[gentoo-dev] question about non-dev submitting snapshot ebuild to bugzilla
I am working on a new ebuild for a currently open bug in bugzilla. This ebuild happens to be a snapshot as upstream provides anonymous web cvs but does not provide a nice tar. When a non-dev submits a snapshot ebuild to bugzilla what is the proper method of providing access to the snapshot I created myself that it installs. Even though this tar is fairly small (128k), I imagine that if I attached the snapshot, the big giant hand of common sense would descend and slap me silly. Please advise. Mike -- gentoo-dev@gentoo.org mailing list
Re: [gentoo-dev] question about non-dev submitting snapshot ebuild to bugzilla
On Mon, 23 May 2005 13:11:09 -0400 Mike Pagano [EMAIL PROTECTED] wrote: | When a non-dev submits a snapshot ebuild to bugzilla what is the | proper method of providing access to the snapshot I created myself | that it installs. Well... I refuse to take user-submitted tarballs for security reasons. Instead, you should give the command used to create said tarball -- use the svn revision id (or whatever) rather than HEAD when doing this. Dunno if other devs are equally untrusting... They probably should be... -- Ciaran McCreesh : Gentoo Developer (Vim, Shell tools, Fluxbox, Cron) Mail: ciaranm at gentoo.org Web : http://dev.gentoo.org/~ciaranm pgpurK79jZ8S8.pgp Description: PGP signature
Re: [gentoo-dev] question about non-dev submitting snapshot ebuild to bugzilla
Ciaran McCreesh wrote: On Mon, 23 May 2005 13:11:09 -0400 Mike Pagano [EMAIL PROTECTED] wrote: | When a non-dev submits a snapshot ebuild to bugzilla what is the | proper method of providing access to the snapshot I created myself | that it installs. Well... I refuse to take user-submitted tarballs for security reasons. Instead, you should give the command used to create said tarball -- use the svn revision id (or whatever) rather than HEAD when doing this. Dunno if other devs are equally untrusting... They probably should be... I may add that I'd try to get and upstream-submitted tarball (preferably checksummed). Lots of repositories build daily-snapshots so chances are good to get one. -- gentoo-dev@gentoo.org mailing list
