I hate new DUB config format

Jacob Carlborg via Digitalmars-d digitalmars-d at puremagic.com
Fri Nov 27 08:37:41 PST 2015

On 2015-11-27 10:24, Ola Fosheim Grøstad wrote:

> Well, I usually don't use package managers for source code, but if I did
> I would not consider using one that can write to random directories.
> So if one uses Ruby, Python or D, the package manager has to make sure
> it executes in a "jail filesystem sandbox" that only can touch a
> specific subtree.

RubyGems works like this:

1. The author of a tool writes the package description in Ruby
2. The author then builds a gem (package) using the tool
3. The tool serializes/converts the Ruby code to YAML in the gem
4. The author uploads the gem using the tool

Then when a gem is installed the tool will only have access to the YAML 
file and reads that. The only one that have access to and need to run 
the Ruby code is the author.

/Jacob Carlborg

More information about the Digitalmars-d mailing list