Implement the Updated and Integrity tests. 🔼

There's two "Updated" tests -

[list]

[*]Compare sha512 hashes to those from pkgmaster.devuan.org.

[*]Check Date reported in Release files.

[/list]

Though perhaps the sha512 tests should be part of Integrity?

Integrity means check Release files are properly PGP signed.  I could also check if the selected package files are properly PGP signed as well.

reported=2019-06-25 03:19:21

reporter=onefang

priority=normal

category=TODO

severity=feature

resolution=fixed

2019-10-01 12:30:58 onefang: mirror_status.html and the old mirror status emails both have an "Updated" test, though they test different things.  They also both have an "Integrity" test.

pkgmaster. devuan.org is used as the reference.

I think "Updated" should compare the date in the Release files.  Maybe compare the version numbers on recently updated Devuan packages.

"Integrity" should check the Release files are properly PGP signed, and compare sha512 hashes for a selected set of Devuan packages.

Both the email and the web page have a DNS_RR test, is that "HTTP HEAD request the IP with host=deb.devuan.org"?  The current web page says they ALL fail.  My checker script includes that already, just doesn't match that to a test type of DNS-RR.

2019-10-02 06:13:44 onefang: See the related "Add a quick option, or perhaps a slow one." issue for details of what metadata is actually in the metadata files.  I was guessing wrong above.  Particularly the lack of package timestamps anywhere other than the timestamps on the package files themselves.

2019-11-27 08:04:15 onefang: Packages files get "updated" daily, even if there are no changes.  That means I'll be downloading 2.5 GB per day.  EWWWW!