Re: What to do about github (dynamic) downloads

To: John Klos <john%ziaspace.com@localhost>
Subject: Re: What to do about github (dynamic) downloads
From: Taylor R Campbell <campbell+netbsd-tech-pkg%mumble.net@localhost>
Date: Mon, 7 Aug 2017 21:58:43 +0000

> Date: Mon, 7 Aug 2017 20:15:06 +0000 (UTC)
> From: John Klos <john%ziaspace.com@localhost>
> 
> It appears that github generates these on the fly and has decided to change 
> their method, seemingly arbitrarily, which makes checksums fail.
> 
> In the case of wip/bitcoin, the untargzipped files match the original 
> repository on which the checksums were calculated, according to mtree, but 
> the size of the file is now off by four bytes. The files from the actual 
> Bitcoin project haven't been touched since November.

If you've confirmed there is no difference in the content, is there a
problem with just updating the distinfo to reflect the change in the
tar format at Github?

Does Github unpredictably alternate how the file is generated, or did
it just change all at once at a definite time and now always use the
new version?

Also, does diffoscope reveal exactly what the difference is?  Might be
worthwhile to make sure there's nothing nefarious in the details of
the tar format that might, say, trigger a bug in some implementations.

Follow-Ups:
- Re: What to do about github (dynamic) downloads
  - From: Greg Troxel

References:
- What to do about github (dynamic) downloads
  - From: John Klos

Prev by Date: Re: What to do about github (dynamic) downloads
Next by Date: daily pkgsrc CVS update output
Previous by Thread: Re: What to do about github (dynamic) downloads
Next by Thread: Re: What to do about github (dynamic) downloads
Indexes:

Home | Main Index | Thread Index | Old Index