aboutsummaryrefslogtreecommitdiffstats
path: root/package/system
diff options
context:
space:
mode:
authorJo-Philipp Wich <jo@mein.io>2017-12-12 14:55:11 +0100
committerJohn Crispin <john@phrozen.org>2017-12-14 09:29:31 +0100
commitf4b9d9d6f13c898d473ce678234339e4a9dba5b2 (patch)
tree44f735535423a57835471ec7fce2d73d368914c5 /package/system
parent256990cbc0157feb8a9f37efeebf0330ab73727f (diff)
downloadupstream-f4b9d9d6f13c898d473ce678234339e4a9dba5b2.tar.gz
upstream-f4b9d9d6f13c898d473ce678234339e4a9dba5b2.tar.bz2
upstream-f4b9d9d6f13c898d473ce678234339e4a9dba5b2.zip
base-files: allow skipping of hash verification
When calling a download target, hash verification is now completely skipped if we set PKG_HASH=skip. This allows to easily bump package version: $ make package/<mypackage>/download PKG_HASH=skip V=s $ make package/<mypackage>/check FIXUP=1 V=s This will download the new version of the package, and then automatically update PKG_HASH with the hash of the new version. Of course, it is still the responsibility of the packager to ensure that the new tarball is legitimate, because it is downloaded from a possibly untrusted source. Fixes: b30ba14e ("scripts/download.pl: fail loudly if provided hash is unsupported") Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org> Signed-off-by: Jo-Philipp Wich <jo@mein.io> Acked-by: Stijn Tintel <stijn@linux-ipv6.be> Signed-off-by: John Crispin <john@phrozen.org>
Diffstat (limited to 'package/system')
0 files changed, 0 insertions, 0 deletions