On Sat, Jul 05, 2008 at 08:17:21PM +0200, Bernhard R. Link wrote: > * Jay Berkenbilt <qjb@debian.org> [080705 18:22]: > > * I like to have an exact copy of the downloaded source tarball with > > the same md5 checksum, gpg detached signature, etc. Using the > > rules/tarball.mk from cdbs provides a very convenient way of > > handling this. > > I consider this the main reason I personally consider tarball in tarball > bad: The .orig.tar.gz is totally different to the upstream tarball. > If upstream already has a .tar.gz then there is no excuse in my eyes > and even with .tar.bz2 it's easier to download this, check it, unpack > both and compare some checksums, than to first look into the file if it > is the same, then detecting it is not supposed to be the upstream file, > unpack it, look how the file is named in there and then comparing those. All the 3.0 formats allow bzip2 tarballs so that will no longer be a reason to do this. 3.0 (quilt) also allows multiple upstream tarballs which used to be a good reason for using tarball-in-tarball. Ben. -- Ben Hutchings Design a system any fool can use, and only a fool will want to use it.
Attachment:
signature.asc
Description: Digital signature