Bug#866998: pgpmode=next/previous not working as expected?

Laurent Bigonville bigon at debian.org
Mon Jul 3 12:52:21 UTC 2017


retitle 866998 uscan: dpkg: error: version '1:-0' has bad syntax: 
version number is empty
thanks

On Mon, 03 Jul 2017 12:34:58 +0200 Laurent Bigonville <bigon at debian.org> 
wrote:

 > Hi,
 >
 > With the following debian/watch file, it cannot verify the signature of
 > the tarball:
 >
 > version=4
 > opts="pgpmode=next" \
 > https://red.libssh.org/projects/libssh/files \
 > /attachments/download/(?:\d+)/libssh- at ANY_VERSION@@ARCHIVE_EXT@ debian
 > opts="pgpmode=previous" \
 > https://red.libssh.org/projects/libssh/files \
 > /attachments/download/(?:\d+)/libssh- at ANY_VERSION@.tar.asc previous
 >
 > I get the following output:
 >
 > bigon at valinor:~/Development/Debian/libssh [git: debian]$ LC_ALL=C 
uscan --destdir ../tarballs
 > uscan: Newest version of libssh on remote site is 0.7.5, local 
version is 0.7.3
 > uscan: => Newer package available from
 > https://red.libssh.org/attachments/download/218/libssh-0.7.5.tar.xz
 > dpkg: error: version '1:-0' has bad syntax: version number is empty
 > dpkg: error: version '1:-0' has bad syntax: version number is empty
 > uscan: Newest version of libssh on remote site is 0.7.5, specified 
download version is 0.7.5
 > gpgv: Signature made Thu Apr 13 16:35:40 2017 CEST
 > gpgv: using RSA key 8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D
 > gpgv: BAD signature from "Andreas Schneider <asn at cryptomilk.org>"
 > uscan warn: OpenPGP signature did not verify.
 >
 >
 > Downloading and checking the signature manually is working OK
 >

OK there is a PEBKAC issue here, the signature was NOT valid, so it's 
expected that it's not matching.

But there is still an issue with the dpkg error from the output above I 
believe

dpkg: error: version '1:-0' has bad syntax: version number is empty



More information about the devscripts-devel mailing list