Checksum verification

Hi everyone!

I’m working with Conan in my master dissertation in order to have an open source C++ package manager. My use-case scenario is the following:

1: I locally receive pre-existing binaries to package. 2: Once packaged, I locally run this command to capture the manifests of all recipes and package binaries for the dependencies of my project: $ conan install . --manifests 3: I inspect the content of the conanmanifest.txt and I see this: nameofthefile: md5 checksum 4: I upload the package on Artifactory to verify the two MD5 checksums, the one I got in the above point 3 with the corresponding generated during the upload by Artifactory itself.

The problem is that they don’t match at all.

I try to explain better what should be the pipeline to be followed in my thesis:

1. Package locally the prebuilt binaries.
2. Calculate the checksums associated with them, in this “pre-upload” phase.
3. Upload the package on Artifactory, verifying the checksums are still the same:
   • If so, OK.
   • If not, abort the operation.
4. Once the package is uploaded and the above checks are right, download the package from Artifactory.
5. Calculate again the checksums on the downloaded package and verify if these ones are the same of those calculated in the pre-upload phase.
   • If so, OK.
   • If not, abort the operation.

I’m pretty new in the Conan world, is there an easiest way to succeed in doing all of these operations which I’m missing? Thank everyone so much, in advance.

• I’ve read the CONTRIBUTING guide.