[erlang-questions] Erlang package manager
Zachary Kessin
zkessin@REDACTED
Wed Dec 17 14:28:35 CET 2014
On 12/16/2014 09:12 PM, Michael Truog wrote:
> 2) It needs to use source code in the packages, not binaries, to make
> sure everything is transparent, avoiding black-box binary blobs which
> lack any ability to be examined easily. Past erlang package managers
> have had trouble here. Along with this, there needs to be signing of
> the package for the identity of the publisher and the integrity of the
> package.
I would like to see the option of source, binary or both for packages, I
would in general prefer source, but there may be cases when someone
wants to put out a binary only package for some reason, and it should
support that
--Zach
More information about the erlang-questions
mailing list