> Date: Wed, 04 Apr 2012 12:13:40 +0200 > From: Klaus Espenlaub <[email protected]> > Subject: Re: [vbox-dev] Permission to redistribute VirtualBox guest > additions for MacPorts > To: "VirtualBox developer's list" <[email protected]> >[snip] > > Additionally it might save you time if you could make the checksum check > more flexible. Otherwise you have to change the checksums for every > release we make. Not our problem in the end ;) > >[snip] > > Klaus
Klaus, MacPorts uses checksums to ensure source has not been altered, maliciously or otherwise, between the time the package maintainer built a port recipe and the time the user started building the package via that recipe. Do you update the VirtualBox source and release a new tarball with the same version string, e.g. for high priority bug fixes? Including a changelog and incrementing a minor revision would help people who look at the source understand what has been fixed. If you make undocumented changes in release versions (I've seen these referred to as "stealth updates") and we allow non-matching source tarballs, it could be difficult for package maintainers to replicate user errors for troubleshooting purposes. Ryan Stonecipher _______________________________________________ vbox-dev mailing list [email protected] https://www.virtualbox.org/mailman/listinfo/vbox-dev
