Michał Górny posted on Sat, 21 Oct 2017 01:39:55 +0200 as excerpted: > W dniu pią, 20.10.2017 o godzinie 18∶42 -0400, użytkownik Anton Molyboha > napisał:
>> Would it make sense then to support several hashes but let the user >> optionally turn off the verification of some of them, depending on the >> user's security vs performance requirements? >> > I won't block anyone from implementing such an option but I won't spend > my time on it either. However, if you believe verifying two checksums > could be a problem, then I have serious doubts if you hardware is > capable of building anything. When does this verification happen? If it's during --sync or --pretend/ask, as I believe it is based on when I get errors if I edit and forget to manifest/digest, then arguably time matters rather more than it does if it's only after the user has OKed the merge and it's doing the build. Because the time before the PM tells me what it's going to do and asks my OK before doing it is time I'm generally actually waiting for it (tho I'm normally doing something else while waiting, but I /am/ waiting) to decide whether I want to go ahead, or perhaps I need to change something first, while the actual build time after I've OKed it, doesn't matter so much, because I'm not actually waiting on it, I'm doing other things, which can actually include turning in for the night or going to work, with the intent being that it'll be done when I get back to it. So the hash verification time really does matter, even if it's minutes compared to hours of actual build time, because that's time I'm actively waiting for it, vs. letting it do its thing in the background, with much less concern about how long (within reason) it might take. -- Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman
