From nobody Tue May  6 11:05:22 2025
X-Original-To: freebsd-git@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZsFtb2sKDz5tdlN
	for <freebsd-git@mlmmj.nyi.freebsd.org>; Tue, 06 May 2025 11:05:43 +0000 (UTC)
	(envelope-from dch@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4ZsFtb0bxPz3nVF;
	Tue, 06 May 2025 11:05:43 +0000 (UTC)
	(envelope-from dch@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1746529543;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=E6NRTj7AiVD8FHZXb7lu3ps/rNu5btX0aLhRGRq8cq0=;
	b=sO/Cip753Cgt96XOWylMd0DhMGnWjC7qObv1b+IM64sJ1ATtMJQzoRMtV9f85SH5ZMNc5e
	nXdUEgtTzYVbnqVrmWf2OJf/jDv8rGMWknp4LBvGH8eIwkhW7t2kLSXO1kjFkpV+VkXlcJ
	ZI8HtQ2QIuMKj23wPpMSWEd9mLWRtMpNGa2kMoH0o0MpbiREJSbTbHDy838UwUNyBknMWk
	q4nqewQAxIhssIvxYafy0mZNyDHzzP4Ajoi4Y/QbNS5b/hNhQN51dvaN2I/QHunf7x5Ng8
	uY2wAxpTJV8FW3Bni/n6gbu4iNwIFQNNhQQac9oUdahQX7IL9atGwk8koPajiQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1746529543;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=E6NRTj7AiVD8FHZXb7lu3ps/rNu5btX0aLhRGRq8cq0=;
	b=D45saFBq58qb8sVDNKq8zyLG1NaUh2uOgNCnnf1uQOlrmNa7mk035TMdfo7VJcF9UaiH0n
	pZeZLoDonqMuaY6r+g+I60ksrTABiHww5CMacmRkcX/BHCdM6y6tVwUqaMGU1SVSoXaf3S
	wtfiu43l6Y6qY8kaJXK6uh0HEpotozye4rvByvH3amn9L3uURk0q0eOhUGpe/AvcOakbst
	Vxav1iJA20SXDNB/br3IDgTx71vWq+vsv3h/m/ZB39Ct+LqH4selb4LGRtCaJqpxLpGU4w
	nqXgI9KERIkf7A8JhQz6GgsRZDRQa3u7rTd0JUnL1V98xOn6RpZ0+RhSmkI/OQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1746529543; a=rsa-sha256; cv=none;
	b=eeWWP7OuGi5MCABAZNt/LazxCs1jnrGg9Coj7Haf263fDFQOWMbry1Kw04Rbte49nrI6mq
	dFWXGFpmLc+9n7J/djrmWT3PLFUVTKHpQMzjBwEUgY6PGZ2xZ/nDgDu6eDgoJyrAZGMZRS
	xWuok/OKjyyWg4gEiyu1Mj0RRzV1B95Tcx1O71Ay+Nyzs8hiiAmJL1OvzIIoEJv+MgjP5T
	Qn2VhFmJCpNxt+Jmm/OTqpmJ7KBntIpLERrGGqOsvofNXhsnZESGYFDf4TXlFBdKNXtIQd
	1PJ5SjVxX/mxLzn0a/SNoM7RpgX+k4gdZBIFpsJBi/ukUZH7SESrI5eeD4Ss5Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
Received: from fauth-a2-smtp.messagingengine.com (fauth-a2-smtp.messagingengine.com [103.168.172.201])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	(Authenticated sender: dch/mail)
	by smtp.freebsd.org (Postfix) with ESMTPSA id 4ZsFtZ6hDczmjX;
	Tue, 06 May 2025 11:05:42 +0000 (UTC)
	(envelope-from dch@FreeBSD.org)
Received: from phl-compute-02.internal (phl-compute-02.phl.internal [10.202.2.42])
	by mailfauth.phl.internal (Postfix) with ESMTP id 6BDC21200043;
	Tue,  6 May 2025 07:05:42 -0400 (EDT)
Received: from phl-imap-16 ([10.202.2.88])
  by phl-compute-02.internal (MEProxy); Tue, 06 May 2025 07:05:42 -0400
X-ME-Sender: <xms:Bu0ZaBo_QWMDofnVJ2aFlHBHcCFtwQuL-I1Jp9nXbKV4KAIQ3iigCA>
    <xme:Bu0ZaDpWZ-FDWNyBqV4oxPqRUVv22zAjXi3Vf4mEqoj6ekKbRWnrybDpRP63CRpHu
    8PcEfN_ZVdAGJF8zA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddvkeefkeduucetufdoteggodetrf
    dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv
    pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucesvcftvggtihhpih
    gvnhhtshculddquddttddmnecujfgurhepofggfffhvfevkfgjfhfutgfgsehtjeertder
    tddtnecuhfhrohhmpedfffgrvhgvucevohhtthhlvghhuhgsvghrfdcuoegutghhsefhrh
    gvvgeuufffrdhorhhgqeenucggtffrrghtthgvrhhnpeffudekleekkeeuleduleettedv
    geffjeduleegudfgtdelheetleegvedtfedvheenucevlhhushhtvghrufhiiigvpedtne
    curfgrrhgrmhepmhgrihhlfhhrohhmpegutghhodhmvghsmhhtphgruhhthhhpvghrshho
    nhgrlhhithihqdduvdegledutdefgeduqdduvddufeduudejjedquggthheppefhrhgvvg
    euufffrdhorhhgsehfrghsthhmrghilhdrfhhmpdhnsggprhgtphhtthhopeegpdhmohgu
    vgepshhmthhpohhuthdprhgtphhtthhopegtphgvrhgtihhvrgesfhhrvggvsghsugdroh
    hrghdprhgtphhtthhopehfrhgvvggsshguqdhgihhtsehfrhgvvggsshgurdhorhhgpdhr
    tghpthhtohepkhgvvhgrnhhssehfrhgvvggsshgurdhorhhgpdhrtghpthhtohepkhhosh
    htihhksggvlhesghhmrghilhdrtghomh
X-ME-Proxy: <xmx:Bu0ZaOMqUJEfKdd65cl8KpNzNKm6eRQ14FRedV5Auy3JbwSUqueQGA>
    <xmx:Bu0ZaM6g0Y3ERO2xxnIXGATvzBvhwWY253QoSK-DdRYE_3qIKb0lkw>
    <xmx:Bu0ZaA5Q5tZ0w8GoHVJg7KNXgOXNIRK7H4TX5vuqsNcJTgw9Zz0_kA>
    <xmx:Bu0ZaEhGy907hrUfUQJx0D6gp2o1lVFABs6vXTF43czXMqvjd5Twqw>
    <xmx:Bu0ZaC4ur732PUh67Dzt6rHORDQG_1jcoVolKZVp68cE_o0Z8UA0yvRM>
Feedback-ID: icedc46df:Fastmail
Received: by mailuser.phl.internal (Postfix, from userid 501)
	id 48DF52CC0075; Tue,  6 May 2025 07:05:42 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
List-Id: Discussion of git use in the FreeBSD project <freebsd-git.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-git
List-Help: <mailto:freebsd-git+help@freebsd.org>
List-Post: <mailto:freebsd-git@freebsd.org>
List-Subscribe: <mailto:freebsd-git+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-git+unsubscribe@freebsd.org>
Sender: owner-freebsd-git@FreeBSD.org
MIME-Version: 1.0
X-ThreadId: T79ac2f494f23bb88
Date: Tue, 06 May 2025 11:05:22 +0000
From: "Dave Cottlehuber" <dch@FreeBSD.org>
To: "Konstantin Belousov" <kostikbel@gmail.com>,
 "Kyle Evans" <kevans@freebsd.org>
Cc: freebsd-git@freebsd.org, "Colin Percival" <cperciva@freebsd.org>
Message-Id: <161bb38e-19e1-48cf-a75a-9a7365a6b841@app.fastmail.com>
In-Reply-To: <aBh9uuaPy8Vd9V38@kib.kiev.ua>
References: <9f48a955-5f8a-450c-94c1-2a7d9d69ecb9@FreeBSD.org>
 <aBh9uuaPy8Vd9V38@kib.kiev.ua>
Subject: Re: got(1) in base consideration
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

On Mon, 5 May 2025, at 08:58, Konstantin Belousov wrote:
> On Sun, May 04, 2025 at 08:50:46PM -0500, Kyle Evans wrote:
>> Hi,
>> 
>> I've been toying around with the idea of pulling got(1) into base, but
>> hidden off into /usr/libexec and not supporting it for general usage. The
>>
>
> What is the intended audience of the setup?
> Who would not install normal git port but still want /usr/src populated?
> For what purpose?

thanks Kyle

Konstantin this sounds very interesting from a releng perspective.

>From a security perspective today, building freebsd from trusted sources
using a git clone (as we do in official releng builds) requires building
git itself, which means we pull in a very large set of dependencies
from well outside the FreeBSD project, including python, perl, curl, 
cmake -- 49 dependencies in all, assuming git-tiny flavour is sufficient.

In comparison, got (as built today from ports) requires only:

got
libretls
pkgconf
(and pkg ofc)

This is a much more reasonable subset. Assuming there's nothing surprising
in how we use git in releng, having just enough `got` tooling in FreeBSD
source makes our trusted build provenance simpler for somebody to verify.

It shouldn't stop anybody from using git directly to build from sources.
There are only a few git-related calls in release.sh I will have a crack
at building with `got` only.

A+
Dave