[Dev] automated package repository linter and backlog

Andreas Grapentin andreas at grapentin.org
Tue Apr 24 07:16:41 GMT 2018

On Mon, Apr 23, 2018 at 03:37:21PM -0400, Luke Shumaker wrote:
> Each package contains a .BUILDINFO file that (among other things) has
> a checksum of the PKGBUILD used to build it.  (eg from zlib:
> 	pkgbuild_sha256sum = 6242863dcad3ae2fe4b53376fb53f608eaac915ffdd2baf1c3207b54b8ec2522
> It would be cool to have it check that the PKGBUILD in abslibre
> actually matches the one used to build the package.

I was not aware of this. I agree that this would be a useful check to
have; will add shortly :)

> Have you published the code anywhere?

Yes. The sources currently live on github:

However, I am going to create a repo on https://projects.parabola.nu too.

> dbscripts already includes a number of repo checks
> (`cron-jobs/integrity-check`, and `db-check-*`).  However, we haven't
> been runing these regularly in quite a while.  Any interest in
> incorporating/integrating with them?

I haven't checked those out yet, thanks for the tip. I'm sure they will
be useful.



my GPG Public Key:                 https://files.grapentin.org/.gpg/public.key
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 484 bytes
Desc: not available
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20180424/b8a14676/attachment.sig>

More information about the Dev mailing list