From patchwork Sat Jun 18 20:50:16 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ben Westover <kwestover.kw@gmail.com>
X-Patchwork-Id: 2068
Return-Path: <pacman-dev-bounces@lists.archlinux.org>
Delivered-To: patchwork@archlinux.org
Received: from mail.archlinux.org [2a01:4f9:c010:3052::1]
	by patchwork.archlinux.org with IMAP (fetchmail-6.4.30)
	for <fetchmail@localhost> (single-drop);
 Sat, 18 Jun 2022 20:50:23 +0000 (UTC)
Received: from mail.archlinux.org
	by mail.archlinux.org with LMTP
	id MMx1M446rmLQPQgAK+/4rw
	(envelope-from <pacman-dev-bounces@lists.archlinux.org>)
	for <patchwork@archlinux.org>; Sat, 18 Jun 2022 20:50:22 +0000
Received: from lists.archlinux.org (lists.archlinux.org
 [IPv6:2a01:4f9:c010:9eb4::1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mail.archlinux.org (Postfix) with ESMTPS id E9BD4111B9BF;
	Sat, 18 Jun 2022 20:50:21 +0000 (UTC)
Received: from lists.archlinux.org (localhost [IPv6:::1])
	by lists.archlinux.org (Postfix) with ESMTP id C603710FB366;
	Sat, 18 Jun 2022 20:50:21 +0000 (UTC)
X-Original-To: pacman-dev@lists.archlinux.org
Delivered-To: pacman-dev@lists.archlinux.org
Received: from mail-qv1-xf2b.google.com (mail-qv1-xf2b.google.com
 [IPv6:2607:f8b0:4864:20::f2b])
 by lists.archlinux.org (Postfix) with ESMTPS id 9E17010FB34E
 for <pacman-dev@lists.archlinux.org>; Sat, 18 Jun 2022 20:50:19 +0000 (UTC)
Received: by mail-qv1-xf2b.google.com with SMTP id i17so4411622qvo.13
 for <pacman-dev@lists.archlinux.org>; Sat, 18 Jun 2022 13:50:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
 h=message-id:date:mime-version:user-agent:from:subject:to
 :content-language:content-transfer-encoding;
 bh=jr5FhEHhMN5nUZv9kk85IMm2JdHwIn0ZB5LadhQAwNs=;
 b=BSud2CucfbtOXXLNczG67Sna8pPuPJX9LavqoaJVTv74ynf3yeU/qixUDI8I8m3Vyz
 0wTnJUgps8Iitkph1TnqI7Vwgo5NO8eZZsSbTghjdrA3OxiQXeblQ68Q2MypRqTBFUe/
 7Pi5Z3FtFxLY/ByaFVKqFwq/f9XfGtaAsJJI7QNOoHH+9CU0a6iX3xwEj+hvV170P4Wp
 b+ud4tKEUQM4jMo8FQyEKgxIBjAxI4GWZ832w5W5dgM/VeUqw5Ke8yhsfK9cjcKn3cXN
 MvxkCEGcZTmsYm4ZHsGD+mN4t8JaOPxy8Y7jta8A83aZQ9+MQ8SjlQV6hU70OZOAruwm
 QZQg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:message-id:date:mime-version:user-agent:from
 :subject:to:content-language:content-transfer-encoding;
 bh=jr5FhEHhMN5nUZv9kk85IMm2JdHwIn0ZB5LadhQAwNs=;
 b=aTuL13BKV8pWx7hGIuBENWE9XrjH+ICh7iAfcUMsfA3OOxrPm+pwkTlvI1liJo2LJK
 XG2oWOHblVE9gjbZshT1xDGi2JIIC8FnWWpPq7+v9j8G44ZD6Leyb54lhF9GLik9usbI
 6VqhcwKwbmy8Wya2Sthn8Rv8s7aAQ6Dq3qo/GDmNUlZtJQisNo/P5q7Tqz4iYjX4JaWS
 6O2t4hUjLPOUFluBgxGdA1Yxj8QxKqwvA4q2hAevJ57epI0ngm6xpy4fo0NfEiLFaK0d
 39t3XZOlP3tfGLmFPoepzcaqG1zoyUrcm907X8E/mKF6HqYMZGN2rrb9Ly4ON9gm7zcb
 //gw==
X-Gm-Message-State: AJIora/evoOVWr2piQRvN6vOOdjF8dpc/66eafFqbywuhK6ibGsyAy50
 tKKnWyfZ9e0jcUISgaxL8q42eauizMw=
X-Google-Smtp-Source: 
 AGRyM1t/zvhFNO/1ZmRG3hPS/6EtkT02sw5Ak8HX8uN1jtg+YY4BhGU6o1vXEivzfY0KORQMgH9JXQ==
X-Received: by 2002:a05:6214:2a87:b0:464:5b2f:7dd1 with SMTP id
 jr7-20020a0562142a8700b004645b2f7dd1mr13975730qvb.7.1655585417866;
 Sat, 18 Jun 2022 13:50:17 -0700 (PDT)
Received: from [192.168.1.115] (static-95-221.sssnet.com. [24.140.95.221])
 by smtp.gmail.com with ESMTPSA id
 d26-20020ac8535a000000b00304ef46c06dsm7024348qto.57.2022.06.18.13.50.17
 for <pacman-dev@lists.archlinux.org>
 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
 Sat, 18 Jun 2022 13:50:17 -0700 (PDT)
Message-ID: <011af950-d1fb-e5f8-df83-d26723245938@gmail.com>
Date: Sat, 18 Jun 2022 16:50:16 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
 Thunderbird/91.10.0
From: Ben Westover <kwestover.kw@gmail.com>
Subject: [PATCH] proto: Change the default checksum from md5 to sha256
To: pacman-dev@lists.archlinux.org
Content-Language: en-US
X-BeenThere: pacman-dev@lists.archlinux.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussion list for pacman development
 <pacman-dev.lists.archlinux.org>
List-Unsubscribe: <https://lists.archlinux.org/options/pacman-dev>,
 <mailto:pacman-dev-request@lists.archlinux.org?subject=unsubscribe>
List-Archive: <https://lists.archlinux.org/pipermail/pacman-dev/>
List-Post: <mailto:pacman-dev@lists.archlinux.org>
List-Help: <mailto:pacman-dev-request@lists.archlinux.org?subject=help>
List-Subscribe: <https://lists.archlinux.org/listinfo/pacman-dev>,
 <mailto:pacman-dev-request@lists.archlinux.org?subject=subscribe>
Errors-To: pacman-dev-bounces@lists.archlinux.org
Sender: "pacman-dev" <pacman-dev-bounces@lists.archlinux.org>
Authentication-Results: mail.archlinux.org;
	dkim=pass header.d=gmail.com header.s=20210112 header.b=BSud2Cuc;
	spf=pass (mail.archlinux.org: domain of
 pacman-dev-bounces@lists.archlinux.org designates 2a01:4f9:c010:9eb4::1 as
 permitted sender) smtp.mailfrom=pacman-dev-bounces@lists.archlinux.org;
	dmarc=pass (policy=none) header.from=gmail.com
X-Rspamd-Server: mail.archlinux.org
X-Spamd-Result: default: False [-1.91 / 15.00];
	DMARC_POLICY_ALLOW(-0.50)[gmail.com,none];
	RCVD_DKIM_ARC_DNSWL_MED(-0.50)[];
	R_DKIM_ALLOW(-0.20)[gmail.com:s=20210112];
	MAILLIST(-0.20)[mailman];
	R_SPF_ALLOW(-0.20)[+ip6:2a01:4f9:c010:9eb4::1:c];
	RCVD_IN_DNSWL_MED(-0.20)[2a01:4f9:c010:9eb4::1:from];
	MIME_GOOD(-0.10)[text/plain];
	HAS_LIST_UNSUB(-0.01)[];
	FROM_NEQ_ENVFROM(0.00)[kwestoverkw@gmail.com,pacman-dev-bounces@lists.archlinux.org];
	RCVD_COUNT_FIVE(0.00)[5];
	FROM_HAS_DN(0.00)[];
	RCVD_VIA_SMTP_AUTH(0.00)[];
	RCPT_COUNT_ONE(0.00)[1];
	PREVIOUSLY_DELIVERED(0.00)[pacman-dev@lists.archlinux.org];
	RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::f2b:received];
	ARC_NA(0.00)[];
	MID_RHS_MATCH_FROM(0.00)[];
	TAGGED_FROM(0.00)[];
	DKIM_TRACE(0.00)[gmail.com:+];
	TO_DN_NONE(0.00)[];
	FREEMAIL_FROM(0.00)[gmail.com];
	DWL_DNSWL_NONE(0.00)[gmail.com:dkim];
	RECEIVED_SPAMHAUS_PBL(0.00)[24.140.95.221:received];
	RCVD_TLS_LAST(0.00)[];
	MIME_TRACE(0.00)[0:+];
	NEURAL_HAM(-0.00)[-0.977];
	ASN(0.00)[asn:24940, ipnet:2a01:4f9::/32, country:DE];
	FORGED_SENDER_MAILLIST(0.00)[]
X-Rspamd-Queue-Id: E9BD4111B9BF

MD5 isn't a very good checksum, and the PKGBUILD page on the Arch Wiki
states that it should not be used, instead recommending sha256 or b2.
This patch changes the default from md5 to sha256 because that seems to
be the most commonly used checksum today.

Signed-off-by: Ben Westover <kwestover.kw@gmail.com>
---
 proto/PKGBUILD-split.proto | 2 +-
 proto/PKGBUILD-vcs.proto   | 2 +-
 proto/PKGBUILD.proto       | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/proto/PKGBUILD-split.proto b/proto/PKGBUILD-split.proto
index 9898ef81..eea97e56 100644
--- a/proto/PKGBUILD-split.proto
+++ b/proto/PKGBUILD-split.proto
@@ -28,7 +28,7 @@ changelog=
 source=("$pkgbase-$pkgver.tar.gz"
         "$pkgname-$pkgver.patch")
 noextract=()
-md5sums=()
+sha256sums=()
 validpgpkeys=()
 
 prepare() {
diff --git a/proto/PKGBUILD-vcs.proto b/proto/PKGBUILD-vcs.proto
index ae9956a9..49c6759f 100644
--- a/proto/PKGBUILD-vcs.proto
+++ b/proto/PKGBUILD-vcs.proto
@@ -25,7 +25,7 @@ options=()
 install=
 source=('FOLDER::VCS+URL#FRAGMENT')
 noextract=()
-md5sums=('SKIP')
+sha256sums=('SKIP')
 
 # Please refer to the 'USING VCS SOURCES' section of the PKGBUILD man page for
 # a description of each element in the source array.
diff --git a/proto/PKGBUILD.proto b/proto/PKGBUILD.proto
index a2c600d5..9aff797c 100644
--- a/proto/PKGBUILD.proto
+++ b/proto/PKGBUILD.proto
@@ -27,7 +27,7 @@ changelog=
 source=("$pkgname-$pkgver.tar.gz"
         "$pkgname-$pkgver.patch")
 noextract=()
-md5sums=()
+sha256sums=()
 validpgpkeys=()
 
 prepare() {