Hi! On Mon, 2026-03-16 at 14:04:14 +0000, Jonathan Dowland wrote: > On Mon Mar 16, 2026 at 12:03 PM GMT, Guillem Jover wrote: > > dpkg-source (via > > GNU patch) is capable of applying such changes, as long as they are > > in git patch format. Although it cannot produce them (currently) > > because GNU diff does not support generating git formatted patches. > > Thanks for the hint. I'm getting the following error from > dpkg-source (1.22.22) trying the attached patch, which looks pretty > similar to your example patch: > > > dpkg-source: error: diff > > ikiwiki.orig.LgnKwD/debian/patches/0001-part-1-remove-symlink.patch > > modifies file ikiwiki.orig.LgnKwD/underlays/basewiki/style.css > > through a symlink: > > ikiwiki.orig.LgnKwD/underlays/basewiki/style.css > > GNU patch is indeed happy: > > > $ patch -p1 < debian/patches/0001-part-1-remove-symlink.patch > > patching symbolic link underlays/basewiki/style.css > > I'll try a newer dpkg-dev.
Ah, pfff, sorry, you are absolutely right, and while dpkg-source is technically capable of applying such changes, that is currently prevented due to some old directory traversal mitigations when it finds a patch that tries to patch (what the code thinks) through a symlink. Just removing the check makes this go through, but I'd need to make sure that does not regress on the directory traversal front (for which I think we added other checks elsewhere). Otherwise the check would need to be kept, but adapted to take into account git formatted patches. So, I'm afraid at least (for now), a patch that changes a symlink to something else is not allowed. But anything else representable via git formatted patches should be fine (well except binary patches which are not supported by GNU patch). I'll also look at trying to improve this for sid, but then older dpkg-source will still refuse these sources. Thanks, Guillem
