On Thu 29 Oct 2009 14:40 +1000, Allan McRae wrote: > Jeff wrote: > >>Patch [1] extends the --skipinteg option allow the generation of > >>a source tarball without requiring the checking of the integrity > >>checks > > > >You've given the what, but what is the why? If the source integrity is > >flawed, then the generated source package is flawed. This seems like > >something that should be safeguarded against, IMO. > > I can come up with two use cases: > > 1) making a PKGBUILD for a snapshot release that is always accessible > from some sort of LATEST release directory symlink. Many projects > use something like that. That way the PKGBUILD does not need updated > every time a snapshot is release. While it may be argued that it is > better to use a svn/cvs/git/etc PKGBUILD, in many cases the snapshots > are generally sanity checked before release.
> 2) This happens to me occasionally. Someone sends me a PKGBUILD they > can not get working. I see an obvious error, fix it and send the > PKGBUILD back saying "try this" because I really do not want to > download the sources/dependencies to check myself. In both cases if you could omit checksums and makepkg could interpret that as "the packager doesn't really care about integrity, skip checks". It could print a warning, and you don't need another fancy flag.
