Hello, On Mon 02 Dec 2024 at 10:07pm -08, Otto Kekäläinen wrote:
> As you know I have been testing dgit and reviewing tag2upload, and to > my understanding tag2upload will generate the *.orig.tar.gz tarballs > using dgit (Using 'git deborig', not dgit.) > which does only uses the debian/latest branch (in DEP14 terminology) > and not at all the upstream/latest nor pristine-tar branches. As > pristine-tar is not used, none of the upstream tarball signatures will > be used either. tag2upload properly archives upstream signatures on upstream git release *tags*, which is an improvement on what we have now, for modern upstreams. You are correct that detached signatures on tarballs aren't uploadable. Packages with upstreams where this is more important shouldn't use tag2upload. > The phrasing you used in "using an .orig.tar that dak will be happy > with" conveniently hides the details about what the disagreement with > ftp-masters was. Also the GR at > https://www.debian.org/vote/2024/vote_002 was posted totally void of > any details of what the disagreement was. Would you mind sheding some > light into this? Well, I can say for certain that the disagreement with ftp-master had nothing to do with the .orig.tar stuff I am mentioning here. So, there is definitely no "convenient hiding" going on. I think your use of "convenient hiding" may involve assuming bad faith on my part. I would ask you not to do that. In general: I am not willing to spend time retreading the grounds of the disagreement now. I want to work on the programming work to enable this new feature, instead. Please see the debian-vote archives at the time, if you really want to know. -- Sean Whitton
signature.asc
Description: PGP signature
