On Fri, May 6, 2011 at 8:26 AM, Jeroen Demeyer <jdeme...@cage.ugent.be> wrote: > On 2011-05-06 15:26, Dr. David Kirkby wrote: >> So, it it was possible to protect against that, I think it would be a >> good idea. > One check could be done in the merger script: > If the new and old spkgs have the same upstream version (i.e. the > version numbers are the same except for the patch level), unpack them > both and check whether the contents of src/ are equal. Of course, this > assumes that the first spkg for a given upstream version has a correct src/.
Even better would be to checksum the source in a src.md5 file, and have sage -spgk warn/error if the checksums don't match. Thus one couldn't accidentally modify the src directory. - Robert -- To post to this group, send an email to sage-devel@googlegroups.com To unsubscribe from this group, send an email to sage-devel+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/sage-devel URL: http://www.sagemath.org
