Re: Original sources, or not
On Thu, 18 Sep 2003 11:16:49 +0200, Matthias Urlichs
<smurf@smurf.noris.de> said:
> Manoj Srivastava wrote:
>> This would be an undue burden on a number of packages.
> What's undue about inserting a "I created the .orig.tar.gz package
> by calling 'make clean_all_generated_files'." sentence in the
> copyright / readme / whatever file?
If it is mandated, any package not doing so is instantly
buggy; and that is something that the policy cabal can't do.
> That's all I'd require. Anything else would make me very happy, but
> I certainly don't demand it.
We can't demand even this, but we can definitely recommend
this practice.
>> Have you done a survey to see how many packages would be affected?
> No, because I do not advocate retroactively filing RC bugs against
> any packages.
Your advocacy, though appreciated, does not really make a
difference, since if policy mandates it, then bugs can be filed.
>> it is unlikely that we would be able to generate a
>> cryptographically pristine set by this mechanism anyway.
> An overall "find . -type f -print0 | xargs -0r md5sum | sort +1 |
> md5sum" on an automatically transmogrified .tar.gz might conceivably
> work. However, that's a wholly different topic.
Good, so we can drop discussion here.
> All _I_ want is to be able to answer the question "what, if
> anything, did the maintainer do to create this orig.tar.gz file"?
> One of the reasons, in fact the main reason why I wrote, is to
> package a new upstream version.(*) I'm sure we all can think of
> others.
Sure. write up a proposal that recommends this as a desired
practice, but not as a SHOULD or MUST rule, and see if we can get a
rough consensus going.
manoj
--
It's always darkest just before it gets pitch black.
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Reply to: