package-manager-module

Package Manager Module (Name TBD) §

The Package Manager module handles downloading and managing software modules, automatically resolving dependencies to ensure all required components are correctly retrieved. It efficiently fetches modules from decentralized sources, manages their updates, and provides secure verification.

The MVP will use a Provider abstraction, in which the Provider retrieves packages from file system or over HTTP.

Functionality §

1. The system shall allow users to download software packages directly from peer nodes or fallback to alternative Providers when necessary.
2. The system shall store cryptographic hashes for software packages and verify file integrity during and after download.
3. The system shall support digital delegatable signing chains to ensure decentralised publisher/authorship integrity.
4. The system shall distribute the software packages efficiently by using Codex or a Distributed Hash Table (DHT).
5. The system shall automatically contribute downloaded packages back to the peer-to-peer network to facilitate future downloads.
6. The system shall handle software package updates efficiently by distributing only updated packages instead of entire archives.
7. The system shall cache software packages on disk.
8. The system shall allow the publishing of software packages.
9. The system shall support SEMVER versioning semantics of packages.
10. The system shall support deployment configurations and has capabilities for loading/unloading modules in Logos Core.
11. Resolves & Downloads Dependencies (using Pubgrub algorithm) and ensures stable system configuration.
12. Package Manager reads Module metadata (dependencies, categories & tags)

Usability §

1. The system shall support a deployment configuration and resolve dependencies.
2. The system shall provide clear indicators of download progress and completion status.
3. The system shall maintain responsive interactions, with DHT queries completing within an average of 10 seconds under normal network conditions.
4. The system shall provide easy-to-understand logs and notifications to inform users of peer-to-peer and mirror download sources.

Reliability §

1. The system shall automatically recover and resume downloads after network disruptions or application restarts.
2. The system shall ensure that software package integrity is preserved through rigorous cryptographic verification.
3. The system shall maintain consistent functionality even with high peer churn and unreliable individual peer connections.
4. The system shall automatically handle peer discovery failures by defaulting to official package mirrors when peers are unavailable.
5. The system shall regularly verify cached package validity against official mirror sources.

Performance §

These performance metrics are requirements for Codex / DHT.

1. The system shall efficiently manage the distribution of software packages ranging from under 512 KB to hundreds of megabytes (according to apt-p2p paper on the diverse package sizes within Debian repositories).
2. The system shall accommodate daily file churn (where approximately 1.5% of a 119,000 MB Debian archive is regularly updated), by efficiently managing package updates without excessive bandwidth usage.
3. The system shall optimize DHT operations to complete peer lookups with minimal latency, avoiding long timeout periods.
4. The system shall efficiently handle the distribution of both large and small package files without unnecessary overhead.
5. The system shall limit resource consumption, ensuring minimal impact on other system activities, maintaining bandwidth overhead below 300 bytes/sec for DHT operations.
6. The system shall cache frequently accessed software packages locally to expedite future access and reduce overall download times.

Supportability §

1. The system shall provide detailed diagnostics and logging capabilities to facilitate troubleshooting and support activities.
2. The system shall be deployable and maintainable across all platforms (and thus requires to support multiple architectures per package)
3. The system shall support automatic updates with minimal user intervention.
4. The system shall allow configurable network settings, including proxy and port forwarding, to accommodate various network environments.
5. The system shall support easy cache management strategies, including the removal of obsolete or infrequently accessed software packages.