At 3:05 AM -0500 4/22/12, Ryan Schmidt wrote:
Sorry, I missed your latest comments in the ticket.
On Apr 21, 2012, at 20:30, Sean Farley wrote:
>> I think the git.branch can be used interchangeably: it's both a
tag or a hash.
You mean having code that would look the following?
github.setup williamh dotconf 1.3 v
If the author is williamh, and the project name is dotconf, and the
version number is 1.3, and the tag prefix is v, then yes.
github.branch 6382711e9b0060bbd0408df512e48b2ce9cdb3be #needs to
be the whole hash so livecheck will work
There's no such variable. Just use git.branch, same as if you
weren't using the github portgroup.
Which then will use the zip / tarball download by default
I didn't think github had automated downloads available except for tags.
If github has automated downloads available for any tag/branch as
well, then we would need to verify that they always have the same
checksums, and are not generated on the fly. I'm pretty sure that
bitbucket, for example, generates them on the fly, meaning different
users requesting them at different times will get different
checksums, which means they're not suitable for use as master_sites
in MacPorts.
I'm no Git expert, but wouldn't git archive help us? Git archive
will retrieve from a remote repository and can format the result as a
zip file. From the man page:
<tree-ish>
The tree or commit to produce an archive for.
I don't know whether the checksums would always be the same. As I
understand Git, a commit hash uniquely identifies a particular state
of the repository so if we specify a hash, we'll always get precisely
the same result. The only exception would be, I guess, if someone
has hacked the repository. I have no idea if that could be done
without detection by the repository site. I take it that is what
we're trying to protect against?
Craig
_______________________________________________
macports-dev mailing list
[email protected]
http://lists.macosforge.org/mailman/listinfo.cgi/macports-dev
