Quoting Alec Leamas (2024-11-28 11:28:02) > Hi, > > On 28/11/2024 09:01, Simon Josefsson wrote: > > The checksums will be different when Debian > > re-pack upstream's source tarball, but there is still value in recording > > the upstream tarball used as a basis for creating the Debian source > > tarball > > Personally, the few packages I maintain are mostly repacked. Isn't there > also value in storing the hash of the repacked tarball, the thing > actually used?
I can only understand the proposal as the *.orig.tar.* file being the thing actually used - i.e. for a source package repackaging the upstream source tarball, the *repackaged* tarball is mandatory to include the checksum for, whereas the upstream tarball may optionally be recorded as well. - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ * Sponsorship: https://ko-fi.com/drjones [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
