On Fri, Sep 25, 2015 at 05:38:25PM +0000, Osamu Aoki wrote: > diff --git a/scripts/uscan.pl b/scripts/uscan.pl > index 978e3d6..56f5512 100755 > --- a/scripts/uscan.pl > +++ b/scripts/uscan.pl > @@ -559,9 +559,9 @@ B<pgp>, and B<sig>. > > If the signature file is downloaded, the downloaded upstream tarball is > checked > for its authenticity against the downloaded signature file using the keyring > -F<debian/upstream/signing-key.pgp> or the armored keyring > -F<debian/upstream/signing-key.asc>. If its signature is not valid, or not > made > -by one of the listed keys, B<uscan> will report an error. > +F<debian/upstream-signing-key.pgp>, or F<debian/upstream/signing-key.pgp>; or > +the armored keyring F<debian/upstream/signing-key.asc>. If its signature is > not > +valid, or not made by one of the listed keys, B<uscan> will report an error.
debian/upstream-signing-key.pgp is intentionally undocumented. It is only check for backwards-compatibility, but new code should use debian/upstream/. Cheers, -- James GPG Key: 4096R/331BA3DB 2011-12-05 James McCoy <[email protected]> _______________________________________________ devscripts-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/devscripts-devel
