Universal package specification

[Eugene Gorodinsky]

2009/11/29 martin f krafft <madduck at madduck.net>:
> also sprach Eugene Gorodinsky <e.gorodinsky at gmail.com> [2009.11.29.2101 +0100]:
>> > To remove redundancy, you'd have to remove the metadata from the
>> > binary packages. That's surely doable, but would also mean that
>> > a single .deb file would become useless: you could not obtain meta
>> > data from it, and in particular, dpkg could not enforce policy and
>> > prevent installation of packages with unresolved dependencies.
>> >
>> Yes, a single deb file would indeed become useless, but if the package
>> has non-executable files it's usually split into two packages so it's
>> kind of useless to have just one anyway. This is why I don't think the
>> approach of having metainformation stored per-package is any good.
>> Plus, if you want to let users be able to simply download using a
>> browser and double-click a package to install it, you can create an
>> "additional" format which would basically be a .tar that contains all
>> the needed packages. Installing it would be the same as extracting all
>> files into a temporary directory and then feeding the manifest to the
>> package manager. It's also not cpu-intensive to create these tar
>> archives on the fly, which would save storage space on the
>> server-side.
>
> Where does the package manager turn to obtain dependencies?
>
Same as with debian - distribution's servers, CDs, etc.

> --
> martin | http://madduck.net/ | http://two.sentenc.es/
>
> "i wish there was a knob on the tv to turn up the intelligence.
>  there's a knob called 'brightness', but it doesn't seem to work."
>                                                          -- gallagher
>
> spamtraps: madduck.bogus at madduck.net
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
>
> iEYEAREDAAYFAksS1+wACgkQIgvIgzMMSnUCRQCfQGQn0Od9Ump0V6zSuJvkIur2
> fSUAnjsu2C/mRJOh5p+KlwPz1EsCk45Z
> =TASO
> -----END PGP SIGNATURE-----
>
>