OneGet Meeting Agenda for Nov 21/2014

[fearthecowboy]

If you have things you'd like me to cover, post it here; if we don't cover it this week, we'll add it to next week's meeting.

Meeting is done via Lync (-you can join from your browser- ) connection details will be at http://oneget.org/weekly/meeting.html

Usual Topics

News
Happy Workanviersary To Me!
Taking off next week.

What's new

November WMF 5 release

Design Discussions

*Discover the dirty, dark secret about OneGet *
It's all about testing this week

• Using Pester for Automated PowerShell testing
• Using ProGet as a local test repository
• thoughts about framework for testing specific providers (validate they behave within appropriate parameters)
• other ideas?

[bastianeicher]

I have a few bootstrapping-related questions:

• Should a package manager bundle its own OneGet provider? I.e. when I install SomeAwesomePackageManager on a Windows 10 Box, should it automatically install a OneGet provider for itself?
• Can/should bootstrapped OneGet providers install the package manager they target? I.e. when I use OneGet to bootstrap the SomeAwesomePackageManager provider, would that provider actually install SomeAwesomePackageManager itself if it is missing?
• What does the process for getting a OneGet provider added to the "bootstrap list" look like?

[bherila]

Here is my opinion:

Should a package manager bundle its own OneGet provider? I.e. when I install SomeAwesomePackageManager on a Windows 10 Box, should it automatically install a OneGet provider for itself?

Yes!

Can/should bootstrapped OneGet providers install the package manager they target? I.e. when I use OneGet to bootstrap the SomeAwesomePackageManager provider, would that provider actually install SomeAwesomePackageManager itself if it is missing?

I'm not sure. In particular, it might be hard where there isn't a canonical location for the package manager. In some cases, it might not require administrative privileges to install a OneGet provider, but it might require administrative privileges to install the package manager.

What does the process for getting a OneGet provider added to the "bootstrap list" look like?

Also not 100% sure. Right now, it is a manual whitelisting process. However, I'm investigating (internally within Microsoft at the moment) whether we can do something like have bootstrapped providers be certified & delivered through the Windows Store, at least for the version of OneGet that's included with Windows. For the Open Source version of OneGet, maybe a community-moderated provider source would be appropriate. There are a lot of open issues in this space so stay tuned and be aware we're working on it! And we are very interested in the community's thoughts in this space as well.

[Jaykul]

Can/should bootstrapped OneGet providers install the package manager they target? I.e. when I use OneGet to bootstrap the SomeAwesomePackageManager provider, would that provider actually install SomeAwesomePackageManager itself if it is missing?

I'm not sure. In particular, it might be hard where there isn't a canonical location for the package manager. In some cases, it might not require administrative privileges to install a OneGet provider, but it might require administrative privileges to install the package manager.

I'm pretty sure that unless the provider can stand alone (that is, unless it internally re-implements the whole package manager), then the provider must install the package manager as part of it's bootstrapping process (unless the package manager is already installed).

What does the process for getting a OneGet provider added to the "bootstrap list" look like?

I hope this ends up being a matter of a pull request.

Naming restrictions aside (assuming, for instance, that you wouldn't let just anyone submit a provider called "Windows Update") I can't see any reason why we would want restrictions on adding providers to the list of known providers that we can bootstrap by name.

[fearthecowboy]

Should a package manager bundle its own OneGet provider? I.e. when I install SomeAwesomePackageManager on a Windows 10 Box, should it automatically install a OneGet provider for itself?

Yes, absolutely if possible. That can be done with a registry key pointing to the provider assembly, or by installing the assembly in a well-known location that OneGet scans at startup.

Can/should bootstrapped OneGet providers install the package manager they target? I.e. when I use OneGet to bootstrap the SomeAwesomePackageManager provider, would that provider actually install SomeAwesomePackageManager itself if it is missing?

Yes, absolutely.

What does the process for getting a OneGet provider added to the "bootstrap list" look like?

Right now it all just goes thru my hands. Right after the next milestone (which is "implement a motherload of tests"), we're gonna expand the bootstrapper a bunch. We'll probably have two classes of package managers -- one that is "well-vetted" (not necessarily Microsoft-written, but ones that we can be sure are playing by all the rules and behave exceptionally well) and one set that is "experimental or unvalidated" that will incur some sort of security warning when installing or using them.

At the moment however, we've got a single manifest for them, and we can update that with additional providers at anytime--work with me to get it into the bootstrap manifest, and it'll show up for others automatically.