Over at #1439368: Add Profiler library to whitelist, I realized that rather than whitelisting any potential library on d.o., it would be easier if the verify functionality allowed things like this:

; Profiler
libraries[profiler][download][type] = "git"
libraries[profiler][download][tag] = "6.x-2.0-beta2"
; http://drupal.org/node/913938
libraries[profiler][patch][] = "http://drupal.org/files/issues/profiler.user_access.patch"

So I guess the fix here would be to skip whitelist validation if an item in the libraries array contained download info, and that passed the normal verification of the project being on d.o.

Comments

dww’s picture

Seems reasonable, I guess. However, it's not obvious why we don't just use this in the .make file, instead:

projects[profiler][type] = "library"
projects[profiler][download][type] = "git"
projects[profiler][download][tag] = "6.x-2.0-beta2"
projects[profiler][patch][] = "http://drupal.org/files/issues/profiler.user_access.patch"

?

jhedstrom’s picture

Status: Active » Closed (works as designed)

I didn't realize that #1 would properly place the project in the libraries directory. Good call.