On 8/29/18 10:23 PM, Jelle van der Waa wrote: > Most of our PKGBUILDs svn propset's break reproducible builds and the > pkgbuild_sha256sum in the BUILDINFO file. When building a package before > commiting the PKGBUILD the propset $Id will differ since the $Id is set on > commit. > > This has a few implications, pkgbuild_sha256sum is useless and we can't > reproduce packages due to the BUILDINFO not matching. Also the reproduce tool > uses ASP to retrieve the PKGBUILD and therefore can't verify that it got the > correct PKGBUILD (it relies on pkgbuild_sha256sum). > > To resolve this issue we could simply remove the propset id's, since for > me, although not sure about others they don't seem particulary useful. > > The proof that the sha256sums's don't match: > > $ extra-x86_64-build > $ grep sha256 .BUILDINFO > pkgbuild_sha256sum = > 8748d60d2c782f477cb7e692a3dad30be90491cdc13fe8951340da4c0bc7f19e > $ $repopkg > > $ sha256sum PKGBUILD > d8ab51a983026dd4a6e2f48e9dc66177eca8cf6c1c0ffefb950b093db299e304 PKGBUILD > > # The git checkout > > [jelle@helium][/tmp/bar/community/python-psutil/trunk]%sha256sum PKGBUILD > ce7f1e68a3b426412a24f46016817d30721860c8ef6b3d0a2dddac8ff2448b84 PKGBUILD > > [jelle@helium][/tmp/bar/community/python-psutil/trunk]%diff PKGBUILD > /tmp/python-psutil/trunk/PKGBUILD > 1c1 > < # $Id$ > --- >> # $Id: PKGBUILD 375007 2018-08-28 17:24:26Z jelle $ >
I know there are some people who like them because $reason, but even with svn its not rocket science to get the last author. +1 from me because on top of your reason: - IMO such meta data belongs to the repo history and not the file content itself. - we will purge it anyway if we finally finish the transition to git cheers, Levente
signature.asc
Description: OpenPGP digital signature
