On Sun, Mar 16, 2008 at 12:19:45PM +0100, Bernhard R. Link wrote: > * Steve Langasek <[EMAIL PROTECTED]> [080315 21:12]: > > $ cat /srv/ftp.debian.org/queue/reject/rhinote_0.7.0-2_i386.reason > > Rejected: md5sum and/or size mismatch on existing copy of > > rhinote_0.7.0.orig.tar.gz. > > Rejected: can not overwrite existing copy of 'rhinote_0.7.0.orig.tar.gz' > > already in the archive.
> Looking at the file currently in unstable: > |$ tar -tvvzf ../rhinote_0.7.0.orig.tar.gz | head -n1 > |drwxr-xr-x kiyuko/kiyuko 0 2006-03-24 02:15 rhinote-0.7.0.orig/ > So the original file looks repackaged without any reason (and not > comment about this in the the rhinote_0.7.0-1.diff.gz). > How could this happen? This is a classic error and three people seem > to not have noticed it. The maintainer is no DD, so I won't blame him. > But is there a way to know who the sponsor of rhinote_0.7.0-1 was? > And as rhinote_0.7.0-1 says original upload, I assume some ftp-master > or ftp-assistent looked at it and missed that, too. Is there a way to > find out who is letting this crap in our archive? There is no requirement that we ship pristine tarballs as downloaded from upstream. > (What if the .orig.tar.gz was not only repacked but actually modified, > would everyone have notices?) Why should that block it from inclusion in the archive? Do you suppose there's something magical about all upstream tarballs that makes them non-crap and instantly trustworthy by the ftp team? Using the pristine tarballs makes it easier to blame certain problems on upstream, but that's all. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ [EMAIL PROTECTED] [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
