[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How to handle Debian patches

On Saturday 17 May 2008, Manoj Srivastava wrote:
> On Sat, 17 May 2008 00:19:59 +0300, George Danchev <danchev@spnet.net> said:
> > I personally don't think there is any need for new infrastrutures. We
> > only need to follow some simple rules, i.e. orig.tar.gz should be
> > really the original upstream source; diff.gz (debian/patches/
> > included) is what the debian developer added to it.
>         This is exactly what happened in the openssl case (modulo
>  ./debian/patches). 

Not true. openssl packaging didn't and still does not use clearly identified 
diff files in debian/patches/.

>  Indeed, this is already the recommendation: use 
>  pristine upstream, unless they have added non-dfsg materials,  or
>  something, and _all_ debian changes live  in the diff.gz.
>         Following this simple rule is what we normally do.

A large number of packages do not follow that simple rule, but patching the 
orig.tar.gz instead. Then comes even more, even Ben Laurie (as he writes in 
his blog) with all his aggression missed to find the debian's pkg-openssl VCS 
repo [1] unless he has been helped by someone at some point. I'm not against 
the VCS repo (I myself use some for my packaging), I just claim that you can 
expect that random upstream developers and random debian users know about it, 
they need instead extremely simple and stable interfaces to access the 
changes to their upstream source currently found in Debian archive, and we 
already have that for years. 

P.S. Don't get me wrong I don't blame the DD.

pub 4096R/0E4BD0AB 2003-03-18 <people.fccf.net/danchev/key pgp.mit.edu>
fingerprint 1AE7 7C66 0A26 5BFF DF22 5D55 1C57 0C89 0E4B D0AB 

Reply to: