ryandesign at macports.org
Wed Feb 16 09:38:16 PST 2011
On Feb 16, 2011, at 11:32, Daniel J. Luke wrote:
> On Feb 16, 2011, at 12:27 PM, Landon J Fuller wrote:
>> On Feb 15, 2011, at 6:56 PM, Ryan Schmidt wrote:
>>> Needs to fetch specific version.
>> Is there any way to validate the correctness of a git download via checksums?
>> If not, should we deprecate the use of git/svn/cvs/hg fetch URLs?
>> For what it's worth, when I added the original CVS fetch support, I didn't intend for it to be used in the standard ports tree primarily for this reason.
> Since we have a way for maintainers to upload dists (with a ticket now) - there's not really a reason to do git/svn/cvs/hg fetching.
I would dislike removing vcs fetching because it is very convenient to use. It can be used correctly -- specifying a version to fetch -- maintainers just need to know that they need to do that. Yes, the downloads are not verified. I'm not terribly fussed about that. Maybe I should be. Maybe I just don't want the added inconvenience of having to create and upload tarballs every time I want to update a port that uses vcs fetching.
More information about the macports-dev