Hi,
Manoj Srivastava wrote:
> This would be an undue burden on a number of packages.
What's undue about inserting a "I created the .orig.tar.gz package by calling
'make clean_all_generated_files'." sentence in the copyright / readme /
whatever file?
That's all I'd require. Anything else would make me very happy, but I
certainly don't demand it.
> Have
> you done a survey to see how many packages would be affected?
No, because I do not advocate retroactively filing RC bugs against any
packages.
> it is unlikely that we would be able
> to generate a cryptographically pristine set by this mechanism
> anyway.
An overall "find . -type f -print0 | xargs -0r md5sum | sort +1 | md5sum" on
an automatically transmogrified .tar.gz might conceivably work. However,
that's a wholly different topic.
All _I_ want is to be able to answer the question "what, if anything, did the
maintainer do to create this orig.tar.gz file"? One of the reasons, in fact
the main reason why I wrote, is to package a new upstream version.(*) I'm
sure we all can think of others.
(*) Upstream often deletes old versions when they publish new ones.
Therefore, a comparison of the old .tar.gz files, just to check what (if
anything) changed, is unfeasible.
--
Matthias Urlichs | {M:U} IT Design @ m-u-it.de | smurf@smurf.noris.de
Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de
- -
We lie about the truth, that's what ruins us here. And do you know why we
lie about the truth? Not because we like to, but because we are scared to
death of it. If we looked the truth in the eye nine out of ten of us would run
to the graveyard and demand to be buried at once.
-- Babbaluche the cobbler
Attachment:
pgpPpP3vjI9jb.pgp
Description: signature