developers (who have little to zero exposure on app-store-like UI).

This is a truly fantastic guide to getting p2p connectivity on the modern internet, if only for it never ever breaking down into tears of despair:

I'm very excited to announce the release of Ratman, a userspace, decentralised peer-to-peer packet router. It's developed as part of the Irdest project, aiming to build easy to use infrastructure tools for decentralised mesh networks.

Read the full announcement here:

Check out the project website:

awoo :boost_ok:

#RFC: I've created a document on what I call secrets based digital #distributed #cash.

It does not use a #Blockchain and but only a very simple #DLT to provide a #private, #anonymous, #secure and #environmental #payment system.

It's just an analyzed and thought through idea.

I'm asking for #feedback, #critique and anyone who can proof read it.


There are 3 fundamental principles required for #IPFS to function...
🚀Unique Identification via content addressing
🚀Content linking via DAGs
🚀Content discovery via DHTs

Read more about these concepts in this blog written by @charliecodes👇

Idea: Allow installation of package local dependencies:

The motivation for such issues is maintaining very large Python applications in a pip 20.3+ world has become very complex. For example the full version of homeassistant installs over 1000 dependencies, the full version apache-airflow installs over 450 dependencies. A lot of time and effort is put in to not having conflicting transient dependencies that is often largely beyond the application owners control. This limits applications being written in Python to leverage Python's large ecosystem of high quality packages.

If only there's a way to ensure packages integration!

Announcing the next #Guix Days!

Let's meet for two days in February to talk about Guix and its community! This event is part of a series of events this year that celebrate the tenth anniversary of Guix. More to come :)

We welcome any topic related to Guix, so don't hesitate to submit a talk! You have until February 8 to submit a proposal, but the sooner you submit, the sooner you'll be notified, and the more time you'll have. Don't wait!

#conference #community

If every toy programming language integrated nicely with OS package managers instead of hand rolling their own language specific package manager then things like leftpad and the more recent npm issue would be a lot less likely to occur.

I think new generations are intimidated by existing systems and reinvent them.

Show older

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!