-
Notifications
You must be signed in to change notification settings - Fork 25
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove automatic checksumming #40
Comments
Hello, just my opinion, but, I think it's interesting to keep it |
The checksums are automatically found when using |
I'm coming across this issue now, this wasn't something we added in the initial release of With that said, it makes sense to remove this functionality. There will be a point in the future where this functionality will no longer work due to the monkey patching of the PowerShell scripts and planned changes to Chocolatey CLI. I recommend anyone currently using the automatic checksum feature, to switch over to use |
Would it make sense to deprecate it with a warning message? |
One potential improvement to make before releasing a version of chocolatey-au would be to remove automatic checksumming.
chocolatey-au/AU/Public/Update-Package.ps1
Lines 114 to 201 in c28a2fd
The current automatic checksumming implementation uses monkey patching to modify the
chocolateyInstall.psm1
module, and then executes the package'schocolateyInstall.ps1
to download the installer. This is a bad idea for a number of reasons:chocolateyInstall.psm1
module.chocolateyInstall.ps1
package script not having any other operations beside the call to the powershell helper, or in cases where there is another call (adding desktop shortcuts, etc), then those will happen.The automatic checksumming can be replaced by adding a
au_BeforeUpdate
function to eachupdate.ps1
(that needs it, embedded packages do not) to explicitly get the checksums. There is an example function below:The downside of this is that it would be a significant breaking change from the way AU currently does things.
Additionally, if the download is more complex, it may require a complex
au_BeforeUpdate
which duplicates code from thechocolateyInstall.ps1
, for example theddu
package requires a referrer page to be downloaded first:https://github.com/tunisiano187/Chocolatey-packages/blob/58fe4dcc9d3ededdec31593c6a04a37dde22984a/automatic/ddu/tools/chocolateyInstall.ps1#L8
The text was updated successfully, but these errors were encountered: