[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Fetching patches as origins instead of copying them into the Guix Gi
|
From: |
ng0 |
|
Subject: |
Re: Fetching patches as origins instead of copying them into the Guix Git repo |
|
Date: |
Fri, 1 Sep 2017 09:58:00 +0000 |
Marius Bakke transcribed 1.4K bytes:
> Leo Famulari <address@hidden> writes:
>
> > On Thu, Aug 31, 2017 at 09:52:49PM +0200, Marius Bakke wrote:
> >> Side note: I think we should start adding patches as origins instead of
> >> copying them wholesale, to try and keep the git repository slim.
> >
> > We should make a git-minimal package for things like this, or use
> > guile-git / libgit2. Git itself is a very "heavy" package.
>
> No, I mean adding patches like this:
>
> (define %CVE-1970-0001.patch
> (origin
> (method url-fetch)
> (uri "https://example.com/CVE-2017-0001.patch";)
> (sha256
> (base32
> "12c60iwxyc3rj6ih06a1g80vmkf8khvhm44xr9va4h21b74v8f5k"))))
>
> (package
> (...
> (patches (list (search-patch "guix-specific-stuff.patch")
> %CVE-1970-0001.patch)))
>
> That only requires the built-in guix downloader.
I think we should reduce connections we have to make
and assume that patches could disappear.
I keep patches and sources around in offline and
online ways because of this. If a source should
disappear I could fall back to my storage.
For cases like our icecat the patches are already
fetched because they come directly from the upstream
repository as far as I remember. That's okay.
--
ng0
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://n0is.noblogs.org/my-keys
https://www.infotropique.org https://krosos.org
signature.asc
Description: PGP signature
- Re: Fetching patches as origins instead of copying them into the Guix Git repo,
ng0 <=