Tomáš Chvátal schrieb: > 2013/2/20 Rich Freeman <ri...@gentoo.org>: >> There is a current QA policy that anything using an scm to download >> sources cannot be stabilized, because there is no way to verify the >> manifest. >> >> I'm actually wondering if that makes sense with git when a specific >> commit is referenced, since everything is content-hashed anyway. >> Perhaps we just need to confirm that git actually checks the hash. >> > If you checkout some revision or tag just create the darn tarball > yourself as it is much cleaner solution and you don't force user to > install git or other scm tools unless they need them.
Problem is that the tarball cannot be redistributed by us. Now what? Best regards, Chí-Thanh Christopher Nguyễn
