Hi, On Mon, Jul 31, 2017 at 04:33:44PM +0200, Maximiliano Curia wrote: > Package: devscripts > Version: 2.17.9 > Severity: normal > > Hi, > > uscan checks the detached upstream signature with the > debian/upstream/signing-key.asc keyring when downloading a new version, > which is great. But the file is then not renamed/symlinked so dpkg-source > can't use this signature file, so it's then not included in the .changes > files. > > Please, when renaming/symlinking the downloaded file, do the same with the > downloaded detached upstream signature.
Excuse me .. I don't get what you are after. dpkg-source - Debian source package (.dsc) manipulation tool dpkg-source -x ***.dsc extracts the source from the tarball which is signed by the packager (not upstream). Why you are using dpkg-source on the upstream source tarball? Regards, Osamu