If I am not using Quicklisp, how should I get Common Lisp libraries?
I avoid Quicklisp because my concerns are similar to:
https://news.ycombinator.com/item?id=13097333
At the moment, I am using the libraries that are available in the Ubuntu
repositories (Ubuntu is the OS I use). However, there are only about 150
libraries available this way (although all the popular ones are available).
In comparison, Quicklisp has about 2000 libraries. The obvious alternative is to
manually download libraries, but this is difficult if the library has lots of
dependencies. Perhaps I should look into the GNU Guix package manager, which has
nearly 500 Common Lisp libraries.
Any suggestions on what I should do?
I write all of the dependencies I use, but I would manually download and audit any I didn't. If a library uses dozens upon dozens of dependencies, consider not using it.
I usually just git clone libraries and audit the whole library before using it, it takes a bit of time but it's worth it in my opinion for the security focus but also for learning new things.
This is also good if you want to make changes to the library.
Use the Guix package manager?
>>5
Yes. On the author's end: write less code. On the library user's end: use less code.
git cloneor whatever to ~/common-lisp
Then assuming you have a REPL up
(asdf:clear-source-registry)
(asdf:load-system :drakma)Drakma is used as an example but I would actually encourage you to try it. It surprisingly has many dependencies because of the dependencies of it's dependencies.
You'll get yelled at about what dependency you're missing so you hunt it down, drop into ~/common-lisp again and repeat the asdf commands. Tedious.
Guix is a good suggestion, Nyxt does this, as an example of a larger CL project. Writing Guix packages is easy too so if you don't find a CL library supported, do the world a favor and write a Guix package so we have a bit less misery.
>>7 Is there a way to read the sources that get pulled by the Guix package?
>>8
If you installed cl-drakma, the sources will be in ~/.guix-profile/share/common-lisp/source/cl-drakma/.
If you installed sbcl-drakma, the sources will be in ~/.guix-profile/share/common-lisp/sbcl/drakma/.