Chris Lamb writes:


> In other words, my "AIUI" should be replaced with something much
> stronger; I've done many "useless" sourceful uploads successfully, but
> I've never attempted to add an .sig…

It looks like upload with '-sa' worked, at least for experimental:

The asc file was stored inside pool directory:

so I was also able to make an upload without '-sa' afterwards:

So I think it will be OK to do upload for unstable, however I still need
to first check how to store the signature in my git repository. I did
some tests few days ago, but I haven't got time to finish it. I'll try
to do this before this weekend.

>> Honestly, I'm somewhat partial on putting such archive-dependant
>> information in lintian is alright (dak is only one of the many debian
>> archive software out there…).

Yes, but IMHO it would be nice if for example there was some wiki page
online with all the information, and lintian had a link to it.

> (I don't believe that is being requested here.)

I think lintian makes a really good job in improving quality of Debian
packages, and I treat all the tags it gives pretty seriously, especially
if they are warnings or errors. However I would like to have a clear
straightforward information how to deal with those tags. Vast majority
of tags' descriptions is clear, but
'orig-tarball-missing-upstream-signature' raised my concerns, so I
decided to create this bug report.


Reply via email to