[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How do I verify my hashes?
From: |
Munyoki Kilyungi |
Subject: |
Re: How do I verify my hashes? |
Date: |
Thu, 14 Jul 2022 11:52:36 +0300 |
indieterminacy <indieterminacy@libre.brussels>
anaandika:
> On 10-07-2022 04:12, jgart wrote:
>> Hi Guixers,
>>
>> Today Bonface mentioned to me that I should be cloning my packages and
>> verifying the hashes with `git hash-object` or `git hash` iirc?
>>
>
> Bonface gives very cogent demonstrations of workflow, encourage him to
> do a screencast!
>
I want to start online packaging/lisp-y/emacs-y
hang-outs here in Nairobi packaging meet-up thing
where we have recorded BBB sessions. Perhaps you
may find those helpful.
>> Do others do this when packaging?
>>
>> My workflow currently is the lazy way:
>>
>> 1. I change the version in the package definition.
>>
>> 2. build the package
>>
>> 3. package blows up on stdout
>>
>> 4. I retrieve the hash and add it
>>
>> 5. profit!
>>
>> But how can I trust that computed hash?
>>
>> wdyt
>
> Im slowly moving up the value-chain with my usage of Emacs' Git
> porceline, Magit.
>
> IMHO, the ultimate experience would be for everything operating from
> Magit's interface - for the beneficence of Guix.
>
FWIW, Magit runs on "transient" and IIRC you can
add anything to that interface. It was built,
just like GNU Emacs, to be extensible.
--
(Life is like a pencil that will surely run out,
but will leave the beautiful writing of life.)
(D4F09EB110177E03C28E2FE1F5BBAE1E0392253F
(hkp://keys.gnupg.net))
signature.asc
Description: PGP signature