flatpak: use cached versions from pypi instead of git #106
Conversation
Each time we redo the flatpak, we pull the files from git, which is less than optimal. Rely on the cache provided by pypi to have consistent files.
There was a problem hiding this comment.
I found this: https://steemit.com/utopian-io/@tingping/create-script-to-generate-flatpak-manifest-from-pip-packages and that script has been merged into flatpak. So I guess this answers whether it's allowed and the answer is yes :)
Whether it's better to rely on pypi cache or direct git archives I don't know. My gut says rely on git where possible because that's the canonical source of development (AFAIK there's no guarantee that the pypi package matches the git content).
for pyxdg I don't have a good solution other than pypi, but gobject and svgwrite could pull the packages directly from git.
| "url": "https://github.com/mozman/svgwrite.git" | ||
| "type": "archive", | ||
| "url": "https://pypi.python.org/packages/a6/e1/8d592fc801e1dc2958fe0c84c733ed729d4020daa1826c58978f9d601bb4/svgwrite-1.1.12.zip#md5=05780a4a8ba33c16842faf37818d670e", | ||
| "sha512": "cafce1a39c932149cd9d531c7304e8568fde9bc5abd09b548a778cc7f7f4d74327da03fb01279a3a19dd8396487c8fba974d50c6dd645be3942a4ba6d76646df" |
There was a problem hiding this comment.
I think using the github package is better here than the pypi cache, removes one layer of indirection:
https://github.com/mozman/svgwrite/archive/v1.1.12.tar.gz
There was a problem hiding this comment.
Don't we have issues with dates when pulling these tags from github?
There was a problem hiding this comment.
we used to but maybe not anymore? I pulled the svgwrite tarball yesterday and today and I'm getting the same md5sum for them.
There was a problem hiding this comment.
Homebrew/homebrew-core#18044 (comment) is relevant here: basically, yes, they can change but they shouldn't, at least not that often :)
There was a problem hiding this comment.
IIRC things attached to a proper release don't change (libwacom e.g. adds the md5sums to those assets too) so we should be able to use those for svgwrite at least - that link above.
|
Do we have a conclusion here? Use archives from github if possible - like we do for pycairo? |
|
@bartsch eh, given it's been a year, clearly no-one feels strongly enough about it. So feel free to do what you think is the best solution :) |
Ouch! flatpak-builder requires multiple hundred mb of additional dependencies? I would postpone it until we have something "real" to build. |
|
anything flatpak pulls in the SDKs etc which come in at a big size. That's by design because that's what makes flatpak work as i. But the theory is that if everything [1] is built with flatpak, you have all that locally anyway. The SDKs don't update much, so once you have them, they'll stick around forever. [1] fsvo "everything" |
|
well, turns out at least pygobject has different checksums on pythonhosted vs GNOME's ftp server. Not very trustworthy, the whole thing... |
|
I'm closing this. This has already cost us more concentration time than pulling the things from git would take over the next year together so let's just go with the git version and move on. |
flathub requires us to use specific versions, so let's do that here too so we're consistent in testing. Fixes tuhiproject#106 Signed-off-by: Peter Hutterer <[email protected]>
Each time we redo the flatpak, we pull the files from git, which is less than optimal.
Rely on the cache provided by pypi to have consistent files.
Not sure if this is allowed or reliable, so asking everyone if this is acceptable.