Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Well in ten years I have never had a nuked server by pip or virtualenv. I am sure there are edge cases but that must be true for all the ways of deploying stuff. I guess the ones you know well appear simple to you !


I've had a production server be hosed by running 'letsencrypt-auto'. My bad I guess but still, that's one that I really did not see coming.


I kind of agree with both of you. I don't think Python deployment is that bad, as most modern managers get it right (I prefer Poetry nowadays). However something like letsencrypt-auto, which AFAIK installs its own dependencies, is not something I'd run. I've actually never used it precisely because it's too magical. Programs shouldn't install their own dependencies anywhere outside of a virtualenv.


Does certbot do the same ? I don’t use either so I can’t tell.

I strongly agree that any python program must install its dependencies in a virtualenv. One could even argue that this principle could be extended to any software !


Have you heard of our Lord and Savior pipx? Solves the python tool isolation issue nicely.


I haven't used it, I use virtualfish which does a great job as well.


Virtualfish is new to me, will check it out thanks.


And it turned out that pipx wasn't what I thought it was, so thank you as well! Though virtualfish is only useful if you use the fish shell.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: