[CentOS] Checksums for git repo content?
Leonard den Ottolander
leonard at den.ottolander.nlThu Feb 9 20:55:07 UTC 2017
- Previous message: [CentOS] Checksums for git repo content?
- Next message: [CentOS] Latest CentOS-7 image on cloud.centos.org has incorrect checksum
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello Gordon, On Thu, 2017-02-09 at 12:38 -0800, Gordon Messmer wrote: > Git already has the protection you're looking for. As part of its core > design, git uses a hash chain to verify the integrity of its history. > Every change and every file is thus protected. It's impossible to > insert changes or to modify the history of the git repository in a way > that wouldn't be extremely visible to all users. > > If you check out a module using git, and fetch its external sources > using get_sources.sh, you can rest assured that every file used to build > an RPM has been hashed and verified. Alright, understood. Only the sources downloaded with get_sources.sh need a checksum then. Which are the ones in <package>.metadata. Thanks for clearing this up and sorry Johnny for the fuzz :) . Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research
- Previous message: [CentOS] Checksums for git repo content?
- Next message: [CentOS] Latest CentOS-7 image on cloud.centos.org has incorrect checksum
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list