On Thu, Mar 04, 2010 at 11:00:45PM +0100, Stefano Zacchiroli wrote: > Package: debian-policy > Severity: wishlist > Version: 3.8.4.0 > > [ For the full context, see the -devel thread starting at > http://lists.debian.org/debian-devel/2010/03/msg00038.html ] > > On Thu, Mar 04, 2010 at 01:12:26PM -0800, Russ Allbery wrote: > > > Russ, while we are at it, would you mind a bug report on the policy to > > > suggest (starting at SHOULD?) to store md5sums in packages? > > > > Not that I've had any time to work on Policy (or Lintian) in the last > > month, but that does seem reasonable to me. It seems to be a widespread > > best practice already, and a lot of people are turning up in this thread > > to say that they find it useful. > > Here we go. > > Currently, packages ships file checksums which are computed at package > build time by the means of dh_md5sums (usually), and stored under > /var/lib/dpkg/info/*md5sums. Several people find those checksums > useful, mostly for file corruption detection a-la CRC. > > Empirical tests show that the archive coverage is pretty good, most > packages seem to ship those checksums. > > Hence, there is a desire to turn a similar feature into, for start, a > SHOULD requirement, meant to become a MUST later on.
If we are moving that way, maybe it would make sense for the checksums to be generated by dpkg-buildpackage. Cheers, -- Bill. <ballo...@debian.org> Imagine a large red swirl here. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
