Hi,
On 07/31/2017 10:54 AM, Paul Wise wrote:
> On Mon, Jul 31, 2017 at 4:24 AM, Ole Streicher wrote:
>
>> is not really helpful to me; at least I did not find a mention in the
>> Debian policy that the signature should be included in the .changes
>> file. Also, it seems that the standard (pdebuild) toolchain does not
>> include it by default.
>
> Policy documents current practice rather than describing what
> practices should be taken, so I think that we will only get this in
> policy once it is more common.
>
> The standard toolchain here is uscan, not pdebuild, and there is a bug
> asking placing the signatures in the correct place open already, it
> just needs someone to do the work:
How does this interact with git-based workflows? Currently I use
pristine-tar (in combination with gbp) for all of the packages I
maintain. [1]
I haven't tried any recent versions, but as far as I remember
gbp doesn't store / restore .asc files the same way it does with
orig tarballs via pristine-tar. So doing something like
gbp buildpackage --git-export-dir=../some-other-dir ...
will not result in the .asc being included, even if it's present
in the parent directory of the git checkout I'm working on.
Regards,
Christian
[1] Granted, I don't really have packages that are upstream
signed, except for one where I'm also upstream myself, so I'm
asking more out of principle than practical relevance for me.
