Pkghash

By Tyler

The last 6 months or so I’ve really gotten into programming with Zig. It’s a simple, powerful language and just a lot of fun to program in. One of the more interesting things with zig is that Anderew Kelly (the lead designer and creator of zig), is adamant that the process distributing zig packages should be decentralized. He doesn’t have an interest in creating an official registry like PyPi (python) or Crates.io (rust). The system is neat, and as of version 0.11.0, Package managment is part of the zig standard library. However it does come with some challenges.

Distributing code is often done by distribuing the source files, where users can then compile locally. In order to provide some security Zig requires that packages declare a manifest of what files they distribute, and encode those files using a hash. The practice of hashing files that are being distributed as a checksum is not new, but zig uses multihash to hash files, which is less common.

So for fun, I wrote a tool called pkghash, which can be used to generate hashes. Saying I “Wrote” it is a bit much. What I did was fork an existing tool from the zig zap library that they use for generating hashes. The reason for forking was that I wanted to make a standalone tool, and add some functionality. Specifically pkghash allows you to specify exactly what files you want to be included in your hash. This can be nice if you are creating multiple libraries in a ‘workspace’ like setting.

Anyway, this is short blog for this month. Hope you have a great summer!


Have something you want to add? Join the conversation on Discord.