Skip to main content

Announcing AppRepo

So after 4 years from my old post about this, finally I implemented it somewhere.

Introducing the new, shiny, :D

So what is the project?. In essence its nothing much, just a website which list applications for Fedora, allow user feedback and rating, and make it easier for users to discover applications in Fedora. It is basically yet-another-appmarket/appstore, but focusing on Fedora packages.

We already have PackageKit Add/Remove Software tool, why bother?

The problem is the package approach. To the end user, the concept of packages is foreign and scary. The cryptic names of packages and also the listing of non-application packages simply overwhelms them.

It is also difficult to discover interesting applications in a package management tool. Unless you know what you are looking for, its very easy to get lost in the vast gallery of library packages, data packages, meta packages, and application packages in the repository.

As the repository grow, it also make it longer and harder to search and discover new apps.  I used to browse the repo once every release back in the old days to find if theres anything new, but now theres way too many packages to browse through.

Why now?

Its now or never. The rise of iOS and Android also give rise to the AppStore/AppMarket concept, where users can easily discover new interesting applications from the market. Users are getting more familiar with it and started to expect it from other platforms too.

Ubuntu have a similar tool called the Ubuntu Software Center for a while now, but Fedora yet to have a viable alternative (at least none that I'm aware of)

Why web application?

Primarily is laziness on my side. Lots of components I need for this is already available in Plone, so might as well just use it rather than reinventing stuff.

With HTML5 and browsers getting more powerful, imo it makes sense to just utilize the capability.

I also want to integrate the social aspect into the AppRepo, and a web app is easier for that.

I want to help out!

If you want to help in the coding side, check out a little guide to deploy this site in your local at the about page: Nicer UI designs are most welcomed. Another way you can help out is to populate the site with more applications.


I noticed one insecurity with the browser plugin flow,  not on the plugin itself. It never asked for my confirmation with a list of packages to be installed, it only asked the root password, and that is a security problem imo. Confirmation should be done at local side as its possible to hide the package lists to be installed from the user in the website. Filed a bug on that. #769508

Another gotcha is , the PackageKit plugin only installs one package at a time, which is not nice in an application point of view, as an application or an application addon might consist of multiple packages before it becomes useful. Eg: "Empathy" is an application, single package, but "LibreOffice" is an application, which consist of multiple packages to get the full set, another possibility is "Additional protocol support for Empathy" where its an application addon group, which has several packages. Filed a ticket on that too. #769510

I wonder how much less secure a gnome-shell like plugin that provide a javascript function to install packages only from the installed, signed repositories compared to the current plugin. Even the current plugin, it is easy to phish for click. For security reasons, the installation confirmation imo should be in the form of local packagekit window that list out things that are to be installed, requested by what site, and ask for the root password. A trusted list of allowed sites that is allowed access to the JS function is also another option.

Popular posts from this blog

Adding simple popup to Plone frontpage

Here is a little guide for those who want to add a simple popup to the Plone frontpage for some purpose (eg: announcements, advertisements, etc).

Create a basic html file containing the content you want to appear in the popup. Upload it into $PLONE_SITE/portal_skins/custom (as Page Template) and for the sake of this example, name it popup.html

Afterward, create a Javascript file with your Pop-Up loader script. For example , this script:

function popup(mylink, windowname)
if (! window.focus)return true;
var href;
if (typeof(mylink) == 'string')
href=mylink.href;, windowname, 'width=220,height=400,scrollbars=no');
return false;

popup('popup.html', 'My Popup');

Also upload this file into $PLONE_SITE/portal_skins/custom (as Page Template too). For this example, name it as popup.js

Afterward, in $PLONE_SITE/portal_javascripts , add popup.js as a new script into portal_javascripts…

Tee'ing Python subprocess.Popen output

A little hack for python coders out there who wanted to have a functionality similar to the unix's tee command for redirecting output to multiple places.

import sys
from subprocess import Popen,PIPE
p = Popen(['put','command','and','arguments','here'],stdout=PIPE)

while True:
o = p.stdout.readline()
if o == '' and p.poll() != None: break
# the 'o' variable stores a line from the command's stdout
# do anything u wish with the 'o' variable here
# this loop will break once theres a blank output
# from stdout and the subprocess have ended

HOWTO: Mirroring Yum repositories using Yum-Utils

As promised before in one of my previous post, a Howto on how to mirror and manage yum repositories using some of the utilities in yum-utils.

The first step is, well, of course, is to get yum-utils from fedora repository
yum install yum-utils

Reposync is a utility for mirroring and synchronizing local copy of a yum/rpmmetadata repository.

This utility is very useful if you wanted to make a yum repository mirror. Before this, I used "wget -R -np -N" but this method is a little bit tedious and it doesnt work with repos that didn't use directory listing. Plus, it also download together additional site stuff that I don't need/want and it doesn't verify checksum of the downloaded packages.

Mirroring a repo using this utility is easy, just execute this command
reposync -r <repoid> -a <arch> -n
and the repo will be mirrored in a folder with the same name of the repoid in the directory you executed the command. Eg: you executed the command in /mnt/storage/mi…