June 2015 Quicklisp dist update now available

This Quicklisp update is supported by my employer, Clozure Associates. If you need commercial support for Quicklisp, or any other Common Lisp programming needs, it's available via Clozure Associates.
New projects:
  • cambl — A library for working with financial amounts involving multiple commodities. — BSD-3
  • cerberus — A Kerberos implementation — MIT
  • cl-ledger — Double-entry accounting system. — BSD-3
  • cl-libssh2 — Libssh2 bindings — MIT
  • cl-sane — Lispy library bindings for sane. — GPLv3
  • docparser — Parse documentation from Common Lisp systems. — MIT
  • fn — Some macros for lambda brevity — Public Domain
  • frpc — An ONC-RPC implementation. — MIT
  • glass — General Lisp API Security System. — MIT
  • glkit — Various utilities for OpenGL — MIT
  • integral-rest — REST APIs for Integral DAO Table. — MIT
  • legion — Simple worker threads with a queue. — BSD 2-Clause
  • lime — A high-level Swank client, like Slime, but for Common Lisp applications. — MIT
  • mathkit — Various utilities for math — MIT
  • or-glpk — Foreign interface to the GNU Linear Programming Kit. — LGPL3
  • pounds — Lisp block storage, provides portable file mappings amongst other things. — MIT
  • qt-libs — System to ensure that the necessary Qt libs are available. — Artistic
  • restful — Spin up new REST entities like madman — MIT License
  • swank-protocol — A low-level Swank client. — MIT
  • temporal-functions — A means of creating functions that have an internal concept of time — 2 Clause BSD
  • utilities.binary-dump — Formatting of binary data similar to the od(1) UNIX program. — LLGPLv3
  • varjo — Common Lisp -> GLSL Compiler — LLGPL
Updated projects: apply-argv, arrow-macros, asdf-dependency-grovel, asdf-encodings, asdf-finalizers, asdf-linguist, asdf-package-system, avatar-api, babel, bit-smasher, black-tie, blackbird, blackthorn-engine, bordeaux-fft, buffalo, burgled-batteries, burgled-batteries.syntax, caveman, cells, cffi, chanl, city-hash, cl+ssl, cl-6502, cl-abnf, cl-ana, cl-annot, cl-autowrap, cl-bencode, cl-bibtex, cl-charms, cl-cli-parser, cl-coveralls, cl-cron, cl-csv, cl-dbi, cl-dot, cl-dropbox, cl-durian, cl-emb, cl-factoring, cl-ftp, cl-fuse-meta-fs, cl-gendoc, cl-geometry, cl-glfw3, cl-gpu, cl-growl, cl-influxdb, cl-isaac, cl-launch, cl-lexer, cl-libpuzzle, cl-libusb, cl-libuv, cl-llvm, cl-marklogic, cl-memcached, cl-messagepack, cl-mlep, cl-mustache, cl-netstring-plus, cl-nxt, cl-odesk, cl-pass, cl-pdf, cl-plplot, cl-ppcre, cl-primality, cl-project, cl-protobufs, cl-qrencode, cl-quickcheck, cl-rabbit, cl-recaptcha, cl-rethinkdb, cl-rlimit, cl-rrt, cl-sam, cl-sdl2, cl-shellwords, cl-slug, cl-smtp, cl-sophia, cl-strftime, cl-string-match, cl-tk, cl-unification, clack, classimp, cletris, clim-widgets, clinch, clipper, clos-diff, closer-mop, coleslaw, colleen, com.google.base, command-line-arguments, common-doc, common-doc-plump, common-html, contextl, crane, croatoan, css-selectors, daemon, dartsclhashtree, defclass-std, defpackage-plus, dissect, djula, dyna, eazy-gnuplot, eazy-process, eazy-project, eco, eos, escalator, esrap, esrap-peg, event-glue, exscribe, fare-csv, fare-memoization, fare-mop, fare-quasiquote, fare-utils, fast-io, fft, find-port, gendl, glaw, glop, glu-tessellate, hdf5-cffi, hermetic, html-template, http-parse, hu.dwim.asdf, hu.dwim.common, hu.dwim.common-lisp, hu.dwim.computed-class, hu.dwim.debug, hu.dwim.def, hu.dwim.defclass-star, hu.dwim.delico, hu.dwim.logger, hu.dwim.partial-eval, hu.dwim.perec, hu.dwim.quasi-quote, hu.dwim.rdbms, hu.dwim.reiterate, hu.dwim.serializer, hu.dwim.stefil, hu.dwim.syntax-sugar, hu.dwim.uri, hu.dwim.util, hu.dwim.walker, hu.dwim.web-server, ieee-floats, imago, inferior-shell, inner-conditional, inotify, intel-hex, ip-interfaces, jonathan, jwacs, kebab, lack, lambda-gtk, lambda-reader, lass, let-over-lambda, lfarm, linedit, lisp-executable, lisp-gflags, lisp-interface-library, lisp-invocation, lisp-namespace, lispbuilder, local-time, lparallel, lucerne, lw-compat, magicffi, md5, meta, mexpr, mgl, mgl-pax, micmac, misc-extensions, mixalot, modf, modf-fset, modularize, modularize-interfaces, myweb, named-readtables, nibbles, ningle, npg, opticl, osicat, pal, parse-js, periods, perlre, pg, plump, png-read, pooler, postmodern, projectured, protobuf, pzmq, qlot, qtools, query-fs, quri, random, rcl, readable, reader-interception, repl-utilities, retrospectiff, rfc3339-timestamp, rock, rpc4cl, rpm, rucksack, s-xml, scalpl, scriba, scribble, sdl2kit, serapeum, shuffletron, single-threaded-ccl, sip-hash, smackjack, smug, snappy, software-evolution, st-json, staple, stem, stumpwm, swank-client, swank-crew, sxql, temporary-file, thorn, trivia, trivia.balland2006, trivial-download, trivial-extract, type-i, type-r, unix-options, unix-opts, usocket, utilities.print-items, utils-kt, verbose, vertex, vgplot, websocket-driver, weft, with-c-syntax, woo, wookie, workout-timer, wuwei, xhtmlgen, zip, zlib, zs3.

Removed projects: arnesi+, asdf-contrib, asdf-project-helper, asdf-utils, until-it-dies.

arnesi+ has been removed because its repo has disappeared and its authors have not replied to inquiries in months.

asdf-contrib and asdf-utils have been removed by request of the author. asdf-project-helper has stopped working as a result.

until-it-dies has never actually worked, but was previously included because some of its auxiliary systems worked.

To get this update, use (ql:update-dist "quicklisp")


May 2015 download stats

Here are the top 100 downloads for May, 2015:
 5093  alexandria
 3865  babel
 3442  cl-ppcre
 3296  trivial-features
 3109  cffi
 3023  usocket
 2979  cl+ssl
 2821  bordeaux-threads
 2723  flexi-streams
 2720  trivial-gray-streams
 2702  trivial-garbage
 2621  cl-fad
 2588  nibbles
 2442  chunga
 2390  closer-mop
 2380  chipz
 2326  cl-base64
 2266  drakma
 2247  split-sequence
 2160  ironclad
 2104  anaphora
 2100  puri
 1792  iterate
 1758  trivial-backtrace
 1658  slime
 1618  local-time
 1371  md5
 1268  named-readtables
 1152  metabang-bind
 1104  hunchentoot
 1071  let-plus
 1067  cl-unicode
 1009  cl-colors
  953  cl-interpol
  936  trivial-utf-8
  874  cl-ansi-text
  862  prove
  851  plump
  851  cl-utilities
  849  optima
  842  jsown
  825  uuid
  821  parse-number
  816  trivial-indent
  815  trivial-types
  806  array-utils
  804  lquery
  794  postmodern
  791  quicklisp-slime-helper
  787  rfc2388
  770  clss
  766  lparallel
  731  fiveam
  723  ieee-floats
  710  quri
  696  asdf-system-connections
  661  cl-annot
  642  metatilities-base
  641  cl-containers
  603  cl-sqlite
  573  cl-syntax
  571  command-line-arguments
  564  salza2
  538  py-configparser
  531  cl-json
  525  cl-abnf
  524  garbage-pools
  523  cl-log
  522  dynamic-classes
  521  cl-markdown
  517  cl-mssql
  516  buildapp
  507  cl-who
  500  static-vectors
  498  asdf-finalizers
  491  clack
  482  fast-io
  468  zpng
  466  cl-vectors
  452  fast-http
  449  proc-parse
  408  esrap
  400  osicat
  397  trivial-shell
  394  fare-utils
  389  zpb-ttf
  387  cl-csv
  385  clx
  371  vecto
  364  jonathan
  360  fare-quasiquote
  354  parenscript
  336  closure-common
  333  cl-coveralls
  327  xsubseq
  322  stefil
  319  ningle
  312  cxml
  309  cl-yacc
  292  lack


Looking for more metadata

A few days ago I linked to a report showing a lot of systems that failed to build. They failed because I added an option in the Quicklisp build environment that signals an error if a system lacks the description, author, and license metadata.

This isn't a standard feature of ASDF or Quicklisp. No projects are going to be dropped next month because of it. It's an optional piece of the build system, one that I added so I could see how many systems are missing that useful data and how likely it is that people will care.

I really want to use the :description option and show it as output in the REPL when searching for systems with something like system-apropos. I also want to make it easy to quickly determine the license of a given system, so you can figure out if it's compatible with your project. And having author information readily available will make it easier to contact someone regarding the project.

ASDF system metadata is a good choice for storing this information because it's not Quicklisp-specific. Anyone can gather and use this data if it's present in the systems. I hope that in the future every system in every project will have as much useful and accurate metadata as possible.

So what should you do if you want to help with this goal?

First, if you maintain a system and it's in the report, please update each of its system definitions with :description, :author, and :license information. A good description should be no longer than a tweet,and give an idea of what the system is for. The author information should include a name and email address. The license should be short and refer to a well-known license if possible, or give information about where to read the full license otherwise.

If you're not the maintainer of a system, but you want to file an issue or bug report, consider making a polite request to the author that they update their systems to include the extra info. (If you can, make sure nobody else has submitted the request first.)


ASDF 3 is coming to Quicklisp soon

In the next week or two, I'm going to update Quicklisp so that if ASDF is missing, or not at least version 3.1, it will fetch and load ASDF 3.1.4. This should be a pretty conservative change. Almost all implementations already include ASDF 3.

If you'd like to try the new Quicklisp client that fetches ASDF 3 if needed, see this post to the Quicklisp mailing list.


May 2015 Quicklisp dist update now available

This Quicklisp update is supported by my employer, Clozure Associates. If you need commercial support for Quicklisp, or any other Common Lisp programming needs, it's available via Clozure Associates.

New projects:

  • bytecurry.asdf-ext — ASDF extension(s) for generating atdoc documentation. — MIT
  • cl-durian — dynamic html generation from list structures (interpolation friendly) — WTFPL
  • cl-marklogic — Common Lisp library for accessing MarkLogic Server. — LGPL3
  • cl-pslib — A CFFI wrapper for the pslib library, a library for generating PostScript files. — LLGPL
  • cl-pslib-barcode — A barcode generator for the cl-pslib library. — LLGPL
  • cl-simple-concurrent-jobs — A simple API for running concurrent jobs and collecting the results — BSD 2-Clause
  • cl-sophia — High-level API for Sophia key-value storage — WTFPL
  • cl-strftime — Common Lisp compiler for the strftime language. — MIT
  • cl-tga — TGA file loader — MIT
  • erudite — Literate Programming System for Common Lisp — MIT
  • intel-hex — A library to handle Intel HEX format. — MIT
  • snakes — Python style generators for Common Lisp. — Apache 2.0

Updated projects: alexandria, antik, arrow-macros, babel, beirc, birch, blackbird, buffalo, bytecurry.mocks, caveman, chanl, chipz, cl+ssl, cl-ana, cl-async, cl-charms, cl-enumeration, cl-gobject-introspection, cl-grace, cl-graph, cl-i18n, cl-launch, cl-mtgnet, cl-netstring-plus, cl-ply, cl-quickcheck, cl-rabbit, cl-read-macro-tokens, cl-readline, cl-rethinkdb, cl-sdl2, cl-singleton-mixin, cl-slug, cl-voxelize, cl-yaml, clack, clack-errors, clim-widgets, climacs, clinch, clipper, closer-mop, colleen, common-doc, common-html, common-lisp-stat, commonqt, corona, dartsclhashtree, dartsclmessagepack, defclass-std, dyna, eazy-process, exscribe, f2cl, fare-csv, fast-http, function-cache, gbbopen, generic-comparability, gsll, hu.dwim.delico, hu.dwim.stefil, hu.dwim.syntax-sugar, hu.dwim.util, immutable-struct, inferior-shell, jonathan, json-responses, lass, let-over-lambda, lev, lisp-interface-library, lisp-invocation, lisp-matrix, lquery, lucerne, metap, mexpr, mgl-pax, nibbles, ningle, nsort, perlre, plump, proc-parse, qlot, qtools, quadtree, quasiquote-2.0, scalpl, scriba, scribble, serapeum, shellpool, should-test, shuffletron, staple, stmx, stumpwm, thorn, transparent-wrap, trivial-download, usocket, with-c-syntax, wookie.

To get this update, use (ql:update-dist "quicklisp").


April 2015 download stats

Here are the top 100 downloads for last month:
 4230  alexandria
 3401  trivial-features
 3377  babel
 3366  cl-ppcre
 3102  cffi
 2717  bordeaux-threads
 2620  closer-mop
 2611  trivial-garbage
 2605  cl-fad
 2575  flexi-streams
 2574  trivial-gray-streams
 2471  cl+ssl
 2366  nibbles
 2245  usocket
 2228  cl-base64
 2210  split-sequence
 2191  chunga
 2087  slime
 2047  iterate
 2046  trivial-backtrace
 2042  drakma
 2002  anaphora
 1925  ironclad
 1691  puri
 1682  chipz
 1653  local-time
 1520  named-readtables
 1455  md5
 1399  hunchentoot
 1259  metabang-bind
 1152  cl-colors
 1124  let-plus
 1070  optima
 1051  cl-unicode
 1020  trivial-utf-8
  992  cl-syntax
  950  rfc2388
  946  cl-interpol
  943  trivial-types
  941  cl-annot
  934  cl-ansi-text
  846  postmodern
  839  prove
  803  parse-number
  799  asdf-system-connections
  791  uuid
  780  cl-utilities
  765  cl-containers
  765  metatilities-base
  760  quicklisp-slime-helper
  701  fast-io
  695  jsown
  672  ieee-floats
  671  lparallel
  664  static-vectors
  658  cl-json
  640  plump
  605  fiveam
  601  zpng
  594  lquery
  590  trivial-indent
  587  clss
  578  buildapp
  566  array-utils
  559  xsubseq
  557  cl-sqlite
  547  salza2
  546  quri
  542  command-line-arguments
  540  osicat
  521  garbage-pools
  520  fast-http
  515  cl-mssql
  509  cl-who
  508  cl-vectors
  506  clx
  505  iolib
  503  py-configparser
  499  dynamic-classes
  497  asdf-finalizers
  497  cl-log
  496  cl-marshal
  494  cl-markdown
  484  trivial-mimes
  483  cl-abnf
  477  clack
  465  fare-utils
  450  ningle
  418  zpb-ttf
  408  cl-dbi
  408  st-json
  404  http-body
  403  circular-streams
  398  closure-common
  392  fare-quasiquote
  380  cl-csv
  380  cxml
  377  parenscript
  373  myway
  352  map-set


A small step in the right direction: https for quicklisp.org

I had a joke slide at ELS last week that explained why Quicklisp was so easy to install: just use curl install.quicklisp.net | sudo sh.  (Don't try this.) Although Quicklisp's installation isn't as risky as piping random code into a root shell, it does have its own problems. Several people at the conference asked me when I would add more security features to Quicklisp.

As of this week, www.quicklisp.org is available through an https connection. Any requests that come in over http are redirected to the equivalent https location. That means you can have some confidence that the information there is provided by me, rather than intercepted and replaced by a third party.

The main Quicklisp website is only part of the story. The software to install and use Quicklisp is hosted on another domain, beta.quicklisp.org. That domain now has optional https access, so that any URL may be accessed either through https or http.

That means the bootstrap file quicklisp.lisp is available via https, and so is the PGP key I use to sign client software and dist metadata. (That key is also available via various PGP keyservers.) If you have programs that fetch quicklisp.lisp or software archives directly from beta.quicklisp.org, I encourage you to update them to use https instead of http.

Why doesn't beta.quicklisp.org use https exclusively? Unfortunately, the Quicklisp client code itself does not know how to connect via https, so turning off http access would break Quicklisp completely. It will take more time to update the Quicklisp client code to use https.

Implementing https for quicklisp.org is a small, but important, first step toward making the use of Quicklisp safer. If you have any questions or concerns, please get in touch via zach@quicklisp.org.