Re: Bug#39299: PROPOSAL] permit/require use of bz2 for source packages
On Thu, Jun 10, 1999 at 11:13:23PM -0500, Manoj Srivastava wrote:
>
> Branden> As said elsewhere, I think a source package can be regarded
> Branden> as "pristine" if it is md5-identical with the upstream
> Branden> version in *uncompressed* form.
>
> I disagree. I have sources, and md5sums, or pgp signatures,
> that are signed by the author. Anything that changes the md5sum of
> the file and makes it impossible for me to check against the original
> signature is not pristine.
That's not 100% sane. Any upstream author who cares should at least
provide an additional md5sum for the uncompressed tar file. (For example, it
happens that netscape decompresses a *.gz file you d/l.)
Ideally, you would provide md5sums for each file in the archive.
However, my personal opinion is that it would be quite sufficient to allow
(not require) bz2 sources. I also think it is a good idea, not for CD
limitation but for bandwidth/data storage consideration _in general_.
(for example, I have shorter download times overmy modem or can put more on
a single ZIP drive).
I think everyone can agree on the compromise to provide bz2/gz sources as
equal alternatives, can't we?
Thanks,
Marcus
--
`Rhubarb is no Egyptian god.' Debian http://www.debian.org finger brinkmd@
Marcus Brinkmann GNU http://www.gnu.org master.debian.org
Marcus.Brinkmann@ruhr-uni-bochum.de for public PGP Key
http://homepage.ruhr-uni-bochum.de/Marcus.Brinkmann/ PGP Key ID 36E7CD09
Reply to: