[Build-common-hackers] a WAF class for CDBS
Jonas Smedegaard
dr at jones.dk
Tue Dec 28 21:10:41 UTC 2010
On Tue, Dec 28, 2010 at 08:09:26PM +0100, Rémi Thebault wrote:
>> I think maybe it is too strong to unconditionally check. We should
>> permit our users to take off the "safety belt".
>
>OK. Will introduce a var DEB_WAF_SKIP_CHECKSUM.
Good.
>> Also, I think if we simply do checksum, it is of little help. What
>> indirectly we want to checksum is the _contents_ of that blob. So
>> really if we fail a build as "not properly checked for sanity" then
>> we should more clearly indicate what needs sanity checking - which
>> isn't looking at a hash, but instead is looking at some code and then
>> creating/storing a corresponding hash.
>>
>
>I don't get this. Do you expect a cdbs script to unpack the waf file (I
>don't know the format, but it is probably not so hard) and to checksum
>each file inside ?
Nah, not checksum each file separately - unless it turns out that it is
indeed helpful to track the contained files individually.
For now I "just" suggest to unpack the blob when failing, and emitting a
message to first check those files, then delete them and then apply the
magic checksum.
>> Then when good, this can be included in testsanity - conditional to
>> some variable which the user can then set if they find it sane to
>> trust upstream without this checksum.
>>
>> How does that sound?
>>
>
>Sounds good !
Great. Will you try do it?
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/build-common-hackers/attachments/20101228/f1ea2269/attachment-0001.pgp>
More information about the Build-common-hackers
mailing list