[Chandler-dev] Using svn instead of builds for tarballs?

Heikki Toivonen heikki at osafoundation.org
Thu Nov 9 22:13:04 PST 2006


Andi Vajda wrote:
> On Thu, 9 Nov 2006, Heikki Toivonen wrote:
>> * If svn is available, but builds is not, you may be unable to build
>> chandler
> 
> if svn is unavailable, you're also unable to build.

Yes, but as it stands currently, if *either* svn *or* builds is
unreachable you may be unable to build. We've already had these
situations with the recent network outages where svn was there but
builds was unreachable. If everything was in svn, there would be one
less place to break.

>> * Tarballs are not versioned
> 
> They sure are, look at their names...

Ok, I didn't think this one thoroughly. But in theory we could let svn
version the tarballs instead of doing it with names (although I am not
advocating that).

>> * Tarballs are not protected from corruption/tampering when downloading
> 
> And svn checkouts are ? how so ?

Like I mentioned, when you use svn+ssh. By its nature it encrypts the
connection and verifies that nothing changes over the wire.

>> * Need separate accounts and tools to upgrade and deal with builds
> 
> That could be construed as an advantage...

It could, but I think it is mostly a disadvantage. Besides, if we put
the tarballs into a separate svn repository with separate access
controls then we would get the same account separation but with fewer tools.

The main difference is that it would simplify the system.

-- 
  Heikki Toivonen


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : http://lists.osafoundation.org/pipermail/chandler-dev/attachments/20061109/ebdbbcc5/signature.pgp


More information about the chandler-dev mailing list