Re: md5sums files

To: debian-devel@lists.debian.org
Subject: Re: md5sums files
From: Harald Braumann <harry@unheit.net>
Date: Thu, 4 Mar 2010 01:20:53 +0100
Message-id: <[🔎] 20100304002053.GB16481@nn.nn>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20100303234126.GH18278@p12n.org>
References: <[🔎] 20100303020620.GA17083@celtic.nixsys.be> <[🔎] 20100303160510.GF18278@p12n.org> <[🔎] 20100303191810.GE13644@radis.liafa.jussieu.fr> <[🔎] 20100303200201.GG18278@p12n.org> <[🔎] 20100303204038.GE11984@nn.nn> <[🔎] 20100303234126.GH18278@p12n.org>

On Wed, Mar 03, 2010 at 05:41:26PM -0600, Peter Samuelson wrote:
> 
> [Harald Braumann]
> > > Given a .deb, turning the data.tar.gz into foo.md5sums is a SMOP.
> > > This could be before, during, or after the deb is unpacked.
> 
> > If you create the hashes at unpack time, you don't catch errors that
> > happen during unpack.
> 
> You mean errors reading the data.tar.gz file?  That is what the gzip
> checksum is for, as I said later in my email.

Errors writing a file. 

If there should be support in the future for signing hash files, then
creating them would have to be done at package creation time anyway. 

Also, I think, that it is in general better to have as much complexity
as possible in the package builder and make the client tools as dumb
as possible.

harry

Reply to:

Follow-Ups:
- Re: md5sums files
  - From: Peter Samuelson <peter@p12n.org>

References:
- md5sums files
  - From: Wouter Verhelst <wouter@debian.org>
- Re: md5sums files
  - From: Peter Samuelson <peter@p12n.org>
- Re: md5sums files
  - From: Julien Cristau <jcristau@debian.org>
- Re: md5sums files
  - From: Peter Samuelson <peter@p12n.org>
- Re: md5sums files
  - From: Harald Braumann <harry@unheit.net>
- Re: md5sums files
  - From: Peter Samuelson <peter@p12n.org>

Prev by Date: Re: md5sums files
Next by Date: Re: Removing the manpage requirement for GUI programs?
Previous by thread: Re: md5sums files
Next by thread: Re: md5sums files
Index(es):
- Date
- Thread