This repository has been archived by the owner on Feb 22, 2018. It is now read-only.
Re-build the uploaded tarballs with consistent #374
Labels
Comments
|
<img src="https://avatars.githubusercontent.com/u/5757092?v=3" align="left" width="48" height="48"hspace="10"> Comment by mkustermann This is a known issue. And there is another reason why re-packing is good: The version of tar and gzip used can be very different for client uploaders (yes, different versions of tar/gz) - we've seen older clients not being able to unpack what newer clients uploaded. Maybe we should move this bug to github? |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
<img src="https://avatars.githubusercontent.com/u/1343914?v=3" align="left" width="96" height="96"hspace="10"> Issue by sgjesse
Originally opened as dart-lang/sdk#22596
The tarballs uploaded are normally packaged by pub, but in principle other clients can upload as well. These tarballs have whatever owner-information and permission-information that the original files had on the users machine when the tarball is build.
Normally un-taring when getting packages will set owner to current user/group and permissions to current umask, as --no-same-owner and --no-same-permissions are default when running tar as a normal user.
However it still seems a bit odd to store tarballs with owner and permission information coming from the client machine.
One option could be to re-package the tarball with consistent user and permission information.
The text was updated successfully, but these errors were encountered: