Hi, On Fri, Sep 08, 2017 at 04:38:55PM +0200, Guido Günther wrote: > Package: devscripts > Version: 2.17.9 > Severity: wishlist > File: /usr/bin/uscan > > Hi, > the upstream signture will no longer verify successfully if uscan > repacks the tarball using the information from debian/copyright. In this > case uscan should remove the signature to make sure no other tools pick > it up by accident and fail signature verification later on.
Yah, this is something I was wondering what to do. How can we record successful upstream sign verification done by uscan on the tarball prior to the repacking. Idea? Osamu _______________________________________________ devscripts-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/devscripts-devel
