svn commit: r399654 - head/astro/gpstk
Alexey Dokuchaev
danfe at FreeBSD.org
Mon Oct 19 10:58:17 UTC 2015
On Mon, Oct 19, 2015 at 09:40:29PM +1100, Kubilay Kocak wrote:
> On 19/10/2015 9:34 PM, Alexey Dokuchaev wrote:
> >> New Revision: 399654
> >> > URL: https://svnweb.freebsd.org/changeset/ports/399654
> >> >
> >> > Log:
> >> > astro/gpstk: Fix distinfo, Mark Unbroken
> >
> > It should'be been mentioned that submitter (previous maintainer) had
> > verified the contents of the old and new tarballs, as he explained in
> > the PR. Excerpt from it required to be part of the commit log.
>
> I don't understand? It 'shouldnt' be mentioned, but I didn't mention it,
> or did you mean I 'should' have mentioned it? If so, understood.
I mean, whenever distinfo is updated due to distfile reroll, it should be
reflected in the commit log that contents of the old and new tarballs were
compared and no malicious changes found. This was done by the submitter
and mentioned in the PR, but did not make in the commit log.
Section 12.17 of PHB talks about it, but surprisingly it says "in the PR or
commit log" while verificaion should always be reflected in the log (it was
always this way AFAIR).
> > I'd suggest asking upstream to properly roll their joints^Wtarballs
> > next time they decide to make a release (that is, without .git metainfo).
>
> That would be lovely.
If you're in contact with submitter via email you can give his this idea. :)
Otherwise, leaving a comment in bugzilla with this suggestion is probably
enough.
./danfe
More information about the svn-ports-all
mailing list