[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Validating tarballs against git repositories

Stefano Rivera <stefanor@debian.org> writes:

> Then you haven't come across any that are using this mechanism to
> install data, yet. You're only seeing the version determination.  You
> will, at some point run into this problem. It's getting more popular.

Yup, we use this mechanism heavily at work, since it avoids having to
separately maintain a MANIFEST.in file.  Anything that's checked in to Git
in the appropriate trees ships with the module.  But this means that you
have to build the module from a Git repository, if you're not using the
artifact uploaded to PyPI (which expands out all the information derived
from Git).

If I correctly remember the failure mode, which I sometimes run into
during local development if I forget to git add new data files, the data
files are just not installed since nothing tells the build system they
should be included with the module.

I think a shallow clone of depth 1 is sufficient, although that's not
sufficient to get the correct version number from Git in all cases.

-- 
Russ Allbery (rra@debian.org)              <https://www.eyrie.org/~eagle/>
Reply to: