search

jlesquembre / clj-nix

Nix helpers for Clojure projects
https://jlesquembre.github.io/clj-nix/
Eclipse Public License 2.0
139 stars 20 forks source link

Consider builtins.fetchGit for private repositories #70

Open bendlas opened 1 year ago

bendlas commented 1 year ago

pkgs.fetchgit cannot replace builtins.fetchGit for accessing credentials.

Keep only one or both?

Incomplete comparison to indicate: probably both (please extend lists if not decisive)

Only pkgs.fetchgit:

Only builtins.fetchGit:

Assume: both: how?

jlesquembre commented 1 year ago

I think the best approach is to go with both fetchers. If possible, pkgs.fetchgit is preferred since it doesn't block the evaluator. On the other hand, authentication with pkgs.fetchgit is more involved, the builtin version is preferred in this case.

About your suggestions:

always builtins.fetchGit for ~ssh~ https repos?

It seems to be the easiest approach, I like that. And it shouldn't break anything even if someone already uses https for public repositories. We could start with that approach, if it fells short, it is always possible to go with another approach.

overridde in deps.edn?

It's also a possibility, I think it requires a bit more work, but it shouldn't be too hard to implement. Honestly, not sure which of the 2 approaches is the best.

think about more generalized fetchers

I'm sorry, but I don't understand what you mean here.

bendlas commented 1 day ago

I think the best approach is to go with both fetchers

I think so too, though I'd not predicate it on the url in any way. Instead, I'd pass it as an opt-in flag.

Though maybe using just builtin fetching will be enough, until the evaluation issue will be resolved? Possibly just in time for the first clojure repos to become large enough to cause problems? 🙃