On Sun, 2025-10-12 at 00:25 -0700, Otto Kekäläinen wrote: > Hi! > > Can you please test if this is now fixed in latest Debcraft version > 0.6.0? > > If you find more issues or have improvement ideas, Merge Requests at > https://salsa.debian.org/debian/debcraft/-/merge_requests are very > welcome!
It has improved but still struggles to get the job done. It currently
fails in signature verification. And has no option to disable this
functionality. This very step is avoided if you unpack the source
package externally and just build the package in the source package dir
with: `debcraft build`
So not all users may be facing this source package signature validation
issue. In my opinion, for any feature a program should have an option
to have it disabled if need be.
Building container 'debcraft-debian-sid' in
'/tmp/tmp.O638ZVKW1X/debcraft-container' for downloader use
mkdir: created directory '/tmp/tmp.O638ZVKW1X/debcraft-container'
[+] Building 244.6s (23/23) FINISHED
docker:default
=> [internal] load build definition from Containerfile
0.0s
=> => transferring dockerfile: 5.14kB
0.0s
=> [internal] load metadata for docker.io/library/debian:sid
3.3s
=> [auth] library/debian:pull token for registry-1.docker.io
0.0s
=> [internal] load .dockerignore
0.0s
=> => transferring context: 2B
0.0s
=> [ 1/17] FROM
docker.io/library/debian:sid@sha256:99bd4e556cae50a1ffefd290c42f4 10.8s
=> => resolve
docker.io/library/debian:sid@sha256:99bd4e556cae50a1ffefd290c42f447c 0.0s
=> => sha256:030c35242dddf38c30a21ba5007e5fe13d100b6a5ecc2421b9efe39ad 448B /
448B 0.0s
=> => sha256:edd38bdf09a62ab44ffab2a10058156dc336ea087cf3a732587 48.38MB /
48.38MB 7.6s
=> => sha256:99bd4e556cae50a1ffefd290c42f447cfbaa0cb6f17bbafb8014a 9.58kB /
9.58kB 0.0s
=> => sha256:390081d3fc36848ba80d713d39780ff3f095f2332ec07cb255aa6 1.02kB /
1.02kB 0.0s
=> => extracting
sha256:edd38bdf09a62ab44ffab2a10058156dc336ea087cf3a73258758d9bc5 3.0s
=> [internal] load build context
0.0s
=> => transferring context: 35.46kB
0.0s
=> [ 2/17] COPY 80-strip-gcc-debug-symbols /etc/apt/apt.conf.d/
0.4s
=> [ 3/17] RUN if grep -q 'PRETTY_NAME="Debian GNU/Linux 9 (stretch)"'
/etc/os-rel 0.2s
=> [ 4/17] RUN apt-get update -q && apt-get install -q --yes
--no-install-rec 98.2s
=> [ 5/17] RUN apt-get update -q && apt-get install -q --yes
--no-install-rec 31.4s
=> [ 6/17] RUN apt-get update -q && apt-get install -q --yes
--no-install-rec 36.4s
=> [ 7/17] RUN apt-get update -q && apt-get install -q --yes
--no-install-rec 26.3s
=> [ 8/17] RUN apt-get update -q && apt-get install -q --yes
--no-install-reco 9.6s
=> [ 9/17] RUN apt-get update -q && apt-get install -q --yes
--no-install-reco 8.9s
=> [10/17] RUN apt-get update -q && apt-get install -q --yes
--no-install-reco 8.7s
=> [11/17] COPY enable-source-repositories.sh enable-extra-repositories.sh
output. 0.0s
=> [12/17] RUN /enable-source-repositories.sh
0.2s
=> [13/17] RUN echo "Package: *" >>
/etc/apt/preferences.d/99experimental-force && 0.2s
=> [14/17] RUN update-ccache-symlinks
0.2s
=> [15/17] RUN ccache --show-stats --verbose || true; sccache --show-stats ||
true 0.2s
=> [16/17] COPY *.sh /
0.0s
=> [17/17] RUN apt-get update -q
6.3s
=> exporting to image
3.0s
=> => exporting layers
3.0s
=> => writing image
sha256:f12f616d87d64086a0b394e56b7fb4279409d032e4cee130b315f95 0.0s
=> => naming to docker.io/library/debcraft-debian-sid
0.0s
Unpack bpfcc_0.31.0+ds-7.dsc and associated Debian and source tar packages with
'dpkg-source'
usage: sopv-gpgv inline-verify [-h] [--debug] [--not-before TIMESTAMP]
[--not-after TIMESTAMP]
[--verifications-out VERIFICATIONS]
CERTS [CERTS ...]
sopv-gpgv inline-verify: error: the following arguments are required: CERTS
dpkg-source: warning: cannot verify inline signature for
./bpfcc_0.31.0+ds-7.dsc: error code 2
dpkg-source: info: extracting bpfcc in bpfcc-0.31.0+ds
dpkg-source: error: unpack target exists: bpfcc-0.31.0+ds
DEBCRAFT ERROR: Downloading package 'bpfcc_0.31.0+ds-7.dsc' failed
--
Ritesh Raj Sarraf | http://people.debian.org/~rrs
Debian - The Universal Operating System
signature.asc
Description: This is a digitally signed message part
