On 4/23/24 4:02 PM, Michel Lind wrote:
Ah, turns out matching the upload found the .tar.gz.sig instead since it appeared earlier in the releases JSON, so the upload hash is wrong.On 4/3/24 5:19 PM, Fay Stegerman wrote:Thanks for this! I have a similar problem with archlinux-keyring - which uses a different GitLab instance, gitlab.archlinux.orgGitLab asset download URLs are a bit of a mess, but the attached watch file seems to give me that exact URL.Using your watch file as a template, I managed to capture the exact URL needed (tried using that and also matching on the releases URL), but I still get stuck on the fact that uscan gets given an HTML page prompting to login instead.
Finally ended up matching the release URL instead - luckily uscan (and wget) handles the redirection back to the uploads URL OK.
https://salsa.debian.org/michel/archlinux-keyring/-/commit/7c096ea23aad8e0c9f66819cdda2a7d7e094f196Thanks for figuring out the API access. I'm using it from now on since hopefully it'll be more stable.
-- _o) Michel Lind _( ) identities: https://keyoxide.org/5dce2e7e9c3b1cffd335c1d78b229d2f7ccc04f2
Attachment:
OpenPGP_0x8B229D2F7CCC04F2.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature.asc
Description: OpenPGP digital signature