On 30/8/2025 03:52, Dave Allured - NOAA Affiliate via macports-dev wrote:
On Fri, Aug 29, 2025 at 11:43 AM Ryan Carsten Schmidt <[email protected] <mailto:[email protected]>> wrote:On Aug 29, 2025, at 11:01, Dave Allured - NOAA Affiliate wrote:What is the problem with just going back to rsync and hosting the uncompressed port tree? Then only the changed files would be downloaded for port sync. You could also offer a complete tarballavailable as an alternative, for new installs and full rebuilds. I feel like I am missing something here.We switched to using a tarball so that its integrity could be verified with a signature. https://github.com/macports/macports-base/ commit/476e4e15ff52ed1582cafa5d4be0476a6c05a5c1 <https://github.com/ macports/macports-base/commit/476e4e15ff52ed1582cafa5d4be0476a6c05a5c1>Yeah, that is a good reason. I suppose that signatures for individual port files is getting a bit too much?
It would be possible but would very likely make things slower instead of faster. All the patchfiles etc have to be verified as well. Deferring signature verification to time of use for each file could improve performance, but makes it very easy to forget to verify at all before using.
- Josh
