Hi, 2012/4/30 Adrien <camarade...@gmail.com>
> Hi, > > On 30/04/2012, Sylvain Le Gall <sylv...@le-gall.net> wrote: > > Hi, > > > > 2012/4/30 Markus Mottl <markus.mo...@gmail.com> > > > >> Hi, > >> > >> is it advisable to create Godi packages that check out a labeled > >> version from a version control system rather than download tarballs? > >> E.g. if I want to make a new release, I'd ideally just want to update > >> the version number in the Godi-Makefile rather than having to create a > >> tarball, upload it to some website, get its size and sha1sum, and > >> finally add this information to Godi. One downside would likely be > >> somewhat diminished security, since the sha1sum and size may not be > >> stable (the VC might use updated archive and compression tools to send > >> you a tarball). > >> > >> Any ideas whether it's worthwhile for me to go into that direction, or > >> should I better stick to the old & trusted but more cumbersome way? > >> > > > > Well, it will make GODI depends on git/hg/darcs/svn/whatever, which will > > imply increased complexity. You also have to think of other packagers > > (Debian/Fedora/Mageia) that will have the same problem. And so on and so > > forth. > > > > I tend to think that distributing source code directly from VCS checkout > is > > not a good idea -- it seems convenient at first glance but breaks a lot > of > > convention. > > On the opposite, I've found it pretty convenient for development with > lablgtk2. But as an option and not a dedicated package which would > probably be overkill. > > It'd be nice to be able to do that for each package and it's still > manageable for ocaml stuff (but it'll only get more and more complex). A very basic stuff that you don't get with a VCS checkout, is the generated file that you create in your predist (for darcs). E.g. : - configure generated from configure.ac using autoconf - setup.ml generated from _oasis using oasis. So either you check both of them into VCS which will make them suitable for a checkout that reproduce exactly the same situation, BUT will make people complain of checking in generated files. Or you create a branch with generated files + tag (possible in some VCS like git) but will implies understanding branches and creating a branches per release (not that bad). Other argument: it is highly probable that in 5 years a bunch of new VCS will have appeared and a another bunch get deprecated -- whereas I can bet that 'tar', 'gzip' and 'wget' will still be around and still working as expected... And it will probably have been backed up by web archive. Try to download something from http://web.archive.org/web/20070629215321/http://www.ocaml.info/home/ocaml_sources.html#toc14and after that try http://wayback.archive.org/web/*/http://github.com -- just for fun. I think that a tarball is a reasonnable intermediate options to establish a token of exchange between upstream dev and packager (i.e. a language that is understood by everyone). But as a packager, I fear the "pandora box" effect, you start by thinking that distributing through VCS is great and then people stop tagging their release and say "use HEAD" (short true story of mine: I was talking to a git user and tell him that he should put/push a tag... He answered 'what is a tag?'). But that is just IMHO. There are pro and cons. Cheers Sylvain
_______________________________________________ Godi-list mailing list Godi-list@ocaml-programming.de https://godirepo.camlcity.org/mailman/listinfo/godi-list
