Comments (9)
I don't have a strong opinion on this new project source. In a sense, pointing to work that exists is mostly better than not, because people can choose to use it or not.
But I do think we don't have a very coherent view on software supply chain security. Linking from the site indicates at least some endorsement. Not that I think @coderforlife is trying to upload malicious packages or anything, but we could end up in a situation where, say, his laptop gets owned, a trojan version is uploaded to his GitHub repo, and then our link causes it to get distributed widely.
I'm not sure what linking from our site implies to people about the security practices of those binaries. But it feels like we're being put on the hook for those practices. And again, I'm not questioning @coderforlife's practices in particular; this is something the community probably should have figured out long ago and didn't (including for things like the existing links to @timcharper's binaries).
So I dunno. It seems like maybe something that should get input from the broader community on the mailing list. I'll send a note there.
from git-scm.com.
thanks for reporting the issue @tongfa
indeed, the original repo seems a bit abandoned ATM (PRs without any feedback for 7 months timcharper/git_osx_installer#190)
but the project you mentioned does not seem to be releasing all versions frequently (only 2 releases under https://github.com/MoravianUniversity/git_osx_installer/releases), so I'm not totally comfortable referencing that project yet...
from git-scm.com.
I am running that other repo and only recently started. My plan has been to have 2 releases a year: one in August and one in January. This lines up with an update just before each semester of school when we release new setups for our introductory course. This seems like it will be just behind by a few minor versions at each release. I can also release on-demand as it only takes a few minutes (I just posed 2.40). Is there a way I can "watch" for new releases? git doesn't make official releases through GitHub so I can't subscribe there.
from git-scm.com.
Note: I (and many at the school) have been using this version on Apple Silicon and Apple Intel and the only known issues are with the GUI due to Tk library issues.
Currently, the installer is unsigned, but over the summer I plan on setting up signing so they can be installed with even fewer issues.
from git-scm.com.
thanks for jumping in @coderforlife !
on our side we have a scheduled job to check for new releases. see https://github.com/git/git-scm.com/blob/main/lib/tasks/downloads.rake
we also have a scheduled job to check new git versions and import man pages at https://github.com/git/git-scm.com/blob/main/lib/tasks/index.rake
does this help?
@peff / @jnavila any thoughts against using this new project as source for mac versions given this info?
from git-scm.com.
from git-scm.com.
Could GitHub actions with MacOS runners be used to build in a public manner that gives us more comfort?
I think the MacOS runners are free for public repos, but I'm not 100% sure on that.
from git-scm.com.
I think the MacOS runners are free for public repos, but I'm not 100% sure on that.
They aren't. But there is a monthly time budget of 2 000 minutes (which would be 200 macOS minutes) included with free accounts and organizations.
from git-scm.com.
The package only takes <5 minutes to build, but it sounds like that is 50 out of the 2000 minutes, which may be manageable.
from git-scm.com.
Related Issues (20)
- All Windows links are broken HOT 1
- Automatic publishing of ProGit book is not working. HOT 5
- three dots are replaced by … (unique character) in commands HOT 4
- git-scm.com doesnot redirect to https: when manually surfed http: on edge HOT 3
- Brand icons information update. Facebook (now Meta) icon needs to be updated with permission. HOT 2
- git-subtree documentation is missing? HOT 1
- time to update ruby? HOT 2
- Enhancement - Video pages do not link to one another - continuous watch requires multiple clicks HOT 4
- CSS word-break property on <code> elements allows line breaks HOT 1
- duplicate dt sections cause duplicate anchor tags to be generated breaking linking HOT 9
- online book and 2nd edition do not match HOT 1
- git config doc doesn't render includes properly HOT 2
- Logos are not shown in /downloads/logos HOT 2
- remove submodule then reset,create empty folder,so all the files in submodule are gone ! HOT 1
- Revert commit e74a1ec that remove CodeReview HOT 2
- 500 Internal server error when visiting link for Pro Git v1 book HOT 4
- Seeking Guidance: Uncertain if Issue or Misunderstanding HOT 1
- https://wwlpdocumentsearch.blob.core.windows.net/prodv2/MicrosoftProductandServicesDPA(WW)(English)(Jan2023)(CR).docx?sv=2020-08-04&se=2123-08-22T04:12:11Z&sr=b&sp=r&sig=e7bWoGbHWoA1pWl%2FOrTCU7Bvxx84kNv84VX7Cekp%2B%2FM%3D#TableofContents
- git commit struck in terminal HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from git-scm.com.