Package: git-buildpackage Severity: wishlist Hi!
I frequently find myself doing manual work comparing if my local git repository contents and tags are correct and in sync with the git remotes and the Debian and Ubuntu archives. I am worried about mistakes such as: - A maintainer tagged and uploaded but forgot to push it to remote git repositories - Maintainer git tagged a version that failed to upload, and then forgot to delete and re-tag after fix and new upload attempt, or I did locally fix the tag to point to correct contents put forgot to force push updated tag to git remotes - Somebody else than the regular maintainer uploaded but didn't push to git and git repository content is behind Debian/Ubuntu apt repositories - Somebody (e.g. Ubuntu sponsor) modified the package before upload, and git repository diverges from apt repository To automatically detect (and perhaps even fix) these situations I propose git-buildpackage adds a feature 'gbp sync' which would roughly have this logic: 1. Traverse past 8 or so debian/changelog entries, extract Debian/Ubuntu release name and version and check if equivalent git tags exist locally. 2. Compare to remotes and warn if any tags are missing locally, or remotes have more tags than local, or tags point to different commits. 3. Check from equivalent apt repositories (including -security, -updates, -proposed-updates) what versions they have and warn if apt repositories have releases missing from the debian/changelog, or if past local changelog entries seems to never have reached any apt repository. 4. While doing the above, also download the . dsc files to a local temporary directory. Using the checksums in the .dsc files verify that the apt repository .debian.tar checksum matches what the locally tagged git commit debian/ contents would produce. This verifies the uploaded version actually is the same as in the gbp tag. 5. If everything matches, emit a success message. If not, tell users what is out of sync and ask the user (maintainer) to manually fix and validate fixes by rerunning 'gbp sync'. This could also be a separate tool, but since git-buildpackage has such an extensive test suite and mature code base, and the tool would operate off the semantics of gbp.conf seems this could be an useful extension to git-buildpackage. - Otto
