The Chocolatey Community Repository is a community-driven collection of over 8000 packages (and over 1B downloads of those packages) that Chocolatey hosts and provides for free to the community. We run a number of automated services to support this growing collection of packages and establish a baseline of package quality:
- Package Validator
- Inspects the packaging scripts (chocolateyInstall.ps1, chocolateyUninstall.ps1, etc) to ensure that they adhere to rules in place for package quality.
- Package Verifier
- Attempts the installation and uninstallation of a package, to ensure that it succeeds.
- Package Scanner
- Submits all binaries associated with a package to VirusTotal and collects/reports the results back.
- Package Cacher
- Inspects the downloads that a package performs and caches them.
- Package Cleanup
- Keeps track of all package submissions and performs housekeeping on those packages that are not progressing, and finally rejects them after a period of inactivity.
Most infrastructure is not open, and there are good reasons for this. A lot of times infrastructure is very specific to an organization and does not lend itself well to being open. We have seen time and again secrets being inadvertently leaked from organizations to their open repositories.
Right now we have our internal infrastructure both internal and open. As we start to look to the future we want to deconstruct some of this into smaller components which will allow us to move faster and provide better services to our user base.
We have already started to improve the Chocolatey Community Website by separating its components. You may have already seen this in action with the release of the new Chocolatey documentation site (repository can be found here https://github.com/chocolatey/docs) as well as the Chocolatey blog.
To achieve speed and to honor our value of simplicity, we also need to take our internal infrastructure internal.
You can still report issues and suggest features for the Chocolatey Community Repository, and its supporting services, by going to the Chocolatey home repository on GitHub.
If you have any questions or concerns about these changes, then please reach out on our Community Chat or through the Chocolatey Google Group.
Popular Tags
- #news 65 Number of post with tag news
- #press release 52 Number of post with tag press release
- #chocolatey for business 41 Number of post with tag chocolatey for business
- #packaging 19 Number of post with tag packaging
- #open source 15 Number of post with tag open source
- #tutorial 13 Number of post with tag tutorial
- #12 days of Chocolatey 2023 12 Number of post with tag 12 days of Chocolatey 2023
- #chocolatey community repository 10 Number of post with tag chocolatey community repository
- #chocolatey central management 6 Number of post with tag chocolatey central management
- #chocolatey cli 6 Number of post with tag chocolatey cli
