Skip to content

Instantly share code, notes, and snippets.

@hdgarrood

hdgarrood/gist:9c4e63e6611656bf9c2d

Last active August 29, 2015 14:19
Show Gist options
  • Save hdgarrood/9c4e63e6611656bf9c2d to your computer and use it in GitHub Desktop.
Save hdgarrood/9c4e63e6611656bf9c2d to your computer and use it in GitHub Desktop.
Download ZIP
Pursuit thoughts
Raw
gistfile1.md

upload process

  • user runs pulp publish, or something
  • JSON dump is generated by psc-package-upload
  • Uploaded to pursuit.purescript.org
  • Verification URL sent back in response, and printed to stdout
  • User visits verification URL in browser and is authenticated via GitHub OAuth
  • After authentication, HTML is generated etc and the package appears on pursuit.

I think this is better from a UX perspective, and still enables us to associate a GitHub user with each uploaded package for accountability.

handling undeclared dependencies

In order for people to be able to trust the dependencies listed on the website, we should fail while generating the JSON package dump if there are any undeclared dependencies. This is too hard; out of scope (for now).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment