Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Choco package dependency tracking #57

Open
jayvdb opened this issue Jun 20, 2019 · 2 comments
Open

Choco package dependency tracking #57

jayvdb opened this issue Jun 20, 2019 · 2 comments

Comments

@jayvdb
Copy link
Contributor

jayvdb commented Jun 20, 2019

Choco packages can list dependencies in the nuspec included in the nupkg.

The choco stdout also contain a list of dependencies as they are being processed ; if the choco stdout is being read as a stream, this could allow 'real-time' UI for showing the dependencies.

The choco logs also contain the dependency info.

There is also the ability for choco packages to install multiple packages, and optionally skip some based on custom logic in the nupkg. It should be relatively easy to snapshot/monitor the windows installed software list to see what was installed during each Fudge entry.

It would be wonderful if the dependency info was stored in a "Fudgefile.snapshot" (arbitrary suffix to try to describe what it would be). While it is very unlikely the snapshot file would initially be re-usable on any different computer, and therefore isnt a .lock, it would be great to be able to use it when rebuilding on an identical system, such as a CI VM, so Fudge can report when there are changes to the dependencies. In the coala repos, we would have at least two different snapshot files, one for AppVeyor and one for Travis Windows CI.

For ordinary users, likely the snapshot from one user omits some packages which were installed previously, and another user would find they are missing and commit the improved snapshot file.

I expect long term, if anyone is interested, the snapshot file could become a lock file, by adding constraints to each entry to indicate when that dependency is active. The most obvious constraint in lock files (e.g. by gems, pip, npm) is OS, and that would likely apply here, but more likely as Windows OS versions.
@jayvdb jayvdb mentioned this issue Jun 20, 2019
Open
@jayvdb
Copy link
Contributor Author

jayvdb commented Jun 20, 2019

For the choco dependencies which are declared in the nuspec, perhaps a quicker partial solution is to offer to write the detected dependencies into to the Fudgefile above the entry which installed them.

Until Fudgefile supports version ranges (#44), it is effectively acting like a lock file.

@jayvdb
Copy link
Contributor Author

jayvdb commented Jun 22, 2019

The most obvious constraint in lock files (e.g. by gems, pip, npm) is OS [& versions]

Another one is Powershell version, much like PYTHON_VERSION from https://www.python.org/dev/peps/pep-0496/, as some extra dependencies may be needed only to provide backwards compatibility.

@jayvdb jayvdb mentioned this issue Jul 2, 2019
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jayvdb