On Tue, 2024-09-10 at 00:25 -0700, Xiyue Deng wrote: > Xiyue Deng <manp...@gmail.com> writes: > > > Phil Wyett <philip.wy...@kathenas.org> writes: > > > > > On Sun, 2024-09-08 at 14:21 -0700, Xiyue Deng wrote: > > > > Phil Wyett <philip.wy...@kathenas.org> writes: > > > > > > > > > Control: tags -1 +moreinfo > > > > > > > > > > Xiyue, > > > > > > > > > > Preamble... > > > > > > > > > > Thank you for taking the time to prepare this package and your > > > > > contribution > > > > > to the Debian project. > > > > > > > > > > The review below is for assistance. This review is offered to help > > > > > package > > > > > submitters to Debian mentors inorder to improve their packages prior > > > > > to > > > > > possible sponsorship into Debian. There is no obligation on behalf of > > > > > the > > > > > submitter to make any alterations based upon information provided in > > > > > the > > > > > review. > > > > > > > > > > Review... > > > > > > > > > > 1. Build: > > > > > > > > > > * pbuilder [1]: Good > > > > > * sbuild [2]: Good > > > > > > > > > > 2. Lintian [3]: Good > > > > > > > > > > 3. Licenses [4]: Good > > > > > > > > > > 4. Watch file [uscan --force-download]: Issue > > > > > > > > > > philwyett@ks-tarkin:~/Development/builder/debian/mentoring/emacs-oauth2-0.17$ > > > > > uscan --force-download > > > > > uscan warn: Possible OpenPGP signature found at: > > > > > https://elpa.gnu.org/packages/oauth2-0.17.tar.sig > > > > > * Add opts=pgpsigurlmangle=s/$/.sig/ or opts=pgpmode=auto to > > > > > debian/watch > > > > > * Add debian/upstream/signing-key.asc. > > > > > See uscan(1) for more details > > > > > uscan: error: tar is not a supported compression > > > > > > > > Note that on GNU ELPA (GNU Emacs Lisp Package Archive) tar is the > > > > default option used by all packages. I think this can be considered as > > > > a restriction on uscan which should support tar. > > > > > > > > On the other hand, I'm mainly using uscan to check for new upstream > > > > version. The Salsa repository uses DEP14 recommended layout and doesn't > > > > use pristine-tar but tags and "git deborig" for generating the tarball > > > > for Debian archive (which will be in .tar.xz), so this is not an actual > > > > issue. > > > > > > > > Hope this helps clarify the situation :) > > > > > > > > > > > > > > Hi, > > > > > > I feel tar support in uscan is not a discussion for Debian Mentors. An > > > appropriate bug filed elsewhere to start a discussion is a better course. > > > > > > > A bit of a backtrack: I was puzzled when you mentioned that uscan had an > > error when running with "--force-download" because it worked for me. > > Then I realized that I was running Bookworm which has an older version > > of devscripts and uscan somehow still created the archive after it > > didn't detect any compression suffix so it kind of worked by > > unexpectedly. I manually backported devscripts 2.23.7 and can reproduce > > the issue. I have filed Bug#1081182 for tracking this. > > > > > We work with what we have. If a working 'debian/watch' file is not > > > possible > > > in the package, it would in my opinion be best to remove it. > > > > > > > In fact, "uscan --report-status" still works and can be used for > > detecting new versions. I wonder whether UDD or qa.debian.org requires > > actually downloading the newer archive for detecting newer versions, and > > if "--report-status" is sufficient, maybe we can keep it as-is as I'm > > not using pristine-tar anyway. Alternatively, I can change it to track > > the git head instead if desired. > > > > When debugging another issue with watch file result (Bug#1081249) I > found that DDPO may be using "uscan --dehs" for detecting newer > versions. The command succeeded and output the following for > emacs-oauth2: > > ,---- > > $ uscan --dehs > > <dehs> > > <package>emacs-oauth2</package> > > <debian-uversion>0.17</debian-uversion> > > <debian-mangled-uversion>0.17</debian-mangled-uversion> > > <upstream-version>0.17</upstream-version> > > <upstream-url>https://elpa.gnu.org/packages/oauth2-0.17.tar</upstream-url> > > <status>up to date</status> > > </dehs> > `---- > > So hopefully this is good enough for new-version-detection purpose. > > > >
Hi, The test as is "uscan --force-download" caters primarily for submissions to Mentors, so packaged and with a ".dsc" file. A test that could be used is "uscan --download-current-version". Both will error as ".tar" is not supported. You could do an RFS with link to a packages git only. This would indicate to me we are using original generation from the git repository and not download from watch, so I can generally ignore the watch file for fetching the original archive. In the case of the above paragraph, if a developer could add the below comment or similar to the Debian watch file. # Used to watch for upstream releases only. To test use "uscan --dehs". Seem sensible? Regards Phil -- "I play the game for the game’s own sake" Arthur Conan Doyle - The Adventure of the Bruce-Partington Plans -- Buy Me A Coffee: https://buymeacoffee.com/kathenasorg Internet Relay Chat (IRC): kathenas Matrix: #kathenas:matrix.org Website: https://kathenas.org Instagram: https://instagram.com/kathenasorg/ Threads: https://www.threads.net/@kathenasorg --
signature.asc
Description: This is a digitally signed message part