On Sat, Jun 16, 2012 at 11:20 AM, anders conbere <[email protected]> wrote: > I think one of the things that's enabled npm [http://npmjs.org/] to > succeed in the node.js world is that it's trivial to publish new > packages. > > This is enabled by two things a relatively pain free account system > that allows admins of projects to be uniquely related to the packages > they've published, and the ability for npm to store static tarballs. > > While I'm impressed in Hisham's ability to keep everything running, I > in general feel that the ecosystem could use a kick in the pants, even > if that resulted in a lower average quality of rocks. > > I think this would largely be about exposing "luarocks-admin" tools in > the luarocks command, and authenticating those requests. > > Is this something worth considering?
It is worth considering, but it's a lot of work. I don't know what you mean by exposing luarocks-admin (it is exposed, and users can use it to manage their own public and private repos), but the client side work would be the easier part. Most of it would come down to building a whole new website with a database backend which allowed for user management, passwords/authentication, searching rocks, updating manifests, etc. (And before someone says "just build this on top of Sputnik": feel free to volunteer!) I would love to have the publish process automated, to empower developers and release myself from this work. Still, I think it would be nice to keep the main repository minimally curated. I have thought about a github-style thing in which users can publish their rocks and each user would in effect have their own public rocks server, from which others can link to build their own rocks server, and eventually a group of curators would manage a special account which would be the default rocks server, and devs and users could ping the curators to request additions to the default tree, as in a "pull request". Popularity metrics would be nice as well (downloads, thumbs-up). This would all be wonderful, the problem is finding the time and energy to do it. -- Hisham ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Luarocks-developers mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/luarocks-developers
