Danek Duvall wrote:
On Thu, Jul 30, 2009 at 03:17:55PM -0500, Shawn Walker wrote:
"created": "20050614T080000.234231Z",
"last-modified": "20090508T161025.686485Z",
"package-count": 40802,
"parts": [
"catalog.base.C": {
Given the way you're writing this, "parts" should map to a dict, not a
list. Or you should do name/dict pairs inside of "parts". I'd rather see
the former.
Sorry, that was an unintentional mistake. That should be a '{' not a '['.
"opensolaris.org":{
"SUNWipkg":[
{
"version":"0.5.11,5.11-0.117:20090623T135937Z",
"_DIGEST": {
"sha-1": "596f26c4fc725b486faba089071d2b3b35482114",
},
},
I don't think you need the private dictionary keys here, because these
aren't digests you're removing from the catalog before computing the
catalog digest, but the digest of the referenced manifest. What you had
before in v3 was fine, I think, but if you want a separate dict filled just
with digests, then you could do that, but call it "digests".
digest-sha-1 as a key/value pair is certainly more efficient than a
dict, I was just trying to be consistent. But I'll adjust accordingly.
Please note that the digest and cryptographic information is
optional since older repositories won't have the information and
some users of the depot software may choose to not provide it.
While some users of the depot software may choose not to sign manifests or
catalogs, I think that digests should not be optional, except when there
are signatures. Running without digests seems like pointless no-pants
mode.
Older depots won't provide us with the digests either, that's the other
reason they're optional. I could clarify this by stating that
repositories that offer version 1 catalogs must provide the digest, but
signatures are optional for them. Would that be acceptable?
Cheers,
--
Shawn Walker
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
