Hi,
two weeks ago I asked about your opinions on a buildout option that enforces specifying (MD5) checksums for all files downloaded through buildout's download utility API. I've been discussing the subject with Christian Theune in the meantime and would like to describe a more concrete proposal now that deals with the questions raised in my previous post:
In analogy with version pinning for eggs, two new options could be introduced to the buildout section:
- "checksums": This option would name a config section that contains checksums for any number of resources by URL. I suggest a default value of "checksum" for it. Listing some URL with an empty checksum would explicitly express that the checksum for this resource should never be checked. I'm not sure how to structure the contents of the checksums section: URLs are not valid config keys in general (they can contain "=" characters) but I'd still like to be able to rely on the existing mechanism for overriding single options to override single checksums. Mapping arbitrary keys to whitespace-separated pairs of URL and checksum would work but sounds inelegant.
- "allow-omitted-checksums": This option would specify whether resources should be downloaded that are not listed in the checksums section. I'd like to use False as this option's default value, meaning that buildout should raise a UserError if a resource is omitted from the checksums section. (Intentionally empty checksums would still be allowed.) In fact, I'm not completely happy about inventing an option with negative semantics but doing it this way is at least consistent with "allow-picked-versions".
I'd like to hear other people's opinion on both the general idea and the details. Unless the whole thing gets shot down, I plan to start implementing it on a branch of zc.buildout next week.
Thank you.