When I develop some administration scripts and distribute them to
my colleague, we often encounter issues: I must write a readme or
an email for explain what to do for use them:
mkdir, gem install …
Why 'require X' instruction do not make a 'gem install X' when
the gem is not installed ?
With (red) Shoes, we got "Shoes.setup { gem 'json_pure' } ", this is
really useful for non-native gem !
>
> Hello,
> When I develop some administration scripts and distribute them to
> my colleague, we often encounter issues: I must write a readme or
> an email for explain what to do for use them:
> mkdir, gem install …
> Why 'require X' instruction do not make a 'gem install X' when
> the gem is not installed ?
> With (red) Shoes, we got "Shoes.setup { gem 'json_pure' } ", this is
> really useful for non-native gem !
> Sincerely,
> Regis d'Aubarede
> http://regisaubarede.posterous.com/
Hello,
IMHO a such tool would be really dangerous, and not so useful:
the best option is to allow users to install everything in 1
command.
You should try Bundler : even if you don't want to use it in your
application, you can provide a Gemfile (and, even better, a
Gemfile.lock) then user will be able to use it with "bundle
install."
An other way is to create a rake task which does to job.
Regards,
With (red) Shoes, we got "Shoes.setup { gem 'json_pure' } ", this is
really useful for non-native gem !
And as the Shoes maintainer, the reason that this is in here is
specifically to help new people. This feature is really useful, but it
does semi-violate what most programmers would expect out of a system.
Since Shoes is a custom Ruby distribution, we can play by slightly
different rules.
Breaks if the user account doesn't have write permissions to the gem
installation directory.
Also: Who the hell do you think you are that you think you are allowed
to futz around with my OS during your script's runtime? What you are
doing *screams* malware behaviour (connecting to the internet and
downloading code; nobody can guarantee that you haven't done a
system("gem sources -a http://malicious.url") somewhere in there).
If you are unable or unwilling to bundle your dependencies into one
package, that's very much _your_ problem: You can build a custom
RubyInstaller for Windows and include your dependencies, and for *NIX
you can create a tarball for distribution that includes your
dependencies. Heck, the latter works for Windows, too, if you don't
include native extensions.
···
On Thu, Oct 6, 2011 at 3:19 PM, Regis d'Aubarede <regis.aubarede@gmail.com> wrote:
or I can do that at the beginning of my script :
def my\_require\(gem,pack=nil\) require gem
rescue Exception => e
puts "loading \#\{pack||gem\} from internet \.\.\."
system\("gem install \#\{pack||gem\} \-\-no\-ri \-\-no\-rdoc"\) ;
require gem
end
--
Phillip Gawlowski
gplus.to/phgaw | twitter.com/phgaw
A method of solution is perfect if we can forsee from the start,
and even prove, that following that method we shall attain our aim.
-- Leibniz
If you sent that kind of script to me, I'd print it out and slap you
with the paper.
For Windows, use Ocra for packaging; for Linux, everyone using it
should already be clever enough to do something as simple as a gem
install themselves.
Also, why a readme file? Just add a note to the top of the file in question.
If you're worried about malware then I don't see how running someone's
custom installer is any safer than running some script. Arguably, with
the script you at least have a chance to look at what it's doing.
···
On 6 October 2011 06:34, Phillip Gawlowski <cmdjackryan@gmail.com> wrote:
On Thu, Oct 6, 2011 at 3:19 PM, Regis d'Aubarede > <regis.aubarede@gmail.com> wrote:
or I can do that at the beginning of my script :
def my\_require\(gem,pack=nil\) require gem
rescue Exception => e
puts "loading \#\{pack||gem\} from internet \.\.\."
system\("gem install \#\{pack||gem\} \-\-no\-ri \-\-no\-rdoc"\) ;
require gem
end
Breaks if the user account doesn't have write permissions to the gem
installation directory.
Also: Who the hell do you think you are that you think you are allowed
to futz around with my OS during your script's runtime? What you are
doing *screams* malware behaviour (connecting to the internet and
downloading code; nobody can guarantee that you haven't done a
system("gem sources -a http://malicious.url") somewhere in there).
If you are unable or unwilling to bundle your dependencies into one
package, that's very much _your_ problem: You can build a custom
RubyInstaller for Windows and include your dependencies, and for *NIX
you can create a tarball for distribution that includes your
dependencies. Heck, the latter works for Windows, too, if you don't
include native extensions.
It's much easier to audit a whole installer (and block it!), than read
a dozen scripts, chasing through whatever rabbit holes the code goes
through.
···
On Thu, Oct 6, 2011 at 7:12 PM, Hilco Wijbenga <hilco.wijbenga@gmail.com> wrote:
If you're worried about malware then I don't see how running someone's
custom installer is any safer than running some script. Arguably, with
the script you at least have a chance to look at what it's doing.
--
Phillip Gawlowski
gplus.to/phgaw | twitter.com/phgaw
A method of solution is perfect if we can forsee from the start,
and even prove, that following that method we shall attain our aim.
-- Leibniz
def my_require(gem,pack=nil)
require gem
rescue LoadError => e
print "'#{gem}' package is missing. Can I load #{pack||'it'} \
from internet without slap or go to hell ? (y/n) : "
exit! if STDIN.gets.chomp !~ /^y|o$/i
system("gem install #{pack||gem} --no-ri --no-rdoc") ;
Gem.clear_paths() && require(gem) && puts("loading '#{gem}' ok!")
end
