"G. Branden Robinson" <g.branden.robinson@gmail.com> writes: > At 2024-03-31T22:32:49+0000, Stefano Rivera wrote: >> Upstreams would probably prefer that we used git repositories >> *directly* as source artifacts, but that comes with a whole other can >> of worms... > > Speaking from my upstream groff perspective, I wouldn't _prefer_ that. > > The distribution archives get build-testing on a much wider variety of > systems, thanks to people on the groff@ and platform-testers@gnu mailing > lists that help out when a release candidate is announced. They have > access to platforms more exotic that I and a few other bleeding-edge > HEAD mavens do. This practice tangibly improved the quality of the > groff 1.23.0 release, especially on surviving proprietary Unix systems. > > Building from the repo, or using the bootstrap script--which Colin > Watson just today ensured will be in future distribution archives--is > fine.[1] I'm glad some people build the project that way. But I think > that procedure serves an audience that is distinguishable in some ways. Running ./bootstrap in a tarball may lead to different results than the maintainer running ./bootstrap in pristine git. It is the same problem as running 'autoreconf -fvi' in a tarball does not necessarily lead to the same result as the maintainer running 'autoreconf -fvi' from pristine git. The different is what is pulled in from the system environment. Neither tool was designed to be run from within a tarball, so this is just bad practice that never worked reliable and without a lot of complexity it will likely not become reliable either. I have suggested before that upstream's (myself included) should publish PGP-signed *-src.tar.gz tarballs that contain the entire pristine git checkout including submodules, *.po translations, and whatever else is required to actually build the project that is normally pulled in from external places (autoconf archive macros?). This *-src.tar.gz tarball should be possible to ./bootstrap and that would be the intended way to build it for people who care about vendored files. Thoughts? Perhaps I should formalize this proposal a bit more. /Simon > Regards, > Branden > > [1] https://git.savannah.gnu.org/cgit/groff.git/commit/?id=822fef56e9ab7cbe69337b045f6f20e32e25f566 >
Attachment:
signature.asc
Description: PGP signature