Closed Biswa96 closed 1 year ago
Thanks a lot, should probably also add a sanity check to the build system or the CI to make sure that this doesn't happen again in the future.
should probably also add a sanity check to the build system or the CI
Is there any way do that? I have thought about some ways but there is always a catch. Thoughts
git clone --depth=1 <submodule url> <submodule path>
. But shell script is not allowed and it may not 'validate' if the commit hash in submodule is right.FetchContent_Populate()
with specific tag in cmake. But the gerrit provided tarball changes in every download. Also tried with https://github.com/aosp-mirror but not all repositories are not present there.git submodule set-branch -b platform-tools-33.0.3
with all submodules. But it may require to clone the entire repository to change the branch. With near GBs of repository, it'll hammer the storage drive :)Someone suggested a link with dependabot with git submodules option https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem. I shall read the documentation and let you know.
Another idea is to remove the git submodule entirely and use a file with all submodules' SHA and a python script like this https://github.com/google/shaderc/blob/main/DEPS
should probably also add a sanity check to the build system or the CI
Is there any way do that? I have thought about some ways but there is always a catch.
Maybe I am missing something here, but I think we can just use CMake to check that the current commit matches the tip of plattform-tools-${ANDROID_VERSION}
branch/tag before we apply the patches in the for-loop in vendor/CMakeLists.txt
:
Changes: