On Thu, Nov 6, 2008 at 9:37 AM, Thayer Williams <thayer@archlinux.org> wrote:
On Thu, Nov 6, 2008 at 7:28 AM, Aaron Griffin <aaronmgriffin@gmail.com> wrote:
On Thu, Nov 6, 2008 at 12:35 AM, Thayer Williams <thayer@archlinux.org> wrote:
Tonight I noticed the presence of sha1sums in a couple of PKGBUILDs I adopted. Are we adopting a new policy toward sha1sums? Did I miss the memo?
Which packages? I think it's technically fine as long as the md5sums are still there. If it's just sha1sums then I think the previous maintainer may have been feeling frisky
They did contain both types of hashes...I believe it was streamripper and numlockx. So it was just a case of someone thinking of future validation methods?
Well, I believe makepkg checks both if they both exist. It was someone being absolutely certain that the file is what we say it is 8)