Date: Wed, 22 May 2002 09:46:53 -0700 From: Scott Renfro <scott@renfro.org> To: "Andrey A. Chernov" <ache@nagual.pp.ru> Cc: kris@obsecurity.org, ports@FreeBSD.ORG, portmgr@FreeBSD.ORG, core@FreeBSD.ORG Subject: Re: My position on commiters guide 10.4.4 Message-ID: <20020522094653.A63157@renfro.org> In-Reply-To: <20020522041150.GA92851@nagual.pp.ru>; from ache@nagual.pp.ru on Wed, May 22, 2002 at 08:11:51AM %2B0400 References: <20020522041150.GA92851@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, May 22, 2002 at 08:11:51AM +0400, Andrey A. Chernov wrote: > > http://www.freebsd.org/doc/en_US.ISO8859-1/articles/committers-guide/ports.html#Q10.4.4. > > I am in strong disagreement with this rule, because, in general, it > is not a porter tasks described there. Lets go into details. First of > all, here is whole text to make citation easy to find: This is a reasonable rule for which the intent is clear: when updating a checksum without a corresponding version change, take reasonable measures to ensure the authenticity of the change. Here's my interpretation of the rule. For many ports where this situation arises, a diff of the two different distfiles is sufficient to verify that it was an intended and superficial change (e.g., corrects a typo in a README, repackages the files into a single subdirectory instead of the tarfile's top level directory, or adds a forgotten file). In rarer situations, diffing the distfiles won't easily work. (e.g., don't have the old file, it contains modified object files, or the changes are significant enough that the changes aren't immediately obvious to the porter). In these cases, the porter should contact the original authors for an explanation and verification of the new distfile's checksum -- which is more or less what 10.4.4 requires. As I read 10.4.4, these two steps are effectively an 'or' clause. Review the diff 'or' contact the original author. That's a quite reasonable burden on a porter. If the diff isn't possible or doesn't make sense and the authors won't respond, then don't update the checksum. If the diff is obviously ok or the authors verify the authenticity of the change, then update the checksum, noting what changed in the commit message. at least that's mho, --Scott -- Scott Renfro <scott@renfro.org> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020522094653.A63157>