Re: RFS: minidlna (updated package and FTBFS fix)
2011/7/22 Benoît Knecht <benoit.knecht@fsfe.org>:
> Hi Fernando,
>
> Fernando Lemos wrote:
>> 2011/7/22 Kilian Krause <kilian@debian.org>:
>> > On Fri, Jul 22, 2011 at 12:36:51PM +0200, Benoît Knecht wrote:
>> >> I am looking for a sponsor for the new version 1.0.21+dfsg-1 of my
>> >> package "minidlna".
>> >> - dget http://mentors.debian.net/debian/pool/main/m/minidlna/minidlna_1.0.21+dfsg-1.dsc
>> >
>> > 1. Your upoad uses a tarball that's not identical to upstream's one. Please
>> > consider adding a get-orig-tarball target to debian/rules to verify what
>> > steps are required to generate it.
>>
>> Please take no offense, Benoît. But in such a case, Kilian, can you be
>> sure the source hasn't been tampered with? I'd feel rather
>> unconfortable otherwise.
>
> I did "tamper" with the source, in the sense that I replaced the
> non-free icons.c file. This is documented in debian/copyright. I'm not
> sure what kind of tampering you're worried about, but you can easily
> check that no other file from upstream was modified.
Again, no offense meant. I have no reason to believe anyone is acting
in bad faith.
Just to clarify, I find it concerning that we might be accepting
source uploads that don't come straight from upstream and don't match
what was released upstream. I'm relieved to hear that there is a way
to ensure in your specific case that the source is the same as shipped
upstream. I wish this was a requirement for new packages entering
Debian.
Reply to: