Creating Packages
Packages are quite simply a folder that contains some code and a box.json
file. A package can be a simple CFC, a self-contained library, or even an entire application. ColdBox and ContentBox modules also make great "smart" packages.
Remember, packages aren't just the things you install into your application, but your application is a package too! That's why when you install something in your app, we'll create a /box.json if it doesn't exist to start tracking your dependencies.
Your box.json
file describes your package, dependencies, and how to install it. To turn a boring folder into a sweet package just run the init
command in the root of the folder.
That's it. Your folder now has extra meta data in the box.json
file that describes it in a way that is meaningful to ForgeBox and CommandBox.
Distribution
When making a package available on ForgeBox, each version of that package has its own location. Most download locations point to a zip file, that when extracted, contains a folder with a box.json in it. The box.json designates the root of the package. However, the location
property of your box.json can be any valid endpoint ID. An example would be:
In that case, the location
for version 1.0.0
of this package is the v1.0.0
tag in that GitHub repository.
Storing Package Binaries on ForgeBox
ForgeBox can store the binaries for your packages in the ForgeBox Cloud. This provides you with an easy way to store multiple versions of your package distributed across the globe.
To utilize ForgeBox Storage, simply set forgeboxStorage
as the value of your package's location
.
When you publish a package, CommandBox will automatically zip up your package and send it to ForgeBox.
CommandBox will also create an MD5 hash of the binary when publishing. Any time the package is downloaded, CommandBox will verify the binary hash of what is downloaded.
Custom binary hash
When using ForgeBox storage, we calculate the binary hash of your package for you, but when you are providing your own HTTP storage on S3 or elsewhere, you can still include an MD5 hash of the binary directly in your box.json
via a binaryHash
key which needs to be present when running the publish
command. The value should change any time the actual binary is updated and will be sent automatically to ForgeBox and verified on every future download.
Forgebox publish
Command
publish
CommandWhen you run the publish
command from the root of a package, the package will be created on ForgeBox. If the package already exists in ForgeBox, the new version will be added. If the version already exists, the package metadata will be updated.
Most of the data about a package exists in the box.json
such as name, slug, version, etc. There are also some files read from disk by convention. The publish
command looks by convention for the following files (case insensitive) when publishing
readme
- Maps to Package Descriptioninstructions
- Maps to Installation Instructionschangelog
- Maps to Change Log
Every file is checked for .md
, .txt
, and no extension in that order.
Publishing to ForgeBox from start to finish
Below is an example of the commands that would take you from scratch to a published package:
Private Packages
ForgeBox supports private packages. Private packages are only visible to the user who created it.
To create a private package, pass the private
flag to the package init
command.
Last updated