ivabus/pantry
1
0
Fork 0
mirror of https://github.com/ivabus/pantry synced 2024-11-13 03:55:18 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity
pantry/projects/bun.sh/package.yml

39 lines
1 KiB
YAML
Raw Normal View History

+bun.sh * Closes #1 * Using bun.sh binaries because we'll probs need to do the same for ziglang because ziglang OOMs during builds in CD * However in general we are happy to use the binaries the project built—they know what they are doing and we should trust them in that. * HOWEVER we should insist that they sign their binaries. Bun do not. * ALSO really we should insist on signed sources, see comments in the YAML for more discussion * Not using profile versions as they are not documented and seemingly less portable (based on reading the installer)
2022-12-26 18:27:28 +03:00
distributable:
url: https://github.com/oven-sh/bun/archive/refs/tags/bun-v{{version}}.tar.gz
warnings:
- vendored
versions:
github: oven-sh/bun
strip: /^Bun /
#FIXME proper system for re-using pre-built binaries
# we must require the vendor to provide signatures against a published public
# key. If they dont then really we should build ourselves or warn the user
# about the fact.
# The thing is, we trust the sources implicitly currently because signing is
# so rare. The only way wide spread signing will occur is via our protocol.
build:
dependencies:
curl.se: '*'
info-zip.org/unzip: '*'
working-directory: ${{prefix}}
script: |
curl -Lfo bun.zip "https://github.com/oven-sh/bun/releases/download/bun-v{{version}}/bun-$PLATFORM.zip"
unzip bun.zip
mv bun-$PLATFORM bin
rm bun.zip
env:
darwin/aarch64: {PLATFORM: darwin-aarch64}
darwin/x86-64: {PLATFORM: darwin-x64}
linux/aarch64: {PLATFORM: linux-aarch64}
linux/x86-64: {PLATFORM: linux-x64}
test:
bun --help
provides:
- bin/bun
Reference in a new issue Copy permalink