packy
The universal package manager
1. Notes
- why
- we have standards for everything nowadays.. container images (OCI), language servers (LSP), Emoji codes.. why not packages and package managers?
- what happens if upstream package registries go down during release CI? (ur fukt)
- decent amount of external traffic comes from package registry streams (CITE)
- ezpz - cache it locally, and reduce cost at the same time
- data proximity matters
- public registries are ripe for supply-chain attacks
- there are too many package managers, and it's unreasonable to
demand our clients rely on them
- needless external footprint - keep this traffic away from bad actors and inside the corporate VPN
- traffic control matters
- how
- sexps
- define spec in CLOS (lisp objects)
- define validation tools
- use tools to validate implementations
- compilers
- functionality composed of lambdas and closures
- insert hooks, custom settings, flags
- ability to define optimization passes
- dependency traversal, cycle detection
- macros
- functionality composed of lambdas and closures
- sexps
- goals
- simple design
- extensibility
- introspectable (from client and server)
- inspiration
- resources
1.1. Design
- core classes
- package
- source
- collection
- op
- env
- mixed
- registry source + collection
- dependency source + package
- client
- op+env
- server
- op+collection+env
- peer
- client+server
1.2. targets
The following package registries will be supported in v1.
1.2.1. el
Emacs Lisp packages (tarballs)
1.2.3. ql
Quicklisp compatible packages
1.2.4. pip
1.2.5. crater
This is a private crate registry for the Rust programming language.
The crates.io package registry provides a number of excellent crates,
integrates well with the cargo
development tool, and should be
preferred in all cases. I use crater
when I need to:
- import my unpublished crates
- import the master branch of a published crate
- import a local or patched version of a published crate
- import a non-git crate (hg)
crater
also works well in intranet/local environments, and can be
deployed for use in the following ways:
- remote
- same as crates.io, registry index is publicly hosted on GitHub (default)
- local
- registry index is stored locally, crates are retrieved remotely
- static
- registry index and crate sources are stored locally, no network requests are required