Re: request more advice: lintian warnings and python-tldp + ldp-docbook-stylesheets
Hello and greetings again Gianfranco,
No problem at all. I wandered around a bit, have made a mistake or
two, improved my package (I think), filed an RFS (in the wrong way
[0]), and of course the ITP [1], but have started to get a feel for
how the whole process is supposed to work.
>just the changelog and control file (Source section) the binary is
>good called python-tldp
OK, great. I called it python3-tldp, given that the preferred
Python support these days for Debian is Python3 (and I'm following
tox and other examples).
My package builds and tests against Python2, but I don't plan on
bothering to release that for Debian, unless somebody asserts that
it is a good idea.
[I share this for others who may benefit, though, this stuff
probably gets reposted often.]
Since list week, I have learned that:
* I should build my package against Debian 'sid' before
submitting for RFS.
* There are two manuals for packagers 'Debian New Maintainers'
Guide' [2] and the 'Guide for Debian Maintainers'.
* There's something called 'http://mentors.debian.net/'. I still
don't know what to do with that, so I'll stay on the mailing
list for now.
* Though it is possible to generate a '3.0 (native)' package.
When running 'lintian --pedantic', I read this:
https://lintian.debian.org/tags/library-package-name-for-application.html
I created debian/python3-tldp.lintian-overrides with this as the
sole contents. (It seems I'm in good company, since there are 719
packages there.)
So, skipping the "N:" lines, when I run 'debuild', I end up with:
P: tldp source: debian-watch-may-check-gpg-signature
O: python3-tldp: library-package-name-for-application usr/bin/ldptool
I do not know how to add a GPG signature to the tagged release
within the git history or via github.com, although I'd imagine it's
possible, So, I'll try to learn that at some point. But, I'm hoping
that is not a killer, since, as the upstream AND packager, I can
sign the Debian package with my (new) 4096-bit RSA key (Mattia
Rizzolo recommend this new key).
>but I guess you need to have the orig tarball in the parent
>directory. dpkg-buildpackage will compare the sources, and bother
>you against adding patches in case the source trees differs from
>the pristine tarball.
Yes, I see that. And, I see that I have to always do this for a
Debian release.
>so, download the source tarball, call it
>tldp_version.orig.tar.whatever (I always dpkg-buildpackage, wait
>for the failure, and then copy-paste the name dpkg is expecting)
I switched from debian/source/format: 3.0 (native) to 3.0 (quilt).
I have a new possible release.
My RSA key is available:
gpg --recv-keys 0x329BC377 # --keyserver pgp.mit.edu
fingerprint = 4F7F DCD6 241F CFC9 9BCE BF11 8CA4 3A8D 329B C377
Here's the revised package:
dget -x http://linux-ip.net/debian.ITP-822181/tldp_0.7.10-1.dsc
N.B. My key does not exist on the stock /usr/share/keyrings/debian-keyring.gpg,
so, for me, dscverify complains that no public key is available.
Running 'gpg --verify tldp_0.7.10-1.dsc' succeeds, however.
Lastly, the newest tag (tldp-0.7.10) is available at the canonical
location [4] with the subsequent changes to the ./debian/ directory
to handle the packaging.
What do I do next?
-Martin
[0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822722 # RFS
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822181 # ITP
[2] https://www.debian.org/doc/manuals/maint-guide/
https://www.debian.org/doc/manuals/maint-guide/maint-guide.en.pdf
[3] https://www.debian.org/doc/manuals/debmake-doc/
https://www.debian.org/doc/manuals/debmake-doc/debmake-doc.en.pdf
[4] http://github.com/tLDP/python-tldp.git
--
Martin A. Brown
http://linux-ip.net/
Reply to: