When you use guix download, or url-fetch, the hash is computed over the entire
file, whether it's a tarball that contains other files or whatever else
doesn't matter. You can't exclude files from inside the tarball. It's just the
checksum of the file.
What you describes sounds like you're downloading a tarball that's generated
from your master instead of a particular commit. So everytime you push a
change to guix.scm, it's a new commit and a different tar.gz (different
checksum). So you're always chasing after the correct checksum, which won't work.
So you can have a guix.scm in your repo, but it can't refer to a generated
tarball from master. Instead, you could make it refer to master and not have
to provide a hash like so:
(source (git-checkout (url "https://…";)))
No more chasing afcer master :)
On July 9, 2022 1:09:27 PM GMT+02:00, Zelphir Kaltstahl
<zelphirkaltstahl@posteo.de> wrote:
Hello Guix users!
I feel a bit stupid to ask about this topic again, however, to me it is not
really clear, what I need to do, when calculating the hash of a package, so
that I can write it in the package definition.
I have a project (https://notabug.org/ZelphirKaltstahl/guile-fslib), which
I have packaged before, but that was already a year ago or so, and I forgot the
precise process involving the hashes.
I have the following questions:
(1) When I edit the `guix.scm` file and change the hash in there, make a tarball
release on notabug, and then run `guix download <tarball of release>`, I get a
new hash. If I edit the guix.scm file again and repeat the process, I get a new hash
… endless loop of getting a new hash and changing the file accordingly. My guess is,
that this is, because `guix download` does not exclude the `guix.scm` file. I would
have to manually make a `tar.gz` and upload that as a release to notabug and then
reference that. – Is this correct?
(2) I guess I should be using `guix hash --exclude-vcs --serializer=nar --format=???
.` instead, since my package definition makes use of the `git-fetch` method of fetching
the package. I had totally forgotten about this, until I searched in old e-mails, reading
old replies to previous questions I asked on this mailing list. I think it could be made
clearer in the docs, which command to use in which case. However, now I am not sure which
`--format=` I should use. I would guess `base32`, because in my package definition it
says `(sha256 (base32 "..."))`. Is this correct? Or is the default fine?
(3) What is the recommended way to update a package's source code and then "in
one go" calculate the hash, update the `guix.scm` and make a proper release, which
only has the appropriate files in the tarball?
(4) Should a release tarball contain a `guix.scm` package definition? (My
guess is not, since the hash in that file changes and that would change the
tarball. Maybe I am overlooking things/magic though.)
I am feeling like I am stuck in what should be a simple process, because I
still have some points that are unclear to me. I try updating my guide to
packaging a pure Guile package when I learn new things, so that I can read up
next time I want to make a release or a new package, but a few things are still
missing or unclear.
Thank you for all your help!
Best regards,
Zelphir
-- repositories: https://notabug.org/ZelphirKaltstahl