On Tue, Jan 25, 2011 at 10:33 AM, Eric Hodel <drbr...@segment7.net> wrote: > On Jan 24, 2011, at 02:01, Tim Cuthbertson wrote: > >> Hi all, >> >> I'm doing a little bit of work on zero install (0install.net), which >> is a dependency manager that can speak a bunch of archive formats >> (.tgz, .deb, .rpm, etc). I'd like to add .gem to that list. >> Internally, it distinguishes formats by their mime type. So you have >> "application/x-bzip-compressed-tar" for a .tar.bz, etc... >> >> So I was wondering if there is an official or agreed-upon mime-type >> for .gem files? I see rubygems serves them up as >> application/octet-stream, but that isn't really enough to tell what it >> is if you don't have the .gem extension. >> >> If not, does anyone have any suggestions? I've no idea how these >> things are agreed upon, but how about I throw "application/x-rubygem" >> out there for starters… > > I don't see a problem with this. Nick is in charge of rubygems.org so he'd > need to make the changes to switch mime types. > >> While I'm at it, is there any spec for the format of a .gem file? From >> looking at examples I've come across, I'm pretty sure I can get away >> with `tar x` on the gem and then `tar xz` on the data.tar.gz contained >> inside. Can anyone see a potential problem with that? > > No problem. > > If there's a .sig file you may wish to verify it: > > $ tar tf pkg/rubygems-update-1.5.0.gem > data.tar.gz > metadata.gz > data.tar.gz.sig > metadata.gz.sig > > See Gem::Security for details.
For zero install, this shouldn't be necessary as the published feeds already uses PGP and archive content digests to protect against both tampering and corruption, but thanks for the tip :) Cheers, - Tim. _______________________________________________ Rubygems-developers mailing list http://rubyforge.org/projects/rubygems Rubygems-developers@rubyforge.org http://rubyforge.org/mailman/listinfo/rubygems-developers
