On 2018-09-08 01:00, Nicolas Braud-Santoni wrote:
Control: tag -1 - moreinfo
Hi Adam,
Sorry for getting back to you this late.
Likewise apologies for overlooking the response for so long.
On Wed, Aug 29, 2018 at 08:21:18AM +0100, Adam D. Barratt wrote:
Control: tags -1 + moreinfo
Why does the diff contain (and not mention):
upstream-signing-key.pgp
1451 -------
upstream-signing-key.pgp.backup
1451 +++++++
upstream/signing-key.asc
1966 ++++++++++
?
It seems the tags in the packaging repo do not actually match the
uploads
to the archive, and I do not know why: this is a team-maintained
package,
and the Yubico folks who did the original packaging (and are part of
the
team) seem to have lost interest in maintaining their packages, so I
have
no idea which process they were using.
Sure, but when you upload the package it needs to contain the changes
you expect. So either the change should be reverted, or it should be
documented in the changelog (ideally with rationale).
It looks like something was uploaded, though:
Didn't you do that? (Or your sponsor, I guess, but I still assumed you'd
be aware.)
$ rmadison -s stable,stable-new yubico-piv-tool
yubico-piv-tool | 1.4.2-2 | stable | source, amd64, arm64,
armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x
yubico-piv-tool | 1.4.2-2+deb9u1 | stable-new | source, amd64
I assume you removed the bogus upstream-signing-key.pgp change?
I didn't remove anything, no. I have nothing to do with the package,
just looking at what's been proposed / uploaded in order to decide
whether to accept it.
Regards,
Adam
