[Lazarus] An online package manager

Michael Van Canneyt michael at freepascal.org
Mon Aug 10 12:15:02 CEST 2015



On Mon, 10 Aug 2015, Juha Manninen wrote:

> It may be rather easy using HTTP or FTP download like fppkg is doing.
> Some of its code can be used.
> The package list must be one file (just like fppkg uses) to minimize
> server load.
> The package format cannot be shared with fppkg though.

Why not ? fppkg just needs a zip file, and expects a fpmake.pp.

The fpmake.pp is easily translatable to lazarus package and vice versa.

If additional functionalities are needed, we can add whatever is necessary.

>
> I don't think the server load will be a problem. The packages contain
> only textual source files and are compressed. They will be small
> enough.
>
> Allowing users to comment and rate the packages may be the most
> difficult part but it is not needed initially. It will require
> authentication and dealing with malicious attacks and whatever.
> Read-only is easy.
>
> Aradeonas, if you start to implement this, you should reuse the fppkg
> code as much as possible. The design looks good.

I hope so :)

> The fpmake related stuff and the package format cannot be reused.

See above, why not ?

> Also the client must be a Lazarus IDE package with a nice GUI instead
> of a cmd line program.

fpmake was designed to have a GUI from day 1.
It was thought through, you know :)

All that fpmake does is register some units and then start the builder/installer.
A descendent of the builder/installer can be created to start a GUI.

If someone needs an explanation of how this is done, I can provide whatever is needed.

As for repositories: I have no problem letting the initial/master repositories be hosted
on the FPC server. Any package can be uploaded, dependencies are not an issue.

The only thing I ask is that if a web-interface is made, and it needs a database,
it depends only on postgres or firebird. No mysql. Preferably the backend of the
web interface is made with FPC, but any other technology is fine 
(PHP being at the bottom of the list because I consider it a security leak).

Michael.




More information about the Lazarus mailing list