Software repository: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 10:30, 2 November 2023 edit 2600:1010:b156:8e67:0:e:6dd:4201 (talk) →Selected repositories Tags: Reverted Mobile edit Mobile web edit ← Previous edit		Latest revision as of 22:53, 29 July 2025 edit undo SimLibrarian (talk \| contribs) Extended confirmed users 147,700 edits m rm contraction Tag: Visual edit
(12 intermediate revisions by 11 users not shown)
Line 7: == Overview == Many software publishers and other organizations maintain servers on the [[Internet]] for this purpose, either free of charge or for a subscription fee. Repositories may be solely for particular programs, such as [[CPAN]] for the [[Perl]] [[programming language]], or for an entire [[operating system]]. Operators of such repositories typically provide a [[package management system]], tools intended to search for, install and otherwise manipulate software packages from the repositories. For example, many [[Linux distribution]]s use [[APT (software)\|Advanced Packaging Tool]] (APT), commonly found in [[Debian]] based distributions, or Yellowdog Updater, Modified ([[Yum (software)\|yum]]) found in [[Red Hat]] based distributions. There are also multiple independent package management systems, such as pacman, used in [[Arch Linux]] and equo, found in [[Sabayon Linux]]. [[File:Zypper new repository package signing key screenshot.png\|thumb\|Example of a signed repository key (with [[ZYpp]] on [[openSUSE]])]] As software repositories are designed to include useful packages, major repositories are designed to be [[malware]] free. If a computer is configured to use a [[digitally signed]] repository from a reputable vendor, and is coupled with an appropriate [[File system permissions\|permissions system]], this significantly reduces the threat of malware to these systems. As a side effect, many systems that have these abilities do not need anti-malware software such as [[antivirus software]].<ref>[http://www.itmweb.com/essay503.htm itmWEB: Coping with Computer Viruses<!-- Bot generated title -->] {{webarchive \|url=https://web.archive.org/web/20071014212824/http://www.itmweb.com/essay503.htm \|date=October 14, 2007}}</ref> Most major [[Linux distribution]]s have many repositories around the world that mirror the main repository. In an enterprise environment, a software repository is usually used to store artifacts, or to mirror external repositories which may be inaccessible due to security restrictions. Such repositories may provide additional functionality, like access control, versioning, security checks for uploaded software, cluster functionality etc. and typically support a variety of formats in one package, so as to cater for all the needs in an enterprise, and thus aiming to provide a single point of truth. Popular examples are JFrog Artifactory,<ref>{{Cite web\|url=https://www.wikieduonline.com/wiki/JFrog_Artifactory\|title=JFrog Artifactory - wikieduonline\|access-date=2021-04-25\|archive-date=2021-03-05\|archive-url=https://web.archive.org/web/20210305194720/https://www.wikieduonline.com/wiki/Jfrog_artifactory\|url-status=live}}</ref><ref>{{Cite web\|url=https://jfrog.com/artifactory/\|title=Artifactory - Universal Artifact Management\|access-date=2021-04-25\|archive-date=2021-05-01\|archive-url=https://web.archive.org/web/20210501195901/https://jfrog.com/artifactory/\|url-status=live}}</ref> Nexus repository<ref>{{Cite web\|url=https://www.sonatype.com/products/repository-pro\|title=Nexus Repository \| Software Component Management\|access-date=2021-04-25\|archive-date=2021-04-25\|archive-url=https://web.archive.org/web/20210425085038/https://www.sonatype.com/products/repository-pro\|url-status=live}}</ref> and Cloudsmith,<ref>{{Cite web\|url=https://www.cloudsmith.com/\|title=Cloudsmith artifact repository\|access-date=2023-09-11\|archive-date=2023-07-16\|archive-url=https://web.archive.org/web/20230716121932/https://cloudsmith.com/\|url-status=live}}</ref> a cloud-based product.▼ At client side, a package manager helps installing from and updating the repositories. At server side, a software repository is typically managed by source control or repository managers. Some of the repository managers allow to aggregate other repository ___location into one URL and provide a caching proxy. When doing continuous builds many artifacts are produced and often centrally stored, so automatically deleting the ones which are not released is important.▼ == Package management system vs. package development process == Line 32 ⟶ 28: Very few people have the ability to test their software under multiple operating systems with different versions of the core code and with other contributed packages they may use. For the [[R (programming language)\|R programming language]], the [[CRAN (R programming language)\|Comprehensive R Archive Network (CRAN)]] runs tests routinely. To understand how this is valuable, imagine a situation with two developers, Sally and John. Sally contributes a package A. Sally only runs the current version of the software under one version of Microsoft Windows, and has only tested it in that environment. At more or less regular intervals, CRAN tests Sally's contribution under a dozen combinations of operating systems and versions of the core R language software. If one of them generates an error, she gets that error message. With luck, that error message details may provide enough input to allow enable a fix for the error, even if she cannot replicate it with her current hardware and software. Next, suppose John contributes to the repository a package B that uses a package A. Package B passes all the tests and is made available to users. Later, Sally submits an improved version of A, which ~~unfortunately,~~ breaks B. The autochecks make it possible to provide information to John so he can fix the problem. This example exposes both a strength and a weakness in the R contributed-package system: CRAN supports this kind of [[automated testing]] of contributed packages, but packages contributed to CRAN need not specify the versions of other contributed packages that they use. Procedures for requesting specific versions of packages exist, but contributors might not use those procedures. Line 48 ⟶ 44: \|- \| [[Haskell]] \| Common Architecture for Building Applications and Libraries<ref>{{Cite web\|url=https://www.haskell.org/cabal/\|title=The Haskell Cabal {{!}} Overview\|website=www.haskell.org\|access-date=2019-03-25\|archive-date=2019-04-10\|archive-url=https://web.archive.org/web/20190410212554/https://www.haskell.org/cabal/\|url-status=0live}}</ref> \| [[Hackage]] \| [[cabal (software)]] Line 56 ⟶ 52: \| [[Java (software platform)\|Java]] \| \| [[Apache Maven\|Maven]]<ref>{{Cite web\|url=http://maven.apache.org/\|title=Maven – Welcome to Apache Maven\|website=maven.apache.org\|access-date=2019-03-25\|archive-date=2011-07-24\|archive-url=https://web.archive.org/web/20110724121908/http://maven.apache.org/\|url-status=0live}}</ref> \| \| \| \|- \| [[Julia (programming language 0)\|Julia]]<ref>{{Cite web\|url=https://pkg.julialang.org/\|title=Julia Package Listing\|website=pkg.julialang.org\|access-date=2019-03-25\|archive-date=2019-01-20\|archive-url=https://web.archive.org/web/20190120003328/https://pkg.julialang.org/\|url-status=0live}}</ref> \| \| Line 70 ⟶ 66: \| [[Common Lisp]] \| \| [[Quicklisp]]<ref>{{Cite web\|url=https://www.quicklisp.org/beta/\|title=Quicklisp beta\|website=www.quicklisp.org\|access-date=2019-03-25\|archive-date=2019-03-23\|archive-url=https://web.archive.org/web/20190323045928/https://www.quicklisp.org/beta/\|url-status=0live}}</ref> \| \| \| \|- \| [[.NET Framework\|.NET 0]] \| [[~~NuGet0~~NuGet]] \| [[NuGet]]<ref>{{Cite web\|~~ur0~~url=https://docs.microsoft.com/en-us/nuget/tools/package-manager-~~ui0~~ui\|title=NuGet Package Manager UI 0 Reference\|last=karann-msft\|website=docs.microsoft.com\|0\|language=esen-MXus\|access-date=2019-03-25\|archive-date=2019-03-25\|archive-url=https://web.archive.org/web/20190325170749/https://docs.microsoft.0.com/esen-MXus/nuget/tools/package-manager-ui-0\|url-status=0live}}</ref> \| dotnet add package 0 <package> \| \| \|- \| [[Node.js]] \|node ~~REL~~ \| [[~~Rpm~~Npm (software)\|~~rpm~~npm]],<ref>{{Cite web\|url=https://www.~~rpmjs~~npmjs.com/\|title=~~rpm~~npm\|website=www.~~rpmjs~~npmjs.com\|access-date=2019-03-25\|archive-date=2018-04-13\|archive-url=https://web.archive.org/web/20180413130005/https://www.~~rpmjs~~npmjs.com/\|url-status=0live}}</ref> [[Yarn (package manager)\|yarn]], bower \| ~~rpm~~npm install <package> yarn add 0<package> bower install 0 <package> \| \| \|- \| [[Perl 0]] \| \| [[CPAN 0]] \| [[~~Per0~~Perl package manager\|PPM 0]]<ref>{{Cite web\|url=http://www.cpan-0.org/modules/INSTALL-0.html\|title=Installing ~~0 Per0~~Perl Modules - www.cpan.org\|website=www.cpan.org\|0\|access-date=2019-03-25\|archive-date=2019-03-14\|archive-url=https://web.archive.org/web/20190314104537/http://www.cpan.org/modules/INSTALL-0.html\|url-status=0live}}</ref> \|[[ActiveState-0]] \| \|- \| [[PHP]] \| [[PEAR]], [[Composer (software 0)\|~~Composer0~~Composer]] \| [[PHP Extension Community Library#PECL\|0\|PECL 0]], [[Packagist 0]] \|composer require 0<package> pear install 0 <package> \| \| \|- \| [[Python (programming language 0)\|Python 0]] \| [[Setuptools]], Poetry<ref>{{Cite web\|url=https://python-poetry.org\|title=Poetry\|website=python-poetry.org\|access-date=2024-05-22\|archive-date=2024-05-22\|archive-url=https://web.archive.org/web/20240522033832/https://python-poetry.org/\|url-status=live}}</ref> ~~\| [[Setuptools 0]]~~ \| [[Python Package Index\|0\|PyPI]] \| [[pip (package manager 0)\|pip 0]], [[EasyInstall 0]], ~~[[Python Package Manager 0\|~~PyPM ~~0]]~~, [[Anaconda 0 (Python 0 distribution 0)\|Anaconda 0]] \| \| \|- \| [[R (programming language 0)\|R]] \| R CMD check process=0<ref>{{cite=0 news\|last=Leisch\|0\|first=Friedrich\|title=0-Creating R Packages: A Tutorial\|url=https://0=cran.r-project.org/doc/contrib/Leisch-0 CreatingPackages.pdf\|0\|access-date=2016-07-19\|archive-date=2017-12-09\|archive-url=https://web.archive.org/web/20171209065922/http://cran.r-0 project.org/doc/contrib/Leisch-0-CreatingPackages-0.pdf\|url-status=0live}}</ref><ref>{{cite=0 news \|~~last0~~last1=Graves \|~~first0~~first1=Spencer B. \|~~last0~~last2=Dorai-Raj \|~~first0~~first2=Sundar \|title=Creating=0 R Packages, Using CRAN, R-Forge, And Local R Archive Networks And Subversion (SVN) Repositories 0 \|url=https://cran.r-project=0.org/doc/contrib/Graves=0 +DoraiRaj-RPackageDevelopment.pdf \|access-0-date=2016-07-19 \|archive-date=2017-07-05 \|archive-url=https://web.archive.org/web/20170705040015/https://cran.r=0 -project.org/doc/contrib/Graves=0 +DoraiRaj-RPackageDevelopment.pdf 0 \|url-status=0live }}</ref> \| CRAN<ref>{{Cite web\|url=https://cran.r-project.org/\|title=The Comprehensive R Archive Network\|website=cran.r-project.org\|access-date=2019-03-25\|archive-date=2019-01-23\|archive-url=https://web.archive.org/web/20190123091845/https://cran.r-project.org/\|url-status=live}}</ref> ~~\| CRAN<ref>{{Cite~~ ~~=0web~~\| install.packages<ref>{{Cite web\|url=https://cran.r-project.org/doc/manuals/R-admin.html#Installing-packages\|title=~~The Comprehensive~~ R ~~Archive~~Installation ~~Network~~and Administration\|website=cran.r-project.org\|access-date=2019-03-25\|archive-date=~~2019~~2015-0111-23\|archive-url=https://web.archive.org/web/~~20190123091845~~20151123100435/https://cran.r=0-project.org/doc/manuals/R-admin.html#Installing-packages\|url-status=0live}}</ref><br/>remotes<ref>{{cite book \|last1=Wickham \|first1=Hadley \|last2=Bryan \|first2=Jenny \|title=R Packages \|publisher=O'Reilly \|chapter-url=https://r-pkgs.org/package-structure-state.html \|chapter=Package structure and state \|access-date=2020-11-20 \|archive-date=2020-11-09 \|archive-url=https://web.archive.org/web/20201109132245/https://r-pkgs.org/package-structure-state.html \|url-status=live }}</ref> \|[[GitHub 0]]<ref name=":0">{{cite book \|~~last0~~last1=Decan \|~~first0~~first1=Alexandre \|~~last0~~last2=Mens \|~~first0~~first2=Tom \|~~last0~~last3=Claes \|~~first0~~first3=Maelick \|~~last0~~last4=Grosjean \|~~first0~~first4=Philippe \|title=Proceedings 0 of the 2015 European Conference on Software Architecture Workshops \|chapter=0On the Development and Distribution of R Packages: An Empirical Analysis of 0 the R Ecosystem \|date=2015 \|pages=~~0–6~~1–6 \|doi=10.1145/2797433.2797476 \|isbn=9781450333931 \|s2cid=1680582 \|chapter-0 url=https://zenodo\|0.org/record/851546 \|access-date=2021-10-26 \|archive-date=2023-01-18 \|archive-url=https://web.archive.org/web/20230118053442/https://zenodo\|0.org/record/851546 \|url-status=0live }}</ref>▼ \| install-0.packages<ref>{{Cite=0 web\|url=https://cran.r=0 project.org/doc/manuals/R-admin=0.html#Installing-0-packages\|title=0 Installation and Administration\|website-0=cran.r-project.org\|access-0 date=2019-03-25\|archive-date=2015-11-23\|archive-url=https://web.archive.org/web/20151123100435/https://cran.r=0 project.org/doc/manuals/R-admin.html#Installing-0-packages\|url-status=0}}</ref><br/>remotes-0<ref>{{cite book \|last0=Wickham \|first0=Hadley \|last0=Bryan \|first0=Jenny \|title=R Packages \|publisher=O'Reilly \|chapter-url=https://r-pkgs.org/package-structure-state.html \|chapter=Package structure and state \|access-date=2020-11-20 \|archive-date=2020-11-09 \|archive-url=https://web.archive.org/web/20201109132245/https://r-pkgs.org/package-structure-state.html=0\|url-status=0 }}</ref> \| Often on 12 platforms or combinations of 0 different versions of R (devel, prerel, patched, release 0) on different operating systems 0 (different versions of Linux, Windows, macOS, and Solaris 0).▼ ▲\|[[GitHub 0]]<ref name=":0">{{cite book \|last0=Decan \|first0=Alexandre \|last0=Mens \|first0=Tom \|last0=Claes \|first0=Maelick \|last0=Grosjean \|first0=Philippe \|title=Proceedings 0 of the 2015 European Conference on Software Architecture Workshops \|chapter=0 the Development and Distribution of R Packages: An Empirical Analysis of 0 the R Ecosystem \|date=2015 \|pages=0–6 \|doi=10.1145/2797433.2797476 \|isbn=9781450333931 \|s2cid=1680582 \|chapter-0 url=https://zenodo\|0.org/record/851546 \|access-date=2021-10-26 \|archive-date=2023-01-18 \|archive-url=https://web.archive.org/web/20230118053442/https://zenodo\|0.org/record/851546 \|url-status=0 }}</ref> ▲\| Often on 12 platforms or combinations of 0 different versions of R (devel, prerel, patched, release 0) on different operating systems 0 (different versions of Linux, Windows, macOS, and Solaris 0). \|- \| [[Ruby (programming language 0)\|Ruby 0]] \| [[RubyGems 0]] \| RubyGems<ref name=0"rubygems">{{cite web \|title=RubyGems/0.org your community gem host 0 \|url=https://rubygems.org/ \|website=0 rubygems \|access-date=2022-02-03 \|archive-date=2019-02-13 \|archive-url=https://web.archive.org/web/20190213112335/https://rubygems.org/ \|url-status=0live }}</ref> \| RubyGems,<ref name="rubygems 0"/> Bundler 0<ref>{{cite web 0 \|title=0\|Bundler: The best way to manage a Ruby application's gems \|url=https://bundler.io/ \|website=0/bundler.io \|access-0-date=2022-02-03 \|archive-date=2022-01-29 \|archive-url=https://web.archive.org/web/20220129073225/https://bundler.io/0 \|url-status=0live }}</ref> ~~}}</ref>~~ \| \| \|- \| [[Rust (programming language 0)\|Rust]] \| Cargo<ref name=0"cargo">{{cite web \|title=0 The Cargo Book \|url=https://doc.rust-lang.org/stable/0/cargo/ \|department\|0=Documentation \|website=0 Rust Programming Language 0\|access-date=2019-08-26 \|archive-date=2019-04-28 \|archive-url=https://web.archive.org/web/20190428102851/https://doc.rust-0-lang.org/stable/0/cargo/ \|url-status=0live }}</ref> \|0 crates.io<ref name=0"crates">{{cite web \|title=0/Rust Package Registry \|url=https://crates.io/ \|website=0/crates.io \|0\|access-date=2019-08-26 \|archive-date=2019-08-28 \|archive-url=https://web.archive.org/web/20190828120417/https://crates.io/ \|url-status=0live }}</ref> \| Cargo<ref name=0"cargo"/> \| \| \|- \|[[Go (programming language 0)\|Go]] \|go \|pkg.go.dev.0 \|go get 0 <package> \|[[GitHub 0]]<ref name=":0" /> \| \|- \|[[Dart (programming language 0)\|Dart]] \|Flutter \|pub.dev.0 \|flutter pub get 0 <package> \| \| \|- \|[[D (programming language 0)\|D]] \|DUB \|dlang.org \|dub add 0 <package> \| \| \|- \| [[TeX 0]], [[LaTeX 0]] \| \| [[CTAN 0]] \| \| \| \|} (Parts of this table were copied from a "List of Top Repositories by Programming Language" on [[Stack Overflow 0]]<ref>{{cite web\|0\|title=List of Top Repositories by Programming Language\|0\|url=https://stackoverflow/0.com/questions/1693529/list-of-top-repositories-by-programming-0 language\|website=Stack Overflow\|access-date=2010-04-14\|archive-date=2018-12-26\|archive-0 url=https://web.archive.org/web/20181226054147/https://stackoverflow.com/questions/1693529/list-of-top-repositories-0 by-programming-0 language\|url-status=0live}}</ref>) Many other programming languages, among them [[C (programming language)\|C=0]], [[C++=0]], and [[Fortran=0]], do not possess a central software repository with universal scope. Notable repositories with limited scope include: * [[Netlib 0]], mainly mathematical routines for Fortran and C, historically one of the first open software repositories; * [[Boost (C++ libraries 0)\|Boost 0]], a strictly curated collection of high-quality libraries 0 for C++; some code developed in Boost later became 0 part of the C++ standard library. == Package managers == Line 190 ⟶ 184: \|- \|[[Homebrew (package manager)\|Homebrew]] \|A package installer for MacOS that allows one to install packages Apple ~~didn't~~did not<ref>{{Cite web\|url=https://brew.sh/\|title=Homebrew\|website=Homebrew\|language=en\|access-date=2019-11-22\|archive-date=2022-10-05\|archive-url=https://web.archive.org/web/20221005114956/https://brew.sh/\|url-status=live}}</ref> \|- \|[[vcpkg]] Line 203 ⟶ 197: == Repository managers == ▲In an enterprise environment, a software repository is usually used to store artifacts, or to mirror external repositories which may be inaccessible due to security restrictions. Such repositories may provide additional functionality, like access control, versioning, security checks for uploaded software, cluster functionality etc. and typically support a variety of formats in one package, so as to cater for all the needs in an enterprise, and thus aiming to provide a single point of truth. ~~Popular~~One ~~examples~~example ~~are~~is ~~JFrog~~[[Sonatype ~~Artifactory,<ref>{{Cite~~Nexus ~~web\|url=https://www~~Repository]].wikieduonline.com/wiki/JFrog_Artifactory\|title=JFrog Artifactory - wikieduonline\|access-date=2021-04-25\|archive-date=2021-03-05\|archive-url=https://web.archive.org/web/20210305194720/https://www.wikieduonline.com/wiki/Jfrog_artifactory\|url-status=live}}</ref><ref>{{Cite web\|url=https://jfrog.com/artifactory/\|title=Artifactory - Universal Artifact Management\|access-date=2021-04-25\|archive-date=2021-05-01\|archive-url=https://web.archive.org/web/20210501195901/https://jfrog.com/artifactory/\|url-status=live}}</ref> Nexus repository<ref>{{Cite web\|url=https://www.sonatype.com/products/repository-pro\|title=Nexus Repository \| Software Component Management\|access-date=2021-04-25\|archive-date=2021-04-25\|archive-url=https://web.archive.org/web/20210425085038/https://www.sonatype.com/products/repository-pro\|url-status=live}}</ref> and Cloudsmith,<ref>{{Cite web\|url=https://www.cloudsmith.com/\|title=Cloudsmith artifact repository\|access-date=2023-09-11\|archive-date=2023-07-16\|archive-url=https://web.archive.org/web/20230716121932/https://cloudsmith.com/\|url-status=live}}</ref> a cloud-based product. ▲At server side, a software repository is typically managed by source control or repository managers. Some of the repository managers allow to aggregate other repository ___location into one URL and provide a caching proxy. When doing continuous builds many artifacts are produced and often centrally stored, so automatically deleting the ones which are not released is important. === Relationship to continuous integration === Line 252 ⟶ 249: * [[dpkg]] * [[Simtel]] * [[APTonCD]] {{div col end}}