From mboxrd@z Thu Jan 1 00:00:00 1970 From: Pjotr Prins Subject: Re: Go packaging Date: Tue, 10 Oct 2017 18:46:08 +0200 Message-ID: <20171010164608.GA6957@thebird.nl> References: <20171003151504.GA27166@jasmine.lan> <20171004041918.GA21664@thebird.nl> <20171004142225.GA2547@jasmine.lan> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:39027) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e1xh6-0008Hs-17 for guix-devel@gnu.org; Tue, 10 Oct 2017 12:47:48 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e1xh2-0001pc-SW for guix-devel@gnu.org; Tue, 10 Oct 2017 12:47:47 -0400 Received: from mail.thebird.nl ([95.154.246.10]:38204) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1e1xh2-0001ot-Kw for guix-devel@gnu.org; Tue, 10 Oct 2017 12:47:44 -0400 Content-Disposition: inline In-Reply-To: <20171004142225.GA2547@jasmine.lan> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Leo Famulari Cc: guix-devel@gnu.org On Wed, Oct 04, 2017 at 10:22:25AM -0400, Leo Famulari wrote: > That package.json file is not a standard thing in the Go world. > I've found that Go applications use a variety of dependency manifest > formats, or just use Git submodules. Guix is a good thing then :). Also it means that they don't really enforce a dependency graph. How can you enforce something if you have many implementations? The enforcement is only at the single package level. > Rather, I think we should have a special go-package procedure, used in > the inputs field of the calling application, which would build the > relevant library modules of the correct Git commit. Does that make > sense? Yes. Since you can do a 'go build' I think it is possible to do this in a traditional way. It sucks that GO has so many small dependencies (similar to the node mess). But maybe we can import them somehow. Does the build tool show the graph? It is interesting that different packages have different git checkout dependencies (so different hash values for the same package go-ssl or whatever). For developers this is great because users end up with the exact same dependency graph. But for Guix I think we can ignore this. It is what we are doing today. It is easy to create a deployment environment in Guix that was never tried before. Therefore, we also don't really care. We just provide the latest and see if that works. So, I suggest to import just one version of go-ssl and cross fingers it works. If it doesn't - well then it gets a bit harder and we'll have to deal with multiple versions. > > We ought to have a look at how Nix packaged Go builds because they are > > already have a solution. Be interesting to see if they found a way to > > compile packages 'greedily', the way Python does it. > > I looked at their build system itself a few weeks ago when I was still > learning how Go compilation works. I agree, it would be fruitful to see > how they handle the issues I've raised here. Any update? Pj. --