[Buildroot] [PATCH] package/qt5: bump latest version to 5.9.1
Thomas Petazzoni
thomas.petazzoni at free-electrons.com
Thu Jul 13 07:50:03 UTC 2017
Hello,
On Wed, 12 Jul 2017 17:51:38 -0700, Joshua Henderson wrote:
> I tested adding hashes for all license files for 5.9.1. It turns out, this breaks the 5.6.2
> legal-info because there are files in common between the two versions, but with different hashes.
>
> $ make legal-info
>
> ...
>
> >>> qt5base 5.6.2 Collecting legal info
> LICENSE.GPLv3: OK (sha256: 245248009fd0af1725d183248380e476c1283383909358a13686606352bf2a17)
> ERROR: No hash found for LICENSE.LGPLv21
> ERROR: No hash found for LGPL_EXCEPTION.txt
> LICENSE.LGPLv3: OK (sha256: 68afaf3392f8c04218fbf29db43cc0b18bf651c1db086556aa584046de9f3e35)
> LICENSE.FDL: OK (sha256: ed8742a95cb9db653a09b050e27ccff5e67ba69c14aa2c3137f2a4e1892f6c0d)
> ERROR: header.BSD has wrong sha256 hash:
> ERROR: expected: 8fdefa0b45d9f791f687da6c2c4c83c1b701aaee2c08008f55d522af214b88f0
> ERROR: got : 1d05f2662f0be7544c4cc238d0957d1ed5d0edc45210e9108f905df354241a0e
> ERROR: Incomplete download, or man-in-the-middle (MITM) attack
> package/qt5/qt5base/qt5base.mk:315: recipe for target 'qt5base-legal-info' failed
> make[1]: *** [qt5base-legal-info] Error 1
> Makefile:79: recipe for target '_all' failed
> make: *** [_all] Error 2
>
> In the case you have different license file contents, but with the same name, between different
> versions of a package, how should this be handled?
This is a *very* good question, and I don't think our current support
for license file hashes handles this situation properly.
I'm adding Yann and Peter in Cc.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux and Kernel engineering
http://free-electrons.com
More information about the buildroot
mailing list