[oe] [PATCH] checksums.ini: correct wrong checksums
Philip Balister
philip at balister.org
Mon Nov 10 14:13:45 UTC 2008
Koen Kooi wrote:
> On 09-11-2008 17:54, Phil Blundell wrote:
>> On Sun, 2008-11-09 at 16:28 +0300, Dmitry Baryshkov wrote:
>>>
>>> [http://gpephone.linuxtogo.org/download/gpephone/libchenabler-0.1/libchenabler-0.1.tar.gz]
>>>
>>> -md5=f29e1e63fcc55e3ae4e81f5ee9dd7bdd
>>> -sha256=448a3ab76109664bb6bd8bcc2c62d957c7d44b52e39c37d91b3b73b5cfe35a3f
>>> +md5=866fd13611a8de946428db1df9be8468
>>> +sha256=74def55ba6a61e966e0873a4081fd3dd65089b94b837810d3bc056221d7e41c7
>>
>> How did these wrong checksums get in there? It seems to defeat the
>> point of checksums.ini if the data isn't trustworthy.
>
> The gpephone people are in a habit of replacing the tarballs to get
> bugfixes to people instead of doing a new release. So the problem here
> is that _upstream_ is making a mess of things.
> This also highlights why OE is now strictly enforcing checksums.
I'd like to see one commit per checksum change with the details in the
commit message. This we we can easily find when I package checksum
changed. This way we can easily identifu when the source changed but the
version number did not.
This might be useful in the future for debugging the package. As in
feature X used to work, but all of a sudden broke, even though the
version did not change.
Philip
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3303 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.openembedded.org/pipermail/openembedded-devel/attachments/20081110/b85fa5a1/attachment-0002.bin>
More information about the Openembedded-devel
mailing list