[Squeakfoundation]Squeak downloads

Doug Way dway at riskmetrics.com
Fri Jun 20 20:25:34 CEST 2003 

Daniel Vainsencher wrote:

>I like the design. The security concerns seem a bit bogus to me - the
>download page was always on the swiki, and it's not that hard to change
>the link to point to some "warez" FTP site full of appropriately named
>trojans. Harder than with the new scheme, but not very hard.
>
>I think we can switch to this layout, and handle security lazily - start
>worrying after the first attack.
>  
>

Well, we could at least set a password for the swiki page, which would 
be better than no security.  I assume it's at least somewhat difficult 
to change a swiki page's contents (or uploads) if you don't know the 
password?

The people who maintain the various Squeak ports could all share the 
same password, which would not be posted publicly anywhere.  Since this 
is only 5 or 6 people or so, this seems like it wouldn't be too big of a 
hassle.

Eventually it would be great to have better swiki security, but in the 
meantime, maybe this would work?

By the way, I agree that Andreas' table layout is a lot nicer than what 
we have now.

- Doug


>Andreas Raab <andreas.raab at gmx.de> wrote:
>  
>
>>Hi Guys,
>>
>>I had recently the need to review the download and installation of Squeak on
>>various platforms and to be honest - it's a mess. If you try to find your
>>way around Squeak.org's download area you get lost so incredibly fast, it's
>>amazing that some people manage to get Squeak anyways.
>>
>>Since I know that all of you are busy, I've done some work on it. My
>>proposal is to link from Squeak.org directly into the main Squeak Swiki and
>>there, provide a download page as can be seen at:
>>
>>	http://minnow.cc.gatech.edu/squeak/3262
>>
>>
>>Let me say a few words about what I'm trying to do here. 
>>
>>First of all, the point is to download Squeak not to look at funny pictures.
>>The eye-candy at Squeak.org is certainly nice but when it comes to download
>>we want those files - and nothing more. So there are quite deliberately no
>>icons on this page. 
>>
>>Secondly, I think people often look for documentation of Squeak most of
>>which is found at the Swiki. Hosting the download page at the Swiki itself
>>means that *everyone* who has ever downloaded Squeak has seen the Swiki at
>>least once. That's what the first sentence in the above is for - so people
>>know they are now at the right place. In addition, using a Swiki means we
>>can much more easily change and update things. When a new version gets out
>>we just change it and then, as the latest platform bundles come in, update
>>the information appropriately. The download area at the Swiki also means we
>>have a more level playing ground for alternative ports (you may see that one
>>entry lists MobVM which is otherwise impossible to find).
>>
>>About the contents of the download table:
>>* "full" means a bundle that absolutely includes everything you need to run
>>Squeak. As we don't provide this for all packages we may have some missing
>>entries. However, it's a Swiki so it's simple for people to make one up on
>>their own and we just link it.
>>* "image" means image+changes+sources for the listed "stable" version of
>>that platform. Nothing is more bothering than to see that a BeOS port exist
>>but not to know what one needs to download.
>>* "stable VM" means the latest stable VM known to run well for the listed
>>stable version of Squeak. Therefore, "image" + "stable VM" is everything you
>>need if you haven't a full package available
>>* "VM source code" explicitly links to the source code for the VM in
>>question. Many people find it extremely hard to find the sources for VMs so
>>here we can point them directly towards it.
>>
>>In addition, we have an "info" link which allows us to link to specific
>>places for some VM/port. This allows us to decouple the primary download
>>place from information such as port maintainer, release notes, specific bits
>>about the platform. All of this is useful information but it should be
>>hosted elsewhere.
>>
>>Based on the above download page, I figure that a new Squeak release process
>>(exemplified with 3.6) would consist of the following steps:
>>a) we make a copy of the current download page and name it appropriately
>>(such as "DownloadsForSqueak3.5") - this is now a "previous version"
>>b) change the latest stable version and link to the previous version. In
>>effect this means you can always wander backwards through all the old
>>versions and get - for example - exactly the "right" VM for Squeak 3.2 or
>>so. Therefore we only need to link to some previous versions here.
>>c) Update the links for the "primary" full/image packages which Bruce
>>handles.
>>
>>>From here on, we can leave everything as is. If we have some platform
>>maintainer who wants to update his or her port, she can simply update "her
>>row" in the table. So it's a very simple, straightforward and obvious
>>process which means that if people are interested they have a single place
>>where they can download about everything that's interesting about Squeak.
>>
>>What do you think?
>>
>>Cheers,
>>  - Andreas
>>
>>_______________________________________________
>>Squeakfoundation mailing list
>>Squeakfoundation at lists.squeakfoundation.org
>>http://lists.squeakfoundation.org/listinfo/squeakfoundation
>>    
>>
>_______________________________________________
>Squeakfoundation mailing list
>Squeakfoundation at lists.squeakfoundation.org
>http://lists.squeakfoundation.org/listinfo/squeakfoundation
>  
>

More information about the Squeakfoundation mailing list