Hello, Marius Bakke <[email protected]> skribis:
> Leo Famulari <[email protected]> writes: > >> On Thu, Aug 31, 2017 at 09:52:49PM +0200, Marius Bakke wrote: >>> Side note: I think we should start adding patches as origins instead of >>> copying them wholesale, to try and keep the git repository slim. [...] > No, I mean adding patches like this: > > (define %CVE-1970-0001.patch > (origin > (method url-fetch) > (uri "https://example.com/CVE-2017-0001.patch";) > (sha256 > (base32 > "12c60iwxyc3rj6ih06a1g80vmkf8khvhm44xr9va4h21b74v8f5k")))) > > (package > (... > (patches (list (search-patch "guix-specific-stuff.patch") > %CVE-1970-0001.patch))) > > That only requires the built-in guix downloader. I agree, I did that a few times for this reason. Once I did that for Coreutils, fetching the patch via a Cgit URL at Savannah, and somehow that URL went broken at some later point, which was annoying. But in general, it shouldn’t be worse than source URLs that go 404. Ludo’.
