Community Packages

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#45357 - [pass] package should use official sources.

Attached to Project: Community Packages
Opened by Jon Gjengset (Jonhoo) - Tuesday, 16 June 2015, 22:32 GMT
Last edited by Bartłomiej Piotrowski (Barthalion) - Thursday, 18 June 2015, 05:00 GMT
Task Type General Gripe
Category Packages
Status Closed
Assigned To Lukas Fleischer (lfleischer)
Bartłomiej Piotrowski (Barthalion)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
The PKGBUILD for 1.6.5-2 changed the source from http://git.zx2c4.com/password-store/snapshot/password-store-${pkgver}.tar.xz to https://github.com/zx2c4/password-store/archive/${pkgver}.tar.gz. The official upstream release channel is the former, not the latter, and is the one that should be used. This is explicitly mentioned in the GitHub repository description: "Master source: http://git.zx2c4.com/password-store/";
This task depends upon

Closed by  Bartłomiej Piotrowski (Barthalion)
Thursday, 18 June 2015, 05:00 GMT
Reason for closing:  Not a bug
Additional comments about closing:  …but fixed in trunk. A few hours before re-opening the non-issue.
Comment by Johannes Löthberg (demize) - Wednesday, 17 June 2015, 10:41 GMT
I think the issue with the former is that it's cgit that generates the tarballs on-demand so the checksums change all the time.
Comment by Jon Gjengset (Jonhoo) - Thursday, 18 June 2015, 01:44 GMT
  • Field changed: Percent Complete (100% → 0%)
You are correct, it is not a bug. However, it is filed as a "General Gripe", which is definitely is.

It is also not true that cgit changes the checksum all the time:

$ curl -s http://git.zx2c4.com/password-store/snapshot/password-store-1.6.5.tar.xz | sha256sum
337a39767e6a8e69b2bcc549f27ff3915efacea57e5334c6068fcb72331d7315 -
$ curl -s http://git.zx2c4.com/password-store/snapshot/password-store-1.6.5.tar.xz | sha256sum
337a39767e6a8e69b2bcc549f27ff3915efacea57e5334c6068fcb72331d7315 -
$ curl -s http://git.zx2c4.com/password-store/snapshot/password-store-1.6.5.tar.xz | sha256sum
337a39767e6a8e69b2bcc549f27ff3915efacea57e5334c6068fcb72331d7315 -
$ curl -s http://git.zx2c4.com/password-store/snapshot/password-store-1.6.5.tar.xz | sha256sum
337a39767e6a8e69b2bcc549f27ff3915efacea57e5334c6068fcb72331d7315 -
$ curl -s http://git.zx2c4.com/password-store/snapshot/password-store-1.6.5.tar.xz | sha256sum
337a39767e6a8e69b2bcc549f27ff3915efacea57e5334c6068fcb72331d7315 -

So this can, and should, be fixed.
Comment by Bartłomiej Piotrowski (Barthalion) - Thursday, 18 June 2015, 04:59 GMT
And already is. Still not a bug.

Loading...