[aur-general] requesting a critique for my build of xen-git-4.5.0-rc3
Florian Bruhin
me at the-compiler.org
Tue Dec 16 20:35:49 UTC 2014
* Pablo Lezaeta Reyes <prflr88 at gmail.com> [2014-12-16 13:50:58 -0300]:
> 2014-12-16 6:05 GMT-03:00 Florian Bruhin <me at the-compiler.org>:
> >
> > * Robert Mackanics <schnoopay at gmx.com> [2014-12-16 03:42:51 -0500]:
> > > On Monday, December 15, 2014 16:54:04 Marcel Korpel wrote:
> > > > Third, don't use md5sums to check file integrity; to avoid collisions,
> > > > it is recommended that you use sha256sums. You can set this
> > > > in /etc/makepkg.conf (and then you can use updpkgsums to generate
> > them).
> > >
> > > Should we have the makepkg.conf in the pacman package changed to sha256?
> > Seems
> > > like a good idea that shouldn't bite anybody.
> >
> > I submitted a patch and it was declined:
> >
> > https://lists.archlinux.org/pipermail/pacman-dev/2014-June/019081.html
> > https://lists.archlinux.org/pipermail/pacman-dev/2014-June/019083.html
> > https://lists.archlinux.org/pipermail/pacman-dev/2014-June/019084.html
> >
> > Florian
> >
> > --
> > http://www.the-compiler.org | me at the-compiler.org (Mail/XMPP)
> > GPG: 916E B0C8 FD55 A072 | http://the-compiler.org/pubkey.asc
> > I love long mails! | http://email.is-not-s.ms/
> >
>
> As far I underestand it was because "md5 is the most used", so I now add a
> commented line in my makepkgs that explain that "I use md5 cause pacman -g
> give that".
Just set INTEGRITY_CHECK=(sha256) in your /etc/makepkg.conf and
makepkg -g (not pacman -g, by the way) will give you that.
I still think that should be the default, but whatever.
> I thing maybe if a big number of user submit the patch ask in forums and/or
> add the bug (carelessly if is regected) that could bring the questioning if
> is a good idea use md5
Doesn't sound like a constructive way to approach this in my opinion.
Florian
--
http://www.the-compiler.org | me at the-compiler.org (Mail/XMPP)
GPG: 916E B0C8 FD55 A072 | http://the-compiler.org/pubkey.asc
I love long mails! | http://email.is-not-s.ms/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/aur-general/attachments/20141216/c88bb136/attachment.bin>
More information about the aur-general
mailing list