Lazy IO tends to keep file handles open until the entire file is read,
which in this case may never happen. This leads to the process exceeding
the system's file descriptor limit, resulting in #35.
Implement a new flag "--write-metadata" which will create, in the output
directory, a file "foliage/packages.json" with metadata about the
package provenance.
The file package.json file looks like this
```
{
"Win32-network-0.1.0.0": {
"source": {
"url": "github:input-output-hk/Win32-network/3825d3abf75f83f406c1f7161883c438dac7277d"
},
"timestamp": "2022-10-17T00:00:00Z"
},
"Win32-network-0.1.1.0": {
...
```
The idea is that tools fetching the repo can also fetch this file to
obtain information about the package provenance.
- Summary page has the list of all packages available (with details of the latest version)
- Timeline page has the list of all entries as they appear in the index
Also:
- Rebuild sdists is they are missing
Also introduce sanity checks for the following cases
- Package timestamp is later than any revision timestamp
- Package has no timestamp but has revisions
The above cases do not make any sense and are considered invalid.
Now the tarballs are downloaded only once but now each package name and
version is unpacked independently in its own directory. Then patches are
applied there.
Doesn't quite work because srcDir is unique by url, so if you have the
same url with different versions, things will collide. This is a bug
that might affect patching too.
I was applying patches only when making the source distribution but
patches might modify the cabal file which goes into the index (yes one
should use revisions for that).
I am now applying patches right after I have the package source.
