From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5DC17C433F5 for ; Mon, 17 Jan 2022 10:32:28 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id EFE384033C; Mon, 17 Jan 2022 10:32:27 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s5T0l_THSaWk; Mon, 17 Jan 2022 10:32:27 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp4.osuosl.org (Postfix) with ESMTP id 44EB34032D; Mon, 17 Jan 2022 10:32:26 +0000 (UTC) Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by ash.osuosl.org (Postfix) with ESMTP id F348C1BF3D7 for ; Mon, 17 Jan 2022 10:32:24 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id DFAF94032D for ; Mon, 17 Jan 2022 10:32:24 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xlLT47Nhyc5y for ; Mon, 17 Jan 2022 10:32:24 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from smtp2-g21.free.fr (smtp2-g21.free.fr [212.27.42.2]) by smtp4.osuosl.org (Postfix) with ESMTPS id 14DAF4030C for ; Mon, 17 Jan 2022 10:32:23 +0000 (UTC) Received: from ymorin.is-a-geek.org (unknown [IPv6:2a01:cb19:8b51:cb00:3413:1d36:355:a22c]) (Authenticated sender: yann.morin.1998@free.fr) by smtp2-g21.free.fr (Postfix) with ESMTPSA id 2089C2003D6; Mon, 17 Jan 2022 11:32:19 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=free.fr; s=smtp-20201208; t=1642415542; bh=Z8tUeX3hyw83E0cE9Hd/VwqJDD37QV9wdCH3su/Por4=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Y5fH2IsuXFCXtiw4vh3YdHZWvmCMU72yERUp0sbOLKShZeDTZTk92Ya9Kre25wB6D lfRie53LEBReRDA7f5Fs5Z1udfDGjf87/mTMmpeBSuu1OQ0XHy5yj5nCDCC+I11fNW HI//JW1M9UNRJAOjwBxWaT/QkVOj/bAyqFom2ffk2IXltY6v8lezoS4PhrM1kIxn/e 9MYYUSSZWcBiJctAqL+lCco4u89NV4cXB0Q64PhdWqhsNxinosoks6yvwsgsLHqPDL yTTOXmDbwObs7b3po5aJv3ev49H20tH4BlZG0cbg93FFMiz198+bI4zK+Zec4clReg Ik1F4w5QWMWUg== Received: by ymorin.is-a-geek.org (sSMTP sendmail emulation); Mon, 17 Jan 2022 11:32:18 +0100 Date: Mon, 17 Jan 2022 11:32:18 +0100 From: "Yann E. MORIN" To: Danilo Bargen Message-ID: <20220117103218.GD2313964@scaer> References: <20220116230404.71f68dbb@c3po> <20220116233758.59918490@c3po> <20220117101705.GB2313964@scaer> <1ae38367-2e5c-20c7-0ba1-ebaff05cf8e7@dbrgn.ch> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <1ae38367-2e5c-20c7-0ba1-ebaff05cf8e7@dbrgn.ch> User-Agent: Mutt/1.5.22 (2013-10-16) Subject: Re: [Buildroot] Hash verification from GitHub X-BeenThere: buildroot@buildroot.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: James Hilliard , buildroot Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: buildroot-bounces@buildroot.org Sender: "buildroot" Danilo, All, On 2022-01-17 11:24 +0100, Danilo Bargen spake thusly: > On 1/17/22 11:17, Yann E. MORIN wrote: > >>A maintainer could sign the tarball generated by buildroot and upload it to > >>github releases if they want. > > > >To be exact: an upstream maintainer (i.e. not a Buildroot maintainer). > > > >(...) > > > >I.e. it means that we prefer using tarballs as-is from their upstreams, > >when they are vendored; we only vendor packages which upstreams have > >not. > That makes sense! I am the maintainer of tealdeer, and I'll provide a > vendored source tarball for the next release. (I've heard of "cargo vendor" > before, but I haven't used it so far.) > > Maybe a corresponding paragraph could be added to the docs at > https://nightly.buildroot.org/#_integration_of_cargo_based_packages ? Yeah, so I already noticed that the nightly manual is not up to date... It indeed points to the correct sha1 in master, but the Cargo part is not what it should be; it is still the older text from before we added the cargo infra. We're looking into the issue... You can hack on the manual too, it's in: docs/manual/ And you can generate the manual locally: make manual-html Patches welcome! ;-) Regards, Yann E. MORIN. -- .-----------------.--------------------.------------------.--------------------. | Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: | | +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ | | +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no | | http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. | '------------------------------^-------^------------------^--------------------' _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot