On 2011-07-01 12:46 PM, Tony Garnock-Jones wrote:It'd be good if the list could contain sublists, too, so that libraries could specify their own internal dependencies.
A tiny boot-loader program - from some well-known branch URL or blob
URL - would be given a URL list, and would retrieve, link, and run the
resulting code.
It'd also be important to make blobs contain hints about what their human-readable mutable branch URL might be, so that given a blob URL you can retrieve the headers and follow the pointer to the latest version of the code, and all the metadata etc.
Finally, say I load library X, which depends on library Y at version 1, and then not knowing that X depends on Y, I introduce a dependency on Y at version 2. In situations like this the linker needs to be aware that there might be a clash and that it might need to step in. Lots of different strategies, from the simple-but-stupid to the complex-and-possibly-incomprehensible, are possible.
If a capability-secure language (caja?) were used it'd make it easier to load a copy of Y v1 for X and a copy of Y v2 for the main app, and to keep them separate.
Regards,
Tony
It doesn't seem too similar: IIUC, swarm is all about mobile running
code, whereas what I have in mind is orthogonal to that. I was thinking
more of how to stitch together program text from documents containing
source code that are distributed about the web. I was imagining using
unhosted for the source code snippets, like one might for other kinds of
data.
Regards,
Tony
It'd be good if the list could contain sublists, too, so that libraries
The picture is still unclear. I guess we should be more specific as to
what has to be done.
Yes, remember when we were discussing about how can we trust the app? If they are not being changed by the provider? Well this might be the answer. You can have application.com deploy the application in yourunhostedhive.com . But now my question is that we have two ways of doing it:
1. We never ever visit application.com again, we just go to yourunhostedhive.com/username/application and run the application
2. We still go to application.com and it fetches data from yourunhostedhive.com like it would do to the data.
The picture is still unclear. I guess we should be more specific as to what has to be done.
Yep. Specifying the code you want to run by naming it by its
cryptographically-strong hash has the nice property of knowing for
absolute sure that you're running exactly the code you wanted :-)
Tony
If you name content by its hash, then as long as the server *knows*
you're doing this, it can be doing totally transparent deduplication and
nobody need ever know. Furthermore, hashes being what they are, they can
be used as capabilities to the data. (And of course the blobs themselves
can be hosted on any machine, since you have the means of checking you
get the right thing back.)
Tony