On Wed, May 08, 2013 at 02:13:18PM -0500, Rich Johnston wrote:
> Version 3.1.3 of xfsdump has been released.
> The source code can be accessed via git using this URL:
> A gzipped-tar archive of the source code is available here:
David Kaylor pointed out that the posted signature for this tarball
fails verification. I tracked this down to the fact that I ran 'make
deb' after running the release script but before posting the tarball.
'make deb' regenerated the tar.gz and gzip put an updated timestamp in
the header so the tarball no longer matched the signature. However the
contents of the tarballs are otherwise identical, so I've moved the old
.sig out of the way, signed the tarball that was posted, and uploaded
the new .sig.
It might be nice for 'make dist' to create an identical .tar.gz for
identical inputs. gzip can be told not to update it's timestamp with
the -n option, but our current method of generating the tarball relies
upon .gitcensus being created on each run and this is currently
$(_FORCE) and required for the 'make deb' target. I don't have a
solution at this time, so for the time being 'make dist' is creating
non-identical tarballs for identical inputs at each invocation.
Suggestions are welcome.
Thanks to David for his attention to detail.