You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Since this is "a program" (only) now (after splitting from the magic-wormhole repository), we could follow the recommendations to more exactly pin the requirements, with hashes. (When a project can be used as a library, pinning requirements exactly is tough for downstream).
At least one consumer of this apparently wants something like this, although the exact ask doesn't have a corresponding ticket explaining the requirements: LeastAuthority/magic-wormhole-docker#30
Note that downstream consumer isn't actually checking hashes, it seems (so exact reproducibility must not be the use-case). I believe it's just so that exact versions of dependencies are known.
The text was updated successfully, but these errors were encountered:
Since this is "a program" (only) now (after splitting from the magic-wormhole repository), we could follow the recommendations to more exactly pin the requirements, with hashes. (When a project can be used as a library, pinning requirements exactly is tough for downstream).
At least one consumer of this apparently wants something like this, although the exact ask doesn't have a corresponding ticket explaining the requirements: LeastAuthority/magic-wormhole-docker#30
Note that downstream consumer isn't actually checking hashes, it seems (so exact reproducibility must not be the use-case). I believe it's just so that exact versions of dependencies are known.
The text was updated successfully, but these errors were encountered: