Re: request for Technical Committee ruling on Bug #109436

To: debian-ctte@lists.debian.org
Subject: Re: request for Technical Committee ruling on Bug #109436
From: Anthony Towns <aj@azure.humbug.org.au>
Date: Sat, 25 Aug 2001 12:05:10 +1000
Message-id: <[🔎] 20010825022038.28810.qmail@mail9.usatoday.com>
Mail-followup-to: debian-ctte@lists.debian.org
In-reply-to: <[🔎] 20010824225505.25386.qmail@mail9.usatoday.com>; from bdale@gag.com on Fri, Aug 24, 2001 at 04:43:40PM -0600

On Fri, Aug 24, 2001 at 04:43:40PM -0600, Bdale Garbee wrote:
> branden@debian.org (Branden Robinson) writes:
> > Sounds like that makes it unanimous against me.
> I believe that we must have the ability to remove an orig.tar.gz and all
> derived objects from the archive under certain circumstances which have 
> already been articulated by others.  If the current toolset doesn't support
> that, it should be fixed.
> Once an existing orig.tar.gz and all derived objects have been purged, I can
> see no technical reason to require that a new upload use different filenames.

It means you can find yourself downloading an .orig.tar.gz from the right
place with the right name from one non-corrupt Debian mirror, and a .dsc
from another and ending up with the md5sum of the tarball not matching
the md5sum listed in the .dsc. Now, if we go through all the hassle
Branden's proposing: ie, replacing the old .dsc's as well as the old
orig.tar.gz and convincing ourselves with some hand-waving that that'll
let us leave the old .debs around because the source is "effectively" the
same, that may not actually *hurt* anything -- it doesn't seem possible
to get apt to get sources from mixed mirrors, even when the md5sums match,
and there probably aren't many other tools that do anything similar. It'd
break a hypothetical mirror that tried to keep the last X days of Debian,
which at the moment would be reasonably easy to maintain, although not
entirely trivial, but I'm not aware of any such mirror actually existing.

Personally, I think the burden of proof here needs to be on the maintainer
to give some technical reason why the filename needs to stay exactly
the same. As I've said to Branden on IRC, I can't imagine how there
could be a technical reason for this (since .orig.tar.gz's change all
the time when new upstream versions are released, in this case), but I'm
not an omniscient being, and I don't even play one on rec.humor.oracle,
so who knows?

Cheers,
aj

-- 
Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
I don't speak for anyone save myself. GPG signed mail preferred.

``_Any_ increase in interface difficulty, in exchange for a benefit you
  do not understand, cannot perceive, or don't care about, is too much.''
                      -- John S. Novak, III (The Humblest Man on the Net)

Reply to:

References:
- Re: request for Technical Committee ruling on Bug #109436
  - From: Bdale Garbee <bdale@gag.com>

Prev by Date: Re: request for Technical Committee ruling on Bug #109436
Next by Date: patch license
Previous by thread: Re: request for Technical Committee ruling on Bug #109436
Next by thread: Re: request for Technical Committee ruling on Bug #109436
Index(es):
- Date
- Thread