Hallo, Allan McRae: > On 04/07/11 22:13, Wieland Hoffmann wrote: > Looking good. Some general comments: > > I saw that --skipinteg implies --skippgpcheck. I noticed this when > I copied a "bad" signature into my source directory and I did not > update the md5sums so used --skipinteg. I was quite surprised when > the signatures did not get checked. Should these be separated more?
I chose to implement it this way because checking the signature means verifying that the data I downloaded is the data uploaded by the project which is what data integrity is about. Personally, I would be surprised if --skipinteg didn't imply --skippgpcheck, although it's kind of doing the same thing twice. Maybe a switch like --skipchecksums would be a good idea that doesn't imply skipping ALL integrity checks. > >+ local file > >+ local errors=0 > > We should keep track of the number of non-error warnings too so a > "==> WARNING:" message could be outputed. The exact number/reason or just a simple "hey, there were some warnings" so people scroll up to the actual warning(s)? -- Wieland
pgpePZPkoDNWc.pgp
Description: PGP signature
