Re: tarball in tarball: opinions
Jay Berkenbilt <email@example.com> writes:
> * I like to have an exact copy of the downloaded source tarball with
> the same md5 checksum, gpg detached signature, etc. Using the
> rules/tarball.mk from cdbs provides a very convenient way of
> handling this.
Have you considered the debian/rules 'get-orig-source' target as an
alternative way of achieving this? If done right, that would allow you
to do this kind of checking *and* still follow recommended practice of
using the upstream tarball as yours.
I'm envisaging the 'get-orig-source' could download the upstream
tarball and rename it, along with the checksum and signature files, do
any checks, and exit with an error status if they don't match. If
everything *does* match, the checksum etc. files are removed, leaving
the upstream tarball with the standard name.
\ “I have a large seashell collection, which I keep scattered on |
`\ the beaches all over the world. Maybe you've seen it.” —Steven |
_o__) Wright |