Thinking further about this, do we actually need something really fancy as
special tag?
For example, it is quite easy to check if the checksums in the dist-git sources
file are correct during `rpmbuild -bs`. It is enough to put `%(sha512sum -c
sources)` somewhere into specfile preamble. If the checksums are not correct
then the `rpmbuild -bs` fails.
Looking at [Verifying
Signatures](https://docs.fedoraproject.org/en-US/packaging-guidelines/#_verifying_signatures)
Fedora guidelines, I actually wonder, why the check is done in `%prep`. Maybe
something like this macro should be placed right bellow the sources in preamble.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/463#issuecomment-603108934
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint