[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

“What’s in a package”

From: Ludovic Courtès
Subject: “What’s in a package”
Date: Mon, 20 Sep 2021 14:36:58 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux)

Hello Guix!

I and others are often disappointed (or angry!) when looking at the
weaknesses of the most popular software deployment tools.  I felt that
acutely after packaging PyTorch last month and felt the need to look
more closely at what others are doing and to document our motivation,
having put so much sweat in all these packages:

It’s probably no news to people here, but the packaging approach has a
direct impact on verifiability, and thus on security and transparency,
as expected from a scientific process.  The idea is to explain all that
looking at the contents of packages, in particular for pip and CONDA.

Feel free to share with non-Guix people and to comment!


reply via email to

[Prev in Thread] Current Thread [Next in Thread]