Re: [RFC] General Resolution to deploy tag2upload

To: debian-vote@lists.debian.org
Subject: Re: [RFC] General Resolution to deploy tag2upload
From: Marco d'Itri <md@Linux.IT>
Date: Wed, 12 Jun 2024 14:37:25 -0000 (UTC)
Message-id: <[🔎] v4cbr3$hei2$1@posted-at.bofh.it>
References: <[🔎] 87wmmvrubl.fsf@melete.silentflame.com> <[🔎] 1831845.MacFADY5OF@zini-1880>

debian@kitterman.com wrote:

>As I understand it, Debian was affected by the xz-utils hack, in part, because 
>some artifacts were inserted into an upstream tarball that were not 
>represented in the upstream git.  Please explain how use of tag2upload is 
>relevant to this scenario?  I'm afraid I don't follow.
I think that it was assumed, and I agree, that a well-maintained Debian
git source tree has the upstream branch pulled from the upstream git
repository, keeping the complete history, and not created locally by
importing upstream tar release archives.

-- 
ciao,
Marco

Reply to:

Follow-Ups:
- Re: [RFC] General Resolution to deploy tag2upload
  - From: Mathias Behrle <mbehrle@debian.org>

References:
- [RFC] General Resolution to deploy tag2upload
  - From: Sean Whitton <spwhitton@spwhitton.name>
- Re: [RFC] General Resolution to deploy tag2upload
  - From: Scott Kitterman <debian@kitterman.com>

Prev by Date: Re: [RFC] General Resolution to deploy tag2upload
Next by Date: Re: [RFC] General Resolution to deploy tag2upload
Previous by thread: Re: [RFC] General Resolution to deploy tag2upload
Next by thread: Re: [RFC] General Resolution to deploy tag2upload
Index(es):
- Date
- Thread