luxe
commented
5 years ago done for toolchains. (basically clang) i noticed git_repository bazel rules don't seem to support multiple urls, so we'll probably stick with http_archive exclusively
Closed luxe closed 5 years ago
luxe
commented
5 years ago done for toolchains. (basically clang) i noticed git_repository bazel rules don't seem to support multiple urls, so we'll probably stick with http_archive exclusively
luxe
commented
5 years ago got most of them. good enough for now. got all the github repos. there are some that are not github repos so we'll have to decide if we want to copy and make a git repo mirror, or see if other github mirrors exist
bazel dependencies SHOULD NOT point to locked versions of other people's repos. Although locking down a version on a stranger's codebase usually provides good stability, its not guaranteed. They could delete their repo. They could rewrite their own history (yes, we would check the 256hash and avoid actually building it- so we don't get injected, but that still technically breaks the build).
The easy solution is fork everything, and point to myself. Then I can catch pull those repos when I want to update deps, and avoid all the situations mentioned above.