| ▲ | toastal 2 days ago |
| This is why I keep encouraging folks to a) have a mirror & b) make sure their tools automatically pick up the mirrors. I recently got mirror support upstreamed into Nixpkgs for fetchdarcs & fetchpijul which actually work on my just-alpha-released pinning tool, Nixtamal <https://darcs.toastal.in.th/nixtamal/trunk/README.rst>, for just this sort of thing. |
|
| ▲ | barbazoo 2 days ago | parent | next [-] |
| I envy you. Most of us struggle to get the resources to make our actual customer facing applications resilient, let alone our build pipeline. |
| |
| ▲ | toastal 2 days ago | parent [-] | | Building your software usually involves getting dependencies, & those dependencies are, hopefully, in more than one location—which includes a cronjob to a bare repo, or Alice’s fork on another repo that at least has the latest tags. It should be trivial to point to these as mirrors for the cases where any forge/repository, even the ones held by megacorporations, inevitably go down. Even Nixpkgs itself, while not maintaining their own official mirrors, are mirrored by TUNA. Backups are an important strategy, & the source code should also be a part of that. |
|
|
| ▲ | maccard 2 days ago | parent | prev [-] |
| That's great for the repository, but what about if you're using ghcr, actions, issues, or copilot? |
| |
| ▲ | toastal 2 days ago | parent [-] | | These are different concerns. There are a lot of use cases, where folks are just getting dependencies & not interacting with bug tracker or continuous integration use which are less critical & can be accessed later or ran locally. |
|
