On Tue 2019-10-22 19:15:51 +0200, Thomas Schmitt wrote: > Daniel Kahn Gillmor wrote: >> I would even posit that temporarily breaking jigdo would be better than >> keeping this additional bandwidth cost in play. > > To my knowledge, jigdo is the only way to get full DVD sets or any BD sized > installation ISO from > https://cdimage.debian.org/cdimage/release/current/amd64/
I understand what you're saying (though i haven't used optical media to install debian in over a decade). If jigdo would use the SHA256sum entries instead of the MD5 entries when it is doing ISO assembly, then everyone could still fetch full DVD sets or BD sized installation ISOs, without every single debian user expending the extra 13% bandwidth on fetching the Packages file when they "apt get update". AFAICT, jigdo's last maintenance release (debian version) was nearly two years ago. The last upsteam release (0.7.3) was produced in 2006. Its homepage is http://atterer.org/jigdo/devel.html , which was last updated in 2010, and points to a CVS server i cannot access. Its debian packaging doesn't have a Vcs-* field (though i've just created https://salsa.debian.org/debian/jigdo and uploaded what i could get from "gbp import-dscs --pristine-tar --debsnap" to it). This looks like it might be a moribund software project, and it should not be holding back the rest of the project from making other improvements. Making the Packages file smaller is a concrete advantage for every debian user. Do you have any suggestions to offer to make jigdo work using a modern cryptographic digest? --dkg
signature.asc
Description: PGP signature
