The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: source packages and upstream source

> If we can establish a way to use unmodified upstream sources, I will write
> a standard for linux-wide source uploads and get it accepted. I've already
> discussed this with various Linux luminaries in connection with having
> PGP-signed upstream sources in a standard form. There is very little change
> necessary from today's procedures.

It seems that the problem with using unmodified upstream sources is that we don't know what subdirectory they will get unpacked into, and that we are currently assuming that it will be ../<name>-<version>.orig/

Would it be possible to instead unpack the original tar in a directory under the debian configuration directory, alongside rules, control, tmp etc.  i.e.:

  ../<name>-<version>/debian/original/

This way we just have to check if this directory contains a single directory (i.e. the upstream package unpacks into a subdirectory), or contains multiple files and directories (Doh! --- its a  ./ tar file).

Making the diffs shouldn't be a problem, with the --exclude option.

I don't know enough about how the patches get applied at the moment to comment on how easy that would be to change.

Cheers, Phil.

Attachment: pgpneY1E6_Czf.pgp
Description: PGP signature