On Mon, Jun 10, 2013 at 12:32 AM, Karl Rupp <[email protected]> wrote:
> Hey, > > > > With -citations, or in addition to it, we should have some flag > >> that causes the print out of the unique version information for each >> package used in a computation. Since computations are often done >> "between" version releases or with "randomly" patched releases how >> can we capture that information? >> >> >> I think getting version information from other packages is pretty >> worthless (how many times has SuperLU >> had a shadow release). However, for all the packages that we control, we >> can get the SHA1 very simply. >> So a list of SHA1s for all packages would be meaningful. >> > > Yeah, SHA1 is fine. One problem, however, is the reverse-lookup, i.e. > trying to 'find' the correct packages with given SHA1s in order to e.g. > reproduce some results. If we provide all external packages out of our own > download repositories, we can keep track of the SHA1s in use. With external > download URLs, however, such a trace-back might be fairly hard or even > impossible. Thus, we might want to consider some date information in > addition to the SHA1 just to have a hint in case a SHA1 cannot be matched. > I am saying its not possible without managing the repo. Matt > Best regards, > Karli > > -- What most experimenters take for granted before they begin their experiments is infinitely more interesting than any results to which their experiments lead. -- Norbert Wiener
