> >1. There are two possible packaging schemes > > a. Keep only original .xpi in the .orig.tar.gz, and extract/dpatch it > > at build time. > > b. Keep unzipped .xpi in .orig.tar.gz. > > I was going the b. way but now I think that keeping original .xpi > > would be better > I'm no DD, but I would say (a) is nicer because then a checksum can be verified more easily. :-) Actually this is the only way the checksum can be verified ;-) as soon as you extract it, there is no way (besides downloading xpi, extracting and md5suming all the files) to verify the authenticity of upstream release. This is what I think and that is why I would like to move over keeping original .xpi. And the question is did anyone done it proper way to automate it with uscan + svn-upgrade... :-) -- .-. =------------------------------ /v\ ----------------------------= Keep in touch // \\ (yoh@|www.)onerussian.com Yaroslav Halchenko /( )\ ICQ#: 60653192 Linux User ^^-^^ [175555]
Attachment:
pgppGHLRQv6Qj.pgp
Description: PGP signature