top | item 18966956

(no title)

ledneb | 7 years ago

I discovered Chocolatey during a Windows stint at work ~3 years back and found their package quality to be very poor. I'd go as far as saying packages had a 50% chance of leaving you with a usable installation of software.

We ended up changing provisioning scripts to download .msi installers directly and run them with appropriate switches.

I also remember their website having a lot of "maintainers required" notices - I got the impression that the situation was a little desperate.

Has package quality improved? Is Chocolatey a genuinely reliable way to install software, now?

discuss

kapep|7 years ago

I've been using it since about 2 years and never had any problems installing anything. I guess I'm mostly using popular well-maintained packages though, so YMMV if you are installing some more obscure software.

I'm not sure about the maintainer situation. Some packages get updates quite regularly while other packages are always a few versions behind the latest release.

WorldMaker|7 years ago

I feel like Chocolatey had some good moments early on, but I realized that I stopped using it because I started to feel like I needed to audit every PowerShell installation script it tries to run (and that's the majority of how it operates; the majority of "packages" are just PowerShell scripts that in turn download an MSI from a well known location, checksum it [maybe], and run it), because of all the poorly maintained packages and some increasingly worrisome PowerShell scripts in some of them. Particularly with things like Software Development tools, you could also never tell if a package was "just" a minimal install of the software or some particular developer's preferred kitchen sink, and the package dependency model alone wasn't enough to tell you because it might just be buried in the PowerShell installer directly rather than in the declarative dependencies.

As someone else notes, weirdly Chocolatey's packages seemed to get worse and grow staler after the Kickstarter than before. I guess in hindsight it's about where I stopped feeling an interest in volunteering to help packages, but I'm not sure if it was subconsciously about "what was the Kickstarter money for?" or not. I feel it was more the "kitchen sink" problem that hurt my interest in Chocolatey most directly, because those maintainers would happily sit on the most common name for an application (say, "python") with their kitchen sink, wouldn't take suggestions to better their packages and then you just ended up having to wade through search listings for "slim-python" or "real-python" or "just-python" or "brians-lite-python" or "python-dave13". It stopped feeling like a helpful community and more "every developer for themselves" at that point.

yyyymmddhhmmss|7 years ago

No. it has only gotten worse. Scoop is the way to go.