I am currently working on a small tool, that creates PKGBUILDs from the rubygems API. PKGBUILDs are used to build packages for Arch Linux. The main intention is to to manage the system wide installed gems with pacman - the Arch Linux package manager - and not with gem.
In the PKGBUILDs we are using checksums (md5 or sha1) to check the integrity of the downloaded source file. So is it possible to provide a checksum in your API? I know that there are tools like gem check --verify, but i dont want to download the gem, i just want to create file with some info about it, so that we can easily build packages.
gem check --verify
Thanks for thinking about, ushi
This seems like a good idea. The problem for the current setup is you have to save the sha1/md5 when they are uploaded and a new version is created, so the migration for this would have to just add the basic columns, then a script would have to run to update everything. Finally change the columns to disallow null.
I'm in favor of this, checksums seem like a good idea.
sha was added to API in #911 and it is deployed already. I think this can be closed now.
Yes, sha256 is already in production.