Hi Andreas, On 22.12.2015 15:59, Andreas Tille wrote: > On Tue, Dec 22, 2015 at 03:15:21PM +0100, Fabian Klötzl wrote: >> 1) There is not proper upstream URL for watching. The actual download >> URL contains a string looking like a hash to me and thus may be >> subject to change. Thus I only provide a get-orig-source script. Is >> the the right way to go? > > Hmmm, in this case this is a tricky question. I think in any case you > should contact upstream. They did some means to know who is downloading > their source code. I think we should be fair to them and tell them that > distributing it via Debian will spoil their means since people can > download the source from the Debian mirrors. They have choosen GPL so > this should be no issue - but we should be so fair to upstream to tell > them. As a reward they would get real usage numbers of Debian users > via popcon. > > Once you tell them you could ask them to go a step further and offer > something we could download via uscan which has the advantage that we > learn soon about updates and always provide the latest version.
I tried to contact the upstream authors two weeks ago via the provided form as no e-mail address is available. But so far there is no response, and I doubt there ever will be as the author left the institution in 2011. Furthermore, I was unable to track their current whereabouts due to their common name. Also, as the package has seen no update since 2011, I don't think there will be an update in the near future. >> 2) The original download tar-ball contains binaries for Mac and >> Windows. Should I get rid off them, and if so, how? > > Once you are using a get-orig-source script you can decide to strip the > files there. Or you can use Files-Excluded in debian/copyright to let > uscan do its work. Thanks for the pointers. I'll try my best. Fabian
