We'd like to use a consistent checksum scheme everywhere so that we can:
a) incorporate archive checksums into our specs and have a
consistent hashing algorithm across all specs.
b) index mirrors with a consistent type of checksum, and not one that
is dependent on how spack packages are written.
- [x] convert existing md5, sha224, sha512, sha1 checksums to sha256
Add dependencies to CMake and GnuTLS which would otherwise be
picked up from the system
* Add gnutls as explicit dependency of CMake
* Add new package libidn2 as explicit dependency for gnutls
- remove the old LGPL license headers from all files in Spack
- add SPDX headers to all files
- core and most packages are (Apache-2.0 OR MIT)
- a very small number of remaining packages are LGPL-2.1-only
* Fix nettle dependency
GnuTLS requires a nettle from the 2.7 series, won't work
with 3.x (so sayeth configure when it crashes...).
* Fix configure symlinking GNUmakefile to itself
I'm confused about how this ever worked, but....
As configure runs, it does something like this:
```
config.status: linking /home/hartzelg/tmp/spack/var/spack/stage/gnutls-3.3.9-uq2u4ecucncv2l3akran765aystyvkys/gnutls-3.3.9/GNUmakefile to GNUmakefile
```
and since that is the cwd the build crashes with:
```
==> 'make' '-j28'
make: GNUmakefile: Too many levels of symbolic links
make: stat: GNUmakefile: Too many levels of symbolic links
make: *** No rule to make target `GNUmakefile'. Stop.
```
Since the comment in the configure script points out that the
GNUmakefile is "only for the maintainer" I've just commented out the
bit that leads to the symlinking.
Builds for me on CentOS 7. (I do have a recent-ish set of auto-*
things in my patch via linuxbrew)
* Wordsmith
* Fix symbolic link problem properly
Autotools magic. See #3565 for the details.
* Flake8 cleanup
* Add some headroom on the version number constraint
We really want < 3.0 but there's not a good way to express it.
We'd like to avoid having to update the file if they release 2.7.2.
This seems like a good compromise.
Package repositories now look like this:
top-level-dir/
repo.yaml
packages/
libelf/
package.py
mpich/
package.py
...
This leaves room at the top level for additional metadata, source,
per-repo configs, indexes, etc., and it makes it easy to see that
something is a spack repo (just look for repo.yaml and packages).
