diff options
| -rw-r--r-- | en_US.ISO8859-1/books/porters-handbook/book.sgml | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/en_US.ISO8859-1/books/porters-handbook/book.sgml b/en_US.ISO8859-1/books/porters-handbook/book.sgml index 0b233ecc08..171de7c8ab 100644 --- a/en_US.ISO8859-1/books/porters-handbook/book.sgml +++ b/en_US.ISO8859-1/books/porters-handbook/book.sgml @@ -10222,6 +10222,27 @@ IGNORE=POINTYHAT is not supported special need.</para> </sect1> + <sect1 id="dads-rerolling-distfiles"> + <title>Rerolling distfiles</title> + + <para>Sometimes the authors of software change the content of + released distfiles without changing the file's name. You have + to verify that the changes are official and have been performed + by the author. It has happened in the past that the distfile + was silently altered on the download servers with the intent + to cause harm or compromise end user security.</para> + + <para>Put the old distfile aside, download the new one, unpack + them and compare the content with &man.diff.1;. If you see + nothing suspicious, you can update <filename>distinfo</filename>. + Be sure to summarize the differences in your PR or commit log, + so that other people know that you have taken care to ensure + that nothing bad has happened.</para> + + <para>You might also want to contact the authors of the software + and confirm the changes with them.</para> + </sect1> + <sect1 id="dads-workarounds"> <title>Necessary workarounds</title> |