Heya, After discussing this in IRC, we agreed that I give a short overview about the important stuff. As I'm quite lazy, I'm quoting James Troup for the history bits: <elmo> was written for Ubuntu, specifically because they were activating data.tar.bz2 support in debs. as a side effect it also enforced certain constraints on the layout of .ars simply becuase of the way the code was written. this was tested on everything in ubuntu and didn't trip anything. the code got ported to Debian shortly before the release of sarge <elmo> at that point, it became apparent it broke dpkg-sig signed debs. after various conversations, I disabled the check, because amongst other things making changes like that just prior to release probably wasn't clever. however, I didn't sufficently comment WHY the check was deactivated in the code, I just said "till sarge is released" or similar <elmo> which is my bad, and I apologize. in any event, sarge has obviously been and gone, and the check got re-enabled as part of a cleanup of the code on sphor vs. cvs. Today, some people ranted in IRC about the fact that packages with binary signatures were rejected again. As I believed that someone activated these checks while knowing that they break packages with binary signatures, I was pretty pissed off. I remembered the comment to be something like "breaks dpkg-sig, deactivated for now", but the CVS [1] shows that was wrong. Anyway, I want to apologize for carrying this to -devel directly. OK, now to the good parts: Joerg Jaspert planned to provide a better version of the problematic check anyway (also validating the binary signatures) and will try to finish them as soon as possible. I'll try to be useful in respect to that, at least as useful as I can be. And now we're all happy again. Yay! Marc Footnotes: [1] http://cvs.debian.org/dak/jennifer?root=dak&r1=1.56&r2=1.57 -- BOFH #139: UBNC (user brain not connected)
Attachment:
pgpFjuZf2kkFj.pgp
Description: PGP signature