search

commercialhaskell / stack

The Haskell Tool Stack
http://haskellstack.org
BSD 3-Clause "New" or "Revised" License
4k stars 843 forks source link

Completing repo package locations: ensure we use a SHA1 #4772

Open snoyberg opened 5 years ago

snoyberg commented 5 years ago

We recommend throughout the Stack docs to always use an actual commit SHA for the commit field in repos. However, nothing enforces this, and (at least in the case of Git) it's possible to use any tree-ish. With lock files, it would make sense to ensure that we always lock to a specific commit SHA, regardless of what value is put in commit field.

Taking this one step farther: I think it would be possible to make the commit field entirely optional, which would have the semantics of cloning the default branch, finding the SHA of HEAD, and including that in the lock file.

snoyberg commented 5 years ago

Deferring to next major version

mpilgrem commented 1 year ago

I have removed the milestone, as this open issue is not, in practice, blocking any release.