From owner-freebsd-ports@FreeBSD.ORG  Sat Sep 10 07:11:44 2011
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id EB7EE106566B;
	Sat, 10 Sep 2011 07:11:44 +0000 (UTC)
	(envelope-from perryh@pluto.rain.com)
Received: from agora.rdrop.com (agora.rdrop.com [IPv6:2607:f678:1010::34])
	by mx1.freebsd.org (Postfix) with ESMTP id CA9338FC08;
	Sat, 10 Sep 2011 07:11:44 +0000 (UTC)
Received: from agora.rdrop.com (66@localhost [127.0.0.1])
	by agora.rdrop.com (8.13.1/8.12.7) with ESMTP id p8A7BhAp099263
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
	Sat, 10 Sep 2011 00:11:44 -0700 (PDT)
	(envelope-from perryh@pluto.rain.com)
Received: (from uucp@localhost)
	by agora.rdrop.com (8.13.1/8.12.9/Submit) with UUCP id p8A7Bh99099261; 
	Sat, 10 Sep 2011 00:11:43 -0700 (PDT)
Received: from fbsd81 ([192.168.200.81]) by pluto.rain.com
	(4.1/SMI-4.1-pluto-M2060407) id AA13164; Sat, 10 Sep 11 00:03:56 PDT
Date: Sat, 10 Sep 2011 07:03:41 -0700
From: perryh@pluto.rain.com
To: bapt@freebsd.org
Message-Id: <4e6b6e3d.58E89hPS0974IMyM%perryh@pluto.rain.com>
References: <765103585.20110909143052@serebryakov.spb.ru>
	<20110909130458.GO31003@azathoth.lan>
In-Reply-To: <20110909130458.GO31003@azathoth.lan>
User-Agent: nail 11.25 7/29/05
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Cc: lev@freebsd.org, freebsd-ports@freebsd.org
Subject: Re: [RFC] New ports idea: github / gitorious / bitbucket direct
 support.
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Sep 2011 07:11:45 -0000

Baptiste Daroussin <bapt@freebsd.org> wrote:

> The main problem with that is: we have no way to keep a valid sum
> of the distfiles if it is autogenerated (in particular with github)
> and this sum is really important.

No question about the importance of the checksum, to prevent trojans
and other problems if the distfile were to change "silently".

If I am understanding correctly, you seem to be saying that two
distfiles autogenerated from the _same_ tag etc. in the _same_
repository, and actually containing exactly the same code, can
nevertheless generate different checksums!?  Wouldn't that be a
bug in the DVCS?