[Fedora-packaging] Pulling with bzr to create source tarballs.
Jeff Spaleta
jspaleta at gmail.com
Sat May 5 03:30:14 UTC 2007
Good Morning Campers,
It appears that pulling from bzr to produce a source tarball can not
be done in a way that preserves file timestamps. This makes it
impossible to easily verify the md5sum of a tarball created this way.
The review guidance implies that that a comment block in the spec file
needs to provide enough information to recreate and verify such a
tarball. Unfortunately for bzr, the verification of the tarball will
always fail due to the timestamp issue.
As a workaround, i suggest that for tarballs built from a bzr export
that the spec file include a note that the contents of the tarball
must be verified individually, and that a note concerning bzr's
inability to preserve timestamps (and the dire consequences of that)
be added to the code control related review guidance.
For reference see the discussion in:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235191
I have manually verified that the contents of the included source1
tarball match the files
pulled from call to bzr in the specfile comment block.
and for bzr's plan for timestamps:
https://blueprints.launchpad.net/bzr/+spec/export-original-timestamps
-jef"why am i not drinking tequila right now?"spaleta
More information about the packaging
mailing list