Bug#916207: lintian: debian-watch-does-not-check-gpg-signature certainty considered annoying
Package: lintian
Version: 2.5.116
Severity: minor
As designed, debian-watch-does-not-check-gpg-signature does not check if
upstream provides a GPG signature to make checking it possible. I get that
the "Certainty: certain" is meant to mean that it's certain that uscan won't
check a GPG signature, but this isn't really useful since many (most)
upstreams don't sign their releases.
To me, "Certainty: certain" reads as it is certain that this is a problem with
the package, when if there's no upstream signature, it's not at all a problem
the maintainer can fix. "Certainty: possible" seems much more reasonable to
me.
Scott K
Reply to: