Next: Invoking guix hash
, Previous: Invoking guix edit
, Up: 工具 [Contents][Index]
guix download
When writing a package definition, developers typically need to download a
source tarball, compute its SHA256 hash, and write that hash in the package
definition (see 定义软件包). The guix download
tool
helps with this task: it downloads a file from the given URI, adds it to the
store, and prints both its file name in the store and its SHA256 hash.
The fact that the downloaded file is added to the store saves bandwidth:
when the developer eventually tries to build the newly defined package with
guix build
, the source tarball will not have to be downloaded
again because it is already in the store. It is also a convenient way to
temporarily stash files, which may be deleted eventually (see Invoking guix gc
).
The guix download
command supports the same URIs as used in
package definitions. In particular, it supports mirror://
URIs.
https
URIs (HTTP over TLS) are supported provided the Guile
bindings for GnuTLS are available in the user’s environment; when they are
not available, an error is raised. See how to install
the GnuTLS bindings for Guile in GnuTLS-Guile, for more
information.
guix download
verifies HTTPS server certificates by loading the
certificates of X.509 authorities from the directory pointed to by the
SSL_CERT_DIR
environment variable (see X.509证书), unless
--no-check-certificate is used.
Alternatively, guix download
can also retrieve a Git repository,
possibly a specific commit, tag, or branch.
The following options are available:
--hash=algorithm
-H algorithm
Compute a hash using the specified algorithm. See Invoking guix hash
, for more information.
--format=fmt
-f fmt
Write the hash in the format specified by fmt. For more information
on the valid values for fmt, see Invoking guix hash
.
--no-check-certificate
Do not validate the X.509 certificates of HTTPS servers.
When using this option, you have absolutely no guarantee that you are communicating with the authentic server responsible for the given URL, which makes you vulnerable to “man-in-the-middle” attacks.
--output=file
-o file
Save the downloaded file to file instead of adding it to the store.
--git
-g
Checkout the Git repository at the latest commit on the default branch.
--commit=commit-or-tag
Checkout the Git repository at commit-or-tag.
commit-or-tag can be either a tag or a commit defined in the Git repository.
--branch=branch
Checkout the Git repository at branch.
The repository will be checked out at the latest commit of branch, which must be a valid branch of the Git repository.
--recursive
-r
Recursively clone the Git repository.
Next: Invoking guix hash
, Previous: Invoking guix edit
, Up: 工具 [Contents][Index]