Bug#736711: lintian: false positive: debian-watch-file-pubkey-file-is-missing, newly allowed path

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#736711: lintian: false positive: debian-watch-file-pubkey-file-is-missing, newly allowed path
From: Nicolas Boulenguez <nicolas@debian.org>
Date: Sun, 26 Jan 2014 10:48:24 +0100
Message-id: <[🔎] 20140126094823.GA28916@pegase>
Reply-to: Nicolas Boulenguez <nicolas@debian.org>, 736711@bugs.debian.org

Package: lintian
Version: 2.5.21
Severity: minor
Tags: patch

Hello.
Uscan now allows two more paths for upstream signing keys.
It recommends an armored key in debian/upstream/signing-key.asc.
The attached patch should update lintian for both changes.

diff --git a/checks/watch-file.desc b/checks/watch-file.desc
index 0ef6106..d2bb6bb 100644
--- a/checks/watch-file.desc
+++ b/checks/watch-file.desc
@@ -149,7 +149,7 @@ Info: This watch file does not include a means to verify
  use the pgpsigurlmangle options in this watch file's
  opts= to generate the URL of an upstream GPG signature.
  This signature is automatically downloaded and verified
- against a keyring stored in debian/upstream-signing-key.pgp
+ against an armored key stored in debian/upstream/signing-key.asc.
  .
  Of course, not all upstreams provide such signatures, but
  you could request them as a way of verifying that no third
@@ -166,7 +166,7 @@ Ref: uscan(1)
 Info: This watch file verifies a cryptographic signature but
  the upstream public key is missing.
  .
- Please add upstream public keys in debian/upstream-signing-key.pgp.
+ Please add upstream public key in debian/upstream/signing-key.asc.
 
 Tag: debian-watch-contains-dh_make-template
 Severity: wishlist
diff --git a/checks/watch-file.pm b/checks/watch-file.pm
index daa0692..036bcdb 100644
--- a/checks/watch-file.pm
+++ b/checks/watch-file.pm
@@ -179,13 +179,13 @@ sub run {
     close($fd);
 
     tag 'debian-watch-contains-dh_make-template' if ($template);
-    tag 'debian-watch-may-check-gpg-signature' unless ($withgpgverification);
 
-    if ($withgpgverification) {
-        my $pgpfile = $info->debfiles('upstream-signing-key.pgp');
-        if (!-f $pgpfile) {
-            tag 'debian-watch-file-pubkey-file-is-missing';
-        }
+    if (not $withgpgverification) {
+        tag 'debian-watch-may-check-gpg-signature';
+    } elsif (not (   -f $info->debfiles('upstream/signing-key.asc')
+                  or -f $info->debfiles('upstream/signing-key.pgp')
+                  or -f $info->debfiles('upstream-signing-key.pgp'))) {
+        tag 'debian-watch-file-pubkey-file-is-missing';
     }
 
     my $changes = $info->changelog;

Reply to:

Follow-Ups:
- Processed: [lintian] pending
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: [lintian] branch master updated (fa03357 -> 426f50c)
Next by Date: Ofisinizi veya evinizi mi taşımak istiyorsunuz? İşinizi profesyonel ekibe bırakın, gönlünüz rahat etsin.
Previous by thread: [lintian] branch master updated (fa03357 -> 426f50c)
Next by thread: Processed: [lintian] pending
Index(es):
- Date
- Thread