On Mon, Jul 28, 2014 at 11:02:53PM +0200, Evgeny Kapun wrote: > My suggestion is that downloading files in a secure manner is hard, and > maintainer scripts probably shouldn't be doing it.
On Tue, Jul 29, 2014 at 09:27:34AM +0300, Henri Salo wrote: > Do you have an alternative solution? Maybe this could be extracted directly to > source package and updated with an script? Just to clarify both points above, if it's not clear from the discussion on the upstream bug: the current situation is not intended, it's just an accident resulting from the fact that upstream doesn't (yet) support an offline mode, and changes in the upstream behaviour resulted in our pre-unpacked files being ignored. Rest assured, this will get fixed, one way (better upstream support) or another (us patching upstream code so that it never downloads + pre-shipping). regards, iustin
signature.asc
Description: Digital signature