On Tue, Feb 10, 2026 at 12:44:44PM +0000, Simon McVittie wrote: > As I said, if you want to preserve tarball identity/signatures, you can't > use tag2upload for the first upload of a new upstream release [...]
Sean, this and the fact that sponsored uploads are not detected as such
by various services (there's a BTS bug about it but I'm too lazy to dig
it up), make me revert your latest commit to developers-reference main
branch.
Please lets discuss such fundamental workflows changes first in some MR
(or bugreport) before changing dev-ref's recommendations.
It's clear that you thing that tag2upload is the greatest since sliced
bread but just the above two bugs make me question that judgement.
Sorry. I'm not against the change in principle, I just feel its done too
quickly.
--
cheers,
Holger
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ holger@(debian|reproducible-builds|layer-acht).org
⢿⡄⠘⠷⠚⠋⠀ OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
⠈⠳⣄
Make lying wrong again.
signature.asc
Description: PGP signature
