On Mon, Mar 31, 2025 at 10:48:59AM -0500, Michael Catanzaro wrote: > On Mon, Mar 31 2025 at 10:53:54 AM +00:00:00, Zbigniew Jędrzejewski-Szmek > <zbys...@in.waw.pl> wrote: > > This is only "SHOULD", because sometimes the git tarball is too large > > or has other deficiencies. Another reason is that the "upstream > > tarball" may be signed, and that'd be preferred to the unsigned "raw" > > archive. But those should be rare exceptions. > > Hm, I agree that using a forge-generated tarball is possibly safer than > using a GPG-signed upstream release tarball. I tried this for WebKitGTK:
OK, I guess I need to work on my English. You're the second person who read the abovequoted part in the exact opposite way to what I intended :( > $ git archive @ > archive.tar > $ xz archive.tar > > After a minute or so of CPU heating, the result is 1.4 GB, compared to 44 MB > for the upstream release tarball. That sounds like the tarballs have significantly different contents? (On a tangent, 'git archive @ | pxz >archive.tar.xz' would be faster.) But yeah, in general this would be one of the cases where it's reasonable to stay with the existing approach. Zbyszek -- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
