Re: Tracing where build time is spent

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

On Monday, 2020-02-17 19:06:23 +0100, Luboš Luňák wrote:

>  And is there any worthwhile gain in insisting on using upstream tarballs? 

Reliable checksums and reproducible packaging.

A responsible developer introducing a new tarball on the download server
a) checks it against the official checksum after download
b) creates the SHA256SUM of the file to use in download.lst

Any repacking invalidates that, specifically on a developer's machine
could introduce omissions or additions.

  Eike

-- 
GPG key 0x6A6CD5B765632D3A - 2265 D7F3 A7B0 95CC 3918  630B 6A6C D5B7 6563 2D3A

Attachment: signature.asc
Description: PGP signature

_______________________________________________
LibreOffice mailing list
LibreOffice@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/libreoffice

[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux