2011/7/22 Benoît Knecht <benoit.kne...@fsfe.org>: > Hi Fernando, > > Fernando Lemos wrote: >> 2011/7/22 Kilian Krause <kil...@debian.org>: >> > On Fri, Jul 22, 2011 at 12:36:51PM +0200, Benoît Knecht wrote: >> >> I am looking for a sponsor for the new version 1.0.21+dfsg-1 of my >> >> package "minidlna". >> >> - dget >> >> http://mentors.debian.net/debian/pool/main/m/minidlna/minidlna_1.0.21+dfsg-1.dsc >> > >> > 1. Your upoad uses a tarball that's not identical to upstream's one. Please >> > consider adding a get-orig-tarball target to debian/rules to verify what >> > steps are required to generate it. >> >> Please take no offense, Benoît. But in such a case, Kilian, can you be >> sure the source hasn't been tampered with? I'd feel rather >> unconfortable otherwise. > > I did "tamper" with the source, in the sense that I replaced the > non-free icons.c file. This is documented in debian/copyright. I'm not > sure what kind of tampering you're worried about, but you can easily > check that no other file from upstream was modified.
Again, no offense meant. I have no reason to believe anyone is acting in bad faith. Just to clarify, I find it concerning that we might be accepting source uploads that don't come straight from upstream and don't match what was released upstream. I'm relieved to hear that there is a way to ensure in your specific case that the source is the same as shipped upstream. I wish this was a requirement for new packages entering Debian. -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CANVYNa_yUwOg58O5JjdF3Su75o3YNA4co48TkFK-=-h63+s...@mail.gmail.com
