[erlang-questions] Coon - new tool for building Erlang packages, dependency management and deploying Erlang services
Jesper Louis Andersen
jesper.louis.andersen@REDACTED
Mon Feb 12 21:06:35 CET 2018
On Mon, Feb 12, 2018 at 6:58 PM Joe Armstrong <erlang@REDACTED> wrote:
>
> I have said on many occasions that code should be named by the SHA1
> checksum of
> the content - as far as I know this would not offend people - apart
> from those who
> thought the name could be a tad simpler.
>
>
I might have said this before, but here goes:
Using a cryptographic checksum for a package and then pointing the name to
the checksum would have saved Node.js npm package manager a lot of
headaches when people remove, rename or otherwise destroy packages.
It also allows you to comply with legal requests with a sunset period. As
in "I hear you, and the name will be given to you. But we give people 6
months time to upgrade before we remove the old checksummed packages".
I'm interested in why someone did not try this yet. Or if one tried, why it
didn't work out. It seems very obvious to build a content-addressable-store
for your packages.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20180212/a2f4d3e6/attachment.htm>
More information about the erlang-questions
mailing list