Open bendlas opened 1 year ago
I think the best approach is to go with both fetchers. If possible, pkgs.fetchgit
is preferred since it doesn't block the evaluator. On the other hand, authentication with pkgs.fetchgit
is more involved, the builtin version is preferred in this case.
About your suggestions:
always builtins.fetchGit for ~ssh~ https repos?
It seems to be the easiest approach, I like that. And it shouldn't break anything even if someone already uses https for public repositories. We could start with that approach, if it fells short, it is always possible to go with another approach.
overridde in
deps.edn
?
It's also a possibility, I think it requires a bit more work, but it shouldn't be too hard to implement. Honestly, not sure which of the 2 approaches is the best.
think about more generalized fetchers
I'm sorry, but I don't understand what you mean here.
I think the best approach is to go with both fetchers
I think so too, though I'd not predicate it on the url in any way. Instead, I'd pass it as an opt-in flag.
Though maybe using just builtin fetching will be enough, until the evaluation issue will be resolved? Possibly just in time for the first clojure repos to become large enough to cause problems? 🙃
pkgs.fetchgit
cannot replacebuiltins.fetchGit
for accessing credentials.Keep only one or both?
Incomplete comparison to indicate: probably both (please extend lists if not decisive)
Only
pkgs.fetchgit
:Only
builtins.fetchGit
:nix
Assume: both: how?
builtins.fetchGit
for ssh repos?(re-matches #"^https?:.*" git-url)
?deps.edn
?group/artifact {:git/url ... :git/sha ... :clj-nix.git.fetch/builtin true}
?deps-entry->lock-entries
andlock-entry->classpath-entries
, or similar?