RFC: On-demand package installation API in kdelibs

Hans Meine hans_meine at gmx.net
Thu Jul 29 17:27:30 BST 2010 

On Thursday 29 July 2010 17:28:17 you wrote:
> On Thu, Jul 29, 2010 at 04:29:22PM +0200, Hans Meine wrote:
> > Exactly.  No point in discussing this.
> 
> So we agree that this API is a bad thing?

No.  We agree that there should not be unnecessary or too many or randomly 
popping up password queries.  (And, setting the clock is less dangerous than 
installing software, thus the password dialog is less necessary.)

With "No point in discussing this" I meant "No point in discussing that the 
number of unnecessary dialogs should be minimized".  We seem to disagree about 
when they are not unnecessary.

> > Everybody so far agreed that randomly popping up password dialogs are
> > evil, so please stop bringing this up.
> 
> So you want automated, silent installation of unauthenticated third-party
> packages from arbitrary repositories?

Not at all, and I thought I made my point clear.  

> > Of course, a mediaplayer should not try to have something installed when
> > proceeding to another track.  OTOH, if you explicitly drop a number of
> > files on the playlist, it would make sense to tell the user that these
> > files are only supported with additional packages.  Then, if the user
> > presses the "Sure, I understand, then please install that piece of
> > software now" button, a package manager might eventually ask for a
> > password (if no trusted source etc. is available).
> 
> You just said everyone agreed that this was bad?

No.  I think everyone agrees that randomly popping dialogs would be bad, as in 
the first sentence ("when proceeding to another track").

Then, I started with OTOH ("on the other hand"), which means that in this case 
(explicit user action), a dialog would be justified.  And that dialog would of 
course not yet install anything or ask for a password, but just offer 
information, and allow to plug in a way to start the installation.

> > Otherwise, unsupported files should simply be skipped.  But that would
> > still be a bug in the media player, not in the proposed API.

Here, I guess I was unclear.  With "that" in "But that would still be a bug in 
the media player ...", I meant that it's up to the media player to use the 
proposed API in a sane (useful, responsible, intended) way.  But we're not 
talking about the media player here but about the necessary hooks for 
packagers to allow installing stuff in a more convenient way.

Another view would be to call the proposed API object-oriented from a user 
POV.  The user stumbles over missing functionality (/missing packages) and 
shall be enabled to more directly resolve this problem, instead of manually 
locating and starting the correct application (the package manager) and 
finding the "object" (/"document", i.e. the package providing the missing 
functionality).

> > Of course not.  Nobody here would propose something stupid like that!
> 
> You just did yourself.

No, I never proposed to "automatically download and install unverifiable
packages".

> > A distributor might decide to offer password-less installation from
> > trusted sources, but could still offer a more verbose,
> > "are-you-really-sure?"-path for installing from 3rd-party sources.  One
> > does not preclude the other, does it?
> 
> The we are _again_ back to the adding of clickthroughs and password
> entering, which you just said everyone agreed was a bad thing, and we
> should avoid.

I agree that they should be avoided *where possible*.  We just disagree on the 
point where they actually *make sense*.

You seem to think that a user should be told "that the needed libraries aren't 
available/crippled" and left alone with that information, so that he/she goes 
through the necessary steps to locate and install packages using a package 
manager started via the menu.  Does this procedure make the difference in your 
opinion, because the password dialog is hidden enough that only aware user 
will fill it in?

I assumed that the "clickthrough" effect could be leveraged by
a) minimizing the number of such dialogs,
b) optimizing their time of appearance, i.e. showing them in clear relation to 
explicit user actions, and
c) optimizing their appearance (concise, clear description of the situation 
and options).

> > We can.  The point is that it would be up to distributors/packages to
> > decide, which will also depend on the target audience.
> 
> I still believe this is a fundamentally wrong approach, and that KDE
> shouldn't endorse this.

I also prefer a distribution with all "batteries loaded", but obviously, the 
need for this is there and has already led to several inconsistent, partial 
solutions.

> > The feedback is not ignored AFAICT, but the point is to
> > - offer an API to prevent (or even reduce existing) code duplication, and
> > - offer an entry point for distributors to hook into their package
> > managing solutions.
> > As I see it, the API makes three solutions possible:
> > a) Simple dialogs instructing the user to install something (which would
> > obviously be the default for people compiling from unpatched sources, at
> > least for now).
> 
> Which can already be provided much simpler, with a plain old dialog.

Is there really such a big difference between an app showing a "plain old 
dialog" and calling a central API function that shows this dialog in a 
consistent manner?  The latter should not put a too large burden on the 
programmer (except for knowing yet another API, but that's the price of 
consistency).

> > b) The same, but including a way to directly open package managers with
> > the desired packages/options being preselected.  (Easier and faster to
> > use, no security thread here, is there?)
> 
> I can think of several security issues that may arise, but the biggest is
> the fundamental "avoid more clickthroughs".

I thought that "clickthroughs" would describe a series of dialogs where you 
just press "OK"/Enter.  Wouldn't a package manager main window already make a 
difference?

I see a clear benefit even for experts; for instance I prefer to install stuff 
via the endorsed package manager whenever possible, but I hate finding out 
which package manager and package management GUI is the preferred one on which 
release of every distribution out there (i.e. when I help out friends with 
their Ubuntu/OpenSuSE machines, while I am running Gentoo).  And that's only 
part of the problem, locating the correct package is the next - while package 
names seem to become more similar across distros, this is still not trivial in 
many cases.

> > c) A more automated procedure with simple confirmation dialogs.
> > You might be against c) (and I can see why), but please don't confuse
> > that with the introduction of a common API to make unified solutions
> > possible.
> 
> Well, so far c) seems to have been the only reason to implement this API.

What about b)?  And even a) could be the reason, i.e. styling the message 
boxes in a consistent way, or adding links to distribution websites or the 
like.

> > I see this as a worthwile goal, exactly the goal of KDE: To have reusable
> > pieces of software needed in many GUI apps, which also make applications
> > look and behave more alike, and thus improve the user experience.
> 
> We already have a common message box implementation. :-)

OK, I see your standpoint. :-)

Hoping I made myself more clear this time,
  Hans

More information about the kde-core-devel mailing list