* Kilian Krause <kil...@debian.org>, 2011-07-26, 22:25:
- detect whether debian/watch is there and useful
- if so and if the version is not mangled (like ~dfsg etc.), run uscan
--force-download in a patched version that does not involve uupdate or
svn-update (i.e. does call any programs that an "attacker" might want
to turn against us)
It's a shame that uscan is insecure-by-design. I use my wrapper script
to add a bit sanity to it:
https://bitbucket.org/jwilk/debian-misc/src/tip/upscan
--
Jakub Wilk
--
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110726204044.ga9...@jwilk.net
