Hi,
On Mon, Aug 07, 2017 at 08:26:41PM -0700, Paul Hardy wrote:
...
> Making changes to debian-policy (if deemed appropriate) to allow upstream
> binary signature files would affect at least lintian, dpkg-dev, uscan, and
> Debian maintainer guides.
You should mean one of:
Debian Developer's Refe
Hello,
On Mon, Aug 07 2017, Paul Hardy wrote:
> The version of lintian now in testing, 2.5.52, introduces a new error
> (not just a warning) for missing ".asc" signature files. The relevant
> changelog entry is
>
> + Added:
>... - orig-tarball-missing-upstream-signature
>
> A m
Processing commands for cont...@bugs.debian.org:
> user debian-pol...@packages.debian.org
Setting user to debian-pol...@packages.debian.org (was
spwhit...@spwhitton.name).
> limit package debian-policy
Limiting to bugs with field 'package' containing at least one of 'debian-policy'
Limit currentl
The version of lintian now in testing, 2.5.52, introduces a new error (not
just a warning) for missing ".asc" signature files. The relevant changelog
entry is
+ Added:
...
- orig-tarball-missing-upstream-signature
A missing ".orig.tar.*.asc" file now produces a lintian
Le lundi, 7 août 2017, 09.40:22 h EDT Russ Allbery a écrit :
> Daniel Kahn Gillmor writes:
> > debian-policy should encourage verification of upstream cryptographic
> > signatures.
Yes.
> diff --git a/policy.xml b/policy.xml
> index 6086901..c14d9b4 100644
> --- a/policy.xml
> +++ b/policy.xml
>
Hi,
Russ Allbery wrote:
> How does this look to everyone?
Seconded, with or without the tweaks dkg suggested in
https://bugs.debian.org/732445#68
Thanks,
Jonathan
> --- a/policy.xml
> +++ b/policy.xml
> @@ -2556,11 +2556,28 @@ endif
>
>
> This is an optional, recommended con
On Mon 2017-08-07 09:40:22 -0700, Russ Allbery wrote:
> In an ideal world, we would have a documented set of metadata for finding
> upstream releases, of which uscan is just one implementation, and document
> that in Policy.
In an ideal world, uscan would be able to verify signed git tags and
incl
Processing commands for cont...@bugs.debian.org:
> user debian-pol...@packages.debian.org
Setting user to debian-pol...@packages.debian.org (was
spwhit...@spwhitton.name).
> limit package debian-policy
Limiting to bugs with field 'package' containing at least one of 'debian-policy'
Limit currentl
Holger Levsen writes:
> On Mon, Aug 07, 2017 at 09:40:22AM -0700, Russ Allbery wrote:
>> In an ideal world, we would have a documented set of metadata for
>> finding upstream releases, of which uscan is just one implementation,
>> and document that in Policy. This patch doesn't attempt to do tha
Hi,
As promised, I send the converted dbapp-policy documentation to this
bug. Credits go to Osamu, any bug is mine.
Paul
http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"; [
]>
Best practices for packaging database applications
Sean Finney
This draft describes a set of g
On Mon, Aug 07, 2017 at 09:40:22AM -0700, Russ Allbery wrote:
> In an ideal world, we would have a documented set of metadata for finding
> upstream releases, of which uscan is just one implementation, and document
> that in Policy. This patch doesn't attempt to do that; it tries to find a
> compr
Processing commands for cont...@bugs.debian.org:
> reassign 871380 src:qtwebengine-opensource-src
Bug #871380 [src:algobox] algobox: FTBFS: build-dependency not installable:
qtwebengine5-dev
Bug reassigned from package 'src:algobox' to 'src:qtwebengine-opensource-src'.
No longer marked as found i
Processing control commands:
> tag -1 patch
Bug #732445 [debian-policy] debian-policy should encourage verification of
upstream cryptographic signatures
Added tag(s) patch.
--
732445: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732445
Debian Bug Tracking System
Contact ow...@bugs.debian.o
Control: tag -1 patch
Daniel Kahn Gillmor writes:
> debian-policy should encourage verification of upstream cryptographic
> signatures.
> Since devscripts 2.13.3 (see #610712), uscan has supported the ability
> to automatically verify upstream's cryptographic signatures if the
> signing key and
On Sat, Aug 05, 2017 at 04:29:34PM -0700, Russ Allbery wrote:
>...
> since teams are less likely to only have a single leaf package.
Approximate data based on grep'ing Packages[1]:
- 466 teams maintaining packages in unstable
- 8 is the median number of packages maintained by a team
- 73 teams mai
Hey,
I've found that nice stuff recently and just wanted to ask what do you
think about it? Check it out here https://is.gd/MypJ0j
My Best, Goswin von Brederlow
From: developers-reference [mailto:developers-refere...@packages.debian.org]
Sent: Monday, August 07, 2017 8:05 AM
To: wer...
16 matches
Mail list logo
