Re: Accuracy of importers?

[Xinglu Chen]

On Thu, Oct 28 2021, Ludovic Courtès wrote:

> Hello Guix!
>
> As I’m preparing my PackagingCon talk and wondering how language package
> managers could make our lives easier, I thought it’d be interesting to
> know how well our importers are doing.
>
> My understanding is that most of them require manual intervention—i.e.,
> one has to tweak what ‘guix import’ produces, even if we ignore
> synopsis/description/license, to set the right inputs, etc.  If we were
> to estimate the fraction of imported packages for which manual changes
> are needed, what would it look like?
>
>    importer     fraction of imported packages needing changes
>
>    gnu          90% (doesn’t know about dependencies)
>    pypi         50% (some miss source distro, “sdist”; some have
>                      non-Python deps)
>    cpan         ?
>    hackage      ?
>    stackage     (Lars?)

The Stackage is mostly based on the Hackage importer, and they are
unable to parse certains things in the .cabal files.[1][2]  I would say that
this happens maybe 1/15 to 1/20 of cases.

[1]: <https://issues.guix.gnu.org/36690>
[2]: <https://issues.guix.gnu.org/35743>

>    egg          (Xinglu?)

I haven’t used it that much, but I would say it works ~80%.  Some
egg packages specify system dependencies (e.g., OpenSSL), but the
importer doesn’t know what the name of that package is in Guix, so it’s
not always correct.

> What about licensing info: which ones provide accurate licensing info?
> My guess:
>
>    gnu
>    pypi
>    cpan
>    cran
>    elpa
>    go (?)
>    cran
>    crate (?)
>    texlive
>    opam (?)
>    minetest (?)

For the egg importer, many packages specify the wrong license in their
.egg file, and there is no convention for what naming scheme to use, so
sometimes it is ‘GPL3’, other times it is ‘GPL-3.0’.

The Hackage/Stackage importer generally results in correct licenses, so
I would also put it on this list.  :-)

signature.asc
Description: PGP signature