Paul Wise <[email protected]> writes: > On Tue, 22 Oct 2013 10:42:51 +0200 Ansgar Burchardt wrote: >> uscan would store the signature for the upstream tarball as >> obtained via pgpsigurlmangle=... in the debian/ directory > > ISTR another idea was to place the upstream signature alongside the > upstream tarball instead of inside the debian/ directory. > > foo_0.1.2.orig.tar.gz > foo_0.1.2.orig.tar.gz.<fingerprint>.asc > > AFAIR, there was some work in dak done already to allow this?
Yes, but there was a bug and I somehow forgot about the patches in #759401 that Guillem Jover provided. So dak should now accept upstream signatures, dpkg in stable should ignore them (but not throw an error) and dpkg in unstable/testing will hopefully start to include them in the source package (.dsc) soon. For a given upstream tarball the upstream signature should go in a file with the extension `.asc`. For example, for dune-common_2.4.1.orig.tar.xz the signature should be in dune-common_2.4.1.orig.tar.xz.asc It should be safe for uscan to already create this file: older versions of dpkg should just ignore it. Ansgar _______________________________________________ devscripts-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/devscripts-devel
