Garrett Holmstrom wrote:
The main review guidelines page [1] specifically requires that one
use
md5sum to compare packages' tarballs against those from upstream. Is it
necessary to require a specific algorithm? If so, should it still be
MD5 in this day and age?
Why use checksums at all when diff works just fine?
Björn Persson