diff options
Diffstat (limited to 'content/posts/2004-08-25-rubygem-thoughts.html')
| -rw-r--r-- | content/posts/2004-08-25-rubygem-thoughts.html | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/content/posts/2004-08-25-rubygem-thoughts.html b/content/posts/2004-08-25-rubygem-thoughts.html new file mode 100644 index 0000000..8908ae4 --- /dev/null +++ b/content/posts/2004-08-25-rubygem-thoughts.html @@ -0,0 +1,25 @@ +--- +date: "2004-08-25T11:50:59Z" +title: RubyGem Thoughts +--- + +<p> +Last night I created <a href='http://rubygems.rubyforge.org/'>RubyGems</a> for <a href='/software/fam-ruby/'>FAM-Ruby</a>, <a href='/software/imlib2-ruby/'>Imlib2-Ruby</a>, <a href='/software/joystick-ruby'>Joystick-Ruby</a>, <a href='/software/mb-ruby/'>MB-Ruby</a>, and <a href='/software/xmms-ruby/'>Xmms-Ruby</a> (with a <a href='/software/raggle/'>Raggle</a> gem coming soon). The gems I've made so far are available <a href='/download/gems/'>here</a>. <a href='http://rubygems.rubyforge.org/'>RubyGems</a> seems promising, here are my thoughts so far: +</p> + +<ul> +<li>Easy to use: once you get the hang of things it only takes a few minutes to create a gem for a package. There's a guide called <a href='http://rubygems.rubyforge.org/wiki/wiki.pl?CreateAGemInTenMinutes'>"Create a Gem in 10 Minutes"</a>, but it looks like it's about 20 minutes too old; some of the command-line flags have changed since the guide was written.</li> +<li>Seems to be popular: A lot of popular projects seem to be creating gems (check out the <a href='http://gems.rubyforge.org/gems/'>list so far</a>).</li> +<li>No build-in signing! Or at least it's not in the documentation I sifted through. There should be either a built-in way of attaching signatures (you're already loading the files and encoding them; <acronym title='Message Digest'>MD5</acronym> or <acronym title='Secure Hashing Algorithm 1'>SHA-1</acronym> the contents, then sign that with <a href='http://www.gnupg.org/'>GnuPG</a>). I home they address this soon, because I think a package management system without some sort of end-to-end security is dead in the water.</li> +<li>Funky <a href='http://www.yaml.org/'><acronym title="YAML Ain't a Markup Language">YAML</acronym></a> storage format that's "not much larger than tar". That's nice, why don't you just use tar instead? <a href='http://rpa-base.rubyforge.org/'>RPA-Base</a> does. To be fair, according to the <a href='http://rpa-base.rubyforge.org/wiki/wiki.cgi?Rpa_FAQ'>RPA FAQ</a>, <a href='http://rubygems.rubyforge.org/'>RubyGems</a> is adopting the RPA file format in the next release.</li> +<li>I want mirrors of <a href='http://gems.rubyforge.org/gems/'>the main gem distribution site</a>. It's easy enough to create and maintain one, someone just needs to step up to the plate.</li> +<li>The <code>--ri-site</code> option should work for <a href='http://rdoc.sourceforge.net/'>RDoc</a> inside the <code>gemspec</code> files. Right now it doesn't seem to.</li> +<li>Gem Server is neat!</li> +<li>Should have some sort of dependency removal on uninstall feature, ala <a href='http://rpa-base.rubyforge.org/'>RPA-Base</a> and <a href='http://packages.debian.org/cgi-bin/search_packages.pl?keywords=aptitude'><code>aptitude</code></a>.</li> +<li>Generating <a href='http://www.ruby-lang.org/'>Ruby</a> code inside the gem worries me, <em>especially</em> without any sort of developer signing going on.</li> +</ul> + +<p> +I'll keep fiddling and let everyone know what I come up with. +</p> + |