-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SwiftPM binary target checksum catch-22 #1674
Comments
Yes it seems the SPM zip archive was not added to the assets on the release page (only the standard tar.xz). @kornelski could you please add the Sparkle-SPM-1.24.0.zip that was produced when you ran the release script? |
Try now. |
Oh, I had to rebuild, which changed the checksum. Try using the latest commit 891afd4 If you add a package to be from the master branch, instead of a tagged version, it will work now. |
It works now. Thanks! Could 891afd4 be tagged as version 1.24.1, so that it could be automatically version-controlled by SwiftPM? |
@WowbaggersLiquidLunch I guess it would be possible but just as a small warning to the repo owners to update the Xcode project version accordingly and always make sure to upload the SPM zip file alongside the usual assets. I actually didn't know if the release on Github is automated or not, but if yes, it would make sense to include the SPM assets in it. |
Unfortunately, there's a bit of a chicken-egg problem with SPM. It wants Package.swift file with the checksum of the released version in the repo. This means I have to first build a release, update Package.swift, and then commit and tag. But the current build system checks if the tag exists before building. |
Would moving the tag one commit further after the make-release-package.sh script solve this? In other words, commit, tag version, run the set-git-version script, |
EDIT: This won't work, because the checksum needs to be part of the diff. |
I think the general idea is that a binary package should be a separate repository from the source. There's no source package at the moment, but if there was one it probably should be this repository. A binary package could be provided by a separate repository; that'd solve the chicken and egg problem. |
I'm seeing the same thing, but with the 2.x branch. The file referenced from within the Swift package manifest doesn't exist on the server (404): https://github.com/sparkle-project/Sparkle/releases/download/2.0.0/Sparkle-SPM-2.0.0.zip |
Indeed the main purpose of binary packages is for distribution of closed-source binaries but it can be used for other purposes such as here (bundling multiple apps, scripts and binaries). I think a separate repo would be a valid last-resort solution. |
@kornelski What are the exact steps taken for a release of Sparkle? I was mostly aware of the Makefile only so I didn't think to check the git version script. When is it called? To avoid the chicken-egg problem, we should either rethink the versioning process (for example having the xcodeproj version as the source of truth), maybe tag after the release process or as I suggested above, keep everything as-is and merely commit Package.swift and force a re-tag before pushing. I think that last one would be an easy workaround. What do you think? |
The |
i see the same, adding via SPM and specified branch (master) works, adding from version has a 404 |
Yes, that's expected. Adding from version is going to fail until the next release. Please add the branch or the latest commit. |
Hmm... Should probably version up with this fix, if possible. Most people won't want to use the SPM version pointing at a branch or commit. |
Currently just pointing at commit 891afd4, but should I be pointing at master instead? How dangerous might that be? |
What danger do you have in mind? I don't force-push commits that have been tagged, so the commit won't disappear. In git, content of tags can be changed, but content of commits referenced by hash can't, so using commit hash is the strongest version-locking guarantee git can offer. |
Oh, all I am asking is if pointing at master instead of a specific commit would be a bad idea. |
SPM in Xcode works great when pointing at the However, if I decide to add the SPM dependency by using the
Looks like 2.x is not quite ready for SPM use. |
Yes, this is expected. There are no 2.x releases yet. SPM for 2.x will not work until there's an official release on GitHub, and this won't happen until #1523 is resolved. |
Should fix sparkle-project#1674, currently WIP
@kornelski I've begun working on a fix but I'm still not sure about the order in which things are currently done. From what I can gather from
If that's correct, I would like to add something like If you can confirm these steps, I can have a PR ready quite quickly and test it out. |
Yeah, moving a tag can work. |
@kornelski can we get a new (patch?) release now that #1710 is merged? |
Should fix sparkle-project#1674, currently WIP
I am trying to move the Sparkle dependency in the IINA project from CocoaPods- to SwiftPM-managed (iina/iina#2877). Every time when I ask Xcode to add Sparkle, it says it can not download the artifact (which I assume is the Zip archive?). Here is the output from Xcode, edited to include only Sparkle-related entries:
The
404
code seems like Xcode can not find the artifact.I tried on both Xcode 12.2 and 12.3 Beta (12C5020f).
The text was updated successfully, but these errors were encountered: