On Fri, May 8, 2020 at 4:25 PM Fabio Valentini <decathorpe@xxxxxxxxx> wrote: > > On Fri, May 8, 2020 at 9:55 PM Zbigniew Jędrzejewski-Szmek > <zbyszek@xxxxxxxxx> wrote: > > > > On Fri, May 08, 2020 at 03:12:15PM -0400, David Cantrell wrote: > > > WHAT I WANT TO BE ABLE TO DO: > > > > > > * View Fedora's dist-git repos as authoritative for packages built for > > > Fedora. That is, I want to see a package on my Fedora system and be able to > > > visit its dist-git repo to see how it's packaged. > > > > Well said. > > > > > * Make the lookaside cache optional. For SourceX lines, I want to be able to > > > specify a git URL to a specific tag. fedpkg should use git archive to > > > include that in the SRPM. e.g.: > > > > > > Source0: https://github.com/rpminspect/rpminspect/archive/v0.12 > > > > Yes. This is somewhat orthogonal to the dist-git / source-git > > question. It would be absolutely great to have this right now on top of > > dist-git, so we don't need to do the step of 'amend Source0, spectool -g, > > fedpkg new-sources, git commit'. > > Huh? You mean have koji download sources from upstream directly? > I don't think that's a good idea, and it doesn't have external network > access anyway ... > Having autofetching by Koji would require the ability to specify the checksum for the file in the spec, IMO: https://github.com/rpm-software-management/rpm/issues/463 A central way to validate the source is "valid" that is portable across systems (koji, copr, obs, etc.) would make this a lot easier to trust. -- 真実はいつも一つ!/ Always, there's only one truth! _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
