Open farcaller opened 8 months ago
- Maintain a separate repository that keeps Haraka's lockfile out of the tree. I can set it up, but it's slightly annoying to depend on a third-party (myself) when it comes to haraka package in nixos.
This is getting close to a decent idea. Instead, have a branch in the main repo that automatically generates the lock file and pushes the release (with lockfile) to that branch. Then have NixOS build from that branch. Or something fun like that, that's completely automatic.
Is your feature request related to a problem? Please describe.
It's not trivial to ship haraka in a reproducible build environments, as any given commit might be transitively broken by sporadic dependency changes.
Describe the solution you'd like
This is a bit of a reiteration on #2960. The problem is that it's not trivial to build haraka at a specific commit in e.g. nixos, as dependencies aren't locked. I checked the comments in #2960, and I'm pretty sure that the concerns in that one can be alleviated by dependabot.
Describe alternatives you've considered