[Secure-testing-team] Making testing-security uploads easier

[Stefan Fritsch]

Hi,

I briefly talked to aj on Thursday about changes to the testing-security 
upload procedure:


Creating some script that copies (or allows sec_public to copy) 
stable-security releases to testing-security should not be a problem. aj 
agreed to look into that.

Doing automated recompiles of unstable packages to testing is not possible 
(or would be very difficult to implement) because the source would need a 
new version number (with ~lenny), and the arch all packages would need to 
be built, i.e. the procedure would be quite different from binNMUs.

aj was of the opinion that the signing of the buildlogs should be done by 
us and not the buildd admins. He thought the signing wasn't much work with 
the mutt scripts.


Being able to copy stable-security releases would certainly help in the 
time after a stable release, but it won't help much shortly before a 
release.

Writing a script that downloads source from unstable, mangles the 
changelog, and then puts it into pbuilder wouldn't be difficult. I guess 
that would already help a bit.

About the buildlog signing I am not sure. Would it be possible to upload 
to t-p-u instead? But this would put strain on the release team because 
they have to approve the packages. OTOH, I have not tried the mutt scripts 
yet (haven't used mutt so far).

Cheers,
Stefan