[RFE] Generate list of bundled(golang(...)) if with_bundled is set and Godeps/vendor directory is present #42
Comments
|
Based on [1] "All packages whose upstreams have no mechanism to build against system libraries may opt to carry bundled libraries, but if they do, they must include Provides: bundled(<libname>) = <version>in their RPM spec file.". I would suggest to use Provides: bundled(golang(<importpath>)) = %{version}-%{shortcommit}or Provides: bundled(golang(<importpath>)) = %{version}-%{commit}In the former you can still get two identical shortcommits. So the second one is preferable. However, it will not correspond to any package that was/is/will be built in Fedora. |
|
hey @ingvagabund is this supposed to be the version/commit/shortcommit of the git repo of the bundled dep or is it supposed to be the version from the package you are building? |
|
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As a golang package maintainer I would like to know which projects use bundled deps. So I can update all of them if there is a security issue or any other that is critical.
The long term plan is to build of golang projects from debundled dependencies. Which is not possible at the moment as with each update there is a risk of breaking project's API (a lot of upstream projects do not release, they only push new commits). What we can do at the moment is to minimize API breaking and to be more informative about which dependencies are used.
The text was updated successfully, but these errors were encountered: