[Exherbo-dev] [Exherbo Security] Package Distfile Signing Proposal

David Leverton levertond at googlemail.com
Thu May 10 18:53:33 UTC 2012


Ciaran McCreesh wrote:
> Incidentally, if this syntax is taken (which in turn means it can't be
> created by a tool, which in turn means some people are going to hate
> you), it's better done as an annotations on DOWNLOADS than as a new
> variable.

I've vaguely contemplated the idea of making the digest tool generate a 
per-package checksums.exlib, which would have the checksums for all 
distfiles for that package and code to walk through DOWNLOADS and add 
them as annotations (or more likely, a call to a built-in or global 
exlib function to do so).  But that's probably horrible....



More information about the Exherbo-dev mailing list