Re: tag2upload & orig.tar
Hello,
On Tue 03 Dec 2024 at 12:04am -08, Otto Kekäläinen wrote:
> And by "aren't uploadable" you mean this is how you designed it and
> chose to not use signatures, not that doing it would inherently would
> be impossible. Would it by any chance be possible to extend "git
> deborig" to check whether debian/upstream/signing-key.* exists, and if
> so, generate the tarball using pristine-tar and keep the supply chain
> intact? Would you accept patches that implement it?
I don't think I can give a quick answer to that. There are a lot of
details. Let us get the first version deployed first :)
--
Sean Whitton
Reply to: