From mboxrd@z Thu Jan 1 00:00:00 1970 From: Thomas Petazzoni Date: Wed, 24 Apr 2019 21:54:18 +0200 Subject: [Buildroot] [PATCH 1/1] package/meson: bump to version 0.50.1 In-Reply-To: <20190424185857.55349-1-aduskett@gmail.com> References: <20190424185857.55349-1-aduskett@gmail.com> Message-ID: <20190424215418.31099575@windsurf> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: buildroot@busybox.net Hello Adam, On Wed, 24 Apr 2019 14:58:57 -0400 aduskett at gmail.com wrote: > diff --git a/package/meson/meson.hash b/package/meson/meson.hash > index fadef6df8a..c3964bc8a8 100644 > --- a/package/meson/meson.hash > +++ b/package/meson/meson.hash > @@ -1,4 +1,4 @@ > # Locally calculated after checking pgp signature > -# https://github.com/mesonbuild/meson/releases/download/0.49.2/meson-0.49.2.tar.gz.asc > -sha256 ef9f14326ec1e30d3ba1a26df0f92826ede5a79255ad723af78a2691c37109fd meson-0.49.2.tar.gz > +# https://github.com/mesonbuild/meson/releases/download/0.50.1/meson-0.50.1.tar.gz.asc > +sha256 e9f52047f26636ee512439c01755064656db5faecdd68e9af09dc772d829198c meson-0.50.1.tar.gz This hash was matching the tarball automatically generated by Github (which we download through the 'github' macro), which definitely doesn't match the GPG signature from the upstream developers. Instead, we should keep using the upstream-provided tarball, which does match the GPG signature. I fixed that and applied. Thanks! Thomas -- Thomas Petazzoni, CTO, Bootlin Embedded Linux and Kernel engineering https://bootlin.com