From patchwork Sat Mar 30 14:02:25 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Niedermayer <michael@niedermayer.cc>
X-Patchwork-Id: 47671
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a20:9f96:b0:1a3:b6bb:3029 with SMTP id
 mm22csp2529845pzb;
        Sat, 30 Mar 2024 07:02:38 -0700 (PDT)
X-Forwarded-Encrypted: i=2;
 AJvYcCX1k7+4C1xXWWJQ7nGFUE+1P6Vu8KViXZzwqIqdZ9xlWP472zXlSdVkR/cRODZieevoSIUpgAVh4+WOxWYHkVL8zjZp3zrqO4nWLQ==
X-Google-Smtp-Source: 
 AGHT+IFH3Sc+hrT0blkk84zIVgx73GpvIkPFwJeu84SqdBJ6E8TwDJzmHq8MxMpSYpdyV9cuvKmI
X-Received: by 2002:a05:6512:3c92:b0:515:920e:eecd with SMTP id
 h18-20020a0565123c9200b00515920eeecdmr3688031lfv.1.1711807358299;
        Sat, 30 Mar 2024 07:02:38 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1711807358; cv=none;
        d=google.com; s=arc-20160816;
        b=Q9csbteXbeQI5WDWuMDAofHW89VzAXe+QyS+yTP+gXkLqFncUMqTtt3c8vWimLU3iF
         nY9SeMR+59faANJJ4CQX++kvmiDY9uY8RnsVCGTieVVR5q+Kv305h8WfIKMBxlMaW6iN
         1cVPd2k7OUv25HYkWenpEKvu/939e63Q/Focmk3A2YblDKws6TGWV4ULK0us65I8Qoeo
         FWAYe22TBDDMKz+5+/41tbCE6kF7SScNf8I+IN1jsRzK6RFYWYNqOH1faS5ji4aVSan5
         TC7rQIept8Iir7M2lzePje4ayR1SoZgnRGLWz/caJuONPor+B/2RvVNU9gs/1D9ovYRq
         Y3Iw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:mime-version:reply-to
         :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
         :list-id:precedence:subject:message-id:date:to:from:dkim-signature
         :delivered-to;
        bh=XmJElTjB2+S94ItoRXUlWY2Rd7lNR4gGdZ4D5Y+66lQ=;
        fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=;
        b=LEfyfpzyxQtMHU8RZAsPnB2r0qAjVIfq5YYR74qZSeoPdtF5cXZ1VHFGOGihQi2RsX
         etcJL3jxc2HCloCzpdqN9Ou6vojM8WenkeSnf70nn3I+IbQ2WltAuuOxuEdpqctqUa9e
         ufYsyEZtzE3da1JKrC80wTgkeEqSSQT8x01op/erMkfDKM7r9HroYxPz0LDrT3pstLwc
         9xYOCZNVGIKwbyMgtgB6hlaWOyJ1ya1jHVXe8pwfjxhGRZxnlYVo7HUFC8iFBCsNQUpB
         qiRzLPvjSxkBV2xo8JN+OzaGPAswzC0l4/1odKJETvq1e8Dsct+IfBfGwInd2DJKxTrR
         TJZw==;
        dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@niedermayer.cc
 header.s=gm1 header.b=VsQpRXYH;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 x7-20020a05640226c700b0056c3cbe9420si2904969edd.329.2024.03.30.07.02.37;
        Sat, 30 Mar 2024 07:02:38 -0700 (PDT)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@niedermayer.cc
 header.s=gm1 header.b=VsQpRXYH;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id D2A6C68D3AA;
	Sat, 30 Mar 2024 16:02:33 +0200 (EET)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from relay9-d.mail.gandi.net (relay9-d.mail.gandi.net
 [217.70.183.199])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 2D69568D360
 for <ffmpeg-devel@ffmpeg.org>; Sat, 30 Mar 2024 16:02:27 +0200 (EET)
Received: by mail.gandi.net (Postfix) with ESMTPSA id 4E925FF804
 for <ffmpeg-devel@ffmpeg.org>; Sat, 30 Mar 2024 14:02:26 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc;
 s=gm1; t=1711807346;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc; bh=sw7JQDu+INeBDeVpvG2tCF3OgCYvkI/r1mSaPDJ8irs=;
 b=VsQpRXYHRVKEI0/nRMVT5lUPRj+KSTTquiq4rkyRzRskEEhgw7MfjWJyu8KKpKec6yoOeH
 8xQsUPyxZizxx8RQOVRudhGw9YVAfkO0luZGhNN24vzr4KxRy0BvL+o4aWPHVxW2jvGa6s
 fQD8pPyziPlHbitl7x6Bv6S4424m4xSp7qWH+YMkTE3zwZBXPBJA2BEzUN7MNwrKZ4KyrC
 m/5gUkqO9JXQtSptbBAVNaRy8vj96GgtKbgOZXOSqdzdNiOX9tm0dNo6ev+aT/0oBsmx8A
 z3lCYkSr1ei9u4Lrq4VAZ9ygPC+/4a8Y0A7H4J1OZqegbHHc+hL25qHJb+a31A==
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Sat, 30 Mar 2024 15:02:25 +0100
Message-Id: <20240330140225.3395-1-michael@niedermayer.cc>
X-Mailer: git-send-email 2.17.1
X-GND-Sasl: michael@niedermayer.cc
Subject: [FFmpeg-devel] [PATCH] web/download: Extend the verification
 procedure to check for difference between git and release tarball
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
MIME-Version: 1.0
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: ZzzKRRYfgA/1

Iam not 100% sure this is the best place to put this. But we should somewhere
describe what differences are expected

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 src/download | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/src/download b/src/download
index 0e6fa7e..34733de 100644
--- a/src/download
+++ b/src/download
@@ -284,6 +284,40 @@ gpg:                using RSA key FCF986EA15E6E293A5644F10B4322F04D67658D8
 gpg:                issuer "ffmpeg-devel@ffmpeg.org"
 gpg: Good signature from "FFmpeg release signing key &lt;ffmpeg-devel@ffmpeg.org&gt;" [full]</pre>
       </li>
+      <li>
+        Verify that the release tarball matches the git tag: (expected differences are missing .git, .gitignore and .gitattributes and an additional VERSION file)
+        <pre>
+        $ diff -ru ffmpeg-5.1.4 gitdir2
+Only in gitdir2/doc/doxy: .gitignore
+Only in gitdir2/doc/examples: .gitignore
+Only in gitdir2/doc: .gitignore
+Only in gitdir2/ffbuild: .gitignore
+Only in gitdir2: .git
+Only in gitdir2: .gitattributes
+Only in gitdir2: .gitignore
+Only in gitdir2/libavcodec: .gitignore
+Only in gitdir2/libavcodec/tests: .gitignore
+Only in gitdir2/libavdevice: .gitignore
+Only in gitdir2/libavdevice/tests: .gitignore
+Only in gitdir2/libavfilter: .gitignore
+Only in gitdir2/libavfilter/opencl: .gitignore
+Only in gitdir2/libavfilter/tests: .gitignore
+Only in gitdir2/libavformat: .gitignore
+Only in gitdir2/libavformat/tests: .gitignore
+Only in gitdir2/libavutil: .gitignore
+Only in gitdir2/libavutil/tests: .gitignore
+Only in gitdir2/libswresample/tests: .gitignore
+Only in gitdir2/libswscale/tests: .gitignore
+Only in gitdir2/tests/api: .gitignore
+Only in gitdir2/tests/checkasm: .gitignore
+Only in gitdir2/tests: .gitignore
+Only in gitdir2/tools: .gitignore
+Only in ffmpeg-5.1.4: VERSION
+        </pre>
+      </li>
+      <li>
+        Verify that the tag in git is signed
+      </li>
     </ol>
   </p>