dependencies - Vendoring a native tool while retaining maximum portability -


the twelve-factor app manifesto says web applications "... have clean contract underlying operating system, offering maximum portability between execution environments" [emphasis added me]

but it says:

twelve-factor apps not rely on implicit existence of system tools. examples include shelling out imagemagick or curl. while these tools may exist on many or systems, there no guarantee exist on systems app may run in future, or whether version found on future system compatible app. if app needs shell out system tool, tool should vendored app.

and have earlier defined "vendored app" as:

scoped directory containing app (known “vendoring” or “bundling”).

how should done, when (on linux @ least) native 64-bit executables not run in 32-bit environments, example - let alone on other operating systems? or there better way of handling portability issue?

in opinion, it shouldn't done @ all. because:

  • if native executables dynamically linked, there chance fail run merely on future os releases, let alone future or past processor architectures.
  • as far understand it, not possible future-proof native executable statically-linking it. can still have issues. solaris doesn't support static linking of system libraries!
  • library dependencies not kind of dependencies native tools can have. there can other issues well.
  • old imagemagicks - or curls - may have security bugs allow application compromised. (this bit of contentious point - validity depends on trust more watch / apply security updates - people maintain , upgrade servers, or developers? of course might same people - now. working assumption here servers have updates applied eventually, in turn protect app security holes in system executables have been fixed in updates.)

my view: if dependency management system of choice point-blank cannot handle native executables, stick note in readme , done it. if don't have readme, create one. , (for in-house web apps) add native tools need standard server image or script use when setting server, , make sure keep additional note of why there.


Comments

Post a Comment

Popular posts from this blog

java - Play! framework 2.0: How to display multiple image? -

i need display gallery of photos. here template: @(photos: list[photo]) @title = { <bold>gallery</bold> } @main(title,"photo"){ <ul class="thumbnails"> @for(photo <- photos) { <li class="span3"> <a href="#" class="thumbnail"> <img src="@photo.path" alt=""> </a> </li> } </ul> } and here controller method: public static result getphotos() { return ok(views.html.photo.gallery.render(photo.get())); } and here photo bean : @entity public class photo extends model { @id public long id; @required public string label; public string path; public photo(string path, string label) { this.path = path; this.label = label; } private static finder<long, photo> find = new finder<long, photo>( long.class, photo.class); public static list<phot...
Read more

gmail - Is there any documentation for read-only access to the Google Contacts API? -

i want read-only access user's google contacts. there stackoverflow member wanted this, , received following answer : yes, there is, use https://www.googleapis.com/auth/contacts.readonly scope , "view contacts". this exchange reference read-only access google contacts can find using google. simply using access token obtained attempt read usual google contacts api (i.e. https://www.google.com/m8/feeds ) fails insufficient permissions. similarly, using google contacts api on new target fails 404 errors (for example https://www.googleapis.com/auth/contacts.readonly/default/full ). is there documentation anywhere on how use api, or permissible way access google contacts api full read-write access?
Read more

php - Controller/JToolBar not working in Joomla 2.5 -

relevant code: jtoolbarhelper::custom('savecategories', 'save', '', 'save', false, false); ... <input type="hidden" name="controller" value="easyblogcontroller"> according can dig docs , own previous questions, should call savecategories() function in easyblogcontroller . i've tried setting value easyblog , easyblog.php (file name) current easyblogcontroller (class name). clicking on save button refreshes page. not redirect, echo or var_dump test code put in savecategories() function. var_dump ing jrequest::getvar('controller') , 'task' return correct values. creating controller object , using $controller->execute('task'); works. the values going depend on location of controller trying call, , have couple options here. typically there controller in base folder of component (likely components/com_easyblog) in file called controller.php , class name inside ...
Read more