>> When you upload a new module, it goes into your own personal manifest at >> first. You need to add it to the root manifest manually for the time >> being. >> (I'm still trying to think of the best way to handle this. Should >> modules >> require approval before going into root manifest, or can anyone put >> modules >> in there?) > > There are many possibilities around this. One idea would be to have an > admin team to go through initial submissions and after the first > approval, rock owners could then add new versions directly to the root > manifest (I take it from my usual experience as the current care taker > of the default repo: I usually check more carefully new submissions, > to see if the rockspec is written correctly, good descriptions, > provide feedback to the author etc, and then later submissions of new > versions are a much quicker process in which I just send the rockspec > through a script to check if the URL works, pack the .src.rock, etc.). > > So, yes, I'm as eager as Leaf is to hear feedback on this. I can see > MoonRocks evolving into the default repo (which I totally agree that's > currently overly conservative in its management), once we figure out > how we want to use it as a community.
As a longtime Arch Linux user I think they have a good model for this kind of distribution: * You can upload anything as long as it does not conflict with something existing yet. * Users are encouraged to review the source of what they install, especially the install scripts. This is more important for Arch Linux since the scripts are plain Bash. A command to review things may be added to LuaRocks for that purpose. * If there is a problem with a package (eg. security issue) or a dispute on ownership, there is a mailing-list where you can discuss it. These are the basics and they should work for the Lua community, at least as long as it remains small enough. Improvements like package signing or "trusted" packages can come later. -- Pierre Chapuis ------------------------------------------------------------------------------ LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely access PCs and mobile devices and provide instant support Improve your efficiency, and focus on delivering more value-add services Discover what IT Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d _______________________________________________ Luarocks-developers mailing list Luarocks-developers@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/luarocks-developers
