On Mar 26, 2012, at 4:31 AM, Henri Gomez wrote: > I can't access cvs from my corporate network right now. > > Did there is nightly tar balls available somewhere ? >
Nope: rpm-5.4 releases are time based and monthly. Last 2 months have been more often while I assess what "features" are interesting of current development. > PS: It will be great to get source as regular tar ball, .src.rpm is > not convenient when you don't have RPM installed (even if we could > still use cpio tricks) > There's no possibility of pleasing everyone. Meanwhile running a shell script to extract a tarball (there may be several) from a digitally signed container, with a detached signature, which can be automatically verified (at build, not unpacking, time) with a probe dependency like BuildRequires: signature(%SOURCEn} or BuildRequires: digest(%SOURCEn) = 1234... with a "known good" build recipe and list of configuration macros used during the build, is rather powerful functionality that tar/cpio distribution simply cannot match. Meanwhile rpm2cpio.sh and rpm-5.4.7-0.201203*.src.rpm should get you get fixed up. 73 de Jeff > 2012/3/26 Jeffrey Johnson <n3...@me.com>: >> >> On Mar 25, 2012, at 6:06 PM, Anders F Björklund wrote: >> >>> Jeffrey Johnson wrote: >>> >>>>> Adding a "rpm54" port would be the most straight-forward way to include >>>>> it. >>>>> I'll see what I can do about it, should be a copy of the existing "rpm52"… >>>>> >>>> >>>> I'd be a bit lazy about rpm54 which is quite "active" atm. Meanwhile, >>>> rpm-5.3.11++ is "production" and "stable" and all that good stuff. >>> >>> Added both, "rpm53" 5.3.11-20110602 and "rpm54" 5.4.7-20120302. >>> >>> The .src.rpm format is somewhat troublesome to port, but bundled >>> rpm2cpio.sh and extracted the tarball in a post-extract {} step. >>> >> >> For you -- in particular -- I'll start distributing tar balls again. >> >> The goal is to illustrate the benefits of *.src.rpm's because: >> 1) there's a non-repudiable signature on the *.src.rpm and >> (when I work carefully) a detached signature with verification. >> 2) there are several components collected with the build recipe >> 3) the macros used for the build (I only do rpmbuild -bs) are in the >> SRPM. >> 4) there are (rather nominal) build metrics and --short-circuit >> "cheater" detection. >> >> I.e. distributing through a *.src.rpm is actually quietly doing WYSIWYG >> subliminal advertising of @rpm5.org warez. >> >> But if it gets to be too big a hassle, I'll pop out the tar ball and included >> detached signature whenever you wish. >> >> 73 de >> Jeff______________________________________________________________________ >> RPM Package Manager http://rpm5.org >> User Communication List rpm-users@rpm5.org > ______________________________________________________________________ > RPM Package Manager http://rpm5.org > User Communication List rpm-users@rpm5.org ______________________________________________________________________ RPM Package Manager http://rpm5.org User Communication List rpm-users@rpm5.org