Package: lintian Version: 2.7.0 Severity: wishlist Hi!
I just noticed that I've sometimes been failing to include the orig tarball signature file for some of the uploads after the first new upstream release. Let me clarify with an example: - Fetch upstream xfstt 1.9.3 orig.tar.xz and orig.tar.xz.asc. - Build xfstt 1.9.3-1 source w/ orig.tar.xz.asc. (Good) - Build xfstt 1.9.3-2 source w/o orig.tar.xz.asc. (Bad) - Build xfstt 1.9.3-3 source w/o orig.tar.xz.asc. (Bad) - Fetch upstream xfstt 1.10 orig.tar.xz and orig.tar.xz.asc. - Build xfstt 1.10-1 source w/ orig.tar.xz.asc. (Good) So, when building new revisions it seems I'm prone to forget to place the orig.tar.xz.asc alongside the orig.tar.xz sometimes. :/ It would be nice to get a warning to avoid this. I imagine a tag could be emitted whenever there is no «*.orig.tar.*.asc» (for each «*.orig.tar.*») and either of the following holds: - there is a debian/upstream/signing-key.asc file. - there is pgpmode or pgpsigurlmangle in opts in debian/watch. Thanks, Guillem