Ecosyste.ms: Timeline
Browse the timeline of events for every public repo on GitHub. Data updated hourly from GH Archive.
eskultety created a comment on an issue on containerbuildsystem/cachi2
@taylormadore thoughts ^^? The discussion in this issue kinda blocks resolution and review off #683
slimreaper35 created a review comment on a pull request on containerbuildsystem/cachi2
It is not really downloading that is happening here. Later on, there is another INFO log message anyway.
slimreaper35 created a review comment on a pull request on containerbuildsystem/cachi2
```suggestion c = Component(name=dep.name, version=dep.version, purl=dep.purl) if isinstance(dep, GemPlatformSpecificDependency): c.properties = PropertySet(bundler_p...
github-advanced-security[bot] created a review comment on a pull request on containerbuildsystem/cachi2
## Module is imported with 'import' and 'import from' Module 'os' is imported with both 'import' and 'import from'. [Show more details](https://github.com/containerbuildsystem/cachi2/security/cod...
a-ovchinnikov created a review comment on a pull request on containerbuildsystem/cachi2
> Not a problem IMO as there's going to be a documented CLI flag A user could be someone other than a package builder. We have a pretty long supply chain here, there are many settings along it, ...
a-ovchinnikov created a review comment on a pull request on containerbuildsystem/cachi2
Do you mean `test_binary_gem_dependencies_could_be_downloaded_for_damaged_platforms`? If yes then I disagree: it verifies that our code handles externally produced damaged data so it must stay.
eskultety created a review comment on a pull request on containerbuildsystem/cachi2
> Binary implementations exist for a reason, and usually this reason is performance. With silent ruby fallback we'll end up with users having noticeably worse performance by default. And since ever...
eskultety created a review comment on a pull request on containerbuildsystem/cachi2
Good catch! Unless we want to traverse the hierarchy, because RootedPath can only handle the immediate descendants, but not ancestors up to the real "root".
taylormadore created a review comment on a pull request on containerbuildsystem/cachi2
We should ensure that the `name` field is present in package.json for each workspace and fail otherwise
taylormadore created a review comment on a pull request on containerbuildsystem/cachi2
Would the helper need more than what RootedPath already provides? I might be missing some nuance here https://github.com/containerbuildsystem/cachi2/blob/c94a1a24c1777036bbed121281c41be1b8f156f1...
a-ovchinnikov created a review comment on a pull request on containerbuildsystem/cachi2
No, it won't pass, at least not always. It started failing with nokogiri despite nokogiri having ruby version. If a version is present in a lockfile it seems to be needed by Bundler. If it were the...
eskultety created a comment on an issue on containerbuildsystem/cachi2
@cmoulliard unless https://github.com/containerbuildsystem/cachi2/issues/684#issuecomment-2416516433 doesn't answer the main pain points you raised would you agree to closing this one as a duplicat...
eskultety created a comment on an issue on containerbuildsystem/cachi2
> It is, you just don't see it / can't figure it out from the logs (https://github.com/containerbuildsystem/cachi2/issues/550), but it does use 1.23 ! It's also worth mentioning that we're keepi...
eskultety created a comment on an issue on containerbuildsystem/cachi2
> * Why is cachi2 using go 1.20 and not 1.18 ? Because 1.20 handles all versions up this one equally, it is 1.21 that introduced changes that somewhat break backwards compatibility when it comes...
eskultety created a comment on an issue on containerbuildsystem/cachi2
Thank you for reporting this. This will likely be a problem spanning across multiple process executions, not strictly tied to just git so we need to apply a fix globally.
eskultety created a review comment on a pull request on containerbuildsystem/cachi2
Shouldn't all these extraction helpers be "private"?
eskultety created a review comment on a pull request on containerbuildsystem/cachi2
I'd say either drop the direct usage for the time being, or, if you want to make sure we don't forget about it `_ = workspaces` feels cleaner than an assertion (admittedly I have a strong bias agai...