Hi, Maxim Cournoyer <maxim.courno...@gmail.com> skribis:
> By using a fresh copy of the last commit, we ensure the computed hash is > stable in the face of local edits. This change also computes the hash > externally from the store, which allows to verify that the hashes are valid > using, e.g.: > > #FIXME: This doesn't work (recursion?) > ./pre-inst-env guix build guix --with-git-url=guix=file://$PWD Works for me, please open a separate bug report. :-) > * build-aux/update-guix-package.scm (git-add-worktree): New procedure. > (main): Use it to checkout a clean copy of the used commit, and compute the > hash from it. Print a user warning after completion. I’m not quite enthusiastic about the tool creating a worktree behind my back. > - ;; Re-add SOURCE to the store, but this time under the real name > used > - ;; in the 'origin'. This allows us to build the package without > - ;; having to make a real checkout; thus, it also works when working > - ;; on a private branch. So this preserves this possibility, right? > + (format #t "Updated Guix to commit ~s. You must ensure this > +commit hash exists in the public repository, else 'guix pull' will break. > +Beware of 'git rebase'~%" commit)))))) I think this is the most important bit. :-) I could also suggest running ‘guix build guix --check’. Honestly, I would simply add this last message; better yet, we could use Guile-Git to (1) check whether we’re on a dirty tree and stop right away if we are, and (2) check whether the commit exists in the official Git repo and error out if it doesn’t, unless GUIX_ALLOW_ME_TO_USE_PRIVATE_COMMIT is set. #2 could also be implemented by building the derivation of (package-source guix) in ‘check’ mode (perhaps easier). WDYT? Thanks for looking into it, experience has shown that this really needs to be addressed! Ludo’.