On 20/6/21 11:24 am, Andrew Gregory wrote:
On 06/14/21 at 01:15pm, morganamilo wrote:
Github and other sites redirect their downloads to a cdn. So the download http://foo.org/myrepo.db may redirect to something like https://cdn.foo.org/83749327439.
This then causes pacman to try and download the sig as https://cdn.foo.org/83749327439.sig which is incorrect. In this case pacman should append .sig to the original url.
However urls like https://archlinux.org/packages/community/x86_64/0ad/download/ Redirect to the mirror, so .sig has to appended after the redirects and not before.
So we decide if we should append .sig on the original or effective url based on if the effective url has .db or .pkg in it.
Fixes FS#71148
At some point we need to stop chasing what sites are doing and lay out specific requirements for mirrors because any heuristic we use is going to break somebody's setup. This patch might work for github's current url scheme, but there's nothing stopping them or others from putting .db somewhere in the middle of the url. I'm really tempted to just always append .sig to the original url and say that it's up to people using redirection to make sure that's valid and all possible destinations are properly synced.
I agree. However, still want to accept this patch for 6.0.1 as it restores 5.2.x behaviour. We can decide limitations on what we support in future releases and make an annoucement later. Allan