<html>
<head>
<base href="https://bugs.llvm.org/">
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - apt repository metadata should use acquire-by-hash"
href="https://bugs.llvm.org/show_bug.cgi?id=50231">50231</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>apt repository metadata should use acquire-by-hash
</td>
</tr>
<tr>
<th>Product</th>
<td>Packaging
</td>
</tr>
<tr>
<th>Version</th>
<td>unspecified
</td>
</tr>
<tr>
<th>Hardware</th>
<td>PC
</td>
</tr>
<tr>
<th>OS</th>
<td>Linux
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>enhancement
</td>
</tr>
<tr>
<th>Priority</th>
<td>P
</td>
</tr>
<tr>
<th>Component</th>
<td>deb packages
</td>
</tr>
<tr>
<th>Assignee</th>
<td>unassignedbugs@nondot.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>xnox@ubuntu.com
</td>
</tr>
<tr>
<th>CC</th>
<td>llvm-bugs@lists.llvm.org
</td>
</tr></table>
<p>
<div>
<pre>To resolve Hash Sum mismatch errors, it is possible to publish all the metadata
files by their hash; and then indicate in the InRelease file to acquire things
by hash.
That way apt will download InRelease file, check the checksums of files it
wants to fetch inside there and then acquire things from
/by-hash/SHA256/9a27cff7af8578581d9b83485f85e366fff61a1f951c1dc4f33ce1892b50da72
This is very CDN friendly way, as normally /main/binary-amd64/Packages.gz can
be anything really, and served by CDN as the old one.
However, that does not appear to be implemented in reprepro =````((((((
So I guess this will be blocked until
<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820660">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820660</a> is implemented.
Although there is a patch to make it work
<a href="https://salsa.debian.org/bootc/reprepro/-/merge_requests/1/diffs">https://salsa.debian.org/bootc/reprepro/-/merge_requests/1/diffs</a>
I guess I should salvage reprepro and make it work.</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are on the CC list for the bug.</li>
</ul>
</body>
</html>