[pacman-dev] [PATCH] makepkg: rework --skip-integ

Allan McRae allan at archlinux.org
Fri Oct 30 01:29:22 EDT 2009 

Loui Chang wrote:
> On Thu 29 Oct 2009 14:40 +1000, Allan McRae wrote:
>   
>> Jeff wrote:
>>     
>>>> Patch [1] extends the --skipinteg option allow the generation of
>>>> a source tarball without requiring the checking of the integrity
>>>> checks
>>>>         
>>> You've given the what, but what is the why? If the source integrity is
>>> flawed, then the generated source package is flawed. This seems like
>>> something that should be safeguarded against, IMO.
>>>       
>> I can come up with two use cases:
>>
>> 1) making a PKGBUILD for a snapshot release that is always accessible
>> from some sort of LATEST release directory symlink.  Many projects
>> use something like that.  That way the PKGBUILD does not need updated
>> every time a snapshot is release.  While it may be argued that it is
>> better to use a svn/cvs/git/etc PKGBUILD, in many cases the snapshots
>> are generally sanity checked before release.
>>     
>
>   
>> 2) This happens to me occasionally.  Someone sends me a PKGBUILD they
>> can not get working.  I see an obvious error, fix it and send the
>> PKGBUILD back saying "try this" because I really do not want to
>> download the sources/dependencies to check myself.
>>     
>
> In both cases if you could omit checksums and makepkg could interpret
> that as "the packager doesn't really care about integrity, skip checks".
>   

In case 2, why would I delete the checksums that are correct and 
supplied just because I do not want to download the source to check them?

> It could print a warning, and you don't need another fancy flag.
>   

Note it is not another fancy flag.  It is a reuse of an already 
implemented flag.   And that suggestion would mean that instead of the 
current error on no integrity checks, makepkg would instead just print a 
warning (which is as good as being silent early in the build process).  
My patch, keeps that error and the user has to go out of their way to 
use --skipinteg.  You would not type this unless you had a reason, so in 
the vast, vast majority of cases, the integrity checks will be performed.

Allan

More information about the pacman-dev mailing list