However, there's no real reason that git-fetch *needs* to be fixed-output in terms of having a hash pre-defined, at least for local development and other purposes. So is there a way around this?• write (package (source (git-checkout …)) …)
This works well. Now I'm curious how to know what can go in the (source) field? Obviously not just (origin)...
If having a way around it is not desirable should url-fetch consider this an error as well?I’m not sure; do you have an example where it’s not behaving as expected?
Yes. When using (sha256 #f) url-fetch still has network access and works to download things, which is inconsistent vs other fetchers.
signature.asc
Description: PGP signature
