[FFmpeg-devel] snapshots differ from git clone
michael at niedermayer.cc
Wed Aug 3 03:12:11 EEST 2016
On Tue, Aug 02, 2016 at 10:41:09PM +0000, Timothy Gu wrote:
> On Tue, Aug 2, 2016 at 3:10 PM Nicolas George <george at nsup.org> wrote:
> > Le sextidi 16 thermidor, an CCXXIV, Jan Ehrhardt a écrit :
> > > Because it is faster to download a snapshot and extract it than
> > > doing a git clone
> > I suggest you consider doing a shallow clone (--depth 1). It should take
> > roughly the same time as getting and unpacking a snapshot. IIRC, one of the
> > minor perks of doing that is that the version script will give a more
> > useful
> > version tag.
> At least here, Git is still slower. In addition, https://git.ffmpeg.org
> doesn't seem to support --depth.
> $ time curl https://www.ffmpeg.org/releases/ffmpeg-snapshot.tar.bz2 | tar
> -jxf -
> real 0m10.331s
> user 0m2.272s
> sys 0m0.312s
> $ git clone --depth=1 https://git.ffmpeg.org/ffmpeg.git ffmpeg2
> Cloning into 'ffmpeg2'...
> fatal: The remote end hung up unexpectedly
> fatal: protocol error: bad pack header
this is due to git wanting to write temporary files into the repository
which is not writable.
Making it writable would be trivial and thats how linaro seems to
have "fixed" it, but iam not sure thats a good idea security wise
Updatng the git to something beyond whats available from the official
ubuntu we use might fix this but then future security updates would
(recent git is available at
so we would still have distro provided packages but security support
would be an open question ...)
so while all solutions are kind of not hard, iam a bit undecided
what should be done about that
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Avoid a single point of failure, be that a person or equipment.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 181 bytes
Desc: Digital signature
More information about the ffmpeg-devel