Bug#874667: uscan: please remove upstream signature when repacking tarballs
Osamu Aoki
osamu at debian.org
Fri Sep 8 15:26:06 UTC 2017
Hi,
On Fri, Sep 08, 2017 at 04:38:55PM +0200, Guido Günther wrote:
> Package: devscripts
> Version: 2.17.9
> Severity: wishlist
> File: /usr/bin/uscan
>
> Hi,
> the upstream signture will no longer verify successfully if uscan
> repacks the tarball using the information from debian/copyright. In this
> case uscan should remove the signature to make sure no other tools pick
> it up by accident and fail signature verification later on.
Yah, this is something I was wondering what to do.
How can we record successful upstream sign verification done by
uscan on the tarball prior to the repacking.
Idea?
Osamu
More information about the devscripts-devel
mailing list