Baptiste Jonglez <g...@bitsofnetworks.org> wrote:
> When calling a download target, hash verification is now
> completely skipped if the SKIPHASH variable is set.
>
> This allows to easily bump package version:
>
> # Update PKG_VERSION in the package Makefile
> $ make package/<mypackage>/download SKIPHASH=1 V=s
> $ make package/<mypackage>/check FIXUP=1 V=s
>
> This will download the new version of the package, and then
> automatically update PKG_HASH with the hash of the new version.
> Of course, it is still the responsibility of the packager to
> ensure that the new tarball is legitimate, because it is
> downloaded from a possibly untrusted source.
>
> Fixes: b30ba14e ("scripts/download.pl: fail loudly if provided
> hash is unsupported") Signed-off-by: Baptiste Jonglez
> <g...@bitsofnetworks.org>Until/if your new documentation project takes off, please consider adding this to the "how to package" doc pages. none of these extra magical parameters are discoverable in any way right now.
signature.html
Description: OpenPGP Digital Signature
_______________________________________________ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
