Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

Re: The Future - Shipping Applications Written in Perl

by mirod (Canon)
on Jun 20, 2001 at 15:51 UTC ( [id://89971]=note: print w/replies, xml ) Need Help??


in reply to The Future - Shipping Applications Written in Perl

Brian Ingerson (of Inline fame) has a couple of ideas on the subject that he explained at YAPC. It involves peer-to-peer distribution of (already compiled) modules, with a central repository storing only the MD5 for a module/system pair. this is very similar to what Napster does. This way you can get the "module distribution" from any registered user that has the same OS as you, and you can check that what you get is in fact similar to the distribution as registered in the central DB. That's pretty nifty.

The main problem to solve is how the first MD5 for a module distribution gets generated in the first place. At one point the system has to trust a (priviledged?) user.

The distribution process itself could be made transparent, a-la Inline, the first time you use a module, if it is not installed on your system the system goes out and gets it, already compiled.

The systeme could be name... NAPC (Brian had lots of cool accronyms for it, I liked NAPC Ain;t Perl's CPAN).

  • Comment on Re: The Future - Shipping Applications Written in Perl

Replies are listed 'Best First'.
Re: Re: The Future - Shipping Applications Written in Perl
by jepri (Parson) on Jun 20, 2001 at 19:07 UTC
    Stuff MD5, CPAN should move to PGP signed packages, like Debian. Every perl distro should be shipped with CPANs public keys. Then you can get your packages from anywhere, and you can be sure they are safe... as long as you got your perl from an approved supplier.

    ____________________
    Jeremy
    I didn't believe in evil until I dated it.

[reply]
      Good idea, in general. If I distribute a ZIP or gz or whatever with everything in it, I can provide a matching pgp sig file. But I wonder if it would be a good idea to have sig files for individual .pm files, since those can be checked after the stuff has been installed.
[reply]
Re: Re: The Future - Shipping Applications Written in Perl
by John M. Dlugosz (Monsignor) on Jun 20, 2001 at 18:36 UTC
    A mechanism like NAPC or an auto-download from an in-company server would be possible as a module in and of itself, if the core provided a way to hook the module load process. It's already been mentioned that there will be a list of implicit use's you can stick somewhere and they are used for every script. So you could install a suitable module manager, and such things could be created by the community.

    Just musing, you could have a CORE::HOOKS::find_module that's called if it has been defined.

    —John

[reply]

In Section Meditations

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://89971]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others having an uproarious good time at the Monastery: (5)
As of 2025-06-13 10:12 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found
    Notices?
    erzuuliAnonymous Monks are no longer allowed to use Super Search, due to an excessive use of this resource by robots.