Re: Tracing where build time is spent

Eike Rathke <erack -AT- redhat.com>
Tue, 18 Feb 2020 23:52:03 +0100

Hi,

On Monday, 2020-02-17 19:06:23 +0100, Luboš Luňák wrote:

 And is there any worthwhile gain in insisting on using upstream tarballs?


Reliable checksums and reproducible packaging.

A responsible developer introducing a new tarball on the download server
a) checks it against the official checksum after download
b) creates the SHA256SUM of the file to use in download.lst

Any repacking invalidates that, specifically on a developer's machine
could introduce omissions or additions.

  Eike

-- 
GPG key 0x6A6CD5B765632D3A - 2265 D7F3 A7B0 95CC 3918  630B 6A6C D5B7 6563 2D3A

Attachment: signature.asc
Description: PGP signature

Context

Tracing where build time is spent · Luboš Luňák
- Re: Tracing where build time is spent · Noel Grandin
  - Re: Tracing where build time is spent · Luboš Luňák
    - Re: Tracing where build time is spent · Caolán McNamara
      - Re: Tracing where build time is spent · Luboš Luňák
        
        Re: Tracing where build time is spent · Eike Rathke
        
        Re: Tracing where build time is spent · Luboš Luňák
        
        Re: Tracing where build time is spent · Stephan Bergmann
        Re: Tracing where build time is spent · Luboš Luňák
- Re: Tracing where build time is spent · Stephan Bergmann
  - Re: Tracing where build time is spent · Mike Kaganski
- Re: Tracing where build time is spent · Michael Stahl
  - Re: Tracing where build time is spent · Stephan Bergmann
    - Re: Tracing where build time is spent · Luboš Luňák
  - Re: Tracing where build time is spent · Luboš Luňák
    - Re: Tracing where build time is spent · Michael Stahl

Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.