Re: Packaging from upstream's Git repository.

To: debian-mentors@lists.debian.org
Subject: Re: Packaging from upstream's Git repository.
From: Jeremy Stanley <fungi@yuggoth.org>
Date: Sat, 12 Jul 2014 12:38:02 +0000
Message-id: <[🔎] 20140712123802.GJ1251@yuggoth.org>
In-reply-to: <[🔎] 20140712044552.GE12832@falafel.plessy.net>
References: <[🔎] 20140712044552.GE12832@falafel.plessy.net>

On 2014-07-12 13:45:52 +0900 (+0900), Charles Plessy wrote:
[...]
> I am blocking on the fact that he uses gnulib in a way that the
> version number of his program is expressed only via a Git tag.
> Thus, given that Debian source package are based on tar archives,
> the version number is lost unless I use the "sources" produced by
> 'make distcheck'.

Pretty much everything released by the OpenStack project follows the
same pattern (using the "PBR" Python library to set versioning based
on Git tags, generate changelogs/authors files and so on). The
project recommends downstream packagers use the published release
tarballs, to a great extent because of direct involvement in the
project by many Debian Developers and package maintainers and
because Debian has historically wanted packagers to use verifiable
original source tarballs unmodified direct from upstreams.

> Does anybody know a simple solution to that problem?

Importing the project's released tarballs (or generating your own
from source with a build step for between-release experimental
snapshots) doesn't seem like an unusual thing to do. Upstream
projects are often going to want installable release artifacts to
differ slightly from the contents of their development revision
control systems (so they can include generated files which should
not be kept in revision control or to abstract away release process
metadata), and GBP already has import features designed to support
exactly this common use case.

I don't personally understand where the idea that upstream revision
control contents and release tarball contents should be identical is
coming from, and as an upstream I would very much rather
distributions published the original tarballs which have been
mentioned in signed release announcements and so forth as a
component of their source packages rather than trying to create
their own from scratch (unless of course the original source tarball
needs repacking because it contains files which the distribution
can't carry for practical or legal reasons).
-- 
{ PGP( 48F9961143495829 ); FINGER( fungi@cthulhu.yuggoth.org );
WWW( http://fungi.yuggoth.org/ ); IRC( fungi@irc.yuggoth.org#ccl );
WHOIS( STANL3-ARIN ); MUD( kinrui@katarsis.mudpy.org:6669 ); }

Reply to:

References:
- Packaging from upstream's Git repository.
  - From: Charles Plessy <plessy@debian.org>

Prev by Date: Re: Please help translate old rules file on the installation rules
Next by Date: Re: Please help translate old rules file on the installation rules
Previous by thread: Re: Packaging from upstream's Git repository.
Next by thread: where are these lintian problems coming from
Index(es):
- Date
- Thread