Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Investigate checksum diff between original and repacked .pkg files #15219

Open
Tracked by #3708
ellahathaway opened this issue Nov 5, 2024 · 1 comment
Open
Tracked by #3708

Investigate checksum diff between original and repacked .pkg files #15219

ellahathaway opened this issue Nov 5, 2024 · 1 comment

Comments

@ellahathaway
Copy link
Member

ellahathaway commented Nov 5, 2024
edited
Loading

See #15205 (comment)

The checksums are different between the original and repacked .pkgs. After briefly investigating this, I've found that the Bom file has a different checksum and the Payload tarball is bigger in the repacked .pkg than the original .pkgs.

We should spend time looking into this to determine the cause of the issue.
This was referenced Nov 1, 2024
Open
Merged
@ellahathaway
Copy link
Member Author

I played around with this a bit more, and I've ultimately settled on the fact that the Bom differences are due to the way pkgbuild works. I think that it alters the metadata (eg the timestamp), which ultimately affects the checksum. I came to this conclusion by running lsbom <bomfile>, on each a bom file (one from from an unpacked pkg and one from a repacked/unpackaged again pkg). When I did this, I was only able to decipher a timestamp difference.

@ellahathaway ellahathaway mentioned this issue Nov 20, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ellahathaway