[pacman-dev] makepkg integrity check patches
chantry.xavier at gmail.com
Thu May 6 12:11:57 CEST 2010
On Thu, May 6, 2010 at 4:09 AM, Allan McRae <allan at archlinux.org> wrote:
> On 06/05/10 11:41, Loui Chang wrote:
>> On Thu 06 May 2010 10:51 +1000, Allan McRae wrote:
>>> 2) cd1378d makepkg: rework --skipinteg
>>> This is very, very, VERY useful. I did not have makepkg-git on my
>>> new computer earlier this week and the current makepkg behaviour
>>> annoyed me A LOT.
>>> This is particularly useful when testing out a patch that you need to
>>> repeatedly modify. You only need to update your checksums once it is
>>> working. I use this very frequently, but then again I do more
>>> packaging than most.
>> I believe this is bad behaviour. makepkg should be used to package
>> software, not help you develop patches for it.
> Not being condescending here, but you obviously do not do much packaging.
> Packaging software requires patching software. e.g. gcc-4.x header
> changes, libpng API changes, etc. It is a lot easier for me to run "makepkg
> --skipinteg" to test the state of a patch to fix build issues that it is to
> manually extract the tarball, apply the patch, configure, make...
To complete Allan's arguments :
90% of the pkgbuilds I build are not meant to be shared with anyone
else, usually ABS or AUR packages, sometimes slightly customized for
Why couldn't I enable a non-default behavior that skip integs when I
know they will fail and I don't care what the new checksums are ?
"non-default behavior" is the important part here, if this was
default, I would be totally against this behavior.
>>> 3) 5d911ae makepkg: allow skipping integrity checks when making
>>> source package
>>> And here is the fun one... "makepkg --source" currently requires
>>> checking all checksums. Using "-source --skipinteg" does not skip
>>> this, which in itself makes little sense to me. The argument that
>>> this stops people distributing packages with bad checksums is flawed.
>>> There is nothing stopping them doing that now. They just have to not
>>> use makepkg when creating the tarball, which could lead to even worse
>>> PKGBUILDs being distributed as none of makepkg's other checks would
>>> be performed.
>> Just because someone can manually make a bad source package there's no
>> excuse to put bad behaviour into makepkg. The same applies to binary
> Why is it bad behaviour? I think you are just assuming the user is stupid
> and will use it unnecessarily. "pacman -Rd" and "pacman -Sf" are stupid in
> most cases, but we do not remove them as they are also useful in others
> cases. Similarly, I provided two usage cases where it is perfectly
> reasonable behaviour to skip integrity checks.
> Skipping integrity checks is not going to be the default behaviour and does
> not even have a shorthand option. The user has to specifically want to use
> it. Lets make the assumption that if someone goes out of their way to type
> "--skipinteg", that they are doing it deliberately.
Agreed. If we assume the user is completely stupid, we can't develop
softwares. We can't produce anything actually.
We might need a notice or disclaimer to ship pacman and makepkg :P
More information about the pacman-dev