Andreas Barth wrote:
- Britney gets confused if a package with a version like 1.2-3.sarge.0 and 1.2-3.sarge.1 is uploaded. - In that binary package, the source version is used as 1.2-3.0.1 which is not really true (at least, no source with that version exists in the archive). So, katie needs to do special handling there. The last issue could be solved with any handling, even with the current one, so I will ignore it in the rest of this mail.
The last issue and the first one are the same -- the reason britney gets confused is the heuristics used to work out if two packages are from the same source get it wrong for versions that look like binNMUs. Those heuristics are necessarily because the binary package doesn't list it's true source version.
One idea was to use for binary-only NMU as 1.2-3b1.
Actually, it was 1.2-3+b1, iirc. Maybe I missed some later discussion.
This has the advantage that current dpkg can handle it, and also that britney doesn't get confused any more. However, it doesn't solve the second issue.
Changing the security update policy to call packages "1.2-3+sec-woody1" as well would solve it though.
The advantage is that this solution is the nicest one from the theoretical point of view. It solves both problems with britney and the security uploads, but the disadvantage is that we need to teach dpkg first how to handle that new character before we can use it. So, we probably should fix that in sarge, so that we can use the new character in etch than.
Changing the version format really strikes me as overkill for this problem, personally.
Description: OpenPGP digital signature