Re: Let's avoid using md5 as checksum

Disagree. Three types of checksums (md5, sha1, rmd160) in a portfile are stronger than just two. I would agree that ports should not use md5 alone, but I would also say that ports should not use sha1 or rmd160 alone. Ports should use all three checksum types.

When we have sha1 and rmd160 using md5 as a checksum is meaningless. What do you mean by "stronger"?

port lint should warn if a portfile uses just a single type of checksum for a file.

That's nice!