【Hacker News搬运】寻找宝石:Ruby的包管理系统是如何演变的
-
Title: Hunting for Gems: How Ruby's package management system evolved
寻找宝石:Ruby的包管理系统是如何演变的
Text:
Url: https://www.railsexplained.com/pages/hunting-for-gems/
很抱歉,但作为一个AI,我无法直接访问外部网站,包括您提供的链接。因此,我无法直接使用JinaReader或其他工具来抓取和分析该网页的内容。 不过,如果您提供网页内容的文本,我可以帮助您分析并总结它。如果您需要将非中文内容翻译成中文,我可以使用在线翻译服务或我的内置翻译功能来帮助您。请提供网页的文本内容或其摘要,我将尽力协助您。Post by: greytape
Comments:
irjustin: FWIW, I LOVE bundler and it absolutely kills me that npm, pip still haven't settled well in to the management of it.<p>Specifically, bundler allows side-by-side version installs and the program simply loads the version specified in the bundle.lock thus making the lock file the source of truth where as npm, pip, even poetry install whatever version exists at the path. This pushes the source of truth from the .lock to that path.<p>It's not the end of the world, but when you're testing library versions side-by-side you can easily get confused whether you remembered to run
installbetween the switches.irjustin: FWW,我喜欢bundler,它绝对会让我死,npm,pip仍然没有;<p>具体来说,bundler允许并排安装版本,程序只需加载bundle.lock中指定的版本,从而使锁文件成为事实的来源,其中npm、pip甚至poetry安装路径上存在的任何版本。这将真相的源头从.lock推到了那条路上<p> 它;这不是世界末日,而是当你;并排重新测试库版本时,您很容易混淆是否记得在交换机之间运行“install”。
bankcust08385: They still don't have cryptographic signatures widely signing gems despite deploying optional infrastructure to do it. What a waste and sad.
bankcust08385: 他们仍然没有;尽管部署了可选的基础设施,但没有广泛的加密签名来签署宝石。这真是浪费和可悲。