Verify package integrity of downloaded prerequisites (partially fixes 61439)
Mike Stump
mrs@mrs.kithrup.com
Wed Sep 14 21:49:00 GMT 2016
On Sep 14, 2016, at 1:19 PM, Moritz Klammler <moritz@klammler.eu> wrote:
>
> Joseph Myers <joseph@codesourcery.com> writes:
>
>> On Wed, 14 Sep 2016, Moritz Klammler wrote:
>>
>>> Ok, I didn't know about the workflow. Do you think I should dike the
>>> `--strip-sums` option out again then?
>>
>> I don't see any use for such an option. Anyone changing the versions
>> should always have a copy of the new tarball (obtained securely if
>> possible) and should determine the sums from that.
>
> Alright, below then without the option again.
>
> Btw, how frequently am I supposed to post revisions of my patch to this
> list?
Feel free to address all reasonable concerns raised, and then post.
> Is it considered okay to do it immediately
Yes, as long as you address all the concerns you plan to address. Before that point and it is usually premature.
> And should I also attach a "diff of the diffs" or will those interested be happy to
> produce it themselves?
No diffs of diffs please. You should just regenerate the entire patch and include it in a email as you discuss each point raised and the outcome of those points.
More information about the Gcc-patches
mailing list