Hey I just want to throw out there that I have a very WIP go module importer[1] sitting on my channel. It uses the proxy.golang.org[2] api to fetch the module's dependencies and source. The single module importer works for the most part but I need to fix it so that the recursive importer doesn't fail when it tries to fetch a dependency in a project's go.mod file that isn't proxied.
There are a few problems that should be looked at for my importer. 1.) it does not include metadata or licensing information, so after importing this way a prudent packager will have to go through and add this information for everything that was pulled down. 2.) I don't think I'm doing a good job of filtering out similar versions of packages, i tried to follow the examples in the cargo importer but I'm not quite sure what all is going on in there. 3.) It uses a call to `guix environment --ad-hoc go -- go mod edit -json` to parse module dependencies from the go.mod file, maybe this can be done in a more idiomatic way? I think its a good start if anyone would like to help get it over the hump. [1] https://git.sr.ht/~elais/orange/tree/master/item/guix/import/go.scm [2] https://proxy.golang.org On Thu, Jan 28, 2021, at 21:10, adfeno--- via Development of GNU Guix and the GNU System distribution. wrote: > Em 28/01/2021 13:03, Ludovic Courtès escreveu: > > IMO, ‘guix import’ does not “steer users towards obtaining any nonfree > > information” any more than wget does. It’s a tool for packagers that > > returns a package definition or template thereof, and it’s up to the > > packager to decide what to do with it. > > I do agree with you, sorry if for some reason it sounded otherwise. My > intention is not to censor the user on that matter. Let me make it clear what > I meant in the previous message: > > From the bug report I referenced, one can see that what I find strange is > that the cargo provided by Guix (installable through `guix package -i > rust:cargo') has cargo's default repository enabled. The bug report > referenced has some ideas to try to solve this (although I didn't make > extensive test to see if they are all possible and doable). > > > -- > * Ativista do software livre > * https://libreplanet.org/wiki/User:Adfeno > * Membro dos grupos avaliadores de > * Software (Free Software Directory) > * Distribuições de sistemas (FreedSoftware) > * Sites (Free JavaScript Action Team) > * Não sou advogado e não fomento os não livres > * Sempre veja o spam/lixo eletrônico do teu e-mail > * Ou coloque todos os recebidos na caixa de entrada > * Sempre assino e-mails com OpenPGP > * Chave pública: vide endereço anterior > * Qualquer outro pode ser fraude > * Se não tens OpenPGP, ignore o anexo "signature.asc" > * Ao enviar anexos > * Docs., planilhas e apresentações: use OpenDocument > * Outros tipos: vide endereço anterior > * Use protocolos de comunicação federadas > * Vide endereço anterior > * Mensagens secretas somente via > * XMPP com OMEMO > * E-mail criptografado e assinado com OpenPGP > > > > *Attachments:* > * signature.asc
