From adec98665fb8bcdf37fa25514df1f536e344e1a5 Mon Sep 17 00:00:00 2001 From: Max Bruckner Date: Sun, 22 Nov 2015 00:22:58 +0100 Subject: [PATCH] Replace md5sums with sha512sums as default in the documentation Presenting md5 as the default hash algorithm for creating new packages in the documentation it is much more likely that it will be used for new packages. By replacing it with sha512sums, packagers aren't tempted to use the broken md5 anymore. (note that the default output of makepkg -g is sha512sums=(...) if no file integrity line has been specified in the PKGBUILD) Signed-off-by: Max Bruckner --- doc/PKGBUILD-example.txt | 4 ++-- doc/PKGBUILD.5.txt | 14 +++++++------- doc/makepkg-template.1.txt | 2 +- proto/PKGBUILD-split.proto | 2 +- proto/PKGBUILD-vcs.proto | 2 +- proto/PKGBUILD.proto | 2 +- 6 files changed, 13 insertions(+), 13 deletions(-) diff --git a/doc/PKGBUILD-example.txt b/doc/PKGBUILD-example.txt index 910fd06..65b033f 100644 --- a/doc/PKGBUILD-example.txt +++ b/doc/PKGBUILD-example.txt @@ -12,8 +12,8 @@ depends=('glibc') makedepends=('ed') optdepends=('ed: for "patch -e" functionality') source=("ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz"{,.sig}) -md5sums=('e9ae5393426d3ad783a300a338c09b72' - 'SKIP') +sha512sums=('e10274bd59875d4ec5b02960d23f54e5b2a94ac19554c4a013fdb1df48f01012ce418627c74f7a6bd0a416527dd2ead347642878a057048ede9ee2d9c76a51b0' + 'SKIP') build() { cd "$srcdir/$pkgname-$pkgver" diff --git a/doc/PKGBUILD.5.txt b/doc/PKGBUILD.5.txt index 4ff3b02..f232a17 100644 --- a/doc/PKGBUILD.5.txt +++ b/doc/PKGBUILD.5.txt @@ -118,7 +118,7 @@ below). + Additional architecture-specific sources can be added by appending an underscore and the architecture name e.g., 'source_x86_64=()'. There must be a -corresponding integrity array with checksums, e.g. 'md5sums_x86_64=()'. +corresponding integrity array with checksums, e.g. 'sha512sums_x86_64=()'. + It is also possible to change the name of the downloaded file, which is helpful with weird URLs and for handling multiple source files with the same @@ -146,17 +146,17 @@ contain whitespace characters. listed here will not be extracted with the rest of the source files. This is useful for packages that use compressed data directly. -*md5sums (array)*:: - This array contains an MD5 hash for every source file specified in the +*sha512sums (array)*:: + This array contains an SHA512 hash for every source file specified in the source array (in the same order). makepkg will use this to verify source file integrity during subsequent builds. If 'SKIP' is put in the array in place of a normal hash, the integrity check for that source file will - be skipped. To easily generate md5sums, run ``makepkg -g >> PKGBUILD''. - If desired, move the md5sums line to an appropriate location. + be skipped. To easily generate sha512sums, run ``makepkg -g >> PKGBUILD''. + If desired, move the sha512sums line to an appropriate location. -*sha1sums, sha256sums, sha384sums, sha512sums (arrays)*:: +*sha1sums, sha256sums, sha384sums, md5sums (arrays)*:: Alternative integrity checks that makepkg supports; these all behave - similar to the md5sums option described above. To enable use and generation + similar to the sha512sums option described above. To enable use and generation of these checksums, be sure to set up the `INTEGRITY_CHECK` option in linkman:makepkg.conf[5]. diff --git a/doc/makepkg-template.1.txt b/doc/makepkg-template.1.txt index 99637d4..4888528 100644 --- a/doc/makepkg-template.1.txt +++ b/doc/makepkg-template.1.txt @@ -88,7 +88,7 @@ Example PKGBUILD license=('PerlArtistic' 'GPL') depends=('perl') source=("http://search.cpan.org/CPAN/authors/id/S/SH/SHERZODR/Config-Simple-${pkgver}.tar.gz") - md5sums=('f014aec54f0a1e2e880d317180fce502') + sha512sums=('cac7873a6c4bd220f52e5b1ef5bc8e640427c36689910b1610c6fd13b13d609dbe6947619f3255df45132672f700793fdefdffa0c2e0ee17a26084c4d05d0498') _distname="Config-Simple" # template start; name=perl-module; version=1.0; diff --git a/proto/PKGBUILD-split.proto b/proto/PKGBUILD-split.proto index 9898ef8..16334ca 100644 --- a/proto/PKGBUILD-split.proto +++ b/proto/PKGBUILD-split.proto @@ -28,7 +28,7 @@ changelog= source=("$pkgbase-$pkgver.tar.gz" "$pkgname-$pkgver.patch") noextract=() -md5sums=() +sha512sums=() validpgpkeys=() prepare() { diff --git a/proto/PKGBUILD-vcs.proto b/proto/PKGBUILD-vcs.proto index ae9956a..f2e14ac 100644 --- a/proto/PKGBUILD-vcs.proto +++ b/proto/PKGBUILD-vcs.proto @@ -25,7 +25,7 @@ options=() install= source=('FOLDER::VCS+URL#FRAGMENT') noextract=() -md5sums=('SKIP') +sha512sums=('SKIP') # Please refer to the 'USING VCS SOURCES' section of the PKGBUILD man page for # a description of each element in the source array. diff --git a/proto/PKGBUILD.proto b/proto/PKGBUILD.proto index a2c600d..6768dc7 100644 --- a/proto/PKGBUILD.proto +++ b/proto/PKGBUILD.proto @@ -27,7 +27,7 @@ changelog= source=("$pkgname-$pkgver.tar.gz" "$pkgname-$pkgver.patch") noextract=() -md5sums=() +sha512sums=() validpgpkeys=() prepare() { -- 2.6.2