[dpkg] 148/200: dpkg-buildpackage: Add new --no-sign option

Wed Apr 5 15:17:31 UTC 2017

This is an automated email from the git hooks/post-receive script.

infinity0 pushed a commit to branch master
in repository dpkg.

commit b29f31f1a0474bb66bf9b04b1e6627bfc5596b56
Author: Guillem Jover <guillem at debian.org>
Date:   Fri Jan 27 23:12:05 2017 +0100

    dpkg-buildpackage: Add new --no-sign option
    
    This option disables signing any file. This makes this option
    a future-proof way to disable all signing, in case we add yet more
    files to sign, so that programs do not have to keep learning what
    options to pass.
---
 debian/changelog             | 2 ++
 man/dpkg-buildpackage.man    | 7 ++++++-
 scripts/dpkg-buildpackage.pl | 6 ++++++
 3 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/debian/changelog b/debian/changelog
index dc16aa6..9363b7e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,8 @@
 dpkg (1.18.20) UNRELEASED; urgency=medium
 
   [ Guillem Jover ]
+  * Add a new --no-sign option to dpkg-buildpackage, to make it possible to
+    disable all signing in a future-proof way.
   * Perl modules:
     - Mask the machine bits for SH and MIPS in the ELF processor flags in
       Dpkg::Shlibs::Objdump. These do not define the ABI, and make the
diff --git a/man/dpkg-buildpackage.man b/man/dpkg-buildpackage.man
index 45355bb..98f2ab1 100644
--- a/man/dpkg-buildpackage.man
+++ b/man/dpkg-buildpackage.man
@@ -91,7 +91,8 @@ It runs the \fBcheck\fP hook and calls a package checker for the
 with \fB\-\-check\-command\fP).
 .IP \fB11.\fP 3
 It runs the \fBsign\fP hook and calls \fBgpg2\fP or \fBgpg\fP (as long as it
-is not an UNRELEASED build) to sign the \fB.dsc\fP file (if any, unless
+is not an UNRELEASED build, or \-\-no\-sign is specified) to sign the
+\fB.dsc\fP file (if any, unless
 \fB\-us\fP or \fB\-\-unsigned\-source\fP is specified), the \fB.buildinfo\fP
 file (unless \fB\-ui\fP or \fB\-\-unsigned\-buildinfo\fP is specified) and
 the \fB.changes\fP file (unless \fB\-uc\fP or \fB\-\-unsigned\-changes\fP
@@ -403,6 +404,10 @@ Do not sign the \fB.buildinfo\fP file (since dpkg 1.18.19).
 .BR \-uc ", " \-\-unsigned\-changes
 Do not sign the \fB.changes\fP file (long option since dpkg 1.18.8).
 .TP
+.B \-\-no\-sign
+Do not sign any file, this includes the source package, the \fB.buildinfo\fP
+file and the \fB.changes\fP file (since dpkg 1.18.20).
+.TP
 .BR \-\-force\-sign
 Force the signing of the resulting files (since dpkg 1.17.0), regardless of
 \fB\-us\fP, \fB\-\-unsigned\-source\fP,
diff --git a/scripts/dpkg-buildpackage.pl b/scripts/dpkg-buildpackage.pl
index 86b00c5..0afb977 100755
--- a/scripts/dpkg-buildpackage.pl
+++ b/scripts/dpkg-buildpackage.pl
@@ -105,6 +105,7 @@ sub usage {
   -us, --unsigned-source      unsigned source package.
   -ui, --unsigned-buildinfo   unsigned .buildinfo file.
   -uc, --unsigned-changes     unsigned .changes file.
+      --no-sign               do not sign any file.
       --force-sign            force signing the resulting files.
       --admindir=<directory>  change the administrative directory.
   -?, --help                  show this help message.
@@ -253,6 +254,11 @@ while (@ARGV) {
 	warning(g_('-s%s is deprecated; always using gpg style interface'), $1);
     } elsif (/^--force-sign$/) {
 	$signforce = 1;
+    } elsif (/^--no-sign$/) {
+	$signforce = 0;
+	$signsource = 0;
+	$signbuildinfo = 0;
+	$signchanges = 0;
     } elsif (/^-us$/ or /^--unsigned-source$/) {
 	$signsource = 0;
     } elsif (/^-ui$/ or /^--unsigned-buildinfo$/) {

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/dpkg.git

