On 5/30/19 2:38 PM, Chris Murphy wrote:
On Thu, May 30, 2019 at 3:31 PM Samuel Sieb <sam...@sieb.net> wrote:
On 5/30/19 1:56 PM, Chris Murphy wrote:
I have no idea how deltarpm works, but if working on bit level
difference on uncompressed data, I don't see why local rebuild needs
to use the same compression level as the Fedora build system. If it's
working on compressed data, well I'm not sure how that works, in
particular if pixz is used which gives non-reproducible results.
I was going to suggest earlier that deltarpm could use a faster
compression when repacking. But then I realized that the result has to
be be bit-exact with the original so the package signing is still intact.
Package signing happens after compression? Compression is an
optimization, in no way does it affect the validity of the payload.
My understanding is that the signature is calculated over the compressed
payload. (I couldn't find any clear documentation on it with a quick
search.) I see that would make it simpler and somewhat quicker to
verify, but it does cause problems with things like deltarpm and
recompressing packages.
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
