From mboxrd@z Thu Jan 1 00:00:00 1970 From: ng0 Subject: Re: Fetching patches as origins instead of copying them into the Guix Git repo Date: Fri, 1 Sep 2017 09:58:00 +0000 Message-ID: <20170901095800.xp5pjshodj53im6v@abyayala> References: <87inh5uqpd.fsf@gmail.com> <87inh4lw7y.fsf@fastmail.com> <87y3q0ow9h.fsf@gmail.com> <87k21jjyzy.fsf@fastmail.com> <20170831213806.GA22308@jasmine.lan> <87shg7l812.fsf@fastmail.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="eictbtsizxulwh7a" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:37671) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dniic-0001Bx-Om for guix-devel@gnu.org; Fri, 01 Sep 2017 05:58:35 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dniiX-00063I-Rf for guix-devel@gnu.org; Fri, 01 Sep 2017 05:58:30 -0400 Received: from aibo.runbox.com ([91.220.196.211]:33426) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dniiX-00062p-L7 for guix-devel@gnu.org; Fri, 01 Sep 2017 05:58:25 -0400 Content-Disposition: inline In-Reply-To: <87shg7l812.fsf@fastmail.com> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Marius Bakke Cc: guix-devel@gnu.org --eictbtsizxulwh7a Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Marius Bakke transcribed 1.4K bytes: > Leo Famulari writes: >=20 > > On Thu, Aug 31, 2017 at 09:52:49PM +0200, Marius Bakke wrote: > >> Side note: I think we should start adding patches as origins instead of > >> copying them wholesale, to try and keep the git repository slim. > > > > We should make a git-minimal package for things like this, or use > > guile-git / libgit2. Git itself is a very "heavy" package. >=20 > No, I mean adding patches like this: >=20 > (define %CVE-1970-0001.patch > (origin > (method url-fetch) > (uri "https://example.com/CVE-2017-0001.patch") > (sha256 > (base32 > "12c60iwxyc3rj6ih06a1g80vmkf8khvhm44xr9va4h21b74v8f5k")))) >=20 > (package > (... > (patches (list (search-patch "guix-specific-stuff.patch") > %CVE-1970-0001.patch))) >=20 > That only requires the built-in guix downloader. I think we should reduce connections we have to make and assume that patches could disappear. I keep patches and sources around in offline and online ways because of this. If a source should disappear I could fall back to my storage. For cases like our icecat the patches are already fetched because they come directly from the upstream repository as far as I remember. That's okay. --=20 ng0 GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588 GnuPG: https://n0is.noblogs.org/my-keys https://www.infotropique.org https://krosos.org --eictbtsizxulwh7a Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEqIyK3RKYKNfqwC5S4i+bv+40hYgFAlmpLygACgkQ4i+bv+40 hYgQOA/+MnjZuO/Fz622utqDuCna2LJ9PR4k7STuu9fsMHEHy3LCTwn1iouO1Hf6 wmOGdC6iLQ0OPQZIE9VNV59+w/q0ta3UPnRrNRJskBdqcmke9hNDC+mucWaYXmZM kwzILqWAmyzLfXwMFIIoRKZ5yddB8lbZQmTA++1WEj+d3YlbslrYC5LHuHu4FV7D HcKjgODw53kxDbn+ZPC3CH1CSm4XihGnohxf2zPxXL1natb0AL9O2o/whDNN28AP HHpLptMsiGCb2h8FlAUV3bPBQnPALcGp2JIClGNMmefZ+09ZJoHEeJIL0Q/YJ6KC FuCnP0xCjP062SM8YOMyGZOC2vkTN1pFJ5v26VExuv0MkqpbBbLR5EHe98F7Ndrk 1vRvjrfO2dOj0VN1vHRdQHOqmkDcgMeCxPdIaMRVo6lQIc+AAB+B2ZblVydVZAL5 a/J6PQEDDasayNTBODGZGS24kedrzmTJds54Trfqi3XRTpy3qCr5rzj/dQxKfx0s +Lhlfb1oWdiyKlq4LZ0H4orxgODgaixj+ts6ZBx+l6mZkQdsCydMKukDSytLrTEP b+IIBcXqDQKB5V6+CQZfbP8WyBi6+8U0hhPAWzoICfJINBWGW5X5B+8yGTmF3iAv oH10FjXU9V/uvgCm7yvOv405fYtZqknvn1cOzhUJ3prIbYUQQnc= =t1Mv -----END PGP SIGNATURE----- --eictbtsizxulwh7a--