SRFI sample implementation repository layout Marc Feeley (15 Oct 2022 11:19 UTC)
Re: SRFI sample implementation repository layout John Cowan (15 Oct 2022 15:00 UTC)
Re: SRFI sample implementation repository layout Lassi Kortela (15 Oct 2022 15:59 UTC)
Re: SRFI sample implementation repository layout Lassi Kortela (15 Oct 2022 16:16 UTC)
Re: SRFI sample implementation repository layout Marc Nieper-Wißkirchen (15 Oct 2022 22:18 UTC)
Re: SRFI sample implementation repository layout Arthur A. Gleckler (16 Oct 2022 04:52 UTC)
Re: SRFI sample implementation repository layout Arthur A. Gleckler (16 Oct 2022 05:05 UTC)
Re: SRFI sample implementation repository layout Lassi Kortela (16 Oct 2022 08:57 UTC)
Re: SRFI sample implementation repository layout Marc Feeley (16 Oct 2022 12:08 UTC)
Re: SRFI sample implementation repository layout Arthur A. Gleckler (18 Oct 2022 21:23 UTC)
Re: SRFI sample implementation repository layout Marc Nieper-Wißkirchen (19 Oct 2022 14:53 UTC)
Re: SRFI sample implementation repository layout Marc Feeley (19 Oct 2022 15:33 UTC)
Re: SRFI sample implementation repository layout Arthur A. Gleckler (19 Oct 2022 18:21 UTC)
Re: SRFI sample implementation repository layout Göran Weinholt (19 Oct 2022 19:35 UTC)
Re: SRFI sample implementation repository layout Arthur A. Gleckler (19 Oct 2022 21:50 UTC)
Re: SRFI sample implementation repository layout Marc Feeley (19 Oct 2022 22:11 UTC)
Re: SRFI sample implementation repository layout Göran Weinholt (26 Oct 2022 08:44 UTC)
Re: SRFI sample implementation repository layout Marc Feeley (19 Oct 2022 21:12 UTC)
Re: SRFI sample implementation repository layout Arthur A. Gleckler (22 Oct 2022 22:59 UTC)
Re: SRFI sample implementation repository layout Lassi Kortela (19 Oct 2022 21:37 UTC)
Re: SRFI sample implementation repository layout Arthur A. Gleckler (22 Oct 2022 22:54 UTC)
Re: SRFI sample implementation repository layout Marc Nieper-Wißkirchen (23 Oct 2022 08:34 UTC)
Re: SRFI sample implementation repository layout Marc Feeley (23 Oct 2022 13:47 UTC)
Re: SRFI sample implementation repository layout Marc Nieper-Wißkirchen (23 Oct 2022 14:35 UTC)
Re: SRFI sample implementation repository layout Marc Feeley (25 Oct 2022 12:17 UTC)
Re: SRFI sample implementation repository layout Arthur A. Gleckler (25 Oct 2022 15:24 UTC)
Re: SRFI sample implementation repository layout Marc Feeley (25 Oct 2022 17:26 UTC)
Re: SRFI sample implementation repository layout Arthur A. Gleckler (25 Oct 2022 18:10 UTC)
Re: SRFI sample implementation repository layout Marc Feeley (25 Oct 2022 18:37 UTC)
Re: SRFI sample implementation repository layout Marc Nieper-Wißkirchen (25 Oct 2022 19:50 UTC)
Re: SRFI sample implementation repository layout Arthur A. Gleckler (25 Oct 2022 20:18 UTC)
Re: SRFI sample implementation repository layout Marc Nieper-Wißkirchen (25 Oct 2022 19:22 UTC)
Re: SRFI sample implementation repository layout Marc Feeley (25 Oct 2022 20:57 UTC)
Re: SRFI sample implementation repository layout Marc Nieper-Wißkirchen (26 Oct 2022 09:03 UTC)
Re: SRFI sample implementation repository layout Marc Nieper-Wißkirchen (26 Oct 2022 15:30 UTC)
Re: SRFI sample implementation repository layout Arthur A. Gleckler (26 Oct 2022 15:33 UTC)
Re: SRFI sample implementation repository layout Jakub T. Jankiewicz (26 Oct 2022 16:03 UTC)
Re: SRFI sample implementation repository layout Per Bothner (26 Oct 2022 16:18 UTC)
Re: SRFI sample implementation repository layout Lassi Kortela (26 Oct 2022 16:02 UTC)
Re: SRFI sample implementation repository layout Marc Feeley (26 Oct 2022 16:11 UTC)
Re: SRFI sample implementation repository layout Marc Nieper-Wißkirchen (26 Oct 2022 16:34 UTC)
Re: SRFI sample implementation repository layout Lassi Kortela (26 Oct 2022 16:59 UTC)
Re: SRFI sample implementation repository layout Lassi Kortela (26 Oct 2022 16:37 UTC)
Re: SRFI sample implementation repository layout Marc Nieper-Wißkirchen (29 Oct 2022 11:12 UTC)
Re: SRFI sample implementation repository layout Daphne Preston-Kendal (16 Oct 2022 07:10 UTC)
Re: SRFI sample implementation repository layout Lassi Kortela (16 Oct 2022 08:34 UTC)
Re: SRFI sample implementation repository layout John Cowan (24 Oct 2022 19:00 UTC)
Re: SRFI sample implementation repository layout Marc Nieper-Wißkirchen (24 Oct 2022 20:25 UTC)
Re: SRFI sample implementation repository layout Arthur A. Gleckler (24 Oct 2022 21:17 UTC)
Re: SRFI sample implementation repository layout Arthur A. Gleckler (24 Oct 2022 21:14 UTC)

Re: SRFI sample implementation repository layout Marc Nieper-Wißkirchen 26 Oct 2022 09:03 UTC

Am Di., 25. Okt. 2022 um 22:57 Uhr schrieb Marc Feeley - feeley at
iro.umontreal.ca (via srfi-discuss list)
<xxxxxx@srfi.schemers.org>:
>
> > On Oct 25, 2022, at 3:22 PM, Marc Nieper-Wißkirchen <xxxxxx@gmail.com> wrote:
> >
> > Am Di., 25. Okt. 2022 um 14:17 Uhr schrieb Marc Feeley - feeley at
> > iro.umontreal.ca (via srfi-discuss list)
> > <xxxxxx@srfi.schemers.org>:
> >
> > [...]
> >
> >>> I was using SRFIs as a particular example.  In general, the layout I
> >>> propose would be
> >>> "repository/lib/library-name-part1/.../library-name-partN.sld".  Only
> >>> library definitions must reside under the "lib/" path.
> >>>
> >>
> >> Why the “lib” part which seems redundant?
> >
> > Assume the following layout for a repo
> >
> > README.org
> > /mnieper/foo.sld
> > /documentation/foo.tex
> > /documentation/example.sld
> >
> > If the repo's top-level directory were the search path, a Scheme
> > system's loader could also pick up the library definition in the
> > documentation directory, although it has not been meant to be part of
> > the package (and may even generate an error when loaded because it
> > contains just demonstration code being referred to by the TeX
> > documentation).
> >
> > On the other hand, with a distinguished subdirectory that must only
> > contain library definitions that are part of the package, the problem
> > is solved cleanly in universally:
> >
> > README.org
> > /lib/mnieper/foo.sld
> > /documentation/foo.tex
> > /documentation/example.sld
> >
>
> I think you have a valid concern. On the other hand there are already some repositories for libraries (from various Scheme implementations) that don’t have the “lib” part, so they would not be directly accessible if “lib” is a requirement. Also, some repositories do use “lib” but not at the top of the repository.

When we standardize a repository format for Scheme packages (which
doesn't exist yet), we should get it right and not neglect corner
cases. This may mean that existing repositories will have to be
restructured (or have to add an explicit manifest file) to conform to
the standardized format, but this has to be done only once. I don't
think we should prefer one layout over the other only because this
initial work may be less for one group (but maybe more for a different
group).

>
> Another point of view for the above layout is to say that it is possible to refer to the library (documentation example), and if it is garbage (an example of a library that has a syntax error), then you simply should’nt be importing it.
>
> Are you thinking of automated library management tools that scan the filesystem and find all the .sld files in the tree? To solve this issue the manifest file you talk about below might be required to mark /documentation/example.sld as a non-library .sld file.

Automated library management tools are one example, but also a Scheme
implementation itself that, say, wants to precompile everything that's
there.  I agree with what you say below, namely that the layout/file
naming should be standardized, making a manifest file, in most cases,
unnecessary.  Having a dedicated lib/ folder removes the need in many
cases.  It also helps to quickly see what the actual Scheme code is
and what libraries are offered just by looking at the directory
structure.

> > That said, I wonder whether a manifest file (containing Scheme datums)
> > should be standardized instead.  This is more flexible (and would be
> > easy to write an manifest file generator), which may be needed when
> > not only library definitions but also other resource files make up a
> > package.
> >
> > [...]
> >
>
> I think that eventually a manifest file will be required for complex scenarios.  However, I would like the layout to not require a manifest so that there are minimal things to put in place to publish simple “portable” libraries.  If I have a simple library with a single .sld file I don’t want to have to create a manifest that contains basically no additional information, or that has to be trivially updated whenever a new commit is done (such as a timestamp or version identifier).  Also, manifest files open up a big can of worms and it will be hard to achieve a consensus.  It will be good to gain experience before writing the spec for the manifest file, but perhaps early on we can reserve a few locations in the library layout to put the manifest.

I agree (and see above).

Let me also add that, for complex packages, something more than
`cond-expand` may be necessary and that configuration of the package
(happening before installation) may require some code to run.  It has
to be evaluated whether this has to be reflected in a manifest
file/directory structure and how.

At the moment, we often see tests like (cond-expand (gambit ...)
(chibi ...)), but this is not very future-proof. In these tests, it is
unclear what exact feature is supposed to be tested against, and it is
unclear whether this feature is stable in future versions of the
respective Scheme implementation.  This is a lesson we can learn from
Autoconf (another lesson we learn from it is that
M4+Shell+Perl+Makefile+... can lead to a codebase that is hard to
maintain, but this is an entirely different matter).

> >>> In the case of the second option, "A/B/C/C.sld", would a file
> >>> "A/B/C.sld" be ignored?
> >>
> >> The spec would probably say “it is an error” to have both.
> >
> > Ok.
> >
> > [...]
> >
> >>> Agreed.  I don't propose this sister project to SRFIs as the only
> >>> place or process for publishing libraries.  It is intended to be just
> >>> one of the many decentralized places.  But it is intended to be a
> >>> well-known one with an active community and with some rules (based on
> >>> the experience with SRFIs) to have a certain level of quality, also
> >>> when it comes to documentation.
> >>>
> >>
> >> The library design process should not be centralized (“centralized” in the sense of having a single body of experts saying what is good and bad).  Good design should be determined by the community using the libraries once they are implemented.  There needs to be a place for competing designs so that the best ones can emerge after some experience using them.  For this approach to become a reality there is a need for a common distribution format for libraries so that they can be experimented with by any Scheme user in any compatible Scheme system.
> >
> > People seem to like the SRFI system also because it is a well-known
> > address, it attracts people with very different backgrounds, leading
> > to lively discussions, which help shape proposals.  Building a second
> > library repository under its roof would be just an offer to the Scheme
> > community.  It does not and should not preclude other places from
> > developing and publishing libraries.
> >
>
> I fear that a sister process will dilute the manpower.

I think it will only work if it is mainly parallel to the SRFI process
by precisely the reason you give.  The simplest implementation of such
a sister process would be just to maintain (under the roof of the SRFI
process) a second list besides SRFIs.  When an author submits
something, they decide whether they want to submit it as, say, SRFI
238 because they think what they propose should be an integral of
future Scheme systems or as, say, SCPR 38, because it is mainly a
portable (random) library.  It would be expected that, eventually, the
SCPR numbers would be much higher than the SRFI numbers.

Of course, this discussion is orthogonal to your suggestions about a
standardized package format.  The "SCPR" proposal will also only work
if more people than just Daphne and I feel that some distinction
should be made between various proposals that, at the moment, all end
up on the SRFI list. It will only work if the SRFI editor, Arthur, is
convinced about the proposal and willing to maintain a second list of
"SCPR"s using the same infrastructure.  The formal requirements for a
"SCPR" may be higher, e.g. the repository may have to be of a standard
format (as we are discussing here), and the implementation may have to
be portable (and efficient without any extra tweaks necessary).

> >
> > [...]
> >
> >> Please do not use email addresses for identification in source code because this will be an open invitation for spammers that scan Scheme source code.  Moreover, there’s a growing consensus (in programming languages in general) that “@“ is used in library names to indicate versions, so it should be reserved for that purpose if ever used.
> >
> > I didn't think of spammers.
> >
> >> I would suggest this format for “hosted” libraries:
> >>
> >>   (<internet-host>/<rest> <other-part>...)
> >>
> >> Where <internet-host> would have to contain a period and <rest> is anything valid in a symbol.  So the combination of at least one “.” and at least one following “/” would indicate a hosted library.  For example (github.com/feeley/roman demo) .
> >>
> >> By the way this library name syntax is currently supported by try.scheme.org if you want to try it out.  For example you can type at the REPL:
> >>
> >>    (import (github.com/gambit/hello demo))
> >>
> >> and the interpreter will fetch the library directly from that github repository.  Read the tutorial on try.scheme.org to know more about how to write and use hosted libraries.
> >
> > This looks neat. But how is security handled? Scheme code can wipe my
> > hard drive. If my Scheme system loads and executes code automatically
> > from the internet, I think I should feel frightened.
>
> Definitely there needs to be security guards for this to work! In Gambit (and try.scheme.org) there is a whitelist of trusted repositories and libraries are only automatically dowloaded from those repositories. By default only github.com/gambit is trusted, but a user can reset or extend the trusted repositories from the command line or with calls to module-whitelist-add! .

You will not only have to trust the maintainer of the
github.com/gambit repository (which is probably okay unless, say,
Marc's computer is hacked), but you will also have to trust the
service behind github.com.

So, maybe we want to make the naming system flexible enough to cover
use cases where trust is needed.  For example,

(github.com/gambit/hello demo)

would be an (unsafe) shortcut of

(github.com/gambit/xxxxxx@xxx demo)

where xxx is Git's hash (or another standardized hash derived from the
file contents).

> > Another question is which hosting protocol should be supported and
> > which authority decides about it.  Or will this be a question of each
> > Scheme implementation, so that some will support automatic downloading
> > from some addresses while others need their awesome installer?
>
> The automatic downloading should not be a requirement and it is not trivial to implement, so it should not be expected to be a widespread feature (unless it really catches on an becomes a “must have” feature!). In any case, the programmer should have a way to disable automatic downloading even if the system supports it.
>
> A standard library publishing layout that is based on a network accessible VCS (such as git) will greatly simplify library installers. In fact, if the layout is simple, a short shell script might suffice for many Scheme systems. For Gambit the library installer once supported all three of git, mercurial and subversion but only git has seen serious use because it has such a high popularity among programmers.
>
> >
> >>> Alternatively, one can think of what a non-normative appendix of R6RS
> >>> proposes, namely a Java-style naming: (import (org gambitscheme
> >>> compiler)). Or (import (com github mnieper)).
> >>>
> >>
> >> One important advantage of the syntax I propose is that it puts in the code the URL that can be used to visit the library’s repository.  Many tools (code editors, mail readers, etc) will detect URLs and create a hyperlink for them.  For example, in this email I see “github.com/gambit/hello” highlighted with a hyperlink.
> >
> > At least in Emacs, you can tell the editor/mailer/... to parse
> > sequences of Scheme symbols similarly.
> >
> > I find a sequence of symbols more Scheme-like but I see this point of you.
>
> OK… if it helps, we still write call-with-current-continuation and not (call with current continuation) and not ((#\c #\a #\l #\l) (#\w #\i #\t #\h) …).  So lists of things are not always the natural thing to use.

As I said, I don't have a strong opinion against putting (com github
gambit) into one symbol (and see the advantages of that).  But I think
that the naming of "call/cc" is a different matter.  It is a name that
is meant to be opaque for the computer; the name parts only matter to
us humans. On the other hand, the three parts of github.com/gambit can
be given some meaning relevant to a computer.  That said, I don't
think we need to delve into this discussion except for we still need
to persuade Arthur about using a symbol.

Marc