|Re: [eigen] Providing non-tag downloads over BitBucket|
[ Thread Index |
| More lists.tuxfamily.org/eigen Archives
- To: eigen@xxxxxxxxxxxxxxxxxxx
- Subject: Re: [eigen] Providing non-tag downloads over BitBucket
- From: Benoit Jacob <jacob.benoit.1@xxxxxxxxx>
- Date: Sun, 1 Jan 2012 18:22:09 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=+BdQ90dXVLgQWDkLzt5m9m1/pfzgWyQ4f/2F0D2WZ/Y=; b=LKDdur7yCM1EHLkApZJrfwAL2xoWEKx9rv+lCsLO5q3VEOuTOBsu3Jf4MI7SkllnLU 5dnaFQa7n+pKPSdu+5vNlgqa1Uv9oN7X/N6DryJjB2P7Zpz3EgCaTn22mvvb35lE60Cu e8N9NJlCg+BHz5YRwP9LwKlWYuxIRda3ZVZq8=
2012/1/1 Raphael Kubo da Costa <rakuco@xxxxxxxxxxx>:
> Hi there,
> I package eigen on FreeBSD, and it has been reported that the current
> SHA256 sum of the 2.0.16 tarball provided by our port does not match the
> one from the actual download from BitBucket. Since we check the
> checksums before publishing an update, this means the tarball has
> changed since it was first published.
> Comparing FreeBSD's own copy of the 2.0.16 tarball 
How was it generated?
> with the one
> currently being provided by BitBucket , it looks like only the
> tarball name (and the directory inside it) have changed from
> eigen-eigen-2.0.16 to eigen-eigen-<hash of the commit which the tag
> points to>. diff shows no difference in the actual contents.
of course that's the case: tagging a changesets only modifies the
special hgtags file.
how is that a problem?
> As a packager, I would appreciate if Eigen started providing
> "real" download tarballs in the Downloads section in BitBucket (like
> other projects do) to prevent this kind of issue -- I guess tarballs
> which are not created automatically do not risk being changed by
That would incur more manual work when doing releases and would
increase our reliance on bitbucket, so we would need a good reason to
> and other mirrors
>  https://bitbucket.org/eigen/eigen/get/2.0.16.tar.bz2