couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dirkjan Ochtman <dirk...@ochtman.nl>
Subject Re: tracking upstream dependencies
Date Fri, 26 Nov 2010 20:58:35 GMT
On Fri, Nov 26, 2010 at 21:44, Noah Slater <nslater@apache.org> wrote:
> But assuming we got this working, we face the problem of not being able to apply our
own patches. Also, the software it downloads might have some bug in it that was introduced
a week, day, or hour before the release was made. How would we defend ourselves against this?

You pull a specific version tarball and check it against a checksum?

Cheers,

Dirkjan

Mime
View raw message