tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Why do local patches need checksums in distinfo files?

Hi, says:

> The distinfo file also contains the checksums for all the patches
> found in the patches directory (see Section 11.3, "patches/*").

I understand why the distfiles to be downloaded need to have
cryptographic checksums in a trusted place (the local distinfo file).
That is also explained in the pkgsrc guide.

But the same argument cannot hold for the local patches since these are
in a place as trustworthy as the distinfo file. Therefore I don't
understand why they need to have checksums after all.

Some background: I wanted to add an explanation to pkglint as to why the
patches need this checksum, but I couldn't think of one. Can anyone help
me here?


Home | Main Index | Thread Index | Old Index