PND repository specification

From Pandora Wiki
Revision as of 17:24, 24 March 2011 by Tempel (talk | contribs) (Formatting and minor rewriting for readability.)
Jump to: navigation, search

This is currently a work in progress. Version 2.0 will be finalized soon; please do not implement until then.

Overview

This is the specification for PND repository files. Such a file represents a PND repository, meaning a source to get PND files from, and should list applications that tracked PND files provide, along with URIs for related files.

Logistics

A PND repository file should be hosted in a known location that can be identified by an URI, and using a REST-enabled or read-only protocol. If the repository URI is using the HTTP protocol, it should be possible to perform GET and HEAD operations on the URI node. Caching of repository files is encouraged, and a day is the recommended time interval for cache implementations. Client implementations may circumvent any cache specifications if it is deemed necessary to acquire the latest repository file, though. GZip compression over the HTTP protocol does not have to be supported.

Reference implementation

The only current implementation is on milkshake's repo, with the repository file here. Also available is code for the Box PND management system, though it only supports repository version 1.0, and is not currently being run anywhere.

Client implementations

Clients should store lists of URIs to repository files and download files from these URIs on demand, respecting cache metadata. They may use HEAD requests on HTTP repository URIs to get information about expiry times that the repository files may have. It should NOT be possible to perform head operations on actual downloadable files, however; repository URI references should be immutable, and a tracked URI must always point to the same data.

Format

The repository file should be in a text/json format, as described below.

  • All fields marked with "OPTIONAL" may be missing.
  • All other fields must be present with appropriate data. There are very few, so it shouldn't be hard.
  • Additional unofficial fields may be added by repository maintainers; these fields should use keys formed as "x-reponame-field" so as to avoid conflicts with other repositories or future spec versions.

(Comments added for clarification; JSON files may normally never contain comments)

//Repository file. (type: json-object)
//
//Will use the JSON common-denominator encoding (can be read as ASCII, ISO-8859-1 or UTF-8)
//Unicode characters are escaped with "\uXXXX" as per the JSON standard.
{
  //Information about the repository. (type: json-object)
  "repository": {

    //User-friendly name of the repo to be shown to the user (type: json-string)
    "name":        "The Box",

    //Repository API version. (type: json-number, aka float)
    //
    //A client may only open a repository file if it supports this version.
    //All 2.X versions will be backwards compatible.  Valid 2.0 will also be valid 2.1 and beyond.
    "version":     2.0
  },

  //Information about the PND packages in the repo. (type: json-array)
  "packages": [

    //Package (type: json-object)
    {
      //The package's queryable id. (type: json-string, see PXML standard)
      "id":        "sample-package",

      //The package version. (type: json-object)
      "version": {
        "major":   "1", //(type: json-string, with characters 0-9, a-z, A-Z, +, -)
        "minor":   "0", //(type: json-string, with characters 0-9, a-z, A-Z, +, -)
        "release": "0", //(type: json-string, with characters 0-9, a-z, A-Z, +, -)
        "build":   "0", //(type: json-string, with characters 0-9, a-z, A-Z, +, -)
        "type":    "release" //OPTIONAL (type: json-string, "alpha", "beta", or "release")
      },

      //OPTIONAL: Information on the package author. (type: json-object)
      "author": {
        "name":    "packagers name",         //OPTIONAL: Author's name (type: json-string)
        "website": "http://www.website.foo", //OPTIONAL: Author's website (type: json-string)
        "email":   "user@name.who"           //OPTIONAL: Author's email (type: json-string)
      },

      //Application localizations. (type: json-array)
      //
      //A localization for "en_US" will always be present.
      "localizations": {
        //Application localization. (type: json-object)
        //
        //Key: Language of this localization. (type: json-string, matches: "[a-z][a-z](_[A-Z][A-Z])?")
        //
        //This is made up of two parts:
        // - The language part. This code is the lower-case, two-letter code as defined by ISO-639.
        // - OPTIONAL: The country part. This code is the upper-case, two-letter code as defined by
        //   ISO-3166, with an underscore as the prefix.
        "en_US": {
          //The application title according to this localization. (type: json-string)
          "title": "Sample Collection",

          //The application description according to this localization. (type: json-string)
          "description": "This is a really verbose package with a whole lot of stuff."
        },
        "de_DE": {
          "title": "Beispiel Sammlung",
          "description": "Die gleiche Beschreibung wie oben, nur auf deutsch."
        }
      },

      //OPTIONAL: URI to the icon to representing this package. (type: json-string)
      //
      //URI accepts the following protocols: ["http:", "https:", "ftp:", "data:", "file:"]
      //(Image of type: image/png, size: Preferrably square, 64x64.)
      "icon":     "http://dflemstr.dyndns.org:8088/file/image/WPL5JKWK0PTODSWK.png"

      //URI to the PND containing the application (type: json-string)
      //
      //URI accepts the following protocols: ["http:", "https:", "ftp:", "data:", "file:"]
      "uri":       "http://dflemstr.dyndns.org:8088/file/package/WPL5JKWK0PTODSWK.pnd",

      //The MD5 hash of the PND file, encoded as a hexadecimal value. (type: json-string)
      "md5":      "d3de733c68b55538bb9c9ff46699c154",

      //OPTIONAL: The application vendor. (type: json-string)
      //
      //This is e.g. the uploader of the file, or the company, etc.
      //This is useful for networks-of-trust, e.g. an auto-update app might ask the user before
      //upgrading an app with a new version from a different vendor.
      "vendor":    "dflemstr",

      //OPTIONAL: People who have verified this package's safety. (type: json-array)
      //
      //This extends the networks-of-trust concept through other users of the repository.
      //This should list usernames of people who have tested the application and verified
      //it to be safe.  The client can trust the package if the client trusts any of these
      //users.  If the repository only allows approval by a small group of trusted admins,
      //then having any names listed in here should imply that the package is fully trusted.
      "approved": [
        "Tempel"
      ]

      //OPTIONAL: The overall rating given to this package.
      //(type: int, in range 0-100 inclusive)
      "rating": 87

      //OPTIONAL: List of applications contained in this package. (type: json-array)
      "applications": [
        //Application (type: json-object)
        {
          //The following fields - id, version, author, localizations, and icon - have
          //the same meaning, types, and restrictions as the corresponding package fields
          //given above.

          "id": "sample-app1",

          "version": {
            "major": "1",
            "minor": "18",
            "release": "0",
            "build": "0",
            "type": "alpha"
          },

          //OPTIONAL
          "author": {
            "name": "the authors name",
            "website": "http://www.openpandora.org"
            "email": "author@openpandora.org"
          },

          "localizations": {
            "en_US": {
              "title": "Sample Application 1",
              "description": "A really lenghty description for the application."
            },
            "de_DE": {
              "title": "Beispiel Anwendung 1",
              "description": "Die Beschreibung einer Beispielanwendung."
            }
          },

          //OPTIONAL
          "icon": "http://dflemstr.dyndns.org:8088/file/image/FDKXL9LD1200GHG.png",

          //OPTIONAL: A list of URIs to application preview pictures. (type: json-array)
          "previewpics": [
            //Image URI (type: json-string)
            //
            //URI accepts the following protocols: ["http:", "https:", "ftp:", "data:", "file:"]
            //(Image of type: image/png)
            "http://dflemstr.dyndns.org:8088/file/image/IFLWQK32043ISNT.png",
            "http://dflemstr.dyndns.org:8088/file/image/LGOI32DOE032DNG.png"
          ],

          //OPTIONAL: The licenses under which this application is made available. (type: json-array)
          "licenses": [
            //Short license identifier. (type: json-string)
            //
            //There are currently no conventions here on how to uniquely identify a
            //license (eg. GPL2 or GPLv2).  Therefore, a client should not rely on any
            //specific conventions.
            "GPL2"
          ],

          //OPTIONAL: The URI at which the application's source code can be found.
          //Need not be a direct download link.
          "source": "git://git.openpandora.org/special_project",

          //OPTIONAL: Application categories. (type: json-array)
          //Note that subcategories are listed directly alongside main categories, as
          //they would appear in a .desktop file.
          "categories": [
            //Category. (type: json-string)
            //See http://standards.freedesktop.org/menu-spec/latest/apa.html for a list of valid categories.
            "Game",
            "System",
            "Emulator"
          ]
        }
      ],

      //OPTIONAL: These four fields - previewpics, licenses, source, and categories -
      //should only be included if the "applications" array is not.  In a PXML, this data
      //only appears on a per-app basis, not per-package.  Therefore, a repository should
      //only include these if it does not have information on individual applications.
      //If a repository includes these fields both here and in the applications array,
      //clients should ignore these fields in favour of those in the applications array.
      "previewpics": [
        "http://dflemstr.dyndns.org:8088/file/image/IFLWQK32043ISNT.png",
        "http://dflemstr.dyndns.org:8088/file/image/LGOI32DOE032DNG.png"
      ],
      "licenses": [
        "GPL"
      ],
      "source": "git://git.openpandora.org/special_project",
      "categories": [
            "Game",
            "System",
            "Emulator"
      ]

    }
  ]
}

see other proposals