We have moved to https://codeberg.org/prebuilder/fetchers.py, grab new versions there.
Under the disguise of "better security" Micro$oft-owned GitHub has discriminated users of 1FA passwords while having commercial interest in success and wide adoption of FIDO 1FA specifications and Windows Hello implementation which it promotes as a replacement for passwords. It will result in dire consequencies and is competely inacceptable, read why.
If you don't want to participate in harming yourself, it is recommended to follow the lead and migrate somewhere away of GitHub and Micro$oft. Here is the list of alternatives and rationales to do it. If they delete the discussion, there are certain well-known places where you can get a copy of it. Read why you should also leave GitHub.
Just a lib for fetching source code repositories and precompiled binaries from the net and putting them into FS somewhere.
Why do we need it? When building software you have to get their source code. This lib is mainly for that. It's an abstraction layer, allowing you to
- discover the latest release;
- fetch its source code and its metadata efficiently;
- verify its integrity and extract version number using the uniform interface;
- unpack the archive/installer if needed, populating the dir with sources.
The interface has 2 stages.
- You create the object representing what is needed to be done.
- You trigger the action.
This is done this way because the parts are usually done in differrent places: filling-in the info is done by build framework user, execution of the action is done by the framework itself.
The lib outputs some debug info into the stdout. It is by design - it informs the user on what is going on. Remember - the lib is designed to be used in CLI tools building packages. Some of info can be redirected - you need to select a differrent progress reporter. But other messages are not yet redirectable currently.
Supported ways to fetch the source code:
-
Git. You usually need shallow clones, to fetch only what you need. But if you use shallow clones, you don't have tags names, which are an extremily popular way to encode software release version. So you either have to stop using shallow clones, which is inacceptible, or get this in another way. We get it via API of source code hostings. The following are implemented:
-
Just a https link to an archive. Archives are downloaded, then verified, then unpacked. Some CDNs are explicitly supported for more efficien downloading, using
aria2c
multistreaming:SourceForge- MirrorBrainz
For the tutorial see tutorial.ipynb
.