On 23 Apr 2001, Russ Allbery wrote:
> Tom Holroyd <[EMAIL PROTECTED]> writes:
>
> > What do you think? Is this a configure problem or should it be left to
> > "packagers"? Can configure include tools that make such integrity
> > verification easier (and automatic)? For example, "make dist" or
> > whatever could always create a GPG-signed file.
>
> Adding support to make dist for generating signatures would be an Automake
> thing, not an autoconf thing. That probably isn't a bad idea.
Autoconf could run gnupg / pgp (if present) after generating the configure
script and produce a checksum on the script. If this was a default action,
then it would increase the chance of developers having at least some
checksumming.
It doesn't fix doubt over the intentions of the developer though.
Mikal
--
Michael Still ([EMAIL PROTECTED])
http://www.stillhq.com -- a whole bunch of Open Source stuff including PDF
software...
"Grrrrrrr! I'm a volleyballing machine!"
