Re: Tracing where build time is spent

Stephan Bergmann <sbergman -AT- redhat.com>
Wed, 19 Feb 2020 10:03:04 +0100

On 19/02/2020 09:51, Luboš Luňák wrote:

On Tuesday 18 of February 2020, Eike Rathke wrote:

On Monday, 2020-02-17 19:06:23 +0100, Luboš Luňák wrote:

  And is there any worthwhile gain in insisting on using upstream
tarballs?


Reliable checksums and reproducible packaging.

A responsible developer introducing a new tarball on the download server
a) checks it against the official checksum after download
b) creates the SHA256SUM of the file to use in download.lst

Any repacking invalidates that, specifically on a developer's machine
could introduce omissions or additions.


  That is the theory, but the reality is that we already do have some tarballs
that do not have any matching upstream tarballs (e.g. because do not exist),
so I think that point is moot.

But the theory is definitely something worth aiming for, IMO. Ever sooften have I been frustrated in trying to track down the origins of someartifact at <https://dev-www.libreoffice.org/src/>. (And I still thinkwe should put that site under some kind of version control, with ajournal detailing how exactly each individual artifact was obtained.But that's a somewhat different issue.)

(That doesn't mean that at least I suggest repackaging is something weshould avoid at all cost. IMO, it may be an option if it can be done inan accountable way and has some clear benefit.)

Context

Tracing where build time is spent · Luboš Luňák
- Re: Tracing where build time is spent · Noel Grandin
  - Re: Tracing where build time is spent · Luboš Luňák
    - Re: Tracing where build time is spent · Caolán McNamara
      - Re: Tracing where build time is spent · Luboš Luňák
        
        Re: Tracing where build time is spent · Eike Rathke
        
        Re: Tracing where build time is spent · Luboš Luňák
        
        Re: Tracing where build time is spent · Stephan Bergmann
        Re: Tracing where build time is spent · Luboš Luňák
- Re: Tracing where build time is spent · Stephan Bergmann
  - Re: Tracing where build time is spent · Mike Kaganski
- Re: Tracing where build time is spent · Michael Stahl
  - Re: Tracing where build time is spent · Stephan Bergmann
    - Re: Tracing where build time is spent · Luboš Luňák
  - Re: Tracing where build time is spent · Luboš Luňák
    - Re: Tracing where build time is spent · Michael Stahl
      - Re: Tracing where build time is spent · Luboš Luňák
        
        Re: Tracing where build time is spent · Stephan Bergmann

Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.