cvs commit: ports/math/dislin distinfo-6.0 distinfo-7.0
pkg-plist
Peter Jeremy
peter at vk2pj.dyndns.org
Wed Jun 2 07:56:09 UTC 2010
On 2010-May-29 19:38:20 -0300, Sylvio César <scjamorim at bsd.com.br> wrote:
>2010/5/29 Alexey Dokuchaev <danfe at freebsd.org>:
>> On Sat, May 29, 2010 at 04:22:21PM +0000, Sylvio Cesar Teixeira wrote:
>>> sylvio 2010-05-29 16:22:21 UTC
>>>
>>> FreeBSD ports repository
>>>
>>> Modified files:
>>> math/dislin distinfo-6.0 distinfo-7.0 pkg-plist
>>> Log:
>>> - Tarball rerolled
>>
>> I've noticed several commits similar to this one about with port; which
>> brings us to the following questions:
>>
>> - Did you verified the changes?
>
>Yes, the pkg-plist update too to this port.
I think you may have misunderstood the issue. The Project's concern
with rerolled distfiles is that they may contain unuathorised (and
potentially malicious) changes to the content. In order to guard
against that, it is expected that before committing an update to the
distinfo file, the committer will diff both the old and new distfiles
and verify that any changes are not harmful.
--
Peter Jeremy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/cvs-all/attachments/20100602/06d3912f/attachment.pgp
More information about the cvs-all
mailing list