On Fri, Jun 26, 2015 at 9:44 AM, Pierre-Yves Chibon <pingou(a)pingoured.fr>
wrote:
The risk is also ending up with a situation where a bunch of packages
are
using
one approach, another bunch are doing something else, and yet a third
bunch are
doing yet another way because of x, y, z.
Tags are a nice git features, but due to the nature of git itself, are a
moving
target.
Relying on it is not a wise thing to do.
You may understand the pros and cons, you may know that tags are moving
target
but do not forget that we have a lot of people in community, including
packagers
that are not developers. I think have one way of doing things and have
this way
be the most secure one is better than offering multiple options left at the
discretion of people that may or may not have a deep understanding of the
stake.
Git Tags are not a moving target. Just because some people are abusing
them doesn't
mean we ban that functionality. The Draft guideline addresses clearly what
to do if you
believe someone is engaging in re-tagging. The current guideline is silent.
As I mentioned previously, the commit hash is part of the generated
archive. That information
is never lost, regardless of what upstream does with the Git Tag.