this post was submitted on 18 Oct 2023
1 points (100.0% liked)

Lisp

53 readers
3 users here now

founded 1 year ago
MODERATORS
rglullis
defmacro
1
Is Leiningen dead? (alien.top)
submitted 1 year ago by BetGlass7087@alien.top to c/lisp
42 comments fedilink hide all child comments
 

No commits on GitHub since 2022, the slack channel is dead silent, and it seems everyone here recommends deps.edn. Is Leiningen worth using in 2023 or should I jump ship?

you are viewing a single comment's thread
view the rest of the comments
[–] gnl_@alien.top 1 points 1 year ago

Pretty much everyone has given up on signing at this point, I think?

I sign all my packages (and also my release commits and tags) – the infrastructure and tools to support easy and thorough artifact verification may not exist at this point, but I'd rather see us collectively push things in that direction than give up on supply chain security altogether.

Nope. That's never been true. It's always been optional.

Maybe technically optional, but practically not so much – if you wanted to edit any metadata like project description, licenses, etc., you needed a pom.xml template file. The recent :pom-data in 0.9.6 is certainly a step forward.