Make ]InstallPackage safer

[aplteam]

When only a package name (without group) is passed as argument to ]InstallPackage then all known Registries with a priority greater than zero are scanned.

The problem ist that the user might not be aware of a package with the same name but a different group name available on a server with a higher priority than the intended server.

Forcing the user to specify a group name would solve the problem but is not very user friendly: if one cannot remember the group name, or the correct spelling, it won't work.

Instead the user command could tell the user which package Tatin intends to install and ask the user whether that should be installed or scanning should be resumed.

At the same time it's probably better to remove the possibility to specify just a name without group from the equivalent API function call.

[DavinChurch]

May I suggest that Tatin continue to scan all the registries anyway. If multiple versions of the package are available but with the same group name, then use the existing logic to choose the appropriate one. However, if the package name exists with multiple group names, then present a list to the user (if it's a user command) and ask them which one they meant.

I find it annoying to always have to specify a group name when I'm almost certain that the package name is unique. I'd rather not see that solution used.

With the API, perhaps requiring it to specify the group isn't too bad, or it can simply return an error if the package name isn't unique. Then the calling program can ask for a ListPackages and determine which group it needs to request specifically.

[aplteam]

May I suggest that Tatin continue to scan all the registries anyway

Well, that comes with a significant performance penalty - are you willing to pay that price for saving a little bit of typing?

In particular the cache we want to introduce in a not too distant future would be far less useful when neither a Tatin server nor a group name is provided.

[DavinChurch]

I don't think that would be a problem. How often do you need to do ]InstallPackage anyway? It's not like it has to run once a second for hours at a time, so even if it took an extra 10-30 seconds it wouldn't bother me to do that a few times on the rare occasions that I need to use it at all. That would be less time than me having to figure out the proper spelling and capitalization of the group name where I wanted to get the package anyway.

[DavinChurch]

For that matter, I'm tempted to suggest that this same concept be applied when asking to install a package with the wrong name capitalization... If I don't capitalize the name properly, why not scan the appropriate librar[ies] doing a case-insensitive search and if exactly one matches that way, assume that's the one that was meant? Name mis-capitalizations could be handled together with either a missing or mis-capitalized group name in a combined search sequence without costing any more.