Hi Raphael,

On  Fr 03 Jul 2015 08:31:34 CEST, Raphael Hertzog wrote:

On Fri, 03 Jul 2015, Kazuhiro Hayashi wrote:
According to the report message[0], they are shipped individually
for better review. However, they are actually unused at build-time.
Instead, .diff.gz provides the same modifications as the above patches.

The patch files might be a bit confusing in future, so I suggest
removing either one (.diff.gz or debian/patches/*). I attached two patches.
Could you consider to use one of them in the next update?

FWIW, your patch apply-debian-patches-at-build-time.patch does not work.
To ensure that patches files are applied at build time, you would need to
change the source format to "3.0 (quilt)" and this kind of change is
usually not done in security uploads.

So instead we stick the changes in the .diff.gz to stay within the limits
of format 1.0. But that makes the changes unreviewable, so we ship the
individual patches too.

It's the best compromise for us right now. I'm sorry if you find this
confusing, but there are reasons explaining this choice.

@Raphael: thanks for taking time to explain this!

With later LTS work (wheezy, jessie, ...) we should have more and more "quilt (3.0)" format packages around in Debian, so this confusion will gradually reduce. I stumbled over this, as well, while preparing the libxml2 package, so I can understand you well.

Do we have this procedure of shipping individual patch files in "1.0" formatted packages documented somewhere? Or is it documented in the Debian policy?

Greets,
Mike
--

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb

Attachment: pgpV8GthXYkvm.pgp
Description: Digitale PGP-Signatur

Reply via email to