neovim / packspec

ALPHA package dependencies spec
http://packspec.org/
Apache License 2.0
218 stars 2 forks source link

Post-install hook #23

Open ii14 opened 2 years ago

ii14 commented 2 years ago

A somewhat common thing to do is having post-install hooks. Maybe it could be included in the spec?

A couple of ideas for the syntax (not 100% sure about the name make):

make = "./configure && make"

-- multiline string, maybe should work just like makefiles?
make = [[
  ./configure
  make
]]

-- same, but as an array
make = {
  "./configure",
  "make",
}

-- platform specific
make = {
  linux = "./configure && make",
  win = "...",
  ["*"] = "...", -- wildcard for all platforms?
  ["linux,mac"] = "...", -- or just autocmd-like syntax
}

-- maybe vim commands too, but not sure about it being
-- shared as the same field with shell commands
make = ":UpdateRemotePlugins"
wbthomason commented 2 years ago

Nitpick: I'd suggest "build" or "run" over "make", to reflect the more general possibilities for "things I want to do after an install or update".

We might also want to be able to say if a hook should run only after install, after install and update, etc

mjlbach commented 2 years ago

build is also what rockspec uses (not that we are tied to it), but I also agree with the naming. Should we specify it by platform? It might get a bit tricky, need to make assumptions if running in powershell, cmd, bash, etc.

wbthomason commented 2 years ago

We could also call it install_hook, update_hook, hook, etc.

ii14 commented 2 years ago

Some sort of cleanup hook could be useful (to uninstall previous version for example), but is there actually any use case for having the update hook (I assume it's after git pull/fetch)?

ii14 commented 2 years ago
hooks = {
  ["linux,mac"] = {
    build = [[...]],
    clean = [[...]],
  },
  ["win"] = {
    build = [[...]],
    clean = [[...]],
  },
}

hooks = {
  build = {
    ["linux,mac"] = [[...]],
    ["win"] = [[...]],
  },
  clean = {
    ["linux,mac"] = [[...]],
    ["win"] = [[...]],
  },
}
mjlbach commented 2 years ago

Just a random thought. We could encourage people to use lua/neovim as the environment via which to run these commands:

build = {
  install = "require('lspconfig').install()",
  update = "require('lspconfig').update()"
}

And instead ask users to call the build scripts via lua? Otherwise I'm a bit worried about the complexity of having to deal with powershell vs cmd on windows, fish vs. sh vs. zsh vs bash on unix, etc. Otherwise we are going to have to pick a blessed shell per platform and document how the package manager should deal with this (maybe not a big deal).

mhanberg commented 2 years ago

One thing to think about is whether this would be opt-in or opt-out.

I think with the current set of package managers, they are all opt-in (do to the nature of things currently) and I think some security focused people might want it to stay opt-in, even at a potential lost in ergonomics.

ii14 commented 2 years ago

@mhanberg I think how is it handled should just be implementation defined, and a package manager could let you audit what it is that it's about to run. And plugins can already screw you up if they wanted to, I don't see any particular reason why some malicious actor would prefer doing something nasty here instead of directly inside the plugin.