Date: Sat, 10 Sep 2011 07:03:41 -0700 From: perryh@pluto.rain.com To: bapt@freebsd.org Cc: lev@freebsd.org, freebsd-ports@freebsd.org Subject: Re: [RFC] New ports idea: github / gitorious / bitbucket direct support. Message-ID: <4e6b6e3d.58E89hPS0974IMyM%perryh@pluto.rain.com> In-Reply-To: <20110909130458.GO31003@azathoth.lan> References: <765103585.20110909143052@serebryakov.spb.ru> <20110909130458.GO31003@azathoth.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
Baptiste Daroussin <bapt@freebsd.org> wrote: > The main problem with that is: we have no way to keep a valid sum > of the distfiles if it is autogenerated (in particular with github) > and this sum is really important. No question about the importance of the checksum, to prevent trojans and other problems if the distfile were to change "silently". If I am understanding correctly, you seem to be saying that two distfiles autogenerated from the _same_ tag etc. in the _same_ repository, and actually containing exactly the same code, can nevertheless generate different checksums!? Wouldn't that be a bug in the DVCS?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4e6b6e3d.58E89hPS0974IMyM%perryh>