Regarding compilecommands.json ... I assume you intened crow packages to be portable, how would one specify macos , linux, windows compile command separatly?
Most libraries build with cmake, make etc, how does this interact?
u can type in crow.toml something like
[dependencies]
fmt = { git = "https://github.com/fmtlib/fmt" }. crow will clone the repo and will try to find crow.toml in it. cant find? so, crow will use wheels (from the word "wheelchair". it's like a fallback mechanisms) — if there's cmake files — CmakeWheel will be used - it will call cmake -B out_dir -S root (not exactly this command, by you get it), build static lib. and next crow will link your crow project with your non-crow dependency
unfortunately there's no os specific commands for now but i will implement them as soon as i finish writing the docs
It would help to have some documentation, and maybe a comment about what this does better/differently than vcpkg+ninja, which quite frankly works really well.
agreed. vcpkg+ninja are nice but crow focuses on simplicity. i'm writing the docs as we speak and will include a section on how this differs from existing tools
I think most c++ programmers would use a package manager if it was sane (and their org allowed them).
For my personal projects in c++, if a particular library isn't available via vcpkg I categorically refuse to add it as a dep.
If vcpkg was written in rust, python, or brainfuck it wouldn't matter to me. I actually have no idea what language it's implemented in, and don't care.
Noble effort but that ship has sailed. Cargo works because it was there from the start so basically everyone uses it.
C++ doesn't have one true package manager which means all third party dependencies will use totally different build systems and you can never have an easy `cargo add ...`. The closest I know of is vcpkg which has a decent selection but even then it's missing lots and still really clunky to set up.
I also worry about unpopular software repositories like that - it would be very easy to take some popular software that isn't packaged there, add it, bide your time and then poke some malware in. You don't even need to gain the original maintainers' trust.
The same applies to things like Flathub. I'm really surprised it hasn't happened yet (as far as I know).
Not the exact scenario you described, but there has been an instance on the Snap store where someone uploaded a crypto wallet management program and it was actually stealing keys.
The title made me think there was a cargo subcommand `cargo copy`.
Me too, I immediately tried to look it up!
Regarding compilecommands.json ... I assume you intened crow packages to be portable, how would one specify macos , linux, windows compile command separatly?
Most libraries build with cmake, make etc, how does this interact?
u can type in crow.toml something like [dependencies] fmt = { git = "https://github.com/fmtlib/fmt" }. crow will clone the repo and will try to find crow.toml in it. cant find? so, crow will use wheels (from the word "wheelchair". it's like a fallback mechanisms) — if there's cmake files — CmakeWheel will be used - it will call cmake -B out_dir -S root (not exactly this command, by you get it), build static lib. and next crow will link your crow project with your non-crow dependency
unfortunately there's no os specific commands for now but i will implement them as soon as i finish writing the docs
It would help to have some documentation, and maybe a comment about what this does better/differently than vcpkg+ninja, which quite frankly works really well.
agreed. vcpkg+ninja are nice but crow focuses on simplicity. i'm writing the docs as we speak and will include a section on how this differs from existing tools
I don't think cpp programmers will use a package manager written in rust.
Just delete the last three words, then it fits.
I think most c++ programmers would use a package manager if it was sane (and their org allowed them).
For my personal projects in c++, if a particular library isn't available via vcpkg I categorically refuse to add it as a dep.
If vcpkg was written in rust, python, or brainfuck it wouldn't matter to me. I actually have no idea what language it's implemented in, and don't care.
Why not? Do people really care about implementation language that much? Would they even notice if they installed with apt or whatever?
conan was written in python. so, why not rust?
Noble effort but that ship has sailed. Cargo works because it was there from the start so basically everyone uses it.
C++ doesn't have one true package manager which means all third party dependencies will use totally different build systems and you can never have an easy `cargo add ...`. The closest I know of is vcpkg which has a decent selection but even then it's missing lots and still really clunky to set up.
I also worry about unpopular software repositories like that - it would be very easy to take some popular software that isn't packaged there, add it, bide your time and then poke some malware in. You don't even need to gain the original maintainers' trust.
The same applies to things like Flathub. I'm really surprised it hasn't happened yet (as far as I know).
Not the exact scenario you described, but there has been an instance on the Snap store where someone uploaded a crypto wallet management program and it was actually stealing keys.
https://www.reddit.com/r/Ubuntu/comments/1olfrff/there_is_a_...
Well, Python's uv seems to suggest people can see the light and pivot to one build/dep mgmt tool.
Decades into a language not having a single one projects/people agree to use, solely.
So I wouldn't be so hasty with that assessment for one for C++.
No one needs a additional supply chain nightmare and dependency bloat for cpp. Cargo, NPM, Composer and pypi are more than enough.