On 28/03/14 08:13 AM, Ben Noordhuis wrote: > On Fri, Mar 28, 2014 at 2:25 AM, Brian Anderson <bander...@mozilla.com> wrote: >> Hi. >> >> I have very exciting news. Rust now has binary installers for Linux and Mac, >> as well as nightly builds for Windows, Linux and Mac. >> >> Official Rust installers now come in the following forms: >> >> * source .tar.gz - the same old source tarball >> * binary .tar.gz - Generic Unix installers, currently built for Linux and >> Mac >> * win .exe - 32-bit windows installers >> * mac .pkg files - Mac installers in the standard .pkg format >> >> With 0.10 coming next week, there's a pretty big risk changing the >> installation mechanism now, so please do test Rust installation, >> particularly on more exotic systems that need to use `--prefix`, `--libdir`, >> etc. >> >> >> # About the new installation system >> >> We have a new installation script, `install.sh` that is contained in the >> binary tarballs and also used for `make install`. `install.sh` takes several >> arguments controlling the installation, as well as an `--uninstall` argument >> that can be used to uninstall previous versions. This installation script >> manages upgrades correctly. >> >> The binary tarballs are also suitable for running rustc in place without >> installing. >> >> For convenience I've also published a little script called rustup.sh that >> downloads the appropriate nightly and installs: >> >> ``` >> curl -s http://www.rust-lang.org/rustup.sh | sudo sh >> ``` >> >> Uninstall: >> >> ``` >> curl -s http://www.rust-lang.org/rustup.sh | sudo sh -s -- --uninstall >> ``` >> >> I don't plan to recommend this method for general use since people tend to >> have security concerns with it, but I expect it to make keeping up with >> master much more convenient. >> >> >> # Nightly >> >> ## Source >> >> * http://static.rust-lang.org/dist/rust-nightly.tar.gz >> >> ## Linux >> >> * >> http://static.rust-lang.org/dist/rust-nightly-x86_64-unknown-linux-gnu.tar.gz >> * >> http://static.rust-lang.org/dist/rust-nightly-i686-unknown-linux-gnu.tar.gz >> >> ## Mac >> >> * http://static.rust-lang.org/dist/rust-nightly-x86_64-apple-darwin.pkg >> * http://static.rust-lang.org/dist/rust-nightly-i686-apple-darwin.pkg >> * http://static.rust-lang.org/dist/rust-nightly-x86_64-apple-darwin.tar.gz >> * http://static.rust-lang.org/dist/rust-nightly-i686-apple-darwin.tar.gz >> >> ## Windows (32-bit) >> >> * http://static.rust-lang.org/dist/rust-nightly-install.exe >> >> >> # 0.10-pre >> >> ## Source >> >> * http://static.rust-lang.org/dist/rust-0.10-pre.tar.gz >> >> ## Linux >> >> * >> http://static.rust-lang.org/dist/rust-0.10-pre-x86_64-unknown-linux-gnu.tar.gz >> * >> http://static.rust-lang.org/dist/rust-0.10-pre-i686-unknown-linux-gnu.tar.gz >> >> ## Mac >> >> * http://static.rust-lang.org/dist/rust-0.10-pre-x86_64-apple-darwin.pkg >> * http://static.rust-lang.org/dist/rust-0.10-pre-i686-apple-darwin.pkg >> * http://static.rust-lang.org/dist/rust-0.10-pre-x86_64-apple-darwin.tar.gz >> * http://static.rust-lang.org/dist/rust-0.10-pre-i686-apple-darwin.tar.gz >> >> ## Windows (32-bit) >> >> * http://static.rust-lang.org/dist/rust-0.10-pre-install.exe > > Brian, would it be possible to provide SHA checksums? It's not that > I'm worried about man-in-the-middle attacks, just that it'd be nice to > check that the download isn't corrupt.
The Rust releases themselves are signed, so I imagine that this script could easily be signed too if it doesn't change often. Signing the snapshots and nightly builds would require making a much less trusted key for the buildbot to use.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Rust-dev mailing list Rust-dev@mozilla.org https://mail.mozilla.org/listinfo/rust-dev
