[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: proper way to package mozilla extensions



> >1. There are two possible packaging schemes
> > a. Keep only original .xpi in the .orig.tar.gz, and extract/dpatch it
> >    at build time.
> > b. Keep unzipped .xpi in .orig.tar.gz.
> > I was going the b. way but now I think that keeping original .xpi
> > would be better
> I'm no DD, but I would say (a) is nicer because then a checksum can be verified more easily.
:-) Actually this is the only way the checksum can be verified ;-) as
soon as you extract it, there is no way (besides downloading xpi,
extracting and md5suming all the files) to verify the authenticity of
upstream release.

This is what I think and that is why I would like to move over keeping
original .xpi. And the question is did anyone done it proper way to
automate it with uscan + svn-upgrade... :-)

-- 
                                  .-.
=------------------------------   /v\  ----------------------------=
Keep in touch                    // \\     (yoh@|www.)onerussian.com
Yaroslav Halchenko              /(   )\               ICQ#: 60653192
                   Linux User    ^^-^^    [175555]


Attachment: pgp9g1XkeeTlI.pgp
Description: PGP signature


Reply to: