Re: Upstream Tarball Signature Files

Hi, On Fri, Aug 18, 2017 at 12:08:02PM +0200, Guillem Jover wrote: > Hi! > > On Wed, 2017-08-16 at 00:22:43 -0700, Paul Hardy wrote: > > On Tue, Aug 8, 2017 at 1:48 AM, Guillem Jover wrote: > > > On Mon, 2017-08-07 at 20:26:41 -0700, Paul Hardy wrote: > > > > Also, where signature files are desi

Processed: Re: Bug#872587: debian-policy: please document "Important: yes"

Processing control commands: > block 872587 by 872589 Bug #872587 [debian-policy] debian-policy: please document "Important: yes" 872587 was blocked by: 872589 872587 was not blocking any bugs. Ignoring request to alter blocking bugs of bug #872587 to the same blocks previously set -- 872587: h

Processed: Re: Bug#872587: debian-policy: please document "Important: yes"

Processing control commands: > block 872587 by 872589 Bug #872587 [debian-policy] debian-policy: please document "Important: yes" 872587 was not blocked by any bugs. 872587 was not blocking any bugs. Added blocking bug(s) of 872587: 872589 -- 872587: https://bugs.debian.org/cgi-bin/bugreport.cgi

Bug#872587: debian-policy: please document "Important: yes"

Control: block 872587 by 872589 On Fri, Aug 18, 2017 at 02:28:22PM -0700, Sean Whitton wrote: > On Fri, Aug 18 2017, Adam Borowski wrote: > > Thus, some Policy guidance would be nice. Is it legal to use "Important: > > yes" at this moment? > > It wouldn't be up to policy whether it's legal. We

Bug#872587: debian-policy: please document "Important: yes"

Hello Adam, Thank you for filing this bug. On Fri, Aug 18 2017, Adam Borowski wrote: > On the other hand, dpkg does not know the field. It won't say a word upon > removal, and dpkg-gencontrol silently removes it. > [...] > Thus, some Policy guidance would be nice. Is it legal to use "Important

Bug#872587: debian-policy: please document "Important: yes"

Package: debian-policy Version: 4.0.1.0 Severity: wishlist Hi! A couple of packages with "Important: yes" has just hit unstable (mount, fdisk) -- or rather, _would_ hit unstable had dpkg-gencontrol not silently ignored this field. The problem is, this field is currently undocumented and unofficia

Re: Upstream Tarball Signature Files

On Fri 2017-08-18 14:43:58 +0200, Mattia Rizzolo wrote: > I'd love if something did this for me, pretty much like I'd love > something like that does a pretty output to debian/upstream/signing-key > like > https://sources.debian.net/src/inkscape/0.92.2-1/debian/upstream/signing-key.asc/ Interestin

Re: Upstream Tarball Signature Files

On Fri, Aug 18, 2017 at 07:48:24AM -0400, Daniel Kahn Gillmor wrote: > I confess that i've been taking the boring/silly/cheating way out and if > upstream ships a detached binary signature as foo-1.2.3.tar.gz.sig, i've > just been manually renaming it to foo_1.2.3.orig.tar.gz.asc (without > even co

Re: Upstream Tarball Signature Files

On Fri 2017-08-18 12:08:02 +0200, Guillem Jover wrote: > Hmmm, I've been thinking about this a bit, and perhaps it would be > better if dpkg-source auto-converted any .sig binary signature into > an .asc ASCII armored one when generating the source package (as long > as there is no pre-existing .as

Bug#844431: debian-policy: Packages should be reproducible

On Thu, Aug 17, 2017 at 09:12:12PM -0700, Chris Lamb wrote: > > Nix builds packages in isolation from each other. This ensures that > > they are reproducible > (As Georg writes, we are using different usages of reproducible.) …though NixOS is also working on creating bit by bit reproducibly packag

Re: Upstream Tarball Signature Files

Hi! On Wed, 2017-08-16 at 00:22:43 -0700, Paul Hardy wrote: > On Tue, Aug 8, 2017 at 1:48 AM, Guillem Jover wrote: > > On Mon, 2017-08-07 at 20:26:41 -0700, Paul Hardy wrote: > > > Also, where signature files are desired, I think it would be beneficial > > > to also accept binary ".sig" files...

Re: Upstream Tarball Signature Files

Hi! [ Daniel CCed, please see the thread starting at . ] On Sat, 2017-08-12 at 15:32:22 -0700, Paul Hardy wrote: > On Tue, Aug 8, 2017 at 5:13 AM, Osamu Aoki wrote: > > On Tue, Aug 08, 2017 at 10:48:08AM +0200, Guillem Jover wrote: