Archives
Archives
| From: | "Justin (jlec)" <jlec@g.o> |
|---|---|
| To: | Gentoo Dev <gentoo-dev@l.g.o> |
| Subject: | [gentoo-dev] Updating all Manifest to contain SHA256 SHA512 WHIRLPOOL |
| Date: | Fri, 18 Sep 2015 08:58:36 |
| Message-Id: | 55FBD22E.9090208@gentoo.org |
| 1 | Hello, |
| 2 | |
| 3 | there are quite a number of Manifest still not containing one or more of the |
| 4 | three hashes. I would like to update them as far as we can download the sources. |
| 5 | |
| 6 | Procedure would be: |
| 7 | 1. Download package |
| 8 | 2. verify current hashes match |
| 9 | 3. Calculate new |
| 10 | 4. commit |
| 11 | |
| 12 | Following question need to be answered first: |
| 13 | |
| 14 | Does anybody have any general objections, remarks or ideas on that? |
| 15 | |
| 16 | 2. |
| 17 | Any suggestion how to do this? repoman has a manifest-check function but that is |
| 18 | not functioning (bug filed). Any other tool around? Perhaps using pkgcheck? |
| 19 | |
| 20 | Ugly hack would be, tampering the downloaded sources and run repoman manifest |
| 21 | which would redownload the tarball and check again. |
| 22 | |
| 23 | 4. |
| 24 | What do you think is the best commit mode? PKG based, Cat based or repo based? |
| 25 | |
| 26 | |
| 27 | Thanks for your comments, |
| 28 | Justin |
| File name | MIME type |
|---|---|
| signature.asc | application/pgp-signature |
| Subject | Author |
|---|---|
| Re: [gentoo-dev] Updating all Manifest to contain SHA256 SHA512 WHIRLPOOL | hasufell <hasufell@g.o> |
| OpenPGP verification of source files (was: Re: [gentoo-dev] Updating all Manifest to contain SHA256 SHA512 WHIRLPOOL) | Kristian Fiskerstrand <k_f@g.o> |
| Re: [gentoo-dev] Updating all Manifest to contain SHA256 SHA512 WHIRLPOOL | "Robin H. Johnson" <robbat2@g.o> |
| Re: [gentoo-dev] Updating all Manifest to contain SHA256 SHA512 WHIRLPOOL | Tim Harder <radhermit@g.o> |
| Re: [gentoo-dev] Updating all Manifest to contain SHA256 SHA512 WHIRLPOOL | "Justin Lecher (jlec)" <jlec@g.o> |