Good to see an autopkgtest included, unfortunately it's testing the keys
in the source package when it really needs to be testing those installed
as part of the binary package. This also requires that the verify test
depends on "@" (if Depends is specified, it doesn't implicitly include
the binary packages created by the package).

In other words:

* d/t/control should specify Depends: @, openssl

* d/t/verify should use the keys in
/usr/share/nemos/{public,private}.pem rather than the ones in the
current dir (which is the checkout of the source package)

The d/copyright looks better but I'm a little confused that the license
header is declared "GPL-2.0+" while the test declares specifically
"version 2", not "version 2 or, at your option, any later version".
However, that's probably irrelevant as I'm also told that it's policy
that new packages originating from Canonical (i.e. without a prevailing
upstream license) should be licensed GPL-3.0 only (no "later version")
so this should probably all just be changed to that.

I'll unsubscribe ubuntu-sponsors for now, but please do subscribe it
again when it's ready for another review.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2043448

Title:
  [needs-packaging] nemos-dev-key

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+bug/2043448/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to