From 84e17da7cebebfff8dbad7bcdbaef1c14e380036 Mon Sep 17 00:00:00 2001 From: onefang Date: Mon, 2 Dec 2019 06:47:48 +1000 Subject: TODO+=2 --- apt-panopticon.lua | 2 ++ 1 file changed, 2 insertions(+) diff --git a/apt-panopticon.lua b/apt-panopticon.lua index da349fd..5aaa858 100755 --- a/apt-panopticon.lua +++ b/apt-panopticon.lua @@ -950,6 +950,7 @@ if 0 < #arg then execute('diff -U 0 results_old/pkgmaster.devuan.org/merged/dists/' .. n .. '/Release.SORTED ' .. 'results/pkgmaster.devuan.org/merged/dists/' .. n .. '/Release.SORTED ' .. '| grep -v "@@" | grep "^+" | grep "Packages.xz$" | cut -c 77- >results/NEW_Release_' .. n .. '.txt') +-- TODO - Maybe check the date in Release, though since they are updated daily, is there any point? Perhaps it's for checking amprolla got run? else -- TODO - compare to the pkgmaster copy. end @@ -1012,6 +1013,7 @@ if 0 < #arg then if m ~= fm:sub(2, -2) then E('Package MD5 sum mismatch - results/' .. pu.host .. "/merged/" .. p, 'http', 'Integrity', pu.host) end local status, fsha = execute('sha256sum results/' .. pu.host .. "/merged/" .. p .. ' | cut -d " " -f 1') if sha ~= fsha:sub(2, -2) then E('Package SHA256 sum mismatch - results/' .. pu.host .. "/merged/" .. p, 'http', 'Integrity', pu.host) end +-- TODO - maybe check the PGP key, though packages are mostly not signed. end end if testing("Updated") then -- cgit v1.1