--- Begin Message ---
Subject: |
[PATCH 0/2] Update Godot |
Date: |
Fri, 24 Jan 2020 15:50:59 +0100 |
Hi,
these patches update Godot to latest stable version 3.1.2 and unbundle
bullet, pcre2 and zstd libraries.
Thanks!
Timotej Lazar (2):
gnu: godot: Update to 3.1.2.
gnu: godot: Unbundle some dependencies.
gnu/packages/game-development.scm | 26 +++++++++++++++++---------
1 file changed, 17 insertions(+), 9 deletions(-)
--
2.25.0
--- End Message ---
--- Begin Message ---
Subject: |
Re: [bug#39263] [PATCH 2/2] gnu: godot: Unbundle some dependencies. |
Date: |
Wed, 29 Jan 2020 08:00:27 +0000 |
User-agent: |
mu4e 1.2.0; emacs 26.3 |
Timotej Lazar <address@hidden> writes:
> Thanks for the feedback! I am sending updated patches after this reply.
>
> Christopher Baines <address@hidden> [2020-01-25 09:16:08+0000]:
>> I did have a look if the package builds with the mbedtls-apache
>> package, rather than using the included source code, and it looks to.
>> Although I'm aware that [1] says there are modifications.
>
> The two Godot patches for mbedtls don’t seem to be relevant to Guix, so
> I replaced the bundled copy with the mbedtls-apache package. I don’t
> have a use case to test this, but the minimal example from the
> HTTPRequest tutorial seems to work OK with an HTTPS URI.
Wonderful :)
> Christopher Baines <address@hidden> [2020-01-25 09:18:33+0000]:
>> One thought I had here is that it would be more rigorous to have a list
>> of directories that are kept, and anything not on the list is deleted.
>> That way it's harder for new thirdparty dependencies to sneak in.
>
> Makes sense. As you suggest, I flipped the logic for removing thirdparty
> files: whitelist preserved files and remove everything else. The snippet
> can only preserve direct children of the thirdparty/ directory, which
> keeps it simple but perhaps not flexible enough in the long run.
Great, this looks really useful.
> Do we generally prefer whitelisting bundled files? Most packages I have
> seen (and written) do the opposite and list the files to remove. Maybe
> we could add a guideline somewhere? Or point me to the one I missed. :)
I don't know if it's written down somewhere, all I can say is it
occurred to me when looking at the package definition.
I've pushed the 3 latest patches you sent to master, so they're included
in 18f8e935e85a99d5c284c0a6b719351a402ada21.
Thanks,
Chris
signature.asc
Description: PGP signature
--- End Message ---