(address . bug-guix@gnu.org)
ELPA importer supports MELPA[1] currently. But MELPA is a rolling
archive, which does not persist any old version tarball of
package, and harmful for reproducible build.
It's still useful for Guix packager to import package from MELPA to
draft a sketch of Emacs package, but it's not a reliable download
service. We may better warn user don't submit package which download url
belongs to MELPA. Maybe emit warning while executing `guix import elpa -a
melpa XXX`, or writing this rule to manual.
[1]: the stable archive is "MELPA stable", I use term "MELPA" to refer
to the unstable one.
--
Retrieve my PGP public key: https://meta.sr.ht/~citreu.pgp
Zihao
-----BEGIN PGP SIGNATURE-----
iQFIBAEBCAAzFiEE7NCVzXX6efyusptG1SOVn+xGFqYFAl++KnQVHGFsbF9idXRf
bGFzdEAxNjMuY29tAAoJENUjlZ/sRhamfasH9jxauMcL6gBh7pbAYzgvcY1JgkvT
MRbg7LC8qo3swIxpTmcVQqy9GcBEmnzpf9vn63E4Qpz9MmLpt2s+4IHI5Cy2RkrW
01gvjw/j8UINfZrdZ3hhhOY9uOrJTYvbSmqbNRv0f7YCTx1oQ3Im0qnGdNTOQaZQ
OYW7B4B43fHfuUGGZrJzUvQdPl4txycr6zfPBWzI6YaA2OVbmv7demptw7xTzcKv
61TUuenGens7Gw44PNLDL3Rxuxyz7NE+8C1t482INztLrqy0BmRblLtptHZyb5kC
3vt+GHDnzwom98sK1S8auj5yXLWT4yhjeaaVHLBxGNb0mNawfluDFPYRiQ==
=QhaM
-----END PGP SIGNATURE-----