Syspkg
Posted: Sun Feb 28, 2021 2:04 pm
Dear All,
I'm looking for testers for my new project. It is a system package management library, that can be compiled for both POSIX and WIN32 API (and ported to others easily). Testing it on Linux, MacOS and Windows is just as much appreciated as testing it on your own hobby OS.
https://gitlab.com/bztsrc/syspkg
Why is it different to the existing packaging solutions?
It is a dependency-free static library written in ANSI C. You can integrate it into your OS just by writing a CLI or GUI wrapper around the library, which obviously uses your OS' native user interface. No other existing solution can provide that.
It is also a COMPLETE solution. No armada of shell and python scripts and additional commands like with all the other existing solutions, just a single small, dependency-free library that solves everything. This simplifies porting to new OSes greatly.
I've spent quite some time with summarizing all my experience using apt, emerge, pacman, portage, port, macports and I've created a solution that gets the very best of them, hopefully without their drawbacks. I've also added features unknown to these: translatable descriptions and package names, canonical package versioning, screenshots, etc. Oh, and unlike these, syspkg is lightning fast. I've generated 32768 packages with over a million files, and the local database was created in less than a minute (including downloading package lists, meta JSONs, verifying certificates, checksums, digital signatures etc.) Finding which package provides a particular file took about a sec
What does dependency-free mean?
If your OS is a POSIX compatible one, then you'll need a libc (a fairly complete one with Berkley sockets, but still that's all). Nothing else is needed. If your OS uses its own API (or WIN32 API for some reason), then all OS-dependent functions are gathered in one file (and the network related ones in another), so that you can tailor it to your needs. The library uses this abstraction everywhere. You can also turn the networking support entirely off with a single define if your OS uses CDROM install media for example. All OS file system layout related configuration gathered into a single config.h file for simplicity too.
Despite of being dependency-free, it's small, and provides API for everything you'll ever need: obviously storing and looking up package info, but also creating and extracting payloads, compression and decompression of streams, RSA key generation, PEM certificate management, generating and checking checksums and digital signatures, SSL/TLS support for downloading, decoding PNGs and resampling screenshots into thumbnails, etc.
How to use?
As it's a library, I've provided a demo CLI application (576K compiled on my Linux). There's a tutorial to get you acquaintanced with syspkg's concepts, as well as a detailed library API documentation.
In a nutshell:
Cheers,
bzt
I'm looking for testers for my new project. It is a system package management library, that can be compiled for both POSIX and WIN32 API (and ported to others easily). Testing it on Linux, MacOS and Windows is just as much appreciated as testing it on your own hobby OS.
https://gitlab.com/bztsrc/syspkg
Why is it different to the existing packaging solutions?
It is a dependency-free static library written in ANSI C. You can integrate it into your OS just by writing a CLI or GUI wrapper around the library, which obviously uses your OS' native user interface. No other existing solution can provide that.
It is also a COMPLETE solution. No armada of shell and python scripts and additional commands like with all the other existing solutions, just a single small, dependency-free library that solves everything. This simplifies porting to new OSes greatly.
I've spent quite some time with summarizing all my experience using apt, emerge, pacman, portage, port, macports and I've created a solution that gets the very best of them, hopefully without their drawbacks. I've also added features unknown to these: translatable descriptions and package names, canonical package versioning, screenshots, etc. Oh, and unlike these, syspkg is lightning fast. I've generated 32768 packages with over a million files, and the local database was created in less than a minute (including downloading package lists, meta JSONs, verifying certificates, checksums, digital signatures etc.) Finding which package provides a particular file took about a sec
What does dependency-free mean?
If your OS is a POSIX compatible one, then you'll need a libc (a fairly complete one with Berkley sockets, but still that's all). Nothing else is needed. If your OS uses its own API (or WIN32 API for some reason), then all OS-dependent functions are gathered in one file (and the network related ones in another), so that you can tailor it to your needs. The library uses this abstraction everywhere. You can also turn the networking support entirely off with a single define if your OS uses CDROM install media for example. All OS file system layout related configuration gathered into a single config.h file for simplicity too.
Despite of being dependency-free, it's small, and provides API for everything you'll ever need: obviously storing and looking up package info, but also creating and extracting payloads, compression and decompression of streams, RSA key generation, PEM certificate management, generating and checking checksums and digital signatures, SSL/TLS support for downloading, decoding PNGs and resampling screenshots into thumbnails, etc.
How to use?
As it's a library, I've provided a demo CLI application (576K compiled on my Linux). There's a tutorial to get you acquaintanced with syspkg's concepts, as well as a detailed library API documentation.
In a nutshell:
- syspkg assumes that application development has moved to code hosting servers (like github or gitlab), but supports old-style tarballs on a static webserver method too.
- You create a JSON describing the package and where to download it from (this can be independent to the application's repository, it can be even on a different server)
- You create lists of URLs to those JSONs, these are called package repositories or package lists
- End users and OS creators can add repo URLs to their local syspkg configuration file, and with a single command they can update their local package database
- End users then can search this local database and use it to install or upgrade packages
Cheers,
bzt