-
-
Notifications
You must be signed in to change notification settings - Fork 45
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
zef cannot not install distributions that list SSH source-urls (e.g. "[email protected]:…") #359
Comments
It’s not up to zef to enforce ecosystem policy like what source-url is allowed. For all I know users have configured their own fetcher that actually uses that uri format. There is no blessed format, and any format can be made to work then rough configuration and code. And because there are many possible fetchers how could it possibly report “set your ssh key” when that plug-in cannot know a later plug-in might actually understand that uri? Admittedly it’s possible but it’s a lot of work to fix a problem that stems from elsewhere. It’s not up to zef to tell the user about errors the author made (wrong source-url) — that is for authoring tools or ecosystem prechecks. Zef will never tell you e.g. “hey your META6.json is wrong“ because it isn’t an authoring tool. |
@ugexe: Would you be adverse to a PR that will handle conversion of these URLs to something that zef can handle? |
Why not just fix the problem at the source? Automatically rewriting |
Fair enough. I do believe an issue has already been raised on Data::MessagePack. One question: Can zef determine if a URL has a valid fetcher? If not, would THAT be something that could be used to improve the type of error returned? |
|
fwiw for zef to reject |
I don't feel qualified to have much of an opinion on this – I'm very new to the Raku ecosystem and actually ran into this issue while still trying to get my dev environment fully set up for Raku work. That said, I think it comes down to something you said earlier:
But what does that mean in this context? If the problem is that some distribution authors aren't correctly following "ecosystem policy" and are using an incorrect However – at least as far as I can tell – there isn't any ecosystem policy against using SSH protocol addresses as a distribution's If that's the case, then the problem isn't that distribution authors are using an incorrect format for their URLs. Instead, (arguably) the problem is that zef can't currently fetch from those valid URLs. Under that argument, "fixing the problem at the source" would mean adding support to zef. After saying all that, however, I'm coming around to your point of view: that there really is an ecosystem policy against using SSH URLs. I say this because, based on a scan of the 2,864 distributions zif knows about, only 8 use a URL starting with But, that's just my ¢2. I'm happy to defer to others on this. If you say that there is an ecosystem policy against SSH URLs, I'd be happy to open a documentation issue to better document that policy. Do you know where that should be documented? |
Correct, source-url has never been spec. And it shouldn't be -- rakudo does not interact in any way with urls. There are some suggested fields in s22 like
Should zef also be able to install things from magnet links, ftp, etc in core? The thing is zef cannot ever hope to understand every URI format, including stuff like
There aren't really any ecosystem policies... but of course that doesn't mean there couldn't/shouldn't be. |
While we don't explicitly support this uri format, allowing it to work is simply a matter of passing the user-info along to the plugin. Resolves #359
Surprising to me the ssh-git uri format was fairly simple to make work, including the tag style ala However, I still think its wise to encourage users to just use https urls. |
While we don't explicitly support this uri format, allowing it to work is simply a matter of passing the user-info along to the plugin. Resolves #359
When a distribution lists an SSH address as its
source-url
, I cannot use zef to install that distribution. This may be true for all users, or it may only effect users who need to unlock their SSH key before it can be used (the issue might be that zef does not prompt to unlock the SSH key).For example, consider this command/output:
I can think of a few different solutions:
source-url
s should be https URLs (in which case I should close this issue and open a documentation issue, since that isn't currently documented).I also mentioned this issue in pierre-vigier/Perl6-Data-MessagePack#15.
The text was updated successfully, but these errors were encountered: