Closed ahelwer closed 4 months ago
- The standard modules (Sequences, FiniteSets, Naturals, etc.)
- Modules distributed with the toolbox (we might call these the extended standard modules, like Randomization.tla)
There is no technical distinction between options 1 and 2. Randomization.tla is a component of tla2tools.jar, just like all other standard modules. The sole difference is that option 1 includes a list of modules discussed in Specifying Systems.
Hosting & update of community modules. This is currently done with a git repository. We can continue using this until the number of specifications become unwieldy or we start hitting github traffic limits (both unlikely to occur for quite a while). The easiest method of bolting versioning onto the community modules would be to add a top-level versioning.json file associating some version number of each module with a specific git commit hash. This has the drawback that updates to community modules require two commits, one to update the module and another to update the versioning.json file (since the commit hash of the first can't be known ahead of time). The versioning.json file would also need to pin dependency versions.
Each module can define _MODULENAME_VER
(convention), allowing the importing (extending or instantiating) module to assume a version. If we want to go more sophisticated than just a timestamps, a suitable "semver" operator could be defined.
Generally, the majority of issues we face today could be addressed by coordinating releases of the tools such as TLC, TLAPS, Apalache, .... Also, remember that in the case of TLC, several modules come with Java module overrides. Apalache also has a bunch of modules that are coupled with it.
Basically thinking we should just go the route of onboarding TLA+ to the nix/guix ecosystem for reproducible research instead of inventing our own packaging and versioning system.
Currently there are four sources of external TLA+ specifications that can be imported:
Recent experience validating the TLA+ examples repo has shown that changes in these dependencies are a source of bitrot. We should do what every other language has done and come up with a package management scheme where:
There are a number of possible ways this could be achieved. The simplest would be to have an optional
tlaplus.config
file in the spec root directory encoding key/value pairs of module name and version number in some standard config format (json, toml, yaml, whatever). Tools would then be responsible for acquiring and using the correct module when they are run. This will have a number of challenges: