[clbuild-devel] [PATCH RFC v3] get_tarball: store contents in a darcs repository (Was: Simplify test...)
David Lichteblau
david at lichteblau.com
Tue Oct 28 09:52:45 UTC 2008
Quoting Daniel White (daniel at whitehouse.id.au):
> Sorry about the noise. The contents of the tarball weren't being
> correctly copied when the extracted directory had a version in the name.
FWIW, I like this approach at lot.
We should be clear about clbuild's preference for "real" upstream
repositories, but if there are only tarballs for a project, it certainly
helps to have this local darcs conversion.
Have you considered hacking a "cliki" mode on top of this, which would
simulate asdf-install behaviour by downloading everything from
http://cliki.net/PROJECT?download as a tarball?
We'd need a solution that avoids all the GPG signature checking that
asdf-install does. My impression is that hardly anyone actually bothers
to set up a key chain for these checks, so they are pretty useless in
reality. But since anybody can edit cliki pages, some safety
precautions are definitely required.
Perhaps it would be "good enough" to present the user with the list of
URLs (not the cliki URLs, but the actual tarball locations after
redirection) and ask them whether to proceed? We'd have as much safety
checking with this approach as users have for manual tarballs downloads.
(And thanks to our dependency file, we can ask this question in advance
for all projects being downloaded, whereas asdf-install only discovers
dependencies during the build, leading to a series of inconvenient
interactive confirmations.)
d.
More information about the clbuild-devel
mailing list