Phil Wyett <philip.wy...@kathenas.org> writes: > On Tue, 2024-09-10 at 03:43 -0700, Xiyue Deng wrote: >> Phil Wyett <philip.wy...@kathenas.org> writes: >> >> > On Tue, 2024-09-10 at 08:54 +0100, Phil Wyett wrote: >> > > On Tue, 2024-09-10 at 00:25 -0700, Xiyue Deng wrote: >> > > > Xiyue Deng <manp...@gmail.com> writes: >> > > > >> > > > > Phil Wyett <philip.wy...@kathenas.org> writes: >> > > > > >> > > > > > On Sun, 2024-09-08 at 14:21 -0700, Xiyue Deng wrote: >> > > > > > > Phil Wyett <philip.wy...@kathenas.org> writes: >> > > > > > > >> > > > > > > > Control: tags -1 +moreinfo >> > > > > > > > >> > > > > > > > Xiyue, >> > > > > > > > >> > > > > > > > Preamble... >> > > > > > > > >> > > > > > > > Thank you for taking the time to prepare this package and your >> > > > > > > > contribution >> > > > > > > > to the Debian project. >> > > > > > > > >> > > > > > > > The review below is for assistance. This review is offered to >> > > > > > > > help package >> > > > > > > > submitters to Debian mentors inorder to improve their packages >> > > > > > > > prior to >> > > > > > > > possible sponsorship into Debian. There is no obligation on >> > > > > > > > behalf of the >> > > > > > > > submitter to make any alterations based upon information >> > > > > > > > provided in the >> > > > > > > > review. >> > > > > > > > >> > > > > > > > Review... >> > > > > > > > >> > > > > > > > 1. Build: >> > > > > > > > >> > > > > > > > * pbuilder [1]: Good >> > > > > > > > * sbuild [2]: Good >> > > > > > > > >> > > > > > > > 2. Lintian [3]: Good >> > > > > > > > >> > > > > > > > 3. Licenses [4]: Good >> > > > > > > > >> > > > > > > > 4. Watch file [uscan --force-download]: Issue >> > > > > > > > >> > > > > > > > philwyett@ks-tarkin:~/Development/builder/debian/mentoring/emacs-oauth2-0.17$ >> > > > > > > > uscan --force-download >> > > > > > > > uscan warn: Possible OpenPGP signature found at: >> > > > > > > > https://elpa.gnu.org/packages/oauth2-0.17.tar.sig >> > > > > > > > * Add opts=pgpsigurlmangle=s/$/.sig/ or opts=pgpmode=auto to >> > > > > > > > debian/watch >> > > > > > > > * Add debian/upstream/signing-key.asc. >> > > > > > > > See uscan(1) for more details >> > > > > > > > uscan: error: tar is not a supported compression >> > > > > > > >> > > > > > > Note that on GNU ELPA (GNU Emacs Lisp Package Archive) tar is the >> > > > > > > default option used by all packages. I think this can be >> > > > > > > considered as >> > > > > > > a restriction on uscan which should support tar. >> > > > > > > >> > > > > > > On the other hand, I'm mainly using uscan to check for new >> > > > > > > upstream >> > > > > > > version. The Salsa repository uses DEP14 recommended layout and >> > > > > > > doesn't >> > > > > > > use pristine-tar but tags and "git deborig" for generating the >> > > > > > > tarball >> > > > > > > for Debian archive (which will be in .tar.xz), so this is not an >> > > > > > > actual >> > > > > > > issue. >> > > > > > > >> > > > > > > Hope this helps clarify the situation :) >> > > > > > > >> > > > > > > >> > > > > > >> > > > > > Hi, >> > > > > > >> > > > > > I feel tar support in uscan is not a discussion for Debian >> > > > > > Mentors. An >> > > > > > appropriate bug filed elsewhere to start a discussion is a better >> > > > > > course. >> > > > > > >> > > > > >> > > > > A bit of a backtrack: I was puzzled when you mentioned that uscan >> > > > > had an >> > > > > error when running with "--force-download" because it worked for me. >> > > > > Then I realized that I was running Bookworm which has an older >> > > > > version >> > > > > of devscripts and uscan somehow still created the archive after it >> > > > > didn't detect any compression suffix so it kind of worked by >> > > > > unexpectedly. I manually backported devscripts 2.23.7 and can >> > > > > reproduce >> > > > > the issue. I have filed Bug#1081182 for tracking this. >> > > > > >> > > > > > We work with what we have. If a working 'debian/watch' file is not >> > > > > > possible >> > > > > > in the package, it would in my opinion be best to remove it. >> > > > > > >> > > > > >> > > > > In fact, "uscan --report-status" still works and can be used for >> > > > > detecting new versions. I wonder whether UDD or qa.debian.org >> > > > > requires >> > > > > actually downloading the newer archive for detecting newer versions, >> > > > > and >> > > > > if "--report-status" is sufficient, maybe we can keep it as-is as I'm >> > > > > not using pristine-tar anyway. Alternatively, I can change it to >> > > > > track >> > > > > the git head instead if desired. >> > > > > >> > > > >> > > > When debugging another issue with watch file result (Bug#1081249) I >> > > > found that DDPO may be using "uscan --dehs" for detecting newer >> > > > versions. The command succeeded and output the following for >> > > > emacs-oauth2: >> > > > >> > > > ,---- >> > > > > $ uscan --dehs >> > > > > <dehs> >> > > > > <package>emacs-oauth2</package> >> > > > > <debian-uversion>0.17</debian-uversion> >> > > > > <debian-mangled-uversion>0.17</debian-mangled-uversion> >> > > > > <upstream-version>0.17</upstream-version> >> > > > > <upstream-url>https://elpa.gnu.org/packages/oauth2-0.17.tar</upstream-url> >> > > > > <status>up to date</status> >> > > > > </dehs> >> > > > `---- >> > > > >> > > > So hopefully this is good enough for new-version-detection purpose. >> > > > >> > > > > >> > > > >> > > >> > > Hi, >> > > >> > > The test as is "uscan --force-download" caters primarily for submissions >> > > to >> > > Mentors, so packaged and with a ".dsc" file. A test that could be used is >> > > "uscan --download-current-version". Both will error as ".tar" is not >> > > supported. >> > > >> > > You could do an RFS with link to a packages git only. This would >> > > indicate to >> > > me we are using original generation from the git repository and not >> > > download >> > > from watch, so I can generally ignore the watch file for fetching the >> > > original archive. >> > > >> > > In the case of the above paragraph, if a developer could add the below >> > > comment or similar to the Debian watch file. >> > > >> > > # Used to watch for upstream releases only. To test use "uscan --dehs". >> > > >> > > Seem sensible? >> >> Definitely! I have pushed the change to the team repo[1] and rebuilt >> and re-uploaded the package to mentors. PTAL. >> >> > > >> > > Regards >> > > >> > > Phil >> > > >> > >> > Hi, >> > >> > Side note... Using git only has advantages. >> > >> > * Many DDs prefer or will only work from git (Salsa). >> > * We know the git (Salsa) is up to date when sponsored. >> > >> >> This sounds interesting. How do I make the RFS git-only? >> >> > Regards >> > >> > Phil >> > >> > -- >> > >> > "I play the game for the game’s own sake" >> > >> > Arthur Conan Doyle - The Adventure of the Bruce-Partington Plans >> > >> > -- >> > >> > Buy Me A Coffee: https://buymeacoffee.com/kathenasorg >> > >> > Internet Relay Chat (IRC): kathenas >> > >> > Matrix: #kathenas:matrix.org >> > >> > Website: https://kathenas.org >> > >> > Instagram: https://instagram.com/kathenasorg/ >> > >> > Threads: https://www.threads.net/@kathenasorg >> >> [1] >> https://salsa.debian.org/emacsen-team/emacs-oauth2/-/commit/5be0b3a239a044fa07f712479067b80ef0192f41 >> > > Hi, > > The FRS template at: > > https://mentors.debian.net/sponsors/rfs-howto/ > > Remove the below three lines and add a link to the Salsa repo. > > https://mentors.debian.net/package/hello/ > > Alternatively, you can download the package with 'dget' using this command: > > dget -x https://mentors.debian.net/debian/pool/main/h/hello/hello_3.1-4.dsc >
Ack. Will consider this in my future RFS bugs. Thanks for the tip! Meanwhile, can we consider this RFS ready now that the watch file is commented? > Regards > > Phil > > -- > > "I play the game for the game’s own sake" > > Arthur Conan Doyle - The Adventure of the Bruce-Partington Plans > > -- > > Buy Me A Coffee: https://buymeacoffee.com/kathenasorg > > Internet Relay Chat (IRC): kathenas > > Matrix: #kathenas:matrix.org > > Website: https://kathenas.org > > Instagram: https://instagram.com/kathenasorg/ > > Threads: https://www.threads.net/@kathenasorg -- Xiyue Deng
