[141139] trunk/base/src/port1.0/portchecksum.tcl
Daniel J. Luke
dluke at geeklair.net
Sun Oct 11 13:25:49 PDT 2015
+1
If we really want to encourage people to stop using the weak hashes, we could print a warning if any of them are in the output.
> On Oct 11, 2015, at 4:12 PM, Joshua Root <jmr at macports.org> wrote:
> How about this:
>
> * If the checksums specified in the Portfile include sha256, just print
> out the actual values for those checksum types.
>
> * If not, add sha256 to the list when printing out the actual values.
>
> After all there's no harm in using weak hashes in addition to good ones.
>
> - Josh
>
> On 2015-10-12 07:02 , Joshua Root wrote:
>> Yes, and I seem to remember having this conversation once before... :)
>>
>> On 2015-10-12 05:06 , Daniel J. Luke wrote:
>>> it’s really useful for the case when upstream publishes a checksum (that’s not one of our default ‘good’ ones) when the output includes the checksums that are in the portfile.
>>>
>>>> On Oct 11, 2015, at 1:34 PM, jeremyhu at macports.org wrote:
>>>> Use $default_checksum_types for handy copy/paste output on checksum failure
>>>>
>>>> This should help adoption of better, more robust hashing algorithms.
—
Daniel J. Luke
+========================================================+
| *---------------- dluke at geeklair.net ----------------* |
| *-------------- http://www.geeklair.net -------------* |
+========================================================+
| Opinions expressed are mine and do not necessarily |
| reflect the opinions of my employer. |
+========================================================+
More information about the macports-dev
mailing list