Re: Bug#540215: Introduce dh_checksums
Harald Braumann <harry@unheit.net> writes:
> On Wed, Mar 10, 2010 at 03:32:14PM +0100, Wouter Verhelst wrote:
>>
>> Having package.checksums be GPG-signed will take a significant change in
>> our infrastructure (buildd hosts, for instance, would need to have a way
>> to sign checksums files as well), so it's not going to happen
>> tomorrow.
That can be avoided by including a hash of the checksum file in the
Packages files. That would be a relatively minor change in
apt-ftparchive.
MfG
Goswin
Reply to: