-- Sent from my tablet
Begin forwarded message:
On 30.12.2015, at 04:48, Boris Grozev <email@example.com> wrote:
On 28/12/15 20:21, Etienne Champetier wrote:
I'm trying to make jitsi (jvb & jicofo) reproducible, ie build all
"SNAPSHOT" packages from sources
I'm using git submodules and a master pom file and i'm now able to build
almost every jitsi package from sources, with no changes in the repos or pom
And i'm also looking for the source of 3 artifacts (callstats, fmj, jnsapi):
I don't know about jnsapi.
to try (see my PR when it fails to compile):
git clone --recursive https://github.com/champtar/jitsi-submodules
rm -rf ~/.m2
mvn install -DskipTests -Dmaven.javadoc.skip=true -Dgpg.skip=true
The idea for this repo is to be auto updated and tagged (with jenkins?)
when one of the submodules is updated,
so we can reproduce jvb version 532 if we want
This is very interesting! Thank you for working on it and sharing your efforts!
A related update from our side:
We had a discussion with Lyubomir and other people from the team, and we agree that reproducible builds are something we want to have (again).
The idea we have for fixing the problems with the current maven based builds, as far as I understand it, is to pin the dependency versions in pom.xml and have an automated way of bumping them. One problem we was with this was the number of useless "version bump" commits.
I don't understand why that has to be automatic. Some of our libraries are used externally as well and I think we should start to think about a versioning scheme instead of just releasing build numbers.
We have not considered using git submodules so far (at least I don't know that we have), but they seem to solve alot of problems in a simple way.
Not sure if they are a long term solution (they might be, I've never used them). With all that versioning we should also keep our Debian goals in mind.
Boris, can you please verify Etienne's CLA and merge the bccontrib PR in jitsi-universe if it's ok?