ngompa added a new comment to an issue you are following:
``
At the same token, I don't see why we should grant some repositories the
"privilege" of being checked out directly. What qualifications would we use to
identify which ones are "good" vs which ones are "bad"?
If we decided to go down this path, I'd probably say that we'd need to fork every
source repository into Fedora's VCS, to maintain total source stability. That also
changes the dynamic of how we'd build packages entirely.
The problem with the SRPM alone is that it doesn't count as upstream content, since
it's no longer just a pure container of "their code" and "our
code". It's a generated intermediate artifact.
One thing we _do_ have is that in most cases, we're able to say that we're using
what upstream gives us (in the form of their tarballs) to build our releases. That changes
when we use the VCS directly. We can do all kinds of weird transformations and no one
would be able to easily figure it out. It also makes it much easier to do monkey-patching
without ever contributing back to the upstream projects (_a la_ Debian, _et al_).
And generally, developers _aren't_ making tarballs out of goop. Most things are
forge-hosted, so tarballs come from the release URLs. Things that aren't release
tarballs on their own. And things without tarballs generally aren't supposed to be
used as releases, which is a clear delineation.
So I guess the better question is, what problem are you trying to solve? What thing is so
difficult and annoying that you want Koji to do it instead?
``
To reply, visit the link below or just reply to this email
https://pagure.io/releng/issue/7498