{
  "context": "This criteria evaluates how effectively the engineer leverages pip's hash computation and verification capabilities to implement package verification functionality. The focus is on proper use of pip's internal hash APIs rather than reimplementing hash computation from scratch.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "Uses pip hash APIs",
      "description": "Implementation uses pip's internal hash computation APIs (pip._internal.utils.hashes or pip._internal.operations.generate_hashes) rather than directly using hashlib or reimplementing hash computation",
      "max_score": 35
    },
    {
      "name": "Supports multiple algorithms",
      "description": "Implementation correctly supports all three hash algorithms (sha256, sha384, sha512) as specified in the API, using pip's multi-algorithm support",
      "max_score": 20
    },
    {
      "name": "Hash format compatibility",
      "description": "Generated hash output format matches pip's standard hash output format (algorithm:hexdigest), particularly for requirements file generation with --hash options",
      "max_score": 20
    },
    {
      "name": "Efficient file processing",
      "description": "Implementation processes files efficiently using pip's chunk-based reading approach or similar streaming methods, avoiding loading entire files into memory",
      "max_score": 15
    },
    {
      "name": "Error handling alignment",
      "description": "Error handling for missing files and invalid algorithms aligns with pip's error handling patterns and uses appropriate exception types",
      "max_score": 10
    }
  ]
}