[clc-devel] httpup repositories and unmaintained (next try) [long]

Jukka Heino vector at pp.nic.fi
Sat Aug 21 18:08:37 UTC 2004

> Well, I think it should. If this is potentionally too much for a
> maintainer, he/she shouldn't take part. But it might very well be
> possible that I'm way off and that little to none httpup repo
> maintainers would want to take part if there are regulations like this.

It all depends on what we're aiming for. If it's only important to have 
a central access point for the repositories, we're better off with no 
rules. But if we're trying provide the highest quality ports while 
bridging the gap between CLC and external repositories, there's an 
apparent need for regulation.

> To me, there's a major difference between the CLC and the people
> project: all it takes to be part of the later is the will to be active
> (read the mailing list, react on problems); no matter how you behave
> etc. This doesn't apply to CLC, where it is more important (at least to
> me) to have a working team than the largest collection of ports ever.
> It is true that we are still looking for maintainers, as the website
> says... but I think this is a different story, IMHO, and the 'people'
> collection could even be a good place to recruit them.

Now I see what you mean. Come to think of it, this reminds me a bit of 
Arch Linux's Trusted User Repositories (http://tur.archlinux.org/). An 
intermediate stage like this _could_ prove to be useful.

> > The way I see it is that the 'people' collection could be just a central 
> > mirror with a subdirectory for each repository. That way people could 
> > immediately see who is maintaining what and over time trust some 
> > maintainer enough to e.g. add their repository directory to 
> > /etc/prt-get.conf.
> This sounds very much like the latest suggestion we discussed:
>   http://marc.theaimsgroup.com/?l=crux&m=109108750918706&w=2
> The disadvantage is that you either introduce a new tool, or that people
> still have to go the a webpage to search a port, find its repository,
> download the *.httpup file, execute ports -u and add the new directory
> to prt-get.conf. Works fine, it's just not obvious, especially to new
> users. 

What I meant was that all the ports would be downloaded by default, e.g. 
my repository would go into /usr/ports/people/jheino. No need to go to a 
webpage for anything, since everything is already downloaded on the 
user's computer. If he needs a port, he can search in the 'people' 

But I guess this comes down to what level of trust we're trying to 
achieve. I trust some external repository maintainers more than others, 
so I'd like to be able to say "I trust xyz, let prt-get use his ports 
automatically." I can install the ports in contrib with no worries, but 
when dealing with unknown external repositories I usually at least take 
a look at the Pkgfile.


// Jukka

More information about the crux-devel mailing list