2fc2ab6cf0
This feature makes Git VCS build inputs immutable by adding support for pinning a Git checkout by a hash of its content using the deterministic export functionality `git archive`. This feature aids packagers by allowing them to use simple and convenient refnames (instead of full commit hashes) in the `PKGBUILD` while still preserving security implications of immutable build inputs using a trusted cryptographic hash function of the content. Previously VCS source downloads have been skipped for `--geninteg` and `--source` as both options did not need a checkout. This commit changes this behavior by forcing the download of all sources as integrity checks and generation requires to have an up to date state. Signed-off-by: Levente Polyak <anthraxx@archlinux.org> |
||
|---|---|---|
| .. | ||
| generate_checksum.sh.in | ||
| generate_signature.sh.in | ||
| meson.build | ||
| verify_checksum.sh.in | ||
| verify_signature.sh.in | ||