DragoLIST pkgsystem

Registered by oitofelix

The DragoPKG is a reincarnation of Dragora's pkgsystem written from
scratch. It allows users to create and manage free software packages
--- local and remote; source, libraries, programs, debugging symbols,
headers, localization, general data, and documentation packages. Its
main strength is its simplicity and robustness; its goal is to provide
the tools to build a strong and collaborative community --- easy for
newcomers and powerful for experts. It is based on the idea of
distributed maintenance, common meta-data infrastructure and
user-based management. All implemented on clear text aided by
venerable repository list files and powerful matching expressions also
known, respectively, as "Dragorian Lists" and "Dragorian Expressions".

DragoPKG is a package management system that concern various sides of
software distribution. One can identify three main technical areas of
application: the build process, the package management and the
repository maintenance. It also sketch up the workings and relations
on community cooperation inside a distribution.

Blueprint information

Status:
Started
Approver:
oitofelix
Priority:
High
Drafter:
oitofelix
Direction:
Approved
Assignee:
oitofelix
Definition:
Drafting
Series goal:
None
Implementation:
Started
Milestone target:
None
Started by
oitofelix

Sprints

Whiteboard

Some reasons to enhance pkgsystem functionality and rewrite it from scratch:

- The internal package format is very limited in regard to meta information storage. The meta information is not centralized in a main directory but dispersed in the package's root directory. All information that uniquely indentifies a package is derived from the package's file name. So if you install two packages with the same contents but different file names, pkgsystem will think you have two different packages installed. Besides that isn't enforced any way to introduce and retrieve relevant package information like who is the maintainer and what is the upstream home page.

- The meta information handling mechanism is silly. The pkgsystem extract all meta information files in the root of the system together with the package's files properly. So, for a relatively short period of time, when installing a package, there is a "/description" and "/install" directories in the system, and there is risk of overwriting unconventional user or system files.

- The pkgsystem's database format is bad structured. It spreads the meta information files for various directories insted of indexing by the triplet name/version/arch.

- The pkgsystem doesn't support remote package management and the pkgsystem fits poorly with the remote extension that was being created, when it comes into philosophy of Dragora --- in particular with the DRY principle, because the new modules are using a shared shell script library called `pkgsystem.bash' and the old modules need to be rewritten to benefit from the shared code. In fact the pkgsystem itself duplicate more code than necessary as a consequence of unwell designed modularization and internal interface.

- It has a bad internationalization support, don't following the recommended practices to mark strings, and it has some major known vulnerabilities as using the built in bash interface to gettext.

- Its command line option processing is very primitive and don't offer to users the expected interface.

- The error treatment was not standardized and was not systematically done through the sources.

- The old pkgsystem has an arbitrarily, hard coded and unjustified support to only one compression algorithm.

- The informational message are unpleasantly scarce.

- All comments in source code are in Spanish language and commenting in a language other than English is bad practice because tends to limit the collaboration between people and difficult the control of the program by its users. Besides that, the source code wasn't systematically commented.

- Whenever possible, in a GNU system, it's necessary to follow the GNU coding standards and the old pkgsystem don't followed it at all.

The new DragoLIST pkgsystem will permit to manage remote packages using any protocol that GNU wget supports and to use any compression algorithm that GNU tar archiver supports. Also, it will present to you a consistent and rich interface.

Unfortunately, the DragoLIST pkgsystem will be incompatible with old pkgsystem's database and packages, but there will be scripts to convert both.

To developers, it will be fairly more extensible than the current pkgsystem and easy to understand and extend due to the main library pkgsystem.bash and various other helper core libraries like i18n.bash and sanity.bash.

Attributions:

oitofelix is working on:
  - The specification. First draft released. Work in progress.
  - sysexits.bash. Done.
  - i18n.bash. Done.
  - sanity.bash. Work in progress.
  - pkgsystem.bash library. Work in progress.
  - pkg command. Done.

(?)

Work Items

Work items:
pkg: DONE
pkg build: TODO
pkg build install-dependencies: TODO
pkg install: TODO
pkg install warn: TODO
pkg install source: TODO
pkg install upgrade: TODO
pkg remove: TODO
pkg show: TODO
pkg update: TODO

This blueprint contains Public information 
Everyone can see this information.