Re: Announcing summershum

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dne 12.2.2014 09:46, Pierre-Yves Chibon napsal(a):
Good morning everyone,

As you know Ralph and I went to DevConf last week-end, and of course, what
happens when you put two hackers in the same room? Well they go crazy and start
hacking... The result of this is summershum.

The idea originates from a discussion between Mickael Scherrer, Ralph and I on
Friday evening. Could we track all the files in every packages in the
distribution?

Ideally, this would allow us to investigate questions like:
 - How many copies of the GPL license are shipped?
 - How many GPL license still ship the old FSF address?
 - How many copies of jquery or md5.c?
 - How many files changed between two releases?

So Ralph and I wrote summershum, it's a simple database storing for each file in
each package:
 - the packages name
 - the filename
 - the sha1sum of the file
 - the tarball name
 - the md5sum of the tarball

I don't think we should use md5sum. It is disabled by default in recent OpenSSL if I am not mistaken.


Vít

 - a creation date

Next to the database is a fedmsg consumer that for each new upload on the
lookaside cache, download the new tarball, extracts it and fills the database
with the sha1sum of every file found.

There is a RFE opened on the project to store the same information for the
binary/rpm themselves. This would work for each successful build on koji.

The project is currently at: https://github.com/ralphbean/summershum
It comes with a summershum-cli which fills the database using datagrepper to
retrieve the recent uploads to the lookaside cache and load them in the
database.

I think the current state is good enough to start deploying it but we wanted to
announce/discuss about it before taking any further action.


So, what do you think?


Cheers,
Pierre


_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure

_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure

[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux