Open reiz opened 7 years ago
Hi @reiz,
Buckaroo is designed so that it does not require a server to operate; it's more like Carthage than NPM. However, we do have an unpublished REST API as part of Buckaroo.pm. Perhaps we can document and release it.
I'll assign @nikhedonia to this since he wrote the web back-end.
@reiz VersionEye looks really good and we would love to make integration as easy as possible!
At the moment we only have an undocumented GraphQL endpoint. However I'm happy to build a REST API on top of it.
Currently our server pulls from https://github.com/LoopPerfect/buckaroo-recipes/tree/master/recipes to get it's index. Maybe that's enough for now?
What REST API would be ideal for VersionEye ?
Hi @nikhedonia I think this here is enough for us: https://github.com/LoopPerfect/buckaroo-recipes/tree/master/recipes :-)
Can you tell me a bit more about the structure? Why are some json files in a directory and others not? I also noticed that the versions array inside of a JSON document always contains just 1 single element and it's usually not the newest one. Like here for example: https://github.com/LoopPerfect/buckaroo-recipes/blob/master/recipes/ar90n/msgpack11.json. Is that correct?
boost/asio
has owner boost
and package name asio
. recipes
contains a list of JSON files and folders corresponding to organizations. The JSON file contains some meta-data about the organization and the folder contains the recipes of that organization. For example, see recipes/boost.json
and recipes/boost/
. recipes/boost/
contains asio.json
, graph.json
and so on.
ijg/jpeg
has two versions. buckaroo.json
file. We do not track these at the moment. More information. So to summarize, the folder structure looks like this:
+ recipes/
+---+ org1.json
+ org1/
+---+ recipe1.json
+ recipe2.json
+ ...
+ org2.json
+ org2/
+---+ recipe1.json
+ recipe2.json
+ ...
+ ...
@njlr Thank your for the explanation. A couple more questions.
.json
file related to GitHub tags? The versions in this json file https://github.com/LoopPerfect/buckaroo-recipes/blob/master/recipes/ijg/jpeg.json are not equal to the tags of the repository here https://github.com/LuaDist/libjpeg/tags. They are completely different. .json
files updated? Are they updated manually? We lock down dependencies to an exact hash so that we can guarantee reproducibility. The .json
files are updated manually. At the time of writing the recipe commit hash should match the tag, but if the author changes a tag then it will no longer match.
Of course, if a maintainer decides to delete some code from their host then the recipe will no longer work. We cannot prevent this, however we run automated scripts to detect problems. Since the recipes are tracked in Git, we have a full history of changes.
The cookbook at https://github.com/LoopPerfect/buckaroo-recipes can be thought of as a way to bootstrap the community with popular dependencies. The prefered model for creating new packages is for the user to host it inside thier own repository (docs), but this feature is quite new.
This is a cool project and highly needed for the C/C++ community. Does buckaroo has an public REST API which offers an index of all the buckaroo projects? I'm working on the open source project VersionEye and we integrated already 17 package managers. I would love to add buckaroo as well :-)