On Fri, May 8, 2020 at 4:25 PM Fabio Valentini <decathorpe(a)gmail.com> wrote:
On Fri, May 8, 2020 at 9:55 PM Zbigniew Jędrzejewski-Szmek
> On Fri, May 08, 2020 at 03:12:15PM -0400, David Cantrell wrote:
> > WHAT I WANT TO BE ABLE TO DO:
> > * View Fedora's dist-git repos as authoritative for packages built for
> > Fedora. That is, I want to see a package on my Fedora system and be able to
> > visit its dist-git repo to see how it's packaged.
> Well said.
> > * Make the lookaside cache optional. For SourceX lines, I want to be able to
> > specify a git URL to a specific tag. fedpkg should use git archive to
> > include that in the SRPM. e.g.:
> > Source0: https://github.com/rpminspect/rpminspect/archive/v0.12
> Yes. This is somewhat orthogonal to the dist-git / source-git
> question. It would be absolutely great to have this right now on top of
> dist-git, so we don't need to do the step of 'amend Source0, spectool -g,
> fedpkg new-sources, git commit'.
Huh? You mean have koji download sources from upstream directly?
I don't think that's a good idea, and it doesn't have external network
access anyway ...
Having autofetching by Koji would require the ability to specify the
checksum for the file in the spec, IMO:
A central way to validate the source is "valid" that is portable
across systems (koji, copr, obs, etc.) would make this a lot easier to
真実はいつも一つ！/ Always, there's only one truth!