Hi, Replies inline.
On 4/26/2024 12:10 AM, Javier Matos Denizac via ffmpeg-devel wrote: > Actually, I noticed that you publish release tarballs -> > http://rtmpdump.mplayerhq.hu/download/, but I don’t see a release tarball for > 2.4. Would y’all be willing to publish a release for 2.4 and maybe mint and > publish a release tarball for 2.6? As far as I can tell, the rtmpdump author has, move away from tarballs and only uses git tags, now, as per https://rtmpdump.mplayerhq.hu/, which itself seems outdated. You may have better luck contacting its main contributor (Howard Chu), on rtmpdump's own mailing list (https://lists.mplayerhq.hu/mailman/listinfo/rtmpdump) or directly. FFmpeg only provides infrastructure for it, to my knowledge. > As for why SHA-512, we use SHA-512 checksums to verify the integrity of the > file and as an identifier for our asset caching mechanism. That way we can > identify if we have already downloaded the tarball and avoid downloading it > again. It was unclear you were talking about tarballs as you only referred to GitHub and the FFmpeg-run git server... That said, I am unsure why git is not considered secure / verifiable enough, compared to a tarball. I would actually argue the opposite is true for autogenerated tarballs like GitHub provides. - Derek _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
