David Kalnischkies dixit:
>Note that debian-policy says for the Checksums fields (§5.6.24.):
>| The list of files in these fields must match the list of files in the
>| Files field.
>
>This applies as the https://wiki.debian.org/DebianRepository/Format is
>referring to it in the relevant section. As such your repository is
>properly documented to be invalid.
The .dsc file was generated under a Debian release predating the
Policy in question. This situation can even happen in Debian itself.
Looking at the Sources file in the repository (generated by
dpkg-scanpackages on sid) it’s indeed puzzling that it does
not contain SHA-1 and SHA-256 for the .tar.gz file…
>As usual for these authentication lacking downloads:
>--allow-unauthenticated
It does not lack authentication: the MD5 is present, and I fully
expect it to be checked.
>It would also behoove to have a lot more people contribute to Debian
>native tools like apt. As long as that isn't happening you will have
I don’t speak C++ really. (Although I do plan to do something
with apt-archived-debian now that you mention it.)
>Note also that the first thing you complained about in referred to
>bugreport was that apt-secure(8) is too long (8 pages!). I am not sure
That was intended as a complaint about searchability, not pure length.
I had a hard time finding information about the release name change thing.
Listing all options, on the other hand, is extremely searchable and
discoverable. (Please do so ASCIIbetically, possibly grouped possibly not).
Thanks,
//mirabilos
--
Yes, I hate users and I want them to suffer.
-- Marco d'Itri on gmane.linux.debian.devel.general
