[Dehs-devel] fingerprint check against upstream
Yves-Alexis Perez
corsac at debian.org
Tue Mar 15 19:45:38 UTC 2011
Hey,
do you think it'd be a sensible idea to check for upstream checksums
(using the watchfile and some common filenames like MD5SUMS, SHA1SUMs
etc.) and report something if the orig.tar.gz doesn't match upstream's?
In most case the two should be identical, and maybe it'd be possible to
not report an error when the tarball is obviously dfsg-ised.
Regards,
--
Yves-Alexis
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/dehs-devel/attachments/20110315/964d2d10/attachment.pgp>
More information about the Dehs-devel
mailing list