FS#20841 - [makepkg, PKGBUILD] Better support for scm sources.
Attached to Project:
Pacman
Opened by ezzetabi (ezzetabi) - Monday, 13 September 2010, 15:10 GMT
Last edited by Allan McRae (Allan) - Friday, 10 August 2012, 12:37 GMT
Opened by ezzetabi (ezzetabi) - Monday, 13 September 2010, 15:10 GMT
Last edited by Allan McRae (Allan) - Friday, 10 August 2012, 12:37 GMT
|
Details
At the moment makepkg gives no direct support for checking
and verifying sources downloaded in a different way than the
source array.
It is rather unfortunate; because it means that in many packages the -o options does not actually download the sources and there is no checksum to those files. My idea is: - the source array should list also source directories, - the PKGBUILD author might add a source() function that create and populate those directories. - the -g options should make an hash of the directory too, - makepkg should verify the hash when needed. I can patch makepkg if there is interest. How I would implement: - if the source function exists inside the PKGBUILD it is called during the download_sources() makepkg function, - the -g option calculates the hash of a directory hashing all the files concatenated + a list of the file names; so that new files; content changes and eventual renaming will change the hash (this will be added in the generate_checksum() makepkg function), - check_checksum() makepkg function would do the same and verify. What do you think? |
This task depends upon
Closed by Allan McRae (Allan)
Friday, 10 August 2012, 12:37 GMT
Reason for closing: Implemented
Additional comments about closing: https://projects.archlinux.org/pacman.gi t/commit/?id=024bc44a
Friday, 10 August 2012, 12:37 GMT
Reason for closing: Implemented
Additional comments about closing: https://projects.archlinux.org/pacman.gi t/commit/?id=024bc44a
*
FS#7816- get source from svn/Subversion URLs*
FS#8890- separate download and build stages for offline mode (cvs/svn PKGBUILDs)*
FS#13727- VCS packages, makedepends and output*
FS#15895- PKGBUILD git feature is systematically setting pkgver to today date, not date of the last commit*
FS#16384- Inconsistency of makepkg's activities in devel_check() for Mercurial*
FS#16872- the way VCS packages are handled is a mess*
FS#17872- makepkg with SVN depots that use self-signed certificates*
FS#19459- Integrated VCS checkout, update and revision selection*
FS#19476- Remove duplication of VCS downloads from PKGBUILDsSee http://wiki.archlinux.org/index.php/User:Allan/Makepkg_VCS_overhaul