On Fri, May 01, 2009 at 06:23:36PM -0700, Dan Price wrote: > On Fri 01 May 2009 at 06:13PM, [email protected] wrote: > > Hi Dan, > > > > On Fri, May 01, 2009 at 05:51:33PM -0700, Dan Price wrote: > > > > > > Please review these fixes: > > > > > > 8602 tidy top level of source directory > > > > > > This moves the "external" stuff like cherrypy, ply, etc. into a subdir, > > > and moves the smf stuff into a subdir. It deletes bump-server. > > > > > > 8603 build process should try to validate downloaded bits > > > > > > Should be self-explanatory, I chose to use sha256 hashes, and when we > > > go to py2.5 we should change from using 'digest' to hashlib. > > > > > > http://cr.opensolaris.org/~dp/pkg-src-cleanup/ > > > > The code changes look fine to me. I'm a little nervous about requiring > > a file hash for downloads where we're always requesting the version as > > latest. It seems like that might lead us to an involuntary hash failure > > if the upstream provider releases a new version and we don't have the > > hash. > > Oh-- I missed that we were downloading figleaf-latest. I can teach the > code to not hash that, or I can pick a version. Any opinions? figleaf > seems to be the only one in this predicament, and it's just a developer > tool, so maybe I'll just set FLHASH to "None" and make install_sw > understand None.
Well, it's an interesting question for me, since I'll be adding pycurl-7.19.0, but I currently ask for latest. In my case, I probably actually want to specify 7.19.0, since I need to apply patches that are dependent upon the code in that version. I suppose you could be more flexible with figleaf, since you're just building and install it as is, no? -j _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
