Re: Review guidelines source checksum algorithm

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

On Sat, 2 Apr 2011 13:35:43 +0200, Björn wrote:

> Garrett Holmstrom wrote:
> > The main review guidelines page [1] specifically requires that one use
> > md5sum to compare packages' tarballs against those from upstream.  Is it
> > necessary to require a specific algorithm?  If so, should it still be
> > MD5 in this day and age?

The guidelines say "should" not "MUST". An attempt at making clear that
the reviewer (and the packager) should actually run some tool to compare
the included tarball with upstream's. Else some reviewers would just
compare the file name or check that the URL is valid, but not compare
any tarballs.

sha256sum would be fine, too, of course.

> Why use checksums at all when diff works just fine?
> Björn Persson

Sure, binary diff (byte-wise comparison I guess) is fine, too.
packaging mailing list

[Home]     [Fedora Legacy]     [Fedora Desktop]     [Red Hat 9 Bible]     [Fedora Bible]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]

Powered by Linux