[aur-general] Auto-generated Github tarballs format change (Was: TU Application: Daniel M. Capella)
Baptiste Jonglez
baptiste at bitsofnetworks.org
Thu Nov 15 09:52:27 UTC 2018
On 15-11-18, Eli Schwartz via aur-general wrote:
> On 11/14/18 11:50 PM, Daniel M. Capella via aur-general wrote:
> > Quoting Levente Polyak via aur-general (2018-11-14 17:00:38)
> >> - tests are awesome <3 run them whenever possible! more is better!
> >> pulling sources from github is favorable when you get free tests
> >> and sometimes manpages/docs
> >
> > Will work with the upstreams to distribute these. I prefer to use published
> > offerings as they are what the authors intend to be used. GitHub autogenerated
> > tarballs are also subject to change:
> > https://marc.info/?l=openbsd-ports&m=151973450514279&w=2
>
> I've seen the occasional *claim* that this happens, but I've yet to see
> any actual case where this happens and it isn't because of upstream
> force-pushing a tag.
See https://bugs.archlinux.org/task/60382 for an example.
I still had the old archive around so I spent some time comparing it with
the new one:
- I compared the checksum of each individual file in the archives, and
they were all identical
- I compared the raw tar files after decompressing, and there were just a
few bytes that were moved around
This really suggests a slight format change in the way the tarball was
generated (could be file ordering).
If you want to double check, here they are:
- old archive from May 2017: https://files.polyno.me/arch/kashmir-20150805-20170525.tar.gz
- new archive: https://files.polyno.me/arch/kashmir-20150805.tar.gz
Baptiste
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/aur-general/attachments/20181115/ca791437/attachment.asc>
More information about the aur-general
mailing list