[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Software Heritage API
|
From: |
Efraim Flashner |
|
Subject: |
Re: Software Heritage API |
|
Date: |
Wed, 23 Aug 2017 22:12:38 +0300 |
|
User-agent: |
Mutt/1.8.3 (2017-05-23) |
On Mon, Feb 06, 2017 at 10:34:17AM +0100, Ludovic Courtès wrote:
> Hello Guix!
>
> I couldn’t attend the Software Heritage talk at FOSDEM, but they had
> good news:
>
> https://www.softwareheritage.org/2017/02/04/archive-api/
>
> The API is currently limited to meta-data (retrieving the actual data
> returns 401.) Still that looks pretty cool already.
>
> Ludo’.
>
I've kept this tagged to take a look at it later. I checked the sha1sum
of swig-3.0.10.tar.gz and it gave me a valid URL.
https://archive.softwareheritage.org/api/1/content/c672b8535394cfb204c70de7c66e69fb20a95647/
https://archive.softwareheritage.org/api/1/content/sha1:c672b8535394cfb204c70de7c66e69fb20a95647/
https://archive.softwareheritage.org/api/1/content/sha256:2939aae39dec06095462f1b95ce1c958ac80d07b926e48871046d17c0094f44c/
If you take a look at the page(s), '/raw' can only be appended to the
sha1 (or blank) URLs to download the source, which currently returns
401.
Currently our "magic mirrors" search hydra based on the hash; in order
to check here also for the source we'd have to undo the base32 hash, and
then either transform the sha256 hash to a sha1 hash, or use two API
calls, the first to check for the source and the second to get and use
the url to download it. A quick check online makes me think it's not
possible to take a sha256 hash and get the sha1 hash of that file.
--
Efraim Flashner <address@hidden> אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
signature.asc
Description: PGP signature
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: Software Heritage API,
Efraim Flashner <=