.xo bundles (was Re: #1803 HIGH Trial-2: Add Chat activity to builds)
Dan Williams
dcbw at redhat.com
Thu Jul 5 22:44:05 EDT 2007
On Tue, 2007-07-03 at 23:47 +0200, Bert Freudenberg wrote:
> > Comment (by J5):
> >
> > Replying to [comment:4 bert]:
> >> Replying to [comment:3 J5]:
> >>> This was generated incorrectly. First the version should be -9
> >>> second
> > the activity should be Chat-9.xo. It looks like it was simply
> > zipped up
> > instead of using the packaging tools.
> >>
> >> Not sure what else is wrong, but simply zipping up is surely as
> >> valid as
> > using whatever tools there are, right?
> >
> > No, right now it works but in the future there is no guarantee as
> > we may
> > do post processing. Also python setup.py dist creates a clean package
> > without any of the stray development files (such as MacOS resource
> > files)
> > getting packaged up.
>
> Such garbage should not be included obviously. But I'd much prefer if
> bundles stay simple zip files without added magic. What kind of "post
> processing" do you imagine that could not be easily done manually?
Generating the signature and verification information for the bundle for
signed bundles, which may eventually be required for automatic
installation without nice big warning signs.
To manually do that, you'd have to sha1 every file in the bundle, add
that to some manifest files, and sha1 the manifest file, etc. A lot
harder than just zipping the bundle up, because each time you change a
file in the bundle, the old signature is invalid. I'm sure you'd want
to do this automatically rather having to do it manually and zipping up
the bundle.
Originally I'd planned to use a JAR-type signing mechanism for bundles,
but that may/may not change. It doesn't have any impact on _developing_
bundles, but would when the time came to make a .xo out of your
activity.
Dan
More information about the Devel
mailing list