[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Alternative to Source Forge for Octave Packages (Was : Re: pdepe)
|
From: |
Oliver Heimlich |
|
Subject: |
Re: Alternative to Source Forge for Octave Packages (Was : Re: pdepe) |
|
Date: |
Tue, 31 May 2016 12:21:00 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Icedove/38.7.0 |
On 31.05.2016 11:58, Carlo De Falco wrote:
>
> On 31 May 2016, at 08:09, Oliver Heimlich <address@hidden> wrote:
>
>> There is a manual process involved (reviewing pull requests, don't know
>> if they check for malicious code). Did you plan to have this manual
>> process in your package distribution system? What would be different
>> from Octave-Forge?
>
> Thanks for looking into this.
>
> Indeed the main purposes of the switch would be to reduce
> centralization and human intervention as much as possible.
> If the package publication process needs too much manual intervantion
> that does hinder the usefulness of this system somehow ...
>
> This is though also motivated by some concerns about some recent
> misbehaviour by SourceForge and by the the intent of avoiding
> to be too strictly locked-in to a specific service provider
> in the future.
SourceForge is behaving very well under the new ownership so far. Also I
have the impression that the Julia community is in a much bigger vendor
lock-in compared to us due to their deep integration of GitHub (and no
other providers) and Travis CI. Both third-party proprietary services.
They have waived control over their infrastructure.
> Anyway, IIUC in julia the pull-request is only needed to register
> a NEW package. Package developers are then give push access
> to JuliaLang/METADATA.jl for subsequent updates (I see currently
> 437 contributors in that repository). Is my impression wrong?
>
> c.
>
There are over 5000 pull requests, many labeled “Tag packagename
version”, which looks like new version releases to me. Others are
labeled “Register packagename”, which look like new packages added. The
contributors mainly are the package maintainers since they have
contributed the updated metadata via pull requests. I don't know how
many of them actually have push access. On average there are 5 pull
requests per package, thus approximately 5 releases per package.
As far as I see it the advantages over Octave Forge are:
- higher automation
- continuous integration for all packages
- a distributed(?) review process for package uploads (which scales
better than a single admin)
- an option for the user to install development versions
- a cleaner separation of the metadata repository, although they don't
make much use of it if everything is GitHub only.
Oliver
- Re: pdepe, (continued)
- Re: pdepe, Nikola Yuroukov, 2016/05/29
- Re: pdepe, Carlo De Falco, 2016/05/29
- Re: pdepe, Sebastian Schöps, 2016/05/29
- Alternative to Source Forge for Octave Packages (Was : Re: pdepe), Carlo De Falco, 2016/05/30
- Re: Alternative to Source Forge for Octave Packages (Was : Re: pdepe), Juan Pablo Carbajal, 2016/05/30
- Re: Alternative to Source Forge for Octave Packages (Was : Re: pdepe), Nikola Yuroukov, 2016/05/31
- Re: Alternative to Source Forge for Octave Packages (Was : Re: pdepe), Carlo De Falco, 2016/05/31
- Re: Alternative to Source Forge for Octave Packages (Was : Re: pdepe), Oliver Heimlich, 2016/05/31
- Re: Alternative to Source Forge for Octave Packages (Was : Re: pdepe), Carlo De Falco, 2016/05/31
- Re: Alternative to Source Forge for Octave Packages (Was : Re: pdepe), Carlo De Falco, 2016/05/31
- Re: Alternative to Source Forge for Octave Packages (Was : Re: pdepe),
Oliver Heimlich <=
- Re: Alternative to Source Forge for Octave Packages (Was : Re: pdepe), Carlo De Falco, 2016/05/31
- Re: Alternative to Source Forge for Octave Packages (Was : Re: pdepe), Oliver Heimlich, 2016/05/31
Re: pdepe, Carlo De Falco, 2016/05/29