[pacman-dev] [PATCH] makepkg: check all integrity sums found in the PKGBUILD

Dan McGee dpmcgee at gmail.com
Sat Aug 23 13:58:14 EDT 2008

On Sat, Aug 23, 2008 at 12:55 PM, Xavier <shiningxc at gmail.com> wrote:
> On Sat, Aug 23, 2008 at 5:21 PM, Dan McGee <dan at archlinux.org> wrote:
>> Currently we use the INTEGRITY_CHECK array from makepkg.conf to limit both
>> the integrity sums generated and checked. It doesn't make a whole lot of
>> sense to ignore integrity sums that are present in a PKGBUILD, so this patch
>> will enable checking any that are available, but will only print a warning
>> about missing sums for those types found in INTEGRITY_CHECK.
>> It also adds a slight optimization of checking for openssl- we only need to
>> check once now because we use the same program for all checks.
> Sounds good to me.
> I think the warning about missing sums could be even printed in any
> cases, but I understand the point of view that you only care about the
> ones specified in INTEGRITY_CHECK so it seems good (and closer to the
> old behavior).

I figured 6 warnings, and especially the one about missing sha384
sums, would piss off a few too many people, so I decided to add this
little check in. :)


More information about the pacman-dev mailing list