[aur-general] Fwd: please add -depth 1 to makepkg git clone

Dave Reisner d at falconindy.com
Sat Apr 6 15:15:32 EDT 2013


On Sat, Apr 6, 2013 at 3:11 PM, Tai-Lin Chu <tailinchu at gmail.com> wrote:

> ...what are you trying to test?


Probably trying to replicate what makepkg does to show you why cp doesn't
work.


>  mkdir -p /tmp/dumb/
>   pushd /tmp/dumb/
>   echo "==> Cloning into a bare repository..."
>   git clone --verbose git://github.com/falconindy/cower.git barerepo
>   echo "==> Creating copy of this repo using cp..."
>   cp -r -a /tmp/dumb/barerepo /tmp/dumb/barecp
>   echo "==> Done"
>   echo "==> Creating copy of this repo using git clone..."
>   git clone --verbose /tmp/dumb/barerepo barerepocopy
>   echo "==> Done"
>
> test this. of course --bare will give you different result...
>

And this is what makepkg uses so that the base repo takes up less space on
disk and the tree doesn't need to be calculated.


> ok here is a normal process that i mentioned:
>
> git clone --depth 1 git://github.com/falconindy/cower.git test
> cp -a -r test test2
> // build with test2
> rm -rf test2


Please go back and search the pacman-dev list for why we aren't doing this
-- it's clear that you posted the suggestion here before doing any amount
of investigation into this. You aren't the first to suggest this, and you
unfortunately won't be the last.


> On Sat, Apr 6, 2013 at 11:25 AM, William Giokas <1007380 at gmail.com> wrote:
> > On Sat, Apr 06, 2013 at 11:10:52AM -0700, Tai-Lin Chu wrote:
> >> >Doesn't matter. cp does nothing with checksums, whereas git will
> >> >preserve every byte, and it literally can't go bad (or if it does on
> the
> >> >extremely off chance, it will simply stop the build). Maybe rsync, you
> >> >say? That still isn't cryptographically secure. Using git, you can
> >> >guarantee that the files you are building from are exactly the same as
> >> >anyone else, which is what we want with makepkg.
> >>
> >> cp and git clone are exactly the same. see cp source code, and if the
> >> file is corrupted, then you have even bigger problems.
> >> In general very not likely. (i mean if this happen, 1. kernel has
> >> problem 2. your disk goes bad)
> >> stackoverflow confirmed the result.
> >>
> http://stackoverflow.com/questions/852561/is-it-safe-to-use-a-copied-git-repo
> >>
> >> >There's minimal point to this. As I've said numerous times, it does not
> >> >allow you to clone the shallow bare repo, which is what makepkg gets
> >> >when it fetches git sources.
> >>
> >> aren't we talking about cp....?
> >
> > Here, run this quick script and see what you can do with it:
> >
> >   #!/bin/bash
> >   mkdir -p /tmp/dumb/
> >   pushd /tmp/dumb/
> >   echo "==> Cloning into a bare repository..."
> >   git clone --verbose --bare git://github.com/falconindy/cower.gitbarerepo
> >   echo "==> Creating copy of this repo using cp..."
> >   cp -r -a /tmp/dumb/barerepo /tmp/dumb/barecp
> >   echo "==> Done"
> >   echo "==> Creating copy of this repo using git clone..."
> >   git clone --verbose /tmp/dumb/barerepo barerepocopy
> >   echo "==> Done"
> >
> > If you look at the one generated by the 'cp' command you will see that
> > it is totally missing the actual files, and only contains (duh) the bare
> > repository files. This is utterly worthless for building, and also, if
> > there is disk failure, makepkg will still try to build.
> >
> > Looking into the one generated by the git clone, you'll see that it has
> > all of the correct files and can actually be built.
> >
> >>
> >> >If they're all doing it at the same time, cloning fresh repositories,
> >> >then yes. that may be an issue on some large projects with very
> terrible
> >> >servers. Also, if you're worried about server load, mirror the
> >> >repository yourself so people can gake the load off of the host server.
> >> >This is the joy of a DVCS.
> >>
> >> I dont have a server, and this is not practical. certainly using git
> >> pkgbuild with shallow clone is far easier than what you mentioned.
> >
> > Not at all. See the script above.
> >
> > !next
> > --
> > William Giokas | KaiSforza
> > GnuPG Key: 0x73CD09CF
> > Fingerprint: F73F 50EF BBE2 9846 8306  E6B8 6902 06D8 73CD 09CF
>


More information about the aur-general mailing list