[pacman-dev] [PATCH] makepkg: Change the default integrity check to sha256.

Allan McRae allan at archlinux.org
Thu Jun 5 17:34:51 EDT 2014

On 06/06/14 05:39, me at the-compiler.org wrote:
> From: Florian Bruhin <git at the-compiler.org>
> There were a few bug reports related to this:
>     https://bugs.archlinux.org/task/39210
>     https://bugs.archlinux.org/task/38543
>     https://bugs.archlinux.org/task/37215

And all those were rejected...

The default means that people are using "makepkg -g" to generate them,
so is useless.  People should be using whatever upstream publishes (or
better pgp signatures) to verify files.


More information about the pacman-dev mailing list