whyrusleeping / gx

A package management tool
MIT License
1.88k stars 110 forks source link

gx packages should be read-only #202

Open frrist opened 6 years ago

frrist commented 6 years ago

Packages under $GOPATH/src/gx/... should be read-only. This will prevent accidental edits to the contents of said packages.

Stebalien commented 6 years ago

But I like editing my deps... Oh well, I guess I can just power through and force-write.

frrist commented 6 years ago

I am wanting to avoid a scenario where the import path hash doesn't actually represent the package contents, can be tricky to debug... :worried:

schomatis commented 6 years ago

I agree that without git in those packages an inadvertent modification can be really hard to spot, but I also like modifying packages (especially when debugging a tricky situation), I would like to have something similar to git status or git diff (https://github.com/whyrusleeping/gx/issues/161), but I'm not sure if that's even possible as the packages are already modified when installed, so I guess no package matches its hash from the start and additional modifications will just go undetected.

frrist commented 6 years ago

This wouldn't actually prevent the packages from being modified, it would just require an extra command (chmod) in order to do so -- serves as a barrier to prevent it from happening accidentally.

schomatis commented 6 years ago

Yes, I didn't mean that this would be a final protection but that it may be cumbersome to chmod to and from while debugging. But you're right, it makes sense to protect them by default, modifying them is the exception rather than the rule.

Stebalien commented 6 years ago

Yes, I didn't mean that this would be a final protection but that it may be cumbersome to chmod to and from while debugging. But you're right, it makes sense to protect them by default, modifying them is the exception rather than the rule.

Most editors allow one to "force write".