On Sun, Apr 30, 2017 at 09:35:44PM +0200, Julien Lepiller wrote:
> What's the policy about using patches, snippet or build phases? I was
> recently asked to move code from snippet to build phase because it did
> not address a security issue or remove non free or bundled components,
> but I can't find anything documenting the choice we should make.

I don't know if we have a real "policy"; here are my thoughts.

Guix is a useful tool for acquiring free software source code to be used
outside of Guix, with `guix build --source`. Origin snippets and patches
affect the result of `guix build --source`.

Snippets are necessary for removing non-free bits from what is provided
by `guix build --source`. Without this, I think we'd run afoul of the
free system distribution guidelines (FSDG).

Then there are changes we make in order to port software to Guix or make
other relatively unimportant changes. If they can be done with a
sed-like / regex substitution, we do them in build phases. It's helpful
to keep them in Scheme, and we don't want to distribute them via `guix
build --source`.

Patches are for things that are difficult / opaque to do with a sed-like
tool. They are applied to the result of `guix build --source`. I also
like using patches when copying changes from upstream; the provenance of
the change can be made clear in the patch annotation. For this reason,
most of the security updates I push use patches, even if they are
one-liners. Maybe these changes aren't always helpful for users of `guix
build --source`, but I try to limit them to important bug-fixes.

I'm curious to hear others' thoughts on this subject!