On Fri, Sep 09, 2011 at 02:24:37PM +0100, Klaus T. Aehlig wrote: > > > > The main problem with that is: we have no way to keep a valid sum of the > > distfiles if it is autogenerated (in particular with github) and this sum is > > really important. > > > With github this fortunately is a non-issue. Even though they autogenerate > their > tar balls, they keep enough information to make them reproduciable. Just try: > > /tmp>fetch https://github.com/Dieterbe/uzbl/tarball/2011.07.25 > 2011.07.25 100% of 143 kB 177 kBps > /tmp>sha256 2011.07.25 > SHA256 (2011.07.25) = > 2e61fa6c62e48d3f13e95a4ea7e7aead65345f6c88a688844ef921685dffe565 > /tmp>cat /usr/ports/www/uzbl/distinfo > SHA256 (uzbl-0.0.0.2011.07.25.tar.gz) = > 2e61fa6c62e48d3f13e95a4ea7e7aead65345f6c88a688844ef921685dffe565 > SIZE (uzbl-0.0.0.2011.07.25.tar.gz) = 146851 > /tmp> > > There still remain some minor issuses, like > > * due to autogeneration, you're quite likely to get a http-redirect, > * filenames like 2011.07.25 are not too suitable for a distfile. > > But they certainly can be fixed by an appropriate framework. The nice thing > is, > github does the autogeneration right. > > Best, > Klaus >
This is new because I already poke them about this in the past (more than a year ago and they clearly stated that they can't change that and that github people shouldn't use this for realease but should use the real download space of github) The issue opened about this seems to have disapear from github, maybe they change their mind regards, Bapt
pgpzmDDTJ4Neb.pgp
Description: PGP signature
