From 9d2e92d78be59ba328459444856f2376ad35b682 Mon Sep 17 00:00:00 2001 From: Ihar Hrachyshka Date: Fri, 9 May 2025 16:59:03 -0400 Subject: [PATCH] doc: Clarify that fetchPypi is not preferred for python Signed-off-by: Ihar Hrachyshka --- doc/languages-frameworks/python.section.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/doc/languages-frameworks/python.section.md b/doc/languages-frameworks/python.section.md index c80cdc9ad148..af951cc3e805 100644 --- a/doc/languages-frameworks/python.section.md +++ b/doc/languages-frameworks/python.section.md @@ -2117,6 +2117,7 @@ because we can only provide security support for non-vendored dependencies. We recommend [nix-init](https://github.com/nix-community/nix-init) for creating new python packages within nixpkgs, as it already prefetches the source, parses dependencies for common formats and prefills most things in `meta`. +When using the tool, pull from the original source repository instead of PyPI, if possible. See also [contributing section](#contributing). @@ -2190,6 +2191,8 @@ The following rules are desired to be respected: that characters should be converted to lowercase and `.` and `_` should be replaced by a single `-` (foo-bar-baz instead of Foo__Bar.baz). If necessary, `pname` has to be given a different value within `fetchPypi`. +* It's generally preferable to fetch `src` directly from the repo and not from + PyPI. Use `fetchPypi` when there's a clear technical reason to do so. * Packages from sources such as GitHub and GitLab that do not exist on PyPI should not use a name that is already used on PyPI. When possible, they should use the package repository name prefixed with the owner (e.g. organization) name