[packagekit] Status of the APT backend

[Justin Haygood]

>On Fri, Feb 22, 2008 at 5:02 PM, Justin Haygood <jhaygood at reaktix.com> wrote:
>> >
>>  >Sure. I was thinking about the one-click install problem last night. I
>>  >think we need a way to trigger a package install (from the native
>>  >package repos) from a URL. Obviously we would need the prompt, and
>>  >another PolicyKit role with suitable warnings. I was thinking of
>>  >something like:
>>  We could use the proposed One-Click Install standard for implementing this 
>in a distribution agnostic way. The user clicks a link to a One-Click Install 
>metadata file (really just XML).
>>
>>  This XML file provides:
>>
>>   * Repositories
>>   * Summary in multiple languages
>>   * Multiple distributions in one file
>>   * List of packages (also supports patterns as well)
>
>I think a better approach would be to just handle uris like
>"pkginstall:epiphany-2.2-1.i686" or "pkginstall:gedit"
>
>Enabling websites to add repos would be a huge security gap and in the
>end it's likely that different distros will still need to provide
>their own URIs as package names vary a lot. Summary, name and stuff
>are available in all good stores near you (think enabled repos).
>

Yes, and the One-Click Install provides for that. You specify a distribution name and version, the repositories the file is available on (normally the main repository), and the package name and optionally version (distribution specific, and the OCI file provides for multiple distributions).

This is designed for ISVs not distribution vendors. Its a way for an ISV to get their software out to people, and so the OCI explicitly lists the distribution is available on, the package name, version, and the distribution specific repository.

-- 
Justin Haygood
jhaygood at reaktix.com
Reaktix. Reality Redefined.