Match content between SIGNATURE and distribution files
Issue #10
resolved
The MANIFEST is somehow changed after signing?
Comments (5)
-
reporter -
reporter So why is Test::Signature reordering the SIGNATURE file? “./Build test --test_files t/00_signature.t”
-
reporter This is caused by making “test” depend on “manifest” in Build.PL, so when the test is started the MANIFEST is recreated before the tests are run. And while the entries are the same the order is then changed so the signature is invalidated.
-
reporter - changed status to open
-
reporter - changed status to resolved
- Log in to comment
The MANIFEST we create and ship has SIGNATURE added by Module::Build at the end of the file. In the downloaded package that is the same when we run cpansign, so that verifies OK. But when we run “./Build test” something is reordering the lines in the MANIFEST file, messing up the signature.