[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Rejected: epcr_2.3.9-1.dsc: sha1 check failed

On Thu, Apr 17, 2008 at 12:56:01PM -0400, Roberto C. Sánchez wrote:
> On Thu, Apr 17, 2008 at 11:34:06AM -0400, James Vega wrote:
> > On the plus side, debsign is now more resilient to future changes in the
> > Format of .changes files (as will mergechanges in the next upload).  This only
> > changes *when* the reject happens though (at debsign run instead of at
> > upload), not whether it happens at all.  Hopefully other tools which parse the
> > .changes file have also learned from this experience and taken similar steps
> > to prevent operating on Formats they don't understand.
> > 
> This certainly good.  However, perhaps dak should have been changed to
> accept both format versions (1.7 and 1.8), instead of just rejecting the
> old one right away.

This isn't a problem with dak.  It was one with debsign.  debsign operates on
the generated .dsc and .changes files from a build instead of signing the .dsc
and then creating the .changes as part of the build like dpkg-buildpackage
does.  To do so, it must change information in the .changes file regarding the
size and checksum of the .dsc file.  Since that wasn't being done, dak rightly
rejected the uploads because the size and checksums listed didn't match that
of the uploaded .dsc file.

GPG Key: 1024D/61326D40 2003-09-02 James Vega <jamessan@debian.org>

Attachment: signature.asc
Description: Digital signature

Reply to: