[R-pkg-devel] checksums change after publication on CRAN?
Joris Meys
Joris.Meys at ugent.be
Mon Apr 30 18:03:55 CEST 2018
In a discussion of twitter it was pointed out that the checksums of
packages change after publication on CRAN. One example is the Matrix
package version 1.2-12, which was available on CRAN already on nov 17, 2017
but got a different checksum on nov 20, 2017. This caused issues in eg
easybuilders.
(see reference here :
https://github.com/easybuilders/easybuild-easyconfigs/pull/6118 )
I went through the Matrix SVN repo, and there is no commit whatsoever that
adds the last line in the DESCRIPTION file. This line reads:
Date/Publication: 2017-11-20 18:57:47 UTC
I wondered how this happens, and it looks like CRAN adds this automatically
days after the source is available for download.
This is suboptimal imho as it would technically mean that you can have two
files of the same package version with different checksums. It leads people
to believe packages on CRAN can be changed without bumping the version
number, and technically that's what it boils down to.
Anyone who knows what's going on there?
Reference to twitter discussion with Kenneth Hoste about this :
https://twitter.com/kehoste/status/990484417721389056
Kind regards
Joris
--
Joris Meys
Statistical consultant
Department of Data Analysis and Mathematical Modelling
Ghent University
Coupure Links 653, B-9000 Gent (Belgium)
<https://maps.google.com/?q=Coupure+links+653,%C2%A0B-9000+Gent,%C2%A0Belgium&entry=gmail&source=g>
tel: +32 (0)9 264 61 79
-----------
Biowiskundedagen 2017-2018
http://www.biowiskundedagen.ugent.be/
-------------------------------
Disclaimer : http://helpdesk.ugent.be/e-maildisclaimer.php
[[alternative HTML version deleted]]
More information about the R-package-devel
mailing list