Hi Denis, On 30 September 2024 21:43:06 UTC, Denis 'GNUtoo' Carikli <gnu...@cyberdimension.org> wrote: > what is Guix policy with >regard to source code when there are multiple providers (typically git >vs tarball)?
There's never been an explicit policy as far as I'm aware. In the past decade the consensus has shifted from release tarballs towards both, tarballs and VCS repository checkouts, as long as they represent an upstream release. For the reasons you point out, I expect the tides to shift further in favour of VCS checkouts as time moves on. I'm in favour of this. If you're interested in formalising this 'policy', it would be a good test of this 'RFC' business that's seen little use so far. >Since Guix also checks the hash of the source code an idea to improve >things could also be to modify Guix to allow the use of external tools >to bootstrap the download of source code through version control and >for instance download git from git. I don't understand what you mean by this, or what 'modify Guix' means and why it would be needed? Kind regards, T G-R Sent on the go. Excuse or enjoy my brevity.
