Skip to content

Latest commit

 

History

History
27 lines (15 loc) · 1.18 KB

package_tarball.md

File metadata and controls

27 lines (15 loc) · 1.18 KB
Raw

Package tarball

The package tarball contains the following files:

  • VERSION

    The tarball version as a single ASCII integer. The current tarball version is 3.

  • metadata.config

    Erlang term file, see Package metadata.

  • contents.tar.gz

    Gzipped tarball with package contents.

  • CHECKSUM

    SHA-256 hex-encoded checksum of the included tarball. The checksum is calculated by taking the contents of all files (except CHECKSUM), concatenating them, running sha256 over the concatenated data, and finally uppercase hex (base16) encoding it.

    contents = read_file("VERSION") + read_file("metadata.config") + read_file("content.tar.gz")
checksum = sha256(contents)
final_result = hex_encode(checksum)

    This checksum is called the "inner checksum" and is deprecated in favor of the "outer checksum" which is the SHA-256 checksum of the entirety of the tarball file.

    When fetching packages the checksums should be verified against checksums stored in the registry. See Release.inner_checksum and Release.outer_checksum in the protobuf definitions.