Dependencies of new packages by web UI

[henilp105]

I have considered the following options for the addition of dependencies of packages to its document in packages collection :

1. Read the following from toml file.
2. User enters the packages in csv manner.
3. Add a dropdown to add the packages, by searching and selecting packages.

In my opinion it is generally better to add a dropdown or directly get them from the toml file of the packages.
I would like to request all the Community members to review and add suggestions.

Thanks and Regards,
Henil

CC @awvwgk @fortran-lang/admins @fortran-lang/fpm @arteevraina @perazz @minhqdao

[perazz]

IMHO dependencies are the most important descriptor of a package besides the source code itself, so I would lean on keeping everything consistent to what’s in the package toml file.

Down the road we will need mechanisms for version resolution and comparison for each dependency, which I think we need to define at the toml level too (e.g. v1.1.0 or v1.2.3 or (v>=2.0.0 and v<3.0.0)

[arteevraina]

IMHO dependencies are the most important descriptor of a package besides the source code itself, so I would lean on keeping everything consistent to what’s in the package toml file.

Down the road we will need mechanisms for version resolution and comparison for each dependency, which I think we need to define at the toml level too (e.g. v1.1.0 or v1.2.3 or (v>=2.0.0 and v<3.0.0)

Agreed. I think it's better and more consistent to parse the toml file and parse the dependencies from there. But, then the other question is Are we going to allow user to upload the toml file of their project and then we can parse it in the backend ?

[henilp105]

@arteevraina yes, we would allow the user to upload the entire package as we also have to implement the package upload restrictions and checks so, we would take the entire package and then parse the toml .