Re: This topic died off; any resolution?
On Sat, Mar 28 2009, Reinhard Tartler wrote:
> Manoj Srivastava <srivasta@debian.org> writes:
>
>> A special rule in debian/rules to duplicate apt-get source for
>> people who are skeptical of thea rchive (and have an ill defined
>> attack vector thay are being paranoid about) -- or to provide
>> functionality that apt-get source is not a duplicate for?
>
> Well, for complicated cases (like ffmpeg, where we have to fight with
> svn:externals, external svn servers etc) it is very helpful to have such
> a rule. Espc. if some user objects with some of the modifications and
> needs to apply changes to it in order to get a slightly modified
> package.
If you are talking about cases where there is no upstream
tarball, and just SVN (or some other VCS), and these cannot be handled
by uscan, then I agree, it would be nice to standardize the calling
interface.
> I think this is a valid usecase for shipping a debian/rules target
> that mimics 'apt-get source' (which cannot know what modifications
> have been done to the source).
Well, apt-get source gets you the orig.tar.gz, and the diff.gz,
that lets you know exactly what modifications were made to the upstream
snapshot, so I guess I am not understanding what you are saying here.
a) Upstream does tarballs --- use uscan, perhaps with a munging script
b) No upstream tarball --- use a new target, or equivalently, a new
script to do the job.
My slight preference is a script with a well known name, since
that script can then be extracted and used by DEHS/PTS like systems,
without requireing that the whole source be unpoacked and
./debian/rules be runnable (I have sanity checks in my debian/rules)
manoj
--
"Let us condemn to hellfire all those who disagree with us." militant
religionists everywhere
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/~srivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Reply to: