guix-patches
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#31395] [PATCH 2/2] gnu: Add snap.

From: Eric Bavier
Subject: [bug#31395] [PATCH 2/2] gnu: Add snap.
Date: Thu, 10 May 2018 08:47:22 -0500 
On Thu, 10 May 2018 15:10:00 +0200
Nicolas Goaziou <address@hidden> wrote:

> Hello,
> 
> Eric Bavier <address@hidden> writes:
> 
> >> +       (uri (string-append
> >> +             
> >> "https://github.com/jmoenig/Snap--Build-Your-Own-Blocks/archive/";
> >> +             version ".tar.gz"))  
> >
> > I think we're trying to stay away from Github's auto-generated tarballs
> > now, because they are not guaranteed to remain the same over time.
> >
> > Unfortunately this project doesn't seem to upload its own release
> > tarballs.  I would instead use a git checkout.  
> 
> Version is a tag, therefore a commit, so I would think it should remain
> identical over time. Besides a number of packages use this (e.g.,
> audacity...)

It's worse than that.  See e.g.
https://marc.info/?l=openbsd-ports&m=151973450514279&w=2

Many other packages use it because the issue was only brought to light
more recently.

> 
> Granted, I'm not well-versed in Github technology. Yet, using a git
> checkout slightly complicates the package, and its subsequent updates,
> so I'd rather only use it if absolutely necessary.
> 
> WDYT?

I don't think it would make the package more difficult.  If anything I
think it could make it easier.  E.g. it wouldn't need the tar and gzip
inputs and wouldn't need to untar.

You don't need to use a git hash at all.  If the release is tagged, you
can use that in the git-reference commit.  E.g. a recent package I
made, "ghostwriter", does this.

HTH,
`~Eric

Attachment: pgpAGV7C6y5e9.pgp
Description: OpenPGP digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]