ocicl
| quicklisp-https | ocicl | |
|---|---|---|
| 3 | 4 | |
| 1 | 105 | |
| - | 4.8% | |
| 0.0 | 7.9 | |
| almost 7 years ago | 11 days ago | |
| Common Lisp | Common Lisp | |
| - | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
quicklisp-https
-
Ocicl – An ASDF system distribution and management tool for Common Lisp
Other options are:
- Quicklisp -really slick, libraries in there are curated. (with https support here: https://github.com/rudolfochrist/ql-https and here: https://github.com/snmsts/quicklisp-https.git)
- for project-local dependencies like virtualenv: https://github.com/fukamachi/qlot
- a new, more traditional one: https://www.clpm.dev (CLPM comes as a pre-built binary, supports HTTPS by default, supports installing multiple package versions, supports versioned systems, and more)
For recent Quicklisp upgrades: http://ultralisp.org/
Ocicl is very new (5 days) and tries a new approach, building "on tools from the world of containers".
-
quicklisp security (or total lack of it)
I use this on a system that has curl to safely bootstrap https://github.com/snmsts/quicklisp-https.git which then uses openssl via dexador so that I can drop the curl dependency. A bit of a dance to get everything up and running, but once it is done for a given system you are good to go.
-
Why do people use Quicklisp although it is known to be vulnerable to man-in-the-middle attacks?
https://github.com/snmsts/quicklisp-https/blob/master/quicklisp-https.asd#L7 ?
ocicl
-
Steel Bank Common Lisp
Check out ocicl as an alternative to quicklisp if you are concerned about security. Code is distributed using the OCI ecosystem (https by default, proxies work, sigstore integration, etc). https://github.com/ocicl/ocicl
-
sbcl - require
If you are willing to try switching from quicklisp to ocicl, then you'll find that ocicl *does* work with authenticating proxies on Windows. https://github.com/ocicl/ocicl
-
Ocicl – An ASDF system distribution and management tool for Common Lisp
> ... but still only supports one niche operating system.
1. Linux is not a niche in the target market for this project.
2. The project is written in Common Lisp with hard dependencies on SBCL-provided libraries[1], so there's reason to suspect it should work on other OSes supported by SBCL.
3. Sure, the presence of Makefile and sb-posix imply it requires a POSIX compliant OS, but Linux is not the only one that fits the bill.
4. The included Linux-only binary 'oras' is clearly a vendored artifact, not part of this project, and clearly an OCI client. A simple search shows it is indeed cross-platform[2].
Perhaps you should try what almost every Linux user has had to do when encountering software actually built for only one "niche" operating system that they want to use on their OS: look.
1. https://github.com/ocicl/ocicl/blob/170aff0/ocicl.asd#L34
2. https://github.com/oras-project/oras/releases
What are some alternatives?
quicklisp-client - Quicklisp client.
BDFProxy - Patch Binaries via MITM: BackdoorFactory + mitmProxy.
ql-https - HTTPS support for Quicklisp via curl
cerberus - Common Lisp Kerberos v5 implementation
quicklisp-projects - Metadata for projects tracked by Quicklisp.
ultralisp - The software behind a Ultralisp.org Common Lisp repository
oras - OCI registry client - managing content like artifacts, images, packages
qlot - A project-local library installer for Common Lisp
aserve - AllegroServe, a web server written in Common Lisp