Manifest file explained

In computing, a manifest file is a file containing metadata for a group of accompanying files that are part of a set or coherent unit. For example, the files of a computer program may have a manifest describing the name, version number, license and the constituent files of the program.[1]

The term is borrowed from a cargo shipping procedure, where a ship manifest would list the crew and/or cargo of a vessel.

Types

Package manifest

Linux distributions rely heavily on package management systems for distributing software. In this scheme, a package is an archive file containing a manifest file. The primary purpose is to enumerate the files which are included in the distribution, either for processing by various packaging tools or for human consumption. Manifests may contain additional information; for example, in JAR (a package format for delivering software written in Java programming language), they can specify a version number and an entry point for execution. The manifest may optionally contain a cryptographic hash or checksum of each file. By creating a cryptographic signature for such a manifest file, the entire contents of the distribution package can be validated for authenticity and integrity, as altering any of the files will invalidate the checksums in the manifest file.

Application and assembly manifest

See main article: Side-by-side assembly and Manifest (CLI). In Microsoft Windows, software that relies on Windows Side-by-Side (WinSxS) needs an application manifest, which is an XML document that is either embedded in an executable file or contained in a separate XML file that accompanies it. It bears name, version, trust information, privileges required for execution and dependencies on other components.[2]

An assembly manifest is very similar to an application manifest but describes the identity of components known as "assemblies". These assemblies are referred to in the application manifest.[3]

An example of an application manifest is as follows. This application manifest has two core parts: Security and dependency. The security part says that the application requires "asInvoker" security level; that is, it can be operated at whatever security level it is executed. The dependency part says the application needs a component called "Microsoft.VC90.CRT" with version number "9.0.21022.8".

HTML5 cache manifest

See main article: Cache manifest in HTML5. A cache manifest in HTML5 is a plain text file accompanying a web app that helps it run when there is no network connectivity. The caching mechanism reads this file and ensures that its contents are available locally. An HTML5 cache manifest is served with its content type set to "text/cache-manifest".[4]

Example of a cache manifest:

CACHE MANIFEST 
/test.css
/test.js
/test.png

Webmanifest

A webmanifest is a JSON file used in progressive web apps to make them easily shareable via a URL, discoverable by a search engines, and alleviates complex installation procedures. Furthermore, PWAs support native app-style interactions and navigation, including being added to home screen, displaying splash screens, etc.[5]

Notes and References

  1. Web site: Researchers discover HiddenAds malware in a dozen Android apps that were distributed on the Google Play Store. Ashwin. 2015-08-01. ghacks.net. G Hacks. 2015-08-19. This Directory class contains special metadata in a manifest file. This data can be recognized by the Contact Provider, which developers can use to create a custom directory, and to transfer data between the device and online services..
  2. Web site: Application Manifests. Side-by-side Assemblies Reference. Microsoft. 23 December 2015.
  3. Web site: Assembly Manifests. Side-by-side Assemblies Reference. Microsoft. 23 December 2015.
  4. Web site: 7.7 Offline Web applications. HTML Standard. W3C. 22 December 2015.
  5. Web site: "Web App Manifest", Working Draft. "Web App Manifest", Working Draft. W3C. 12 September 2016.