This is a short and well-articulated proposal about improving Rust crates (library) management, not what one would expect from the title. While the exact mechanism may not be the right one, I think this is a worthwhile discussion that ultimately adds more hierarchy to avoid multiple versions of half-baked crates and forks.
Java's package identifiers doesn't work at all, since organizations are far more transient than code (Like, even Sun doesn't exist anymore). And even if my organization still exists, one would think I should be able to hand over code to someone else, without them having to claim that they're me.
For extra bonus points, the Java directory structure being built around it is just silly, related code ends up far away in the directory tree, just because you went through a rebranding or a merger.
The real issue here is Rust's flat namespace. In Go, for example, there's no ffmpeg crate, there's github.com/someone/ffmpeg and gitlab.com/someone-else/ffmpeg, and so on. There's no blessed, unique 'ffmpeg' package, you can't squat names, and if the first package gets abandoned, you can fork it under a new path while keeping the 'ffmpeg' name. Only the import path changes.
How does having more namespaces address the other half of the issue, of having multiple incomplete ffmpeg crates and having to decide which one to use and to support?
Now instead of having the 2nd and 3rd packages have ugly names all of them have ugly names!
There are advantages to systems like this such as trust (I can tell that you.example/pkg1 and you.example/pkg2 are owned by the same person) and decentralization. But I don't think it helps with the later packages having ugly names.
One reason in Julia for having an organization with multiple repositories is how unnecessary is in Julia to have big packages. It is better to have smaller more focused packages and combine them as necessary. Julia needs to improve some things but I don't think I have found a more modular language.
No, but it is equivalent of autoexec.bat like functionality. You can use it for many many things like viruses propagation, content control and even it is helpful for users ! ;)
It's just like giving external users self-modifing code access - asm, lisp, js - let's they upload it and we execute ;)
> But it’s sad that one person gets to gatekeep everyone else and say, “This is abandoned, I’ll keep the crate name so now you have to make a worse one or be creative.”
Wouldn't reusing the name of a package that is no longer maintained create chaos for programs that use the discontinued package.
Maybe it's not simply one-sided gatekeeping from the former managers of the package?
Microsoft solved this in COM. Your component gets a 128 bit class ID, and its interfaces also get 128 bit IDs. It's registered under that ID, and queried by that ID.
It doesn't matter what you call it, and what the files are called; two COM objects could both be FFMPEG.DLL or whatever (obviously not installed in the same directory).
When it comes to packages, users interact with the names and are used to writing names into their code when they specify dependencies, so it's not a complete no-brainer solution; but maybe some idea from that solution space could be worked into a package management system.
15 comments
[ 2.2 ms ] story [ 35.2 ms ] threadhttps://maven.apache.org/guides/mini/guide-naming-convention...
These problems simply wouldn't exist.
For extra bonus points, the Java directory structure being built around it is just silly, related code ends up far away in the directory tree, just because you went through a rebranding or a merger.
There are advantages to systems like this such as trust (I can tell that you.example/pkg1 and you.example/pkg2 are owned by the same person) and decentralization. But I don't think it helps with the later packages having ugly names.
It would be confusing and counterproductive to introduce, say multimedia_libs/ffmpeg because codec_libs/ffmpeg was discontinued.
A level of hierarchy does when projects in genuinely unrelated categories share a package name.
It's just like giving external users self-modifing code access - asm, lisp, js - let's they upload it and we execute ;)
#DONOTSENDCODE Manifesto, where ?
Wouldn't reusing the name of a package that is no longer maintained create chaos for programs that use the discontinued package.
Maybe it's not simply one-sided gatekeeping from the former managers of the package?
It doesn't matter what you call it, and what the files are called; two COM objects could both be FFMPEG.DLL or whatever (obviously not installed in the same directory).
When it comes to packages, users interact with the names and are used to writing names into their code when they specify dependencies, so it's not a complete no-brainer solution; but maybe some idea from that solution space could be worked into a package management system.