Hi, On 6/27/24 01:16, Ian Jackson wrote:
Secondsly, there is only currently one supported way to generate an orig: git-deborig aka git-archive. So the protocol in this area is fairly simple, and the possible extension to support other orig generation modes is not described in the document.
So if I use pristine-tar, it is very important that new upstream versions are not uploaded through tag2upload, or future uploads until the next upstream release also have to go through tag2upload, and the .orig archive will fail validation if we later on get a service to check the archive contents against git?
Would it make sense to lock this out for the time being so we don't accidentally upload a repacked .orig after taking a lot of care to store the upstream archive in pristine-tar?
That happens way too often already when I do this manually -- my git workflow includes building the source package and verifying that it is indeed reproduced correctly, and that is one of the reasons I find the git workflows tedious if I'm the sole maintainer of a package, and why I end up force-pushing quite a lot to salsa.
Simon
