Change link for MacOS Binary Installer to support Apple Silicon #1774
Comments
|
thanks for reporting the issue @tongfa indeed, the original repo seems a bit abandoned ATM (PRs without any feedback for 7 months timcharper/git_osx_installer#190) but the project you mentioned does not seem to be releasing all versions frequently (only 2 releases under https://github.com/MoravianUniversity/git_osx_installer/releases), so I'm not totally comfortable referencing that project yet... |
|
I am running that other repo and only recently started. My plan has been to have 2 releases a year: one in August and one in January. This lines up with an update just before each semester of school when we release new setups for our introductory course. This seems like it will be just behind by a few minor versions at each release. I can also release on-demand as it only takes a few minutes (I just posed 2.40). Is there a way I can "watch" for new releases? git doesn't make official releases through GitHub so I can't subscribe there. |
|
Note: I (and many at the school) have been using this version on Apple Silicon and Apple Intel and the only known issues are with the GUI due to Tk library issues. Currently, the installer is unsigned, but over the summer I plan on setting up signing so they can be installed with even fewer issues. |
|
thanks for jumping in @coderforlife ! on our side we have a scheduled job to check for new releases. see https://github.com/git/git-scm.com/blob/main/lib/tasks/downloads.rake we also have a scheduled job to check new git versions and import man pages at https://github.com/git/git-scm.com/blob/main/lib/tasks/index.rake does this help? @peff / @jnavila any thoughts against using this new project as source for mac versions given this info? |
|
I took a cheap way out and used visualping.io on git-scm.com/download to
tell me when there is a change in the version number. I don't plan on
updating extremely rapidly, but I do guarantee at least twice a year
(January and August) with some other random ones in between.
…On Wed, Mar 29, 2023 at 5:49 AM Pedro Rijo ***@***.***> wrote:
thanks for jumping in @coderforlife <https://github.com/coderforlife> !
on our side we have a scheduled job to check for new releases. see
https://github.com/git/git-scm.com/blob/main/lib/tasks/downloads.rake
we also have a scheduled job to check new git versions and import man
pages at https://github.com/git/git-scm.com/blob/main/lib/tasks/index.rake
does this help?
@peff <https://github.com/peff> / @jnavila <https://github.com/jnavila>
any thoughts against using this new project as source for mac versions
given this info?
—
Reply to this email directly, view it on GitHub
<#1774 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AALXNGD7GGXTNWQGFCPPIADW6QAQ7ANCNFSM6AAAAAAV2TLKDI>
.
You are receiving this because you were mentioned.Message ID: <git/git-scm
.***@***.***>
|
|
I don't have a strong opinion on this new project source. In a sense, pointing to work that exists is mostly better than not, because people can choose to use it or not. But I do think we don't have a very coherent view on software supply chain security. Linking from the site indicates at least some endorsement. Not that I think @coderforlife is trying to upload malicious packages or anything, but we could end up in a situation where, say, his laptop gets owned, a trojan version is uploaded to his GitHub repo, and then our link causes it to get distributed widely. I'm not sure what linking from our site implies to people about the security practices of those binaries. But it feels like we're being put on the hook for those practices. And again, I'm not questioning @coderforlife's practices in particular; this is something the community probably should have figured out long ago and didn't (including for things like the existing links to @timcharper's binaries). So I dunno. It seems like maybe something that should get input from the broader community on the mailing list. I'll send a note there. |
|
Could GitHub actions with MacOS runners be used to build in a public manner that gives us more comfort? I think the MacOS runners are free for public repos, but I'm not 100% sure on that. |
They aren't. But there is a monthly time budget of 2 000 minutes (which would be 200 macOS minutes) included with free accounts and organizations. |
|
The package only takes <5 minutes to build, but it sounds like that is 50 out of the 2000 minutes, which may be manageable. |
@peff did you ever get around to do that? Given that most macOS users apparently seem to use the Homebrew variant of Git, it might be a good idea to change the download page on this here site accordingly and stop advertising outdated macOS binaries with known vulnerabilities. |
|
|
I have no problem with dropping the existing (outdated) binaries and just pointing people to Homebrew (or the Apple releases). Most of what is on the site is there from inertia. I am not a mac user myself, so I don't have a good sense of what most people would do or want. |
|
Yeah, git packaging is solved by Apple at this point. Best to use their packaging. I'm really sorry, I should have been more noisy about my lack of support for the Git OS X installer 🙈. Dropped the ball there. I suck. I'm using Linux full time for development, and have for several years. |
|
@timcharper No problem, and thank you for all the work you put in over the years! |
|
I have been releasing a successor to Tim Harper and added support for the M
series chippers to the installer. I mostly wanted to add my two cents on
why I will keep this installer for my own purposes:
- macOS does have a git but you have to install the Xcode command line
tools to get it and those are around a 1GB download and almost every time
the OS is updated (including minor) they usually need to be reinstalled.
- the alternative is brew, but brew requires the Xcode command line tools
as well.
This seems like major overhead if all you need is git. In many cases it is
totally reasonable, but there are situations (like testing something in a
VM) where you just need a quick git install.
…On Tue, Nov 19, 2024 at 7:32 AM Jeff King ***@***.***> wrote:
@timcharper <https://github.com/timcharper> No problem, and thank you for
all the work you put in over the years!
—
Reply to this email directly, view it on GitHub
<#1774 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AALXNGCIAJXCXMJELVS2EOD2BMVTXAVCNFSM6AAAAABSALPH2KVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIOBVGU4DIOJSHE>
.
You are receiving this because you were mentioned.Message ID: <git/git-scm
.***@***.***>
|
@coderforlife this is still very much an issue. From looking at https://github.com/MoravianUniversity/git_osx_installer/actions, it would appear that none of the releases are built by GitHub workflows (which would be somewhat transparent), but instead they are built behind closed doors. I want to trust people, but we live in times where Solarigate and the xz backdoor are realities, and therefore we must exact much more diligence than we did in the past. One option would be to move https://github.com/MoravianUniversity/git_osx_installer to the Another option would be to lift the work we have done in With notarization, it is a bit unclear to me what is the proper course of action, IIUC Apple's hands need to be crossed with silver to make that happen. If the Git project would use project management techniques like a roadmap and milestones, then an effort like this could be put there, but unfortunately, the Git project does not employ those, it's way more fuzzy than that. Based on the reflexive "I don't do Windows" reactions I usually get on the Git mailing list when bringing up Windows-specific issues, I could imagine that any initiative to get any kind of public commitment to provide macOS builds would be likely doomed. Hmm. I do not want to leave this reply on a downcast note, so here is yet another, crazy option: We could instead advertise the |
|
I don't think my package should be the official one, in fact, I would love it if it just happened elsewhere. I had no idea My recommended solutions would be as follows:
|
Which download is failing?
The MacOS Binary Installer
Problem
The MacOS Binary Installer is out of date, for example it does not support Apple Silicon which has been available since November 2020.
Operating system and browser
MacOS
Steps to reproduce
Other details
After going through this, I started researching what it would take to build the git installer myself for Apple Silicon. In that process, I discovered that @coderforlife has built an installer that supports Apple Silicon, and he has released it through Moravian University's github organization at:
https://github.com/MoravianUniversity/git_osx_installer
I have installed the installer on a Macbook Air that does not have Rosetta2 installed and I was able to clone a repo, use
git config ...and push some commits back to github. It passed my smoke test.My suggestion is to change the link on the downloads page to point to the above repo instead of Tim Harper's.
I'm willing to PR this if there is consensus.
The text was updated successfully, but these errors were encountered: