RFP - pikchr

[manipuladordedados]

Checklist

• [x] The package I am requesting does not already exist on https://community.chocolatey.org/packages;
• [x] There is no open issue for this package;
• [x] The issue title starts with 'RFP - ';
• [x] The download URL is public and not locked behind a paywall / login;

Package Details

Software project URL : https://pikchr.org Direct download URL for the software / installer: https://github.com/manipuladordedados/pikchr/releases/download/v0.0.0-1/pikchr.exe Software summary / short description: Pikchr is a PIC-like markup language for diagrams in technical documentation.

[pauby]

The download file you've linked to is a C source file. Is there no installer available?

[manipuladordedados]

Apologies for the empty and information-lacking request. Unfortunately, there isn't an official binary compiled for Windows. Therefore, I have created a repository here on GitHub that generates these binaries. I will edit the message accordingly.

[github-actions[bot]]

Package Request Validation

We have finished some basic validation of this request. The result of this validation can be found below:

Everything looks good to our automated checks, it is now up to a human to validate the remaining steps. No action is required yet

New Maintainer Notices

This section details some parts of the request that any upcoming maintainer may need to take into consideration.

• File Validation Output

TrID/32 - File Identifier v2.24 - (C) 2003-16 By M.Pontello
Definitions found:  17358
Analyzing...

Collecting data from file: C:\Users\RUNNER~1\AppData\Local\Temp/software.tmp
 44.4% (.EXE) Win64 Executable (generic) (10523/12/4)
 21.3% (.EXE) Win16 NE executable (generic) (5038/12/1)
  8.7% (.ICL) Windows Icons Library (generic) (2059/9)
  8.5% (.EXE) OS/2 Executable (generic) (2029/13)
  8.4% (.EXE) Generic Win/DOS Executable (2002/3)

Please note that this check is currently in alpha, and may not be able to detect everything correctly. Humans may also be able to detect other issues with this request.

[pauby]

How would a user be able to determine that what you have compiled is the official source without any additions, malicious or otherwise?

Nor that I'm not making any suggestions as to your intent.

[manipuladordedados]

How would a user be able to determine that what you have compiled is the official source without any additions, malicious or otherwise?

Nor that I'm not making any suggestions as to your intent.

Even though I'm the one generating the binary, you can clone my repository and use your copy instead. if you look at the CI script, you'll see that it downloads from the official repository and uses Chocolatey to install dependencies. It's easy to audit.

[pauby]

The Chocolatey Community Repository will only accept packages that download or embed binaries from official sources.

[manipuladordedados]

Is there an official Chocolatey repository on GitHub to which I can submit the CI script and thus use its repositories instead of mine? If that's not possible, I don't know of any alternative to contribute to this package, and perhaps it would be better to close the issue, as the official developers of Pikchr do not provides binaries for Windows.

[pauby]

That repository would also not be official so it's going to be the same situation.

We've come across this a few times and I'm fairly sure it always ends up the same.

@AdmiringWorm @TheCakeIsNaOH any thoughts?

[AdmiringWorm]

Yeah, as long as it is not officially provided by the software authors, or at a minimum linked to from the software author's website (thus making it semi-official) it can't be used.

I think the only way to provide this until there are official binaries is to compile the software as part of the package installation (I remember seeing one or two packages that did it a few years ago, but I don't remember which ones).

[manipuladordedados]

I think the only way to provide this until there are official binaries is to compile the software as part of the package installation (I remember seeing one or two packages that did it a few years ago, but I don't remember which ones).

Could you tell me which ones they are so I can use them as inspiration and do the same?