[Slackbuilds-users] How to get source hostet?

Pierre Cazenave pwcazenave at gmail.com
Mon Jun 27 09:45:18 UTC 2011



On 27/06/2011 10:23, Eric Pratt wrote:
> 2011/6/27 Ozan Türkyılmaz<ozan.turkyilmaz at gmail.com>:
>> 2011/6/27 Chris<chrisretusn at bluehome.net>:
>>> Why not just add to the SlackBuilds script source checkout and
>>> tarball creation.
>>
>> That's a big NO-NO
>
> Not trying to be a jerk here, but I'm really curious about why this
> is a NO-NO.
>
> Since you can check out by date or revision number, you can get the
> same revision for the slackbuild each time.  Of course, you could
> check for the presence of the tarball first and if it's not there,
> check out the revision.  If you have to check out, recursively
> remove the .svn directories, tarball it, and take an MD5 sum of the
> tarball. The slackbuild could read the .info file and compare the MD5
> sum in the .info file with the MD5 sum of the tarball you just
> created.  (Not quite sure why MD5 validation code isn't already
> required in all slackbuilds anyway.)  If you want this check to be
> optional, then enable it via variable before running the slackbuild,
> like MD5VERIFY="Yes" or something like that.
>
> So we add a few lines to a pretty standard slackbuild to get the
> tarball and MD5 sum.  Once that's done, we're back to standard
> slackbuild territory.  This seems like a perfectly reasonable way to
> handle this and avoids hosting home-brewed tarballs.
>
> Eric _______________________________________________
> SlackBuilds-users mailing list SlackBuilds-users at slackbuilds.org
> http://lists.slackbuilds.org/mailman/listinfo/slackbuilds-users
> Archives - http://lists.slackbuilds.org/pipermail/slackbuilds-users/
> FAQ - http://slackbuilds.org/faq/
>

If you want this level of automation of checking md5sums, gpg keys etc. 
then sbopkg does a wonderful job of that.

Keeping the scripts simple makes them easier to maintain and verify (the 
admins do seem to be busy enough as it is!) and easier to spot errors.

There are a few scripts in the repository that have "difficult" sources. 
For example, the TrueCrypt project doesn't make its source available 
with a static link, and as such the DOWNLOAD variable in the .info file 
merely points to the page from which the source can be downloaded.

Pierre


More information about the SlackBuilds-users mailing list