Re: uscan, get-orig-source, and making upstream tarball DFSG-free

[George Danchev <danchev@spnet.net>]

On Thursday 15 September 2005 18:43, Justin Pryzby wrote:
--cut--
> > > What I did, in an unofficial package, is to include a
> > > debian/rules:get-orig-source target which simply calls a script,
> > > created in ./debian/ by the .diff.gz.  A prerequisite for that rule is
> > > "permissions", which chmod 755 all the scripts that rules calls.  My
> > > repack script just wgets a statically named file (suboptimal), unpacks
> >
> > How do you ensure that the builders of that source package wont get a
> > changed file with the same name or that the download will complete before
> > the build get started ? See #325161. Yes, I know that the patch is rather
> > incomplete.
>
> I don't, though its an interesting idea.  If it were important to me,
> then I would probably call md5sum (in essential package: coreutils) on
> the downloaded files (in a for loop, if there were that many..), and
> compare with the md5sums in a bash array (or perl if it was really
> sophisticated..).

Yeah, I know this could be done on a per-package basis, but would be nice if 
we have a unified interface for reliably grabbing the relevant tarballs. This 
will reduce the fragmentation and error-proness in multiple implementations. 
If you have a corner case you can always use the dirty hackish 
self-implemented fetching target ;-)

-- 
pub 4096R/0E4BD0AB 2003-03-18 <people.fccf.net/danchev/key pgp.mit.edu>
fingerprint 1AE7 7C66 0A26 5BFF DF22 5D55 1C57 0C89 0E4B D0AB