[Dev] automated package repository linter and backlog
Andreas Grapentin
andreas at grapentin.org
Tue Apr 24 07:16:41 GMT 2018
On Mon, Apr 23, 2018 at 03:37:21PM -0400, Luke Shumaker wrote:
> Each package contains a .BUILDINFO file that (among other things) has
> a checksum of the PKGBUILD used to build it. (eg from zlib:
>
> pkgbuild_sha256sum = 6242863dcad3ae2fe4b53376fb53f608eaac915ffdd2baf1c3207b54b8ec2522
>
> It would be cool to have it check that the PKGBUILD in abslibre
> actually matches the one used to build the package.
I was not aware of this. I agree that this would be a useful check to
have; will add shortly :)
> Have you published the code anywhere?
Yes. The sources currently live on github:
https://github.com/oaken-source/parabola-repolint
However, I am going to create a repo on https://projects.parabola.nu too.
> dbscripts already includes a number of repo checks
> (`cron-jobs/integrity-check`, and `db-check-*`). However, we haven't
> been runing these regularly in quite a while. Any interest in
> incorporating/integrating with them?
I haven't checked those out yet, thanks for the tip. I'm sure they will
be useful.
Best,
-A
--
------------------------------------------------------------------------------
my GPG Public Key: https://files.grapentin.org/.gpg/public.key
------------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 484 bytes
Desc: not available
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20180424/b8a14676/attachment.sig>
More information about the Dev
mailing list