Re: [boost] What is http://downloads.sourceforge.net/boost/boost_1_63_0.tar.bz2 ?

On 9 February 2017 at 14:21, Daniel James via Boost wrote:

On 9 Feb 2017 11:54, "Jonathan Wakely via Boost" wrote:

Checking the hash is a manual process that should be done by the maintainer, it can't cause updating the Fedora servers to fail (the infrastructure can't check the hash because it doesn't know what to compare it to). I screwed that up for the first cycle of rebuilds I did for Boost 1.63.0.

If you want the download info in a machine readable format, let me know. For example, I wrote a little script to generate a csv file:

http://beta.boost.org/doc/downloads.csv.php

Thanks, but that's not necessary for my purposes. http://www.boost.org/users/history/version_1_63_0.html has the info I need (I have to look there anyway to see which new libraries there are, and for any breaking changes to existing libs). The problem was simply that I wasn't using the URL and hash on that page, because I was mistakenly using the redirecting URL we had in the RPM spec file, and I didn't check the hash until later. I don't need help verifying the hash (that will always be at least a semi-manual process, and if I forget to do it then I forget to do it). And after wasting my own time so badly (and updating the URL in our spec file) I'm unlikely to make this mistake again. I just think having snapshots with the same filename is the release is bonkers, and that's the only thing I'd suggest changing.