Re: On adding size info to Packages files [very long]
Manoj Srivastava <firstname.lastname@example.org> writes:
> Well, now all we have to do is decide how this information
> should be gathered. Does the package maintainer stick it into the deb
> file? Should one upload the file separately (possibly modifying
> dpkg-genchanges to also pgp stamp the sizes file, though I think a
> hacked sizes file is not a major security breach, as long as the
> package itself is intact).
> If we go with a separate file kernel-package_4.08-1_i386.sizes.gz;
> then all we need is a modified dupload, and a modification of Guys
> script to handle the sizes file, even stashing it some place on the
> archive (debian/dists/unstable/sizes-i386/misc/kernel-package_4.08-1.gz)
> though that location maybe suboptimal cause of the mirrors. dinsall
> can just zcat the files sa needed.
The size file should be generated by the server. Here are the reasons:
1. The upload should be unpacked to check if the gz is not
corrupted. (Far to often some Package is broken)
2. The du indexes should be gathered and pipe into one file to gain
far better compression.
3. Maintainer will forget to include a du index or have different
The Server should hold a unpacked Version of each Package's du index
and after processing all uploads it should combine and pack them.
May the Source be with you.
To UNSUBSCRIBE, email to email@example.com
with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org