I believe this FTBFS was triggered by golang-1.24 version 1.24.8-1 and fixed in 1.24.9-1, related to the TLS SAN change. The log indicates 1.24.8-1 was used for the build, but 1.24.9-1 is now in testing.
https://people.debian.org/~sanvila/build-logs/202510/golang-github-sigstore-sigstore_1.9.5-1_amd64-20251010T130429.629Z I've requested new debci builds of sigstore-sigstore, it failed with golang-1.24 version 1.24.8-1 on amd64 in debci. I'm hoping this cannot be reproduced using 1.24.9-1? I'm not sure how to inform the Debian BTS about this situation... re-assign to golang-1.24 version 1.24.8-1 and mark it fixed in 1.24.9-1? Assuming this is indeed the cause here. /Simon Santiago Vila <[email protected]> writes: > Package: src:golang-github-sigstore-sigstore > Version: 1.9.5-1 > Severity: serious > Tags: ftbfs forky sid > > Dear maintainer: > > During a rebuild of all packages in unstable, this package failed to build. > > Below you will find the last part of the build log (probably the most > relevant part, but not necessarily). If required, the full build log > is available here: > > https://people.debian.org/~sanvila/build-logs/202510/ > > About the archive rebuild: The build was made on virtual machines from AWS, > using sbuild and a reduced chroot with only build-essential packages. > > If you cannot reproduce the bug please contact me privately, as I > am willing to provide ssh access to a virtual machine where the bug is > fully reproducible. > > If this is really a bug in one of the build-depends, please use > reassign and add an affects on src:golang-github-sigstore-sigstore, so that > this is still > visible in the BTS web page for this package. > > Thanks. > > -------------------------------------------------------------------------------- > [...] > debian/rules clean > dh clean --builddirectory=_build --buildsystem=golang --with=golang > dh_auto_clean -O--builddirectory=_build -O--buildsystem=golang > dh_autoreconf_clean -O--builddirectory=_build -O--buildsystem=golang > dh_clean -O--builddirectory=_build -O--buildsystem=golang > debian/rules binary > dh binary --builddirectory=_build --buildsystem=golang --with=golang > dh_update_autotools_config -O--builddirectory=_build -O--buildsystem=golang > dh_autoreconf -O--builddirectory=_build -O--buildsystem=golang > dh_auto_configure -O--builddirectory=_build -O--buildsystem=golang > dh_auto_configure: warning: "github.com/sigstore/sigstore" is already > installed. Please check for circular dependencies. > > debian/rules execute_before_dh_auto_build > make[1]: Entering directory '/<<PKGBUILDDIR>>' > cd _build/src/github.com/sigstore/sigstore/pkg; \ > > [... snipped ...] > > === RUN TestPluginArgsJSON/defaultAlgorithm > === PAUSE TestPluginArgsJSON/defaultAlgorithm > === RUN TestPluginArgsJSON/supportedAlgorithms > === PAUSE TestPluginArgsJSON/supportedAlgorithms > === RUN TestPluginArgsJSON/createKey > === PAUSE TestPluginArgsJSON/createKey > === RUN TestPluginArgsJSON/publicKey > === PAUSE TestPluginArgsJSON/publicKey > === RUN TestPluginArgsJSON/signMessage > === PAUSE TestPluginArgsJSON/signMessage > === RUN TestPluginArgsJSON/verifySignature > === PAUSE TestPluginArgsJSON/verifySignature > === CONT TestHashFuncJSON > === RUN TestHashFuncJSON/MD4 > === PAUSE TestHashFuncJSON/MD4 > === RUN TestHashFuncJSON/MD5 > === PAUSE TestHashFuncJSON/MD5 > === RUN TestHashFuncJSON/SHA-1 > === PAUSE TestHashFuncJSON/SHA-1 > === RUN TestHashFuncJSON/SHA-224 > === PAUSE TestHashFuncJSON/SHA-224 > === RUN TestHashFuncJSON/SHA-256 > === PAUSE TestHashFuncJSON/SHA-256 > === RUN TestHashFuncJSON/SHA-384 > === CONT TestPluginRespJSON > === RUN TestPluginRespJSON/defaultAlgorithm > === PAUSE TestPluginRespJSON/defaultAlgorithm > === RUN TestPluginRespJSON/supportedAlgorithms > === PAUSE TestPluginRespJSON/supportedAlgorithms > === RUN TestPluginRespJSON/createKey > === PAUSE TestPluginRespJSON/createKey > === RUN TestPluginRespJSON/publicKey > === PAUSE TestPluginRespJSON/publicKey > === RUN TestPluginRespJSON/signMessage > === PAUSE TestPluginRespJSON/signMessage > === RUN TestPluginRespJSON/verifySignature > === PAUSE TestPluginRespJSON/verifySignature > === CONT TestPluginArgsJSON/defaultAlgorithm > === CONT TestPluginArgsJSON/signMessage > === CONT TestPluginArgsJSON/verifySignature > === CONT TestPluginArgsJSON/createKey > === CONT TestPluginArgsJSON/publicKey > === CONT TestPluginArgsJSON/supportedAlgorithms > --- PASS: TestPluginArgsJSON (0.00s) > --- PASS: TestPluginArgsJSON/defaultAlgorithm (0.00s) > --- PASS: TestPluginArgsJSON/signMessage (0.00s) > --- PASS: TestPluginArgsJSON/verifySignature (0.00s) > --- PASS: TestPluginArgsJSON/createKey (0.00s) > --- PASS: TestPluginArgsJSON/publicKey (0.00s) > --- PASS: TestPluginArgsJSON/supportedAlgorithms (0.00s) > === CONT TestPluginRespJSON/defaultAlgorithm > === CONT TestPluginRespJSON/verifySignature > === CONT TestPluginRespJSON/signMessage > === CONT TestPluginRespJSON/publicKey > === CONT TestPluginRespJSON/createKey > === CONT TestPluginRespJSON/supportedAlgorithms > --- PASS: TestPluginRespJSON (0.00s) > --- PASS: TestPluginRespJSON/defaultAlgorithm (0.00s) > --- PASS: TestPluginRespJSON/verifySignature (0.00s) > --- PASS: TestPluginRespJSON/signMessage (0.00s) > --- PASS: TestPluginRespJSON/publicKey (0.00s) > --- PASS: TestPluginRespJSON/createKey (0.00s) > --- PASS: TestPluginRespJSON/supportedAlgorithms (0.00s) > === PAUSE TestHashFuncJSON/SHA-384 > === RUN TestHashFuncJSON/SHA-512 > === PAUSE TestHashFuncJSON/SHA-512 > === RUN TestHashFuncJSON/MD5+SHA1 > === PAUSE TestHashFuncJSON/MD5+SHA1 > === RUN TestHashFuncJSON/RIPEMD-160 > === PAUSE TestHashFuncJSON/RIPEMD-160 > === RUN TestHashFuncJSON/SHA3-224 > === PAUSE TestHashFuncJSON/SHA3-224 > === RUN TestHashFuncJSON/SHA3-256 > === PAUSE TestHashFuncJSON/SHA3-256 > === RUN TestHashFuncJSON/SHA3-384 > === PAUSE TestHashFuncJSON/SHA3-384 > === RUN TestHashFuncJSON/SHA3-512 > === PAUSE TestHashFuncJSON/SHA3-512 > === RUN TestHashFuncJSON/SHA-512/224 > === PAUSE TestHashFuncJSON/SHA-512/224 > === RUN TestHashFuncJSON/SHA-512/256 > === PAUSE TestHashFuncJSON/SHA-512/256 > === RUN TestHashFuncJSON/BLAKE2s-256 > === PAUSE TestHashFuncJSON/BLAKE2s-256 > === RUN TestHashFuncJSON/BLAKE2b-256 > === PAUSE TestHashFuncJSON/BLAKE2b-256 > === RUN TestHashFuncJSON/BLAKE2b-384 > === PAUSE TestHashFuncJSON/BLAKE2b-384 > === RUN TestHashFuncJSON/BLAKE2b-512 > === PAUSE TestHashFuncJSON/BLAKE2b-512 > === CONT TestHashFuncJSON/MD4 > === CONT TestHashFuncJSON/BLAKE2b-512 > === CONT TestHashFuncJSON/BLAKE2b-384 > === CONT TestHashFuncJSON/SHA3-224 > === CONT TestHashFuncJSON/BLAKE2b-256 > === CONT TestHashFuncJSON/BLAKE2s-256 > === CONT TestHashFuncJSON/SHA-512/256 > === CONT TestHashFuncJSON/SHA-512/224 > === CONT TestHashFuncJSON/SHA3-512 > === CONT TestHashFuncJSON/SHA3-384 > === CONT TestHashFuncJSON/SHA3-256 > === CONT TestHashFuncJSON/SHA-384 > === CONT TestHashFuncJSON/RIPEMD-160 > === CONT TestHashFuncJSON/MD5+SHA1 > === CONT TestHashFuncJSON/SHA-512 > === CONT TestHashFuncJSON/SHA-224 > === CONT TestHashFuncJSON/SHA-256 > === CONT TestHashFuncJSON/SHA-1 > === CONT TestHashFuncJSON/MD5 > --- PASS: TestHashFuncJSON (0.00s) > --- PASS: TestHashFuncJSON/MD4 (0.00s) > --- PASS: TestHashFuncJSON/BLAKE2b-512 (0.00s) > --- PASS: TestHashFuncJSON/BLAKE2b-384 (0.00s) > --- PASS: TestHashFuncJSON/SHA3-224 (0.00s) > --- PASS: TestHashFuncJSON/BLAKE2b-256 (0.00s) > --- PASS: TestHashFuncJSON/BLAKE2s-256 (0.00s) > --- PASS: TestHashFuncJSON/SHA-512/256 (0.00s) > --- PASS: TestHashFuncJSON/SHA-512/224 (0.00s) > --- PASS: TestHashFuncJSON/SHA3-512 (0.00s) > --- PASS: TestHashFuncJSON/SHA3-384 (0.00s) > --- PASS: TestHashFuncJSON/SHA3-256 (0.00s) > --- PASS: TestHashFuncJSON/SHA-384 (0.00s) > --- PASS: TestHashFuncJSON/RIPEMD-160 (0.00s) > --- PASS: TestHashFuncJSON/MD5+SHA1 (0.00s) > --- PASS: TestHashFuncJSON/SHA-512 (0.00s) > --- PASS: TestHashFuncJSON/SHA-224 (0.00s) > --- PASS: TestHashFuncJSON/SHA-256 (0.00s) > --- PASS: TestHashFuncJSON/SHA-1 (0.00s) > --- PASS: TestHashFuncJSON/MD5 (0.00s) > PASS > ok github.com/sigstore/sigstore/pkg/signature/kms/cliplugin/common 0.003s > === RUN TestPackRPCOptions > === PAUSE TestPackRPCOptions > === RUN TestUnpackRPCOptions > === PAUSE TestUnpackRPCOptions > === RUN TestPackMessageOptions > === PAUSE TestPackMessageOptions > === RUN TestUnpackMessageOptions > === PAUSE TestUnpackMessageOptions > === RUN TestPackPublicKeyOptions > === PAUSE TestPackPublicKeyOptions > === RUN TestUnpackPublicKeyOptions > === PAUSE TestUnpackPublicKeyOptions > === RUN TestPackSignOptions > === PAUSE TestPackSignOptions > === RUN TestUnpackSignOptions > === PAUSE TestUnpackSignOptions > === RUN TestPackVerifyOptions > === PAUSE TestPackVerifyOptions > === RUN TestUnpackVerifyOptions > === PAUSE TestUnpackVerifyOptions > === CONT TestPackRPCOptions > --- PASS: TestPackRPCOptions (0.00s) > === CONT TestUnpackVerifyOptions > --- PASS: TestUnpackVerifyOptions (0.00s) > === CONT TestPackVerifyOptions > --- PASS: TestPackVerifyOptions (0.00s) > === CONT TestUnpackSignOptions > --- PASS: TestUnpackSignOptions (0.00s) > === CONT TestPackSignOptions > --- PASS: TestPackSignOptions (0.00s) > === CONT TestUnpackPublicKeyOptions > --- PASS: TestUnpackPublicKeyOptions (0.00s) > === CONT TestPackPublicKeyOptions > --- PASS: TestPackPublicKeyOptions (0.00s) > === CONT TestUnpackMessageOptions > --- PASS: TestUnpackMessageOptions (0.00s) > === CONT TestPackMessageOptions > --- PASS: TestPackMessageOptions (0.00s) > === CONT TestUnpackRPCOptions > --- PASS: TestUnpackRPCOptions (0.00s) > PASS > ok github.com/sigstore/sigstore/pkg/signature/kms/cliplugin/encoding > 0.007s > ? github.com/sigstore/sigstore/pkg/signature/kms/cliplugin/handler > [no test files] > ? > github.com/sigstore/sigstore/pkg/signature/kms/cliplugin/internal/signerverifier > [no test files] > === RUN TestFakeSigner > --- PASS: TestFakeSigner (0.00s) > === RUN TestFakeSignerWithPrivateKey > --- PASS: TestFakeSignerWithPrivateKey (0.00s) > PASS > ok github.com/sigstore/sigstore/pkg/signature/kms/fake 0.003s > ? github.com/sigstore/sigstore/pkg/signature/options [no test files] > === RUN TestMarshalCosign > === PAUSE TestMarshalCosign > === RUN TestUnmarshalCosign > === PAUSE TestUnmarshalCosign > === CONT TestMarshalCosign > === RUN TestMarshalCosign/no_claims > === PAUSE TestMarshalCosign/no_claims > === RUN TestMarshalCosign/standard_atomic_signature > === PAUSE TestMarshalCosign/standard_atomic_signature > === RUN TestMarshalCosign/arbitrary_claims > === PAUSE TestMarshalCosign/arbitrary_claims > === RUN TestMarshalCosign/custom_identity > === PAUSE TestMarshalCosign/custom_identity > === CONT TestMarshalCosign/no_claims > === CONT TestUnmarshalCosign > === RUN TestUnmarshalCosign/no_claims > === PAUSE TestUnmarshalCosign/no_claims > === RUN TestUnmarshalCosign/arbitrary_claims > === PAUSE TestUnmarshalCosign/arbitrary_claims > === RUN TestUnmarshalCosign/unknown_type > === PAUSE TestUnmarshalCosign/unknown_type > === CONT TestMarshalCosign/arbitrary_claims > === CONT TestMarshalCosign/standard_atomic_signature > === CONT TestMarshalCosign/custom_identity > === CONT TestUnmarshalCosign/no_claims > === CONT TestUnmarshalCosign/unknown_type > === CONT TestUnmarshalCosign/arbitrary_claims > --- PASS: TestUnmarshalCosign (0.00s) > --- PASS: TestUnmarshalCosign/no_claims (0.00s) > --- PASS: TestUnmarshalCosign/unknown_type (0.00s) > --- PASS: TestUnmarshalCosign/arbitrary_claims (0.00s) > --- PASS: TestMarshalCosign (0.00s) > --- PASS: TestMarshalCosign/no_claims (0.00s) > --- PASS: TestMarshalCosign/arbitrary_claims (0.00s) > --- PASS: TestMarshalCosign/custom_identity (0.00s) > --- PASS: TestMarshalCosign/standard_atomic_signature (0.00s) > PASS > ok github.com/sigstore/sigstore/pkg/signature/payload 0.003s > === RUN TestFromOpenSSH > sign_test.go:154: skip TestFromOpenSSH: missing ssh-keygen in PATH > --- SKIP: TestFromOpenSSH (0.00s) > === RUN TestToOpenSSH > sign_test.go:214: skip TestToOpenSSH: missing ssh-keygen in PATH > --- SKIP: TestToOpenSSH (0.00s) > === RUN TestRoundTrip > === RUN TestRoundTrip/rsa > === RUN TestRoundTrip/ed25519 > --- PASS: TestRoundTrip (0.01s) > --- PASS: TestRoundTrip/rsa (0.01s) > --- PASS: TestRoundTrip/ed25519 (0.00s) > PASS > ok github.com/sigstore/sigstore/pkg/signature/ssh 0.018s > === RUN TestKeyHandleToSignerECDSA > === RUN TestKeyHandleToSignerECDSA/ECDSA-P256-SHA256 > === RUN TestKeyHandleToSignerECDSA/ECDSA-P384-SHA512 > === RUN TestKeyHandleToSignerECDSA/ECDSA-P521-SHA512 > --- PASS: TestKeyHandleToSignerECDSA (0.02s) > --- PASS: TestKeyHandleToSignerECDSA/ECDSA-P256-SHA256 (0.00s) > --- PASS: TestKeyHandleToSignerECDSA/ECDSA-P384-SHA512 (0.00s) > --- PASS: TestKeyHandleToSignerECDSA/ECDSA-P521-SHA512 (0.02s) > === RUN TestKeyHandleToSignerED25519 > --- PASS: TestKeyHandleToSignerED25519 (0.00s) > === RUN TestKeyHandleToSignerFailsWithInvalidKeyType > --- PASS: TestKeyHandleToSignerFailsWithInvalidKeyType (0.83s) > PASS > ok github.com/sigstore/sigstore/pkg/signature/tink 0.850s > === RUN TestMarshalStatusType > --- PASS: TestMarshalStatusType (0.00s) > === RUN TestMarshalInvalidStatusType > --- PASS: TestMarshalInvalidStatusType (0.00s) > === RUN TestUnmarshalStatusType > --- PASS: TestUnmarshalStatusType (0.00s) > === RUN TestUnmarshalStatusTypeCapitalization > --- PASS: TestUnmarshalStatusTypeCapitalization (0.00s) > === RUN TestUnmarshalInvalidStatusType > --- PASS: TestUnmarshalInvalidStatusType (0.00s) > === RUN TestMarshalUsageType > --- PASS: TestMarshalUsageType (0.00s) > === RUN TestMarshalInvalidUsageType > --- PASS: TestMarshalInvalidUsageType (0.00s) > === RUN TestUnmarshalUsageType > --- PASS: TestUnmarshalUsageType (0.00s) > === RUN TestUnmarshalUsageTypeCapitalization > --- PASS: TestUnmarshalUsageTypeCapitalization (0.00s) > === RUN TestUnmarshalInvalidUsageType > --- PASS: TestUnmarshalInvalidUsageType (0.00s) > PASS > ok github.com/sigstore/sigstore/pkg/tuf 0.003s > ? github.com/sigstore/sigstore/test [no test files] > FAIL > rm -fr -- /tmp/dh-xdg-rundir-UcWrXfoc > dh_auto_test: error: cd _build && go test -vet=off -v -p 2 - > [too-long-redacted] store/test returned exit code 1 > make[1]: *** [debian/rules:21: override_dh_auto_test] Error 25 > make[1]: Leaving directory '/<<PKGBUILDDIR>>' > make: *** [debian/rules:8: binary] Error 2 > dpkg-buildpackage: error: debian/rules binary subprocess returned exit status > 2 > -------------------------------------------------------------------------------- > >
signature.asc
Description: PGP signature
