Rules for what to include in this repo #1450
Comments
|
We should also encourage the use of the main repo for cases where an old version of software is required for a specific OS and remove them from this repo. Maybe adding an example of a standard if/elseif to handle that scenario would be useful to add into the cask language reference, as it will also encourage consistency when creating conditionals. An example I just removed is #1451 |
I know which cases you’re referring to, and those actually do usually warrant a version here, due to being commercial versions. |
|
Casks which seem to need cleanup
(Not a comprehensive list) |
|
There are more casks than in that list that can be removed. I don't have time to list them all out now, but I can start culling them over the next few days. |
|
Please keep in mind all of these rules are a proposal. If anyone has an objection to them, please feel free to say so. |
|
Thoughts on removing python versions? Tools like https://github.com/yyuu/pyenv seem to take care of this need, and as such, we aren't a package manager. |
|
They are also failing the cask audit. |
|
Charles Open-JDK could also be up for deletion, I can't seem to find a newer version of it. |
|
If there’s a language that would warrant having various versions supported by us is Python (2 and 3), but I agree that should be taken care of by a dedicated tool (and we should always support the latest version). In the end, though I could see the case for having both versions, but I’m sure the python developers would appreciate if we didn’t perpetuate the endless case of having version 2 officially supported. Fine by me if we removed them, but I wouldn’t mind that much if we kept them. Since they’re failing audit, though, why not. |
|
Some of the Vagrant & Vagrant manager casks are candidates for removal |
|
I don't have a lot of skin in the game, but I would argue for an exception for SDKs, where there may be breaking changes between versions. As an average user I normally expect multiple versions of SDKs to be available in my package manager, and I'd prefer not to use an external version manager. To follow on the Ruby example mentioned in #1446, using some other source like rvm involves downloading a script from the interwebz, verifying third party PGP keys, consulting a manpage to refresh my memory on its syntax, and then ultimately sideloading a Ruby version from a source other than my normal trusted package manager. homebrew-versions contains multiple versions of GCC, llvm, Perl, Ruby, and so on as do the central repos for most linux distros. Heck, there are so many versions of PHP and its associated packages that there's a whole (Homebrew-maintained) tap for them. |
Those are part of the plan, covered under the rule (emphasis added):
I’ve also expanded in the text:
So those should be fine, but should be removed after one year (arbitrary number, until we get some real use cases). Regarding the Ruby example, it can indeed be a matter of personal preference, so I won’t argue there, but I’d like to address he trust point, since that seems (perhaps I’m reading that wrong) like a concern for you. How are we different from |
|
I'd also point out that if you want a Ruby version manager that's a bit less involved than |
|
Or |
|
@vitorgalvao - if the 'clear and demonstrable need' rule covers the points I'm trying to make about SDKs, then I would think it would make sense to accept #1446. In Go, binary compatibility isn't guaranteed between releases. I assume it's for this reason that homebrew-versions contains packages I think this pattern is generalizable to most SDKs/languages-- that even when a new release is cut, the previous release continues to be supported and patched for some period of time, and there are legitimate reasons to continue to use it. There may be breaking contract changes, there may be different performance or runtime characteristics, your code or a library you use may rely on an implementation detail that has changed, third party tooling/support may not yet be ready, time must be allotted for adequate testing of an existing codebase under the new release, and so on. I think the question of trust is interesting. As a user of Homebrew and HBC, I've elected to trust the ecosystem on some level. Much of that is based on having learnt how it works, and having observed the quality and attention to detail that's been evident in all of my interactions with the maintainers. As someone who only rarely works in Ruby and doesn't have a preferred version manager, but who often uses HBC, I do trust HBC more than the top Google result for ruby version switcher or whatever the appropriate query is. To me, the key feature of HBC is that it automates the process of retrieving and installing vendor-provided binaries from the vendor's official download site. I assume that that's not the case with tools like |
Sorry if this is a bit of a derailment, but just to be clear: the Ruby team endorses rbenv and rvm as methods of installation, so it's probably okay to trust them.
To me, this is a strong reason not to include these packages here. We have already begun an effort to remove casks which duplicate Homebrew formulas, as we have plans to integrate directly into Homebrew. The same goes for Python. Homebrew already distributes the latest versions of Python 2 and 3, and tools like Java is a different beast, since AFAIK there isn't a (widely used) CLI tool for installing and managing different versions. I'm fine with keeping the Java casks around. |
I was more reacting to the apparent disparity in treatment for the previous version. There's still a Cask for I think there are also cases where I'd prefer to be running the vendor's binaries than compiling from source, or retrieving a bottle produced by the Homebrew test bot. There may be support implications, for example. I don't know if that's been considered in the integration plan. |
That's definitely something we should discuss. Feel free to chime in on Homebrew/homebrew-cask#15603, as I think it's more appropriate there.
I suppose that depends on the outcome of the discussion mentioned above. |
|
Homebrew Versions has just changed our submission guidelines (thanks @DomT4) to make it also less of a dump: https://github.com/Homebrew/homebrew-versions/commit/992b05c6e55e23a75ee5ae3a684624f7057cc8ad. You may be interested in similar policies or tweaking that to meet your use-case.
As an aside, if anyone feels like working on a side-project to provide decent binaries for |
|
Thank you @MikeMcQuaid. That was useful in tweaking the wording and for the introduction. Rules added on #1504. Closing this. |
Pinging @caskroom/maintainers.
To put it bluntly, this repo is a dump. While thinking of how we could organise it better, I though we perhaps needed a few more repos, but this actually has a small number of casks (under 350), so we’re well in time to make it manageable.
What I see as part of the issue is how just about any old version gets included, for any reason. The recent submission of an old version of Go is a good example. This has marginal hypothetical benefits and will end up being a neglected cask, and I believe we should not include it. This is also true for a truly ridiculous amount of old firefox versions. For most of these, there isn’t anything close to a significant demand for them or clear advantage to including them and hence should not be officially supported by us.
My proposal for the rules of cask inclusions in this repo is as follows (following our nomenclature):
Some reasonings:
There is a clear demand and reason to include legacy versions of commercial software — you don’t want to or can’t spend the money to get the latest version. However, for gratis and open-source software, this restriction isn’t there, and many times specific versions are submitted simply to solve a specific gripe of that particular user or without a clear purpose, and we should avoid those cases. Do we really need so many versions of Virtualbox? No, we do not. However, sometimes there might be a good reason to include these, like the latest stable breaking something important, in which case those should be fine to include. The time one year limit (arbitrary, until we can try it out and see what works) exists to ensure we have a clear rule to keep these in check.
For casks that we refuse, we should recommend taps. They are a wonderful system that works great, and is taylor-made for those cases.
1 So if we’re at version
8of VMWare Fusion, legacy versions are, for example,6and7. If the latest released versions for those were6.3.4,6.8.5,7.8.2,7.9.1, only the6.8.5and7.9.1should be included. Versions should only contain one number, the major version, so the casks would bevmware-fusion6andvmware-fusion7, notvmware-fusion685andvmware-fusion791.The text was updated successfully, but these errors were encountered: