Ralf Corsepius wrote:
On 10/14/2009 09:55 AM, Nicolas Mailhot wrote:
Le Mer 14 octobre 2009 05:47, Chris Weyl a écrit :
On Mon, Oct 12, 2009 at 10:13 PM, Matthias
Clasen<mclasen@xxxxxxxxxx> wrote:
That part of the review guidelines has always struck me as bizarre.
After all, wouldn't it seem even better to compare the actual tarballs
with each other, byte-by-byte, than relying on a checksum ?
Um. An easily reproducible, cryptographically strong checksum? :)
This is one test I never do, nothing will stop the packager from
changing the
packaged archive as soon as the review is finished,
ACK.
so the whole thing is a
major waste of time for everyone involved IMHO
Agreed.
Sort of. I think of it as CYA for the reviewer. If something bad slips
in, at least it's documented that it was good when I checked it, and the
responsibility then falls on the packager.
(as is posting specs in
addition to SRPMs BTW.
Not agreed. Many packaging issues can be easily be found in specs,
without downloading with the actual *.src.rpm.
True. I always wget both, install the SRPM and diff the specs, and ask
about any differences if the packager goofed. Though I certainly see
your point, especially for extremely large pacakges, like games with
huge globs of data (i.e. wesnoth), etc.
Ralf
--
Fedora-packaging mailing list
Fedora-packaging@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-packaging
--
in your fear, seek only peace
in your fear, seek only love
-d. bowie
--
Fedora-packaging mailing list
Fedora-packaging@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-packaging
