On 2018-09-08 01:00, Nicolas Braud-Santoni wrote:
Control: tag -1 - moreinfo Hi Adam, Sorry for getting back to you this late.
Likewise apologies for overlooking the response for so long.
On Wed, Aug 29, 2018 at 08:21:18AM +0100, Adam D. Barratt wrote:Control: tags -1 + moreinfo Why does the diff contain (and not mention): upstream-signing-key.pgp 1451 ------- upstream-signing-key.pgp.backup 1451 +++++++ upstream/signing-key.asc 1966 ++++++++++ ?It seems the tags in the packaging repo do not actually match the uploads to the archive, and I do not know why: this is a team-maintained package, and the Yubico folks who did the original packaging (and are part of the team) seem to have lost interest in maintaining their packages, so I haveno idea which process they were using.
Sure, but when you upload the package it needs to contain the changes you expect. So either the change should be reverted, or it should be documented in the changelog (ideally with rationale).
It looks like something was uploaded, though:
Didn't you do that? (Or your sponsor, I guess, but I still assumed you'd be aware.)
$ rmadison -s stable,stable-new yubico-piv-toolyubico-piv-tool | 1.4.2-2 | stable | source, amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390xyubico-piv-tool | 1.4.2-2+deb9u1 | stable-new | source, amd64I assume you removed the bogus upstream-signing-key.pgp change?
I didn't remove anything, no. I have nothing to do with the package, just looking at what's been proposed / uploaded in order to decide whether to accept it.
Regards, Adam