Bug#977512: src:libconfig-identity-perl: Build-Depends on old gnupg1, but could use gnupg2

gregor herrmann gregoa at debian.org
Tue Dec 15 22:37:45 GMT 2020 

On Tue, 15 Dec 2020 22:43:26 +0100, Chris Hofstaedtler wrote:

> a very long time ago, Build-Depends were changed so gnupg1 is explicitly
> used, due to CPAN RT#112569. However, upstream has apparently fixed the
> tests in 0.0019 - this is noted in the same RT bug.
> Please consider switching the build dependency to gnupg2.

Thanks for the bug report!

Some quick thoughts:
- OOC: Is gnupg1 going away, or what is the reason for this proposal?
- I guess rather gnupg and not gnupg2 (the latter is a transitional
  package with just a dependency and a symlink gpg2 -> gpg; and the
  test uses `gpg').
- I wrote in the old changelog message:

    The tests are skipped if no gpg is found but if gnupg2 is installed they
    fail because of the key material in t/assets/gpg. CPAN RT#112569 provides
    a different solution: to convert the key material to gnupg2 before running
    the tests. This works as well but leaves more changed files behind.

and t/01-basic.t in 0.0019 contains:

+    # Per https://rt.cpan.org/Public/Bug/Display.html?id=112569 gpg 2.1.x
+    # needs a key format migration run on test data before tests
+    {
+        my $gpg_v = qx/$gpg --version/;
+        my ($first,$second) = $gpg_v =~ /^gpg \s+ \([^)]+\) \s+ (\d+) \. (\d+)/mx;
+        if ( $first && $second && ($first > 2 || ($first == 2 && $second > 0))) {
+            qx/$gpg --homedir $homedir --list-secret-keys/;
+        }
+    }


Let's try (change bdep and d/rules to not use gpg1); building twice:

First run:

gpg: WARNING: unsafe permissions on homedir '/build/libconfig-identity-perl-0.0019/t/assets/gpg'
gpg: starting migration from earlier GnuPG versions
gpg: porting secret keys from '/build/libconfig-identity-perl-0.0019/t/assets/gpg/secring.gpg' to gpg-agent
gpg: key 542711D33A02A63D: secret key imported
gpg: migration succeeded
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
t/01-basic.t ........... 
ok 1
ok 2
ok 3
ok 4
ok 5 - load_check with arrayref
ok 6 - load_check with coderef
ok 7 - load_check croaks on bad argument
ok 8 - load_check detected missing field
ok 9 - load_check detected missing fields
ok 10 - checker sub has same $_ and $[0]
ok 11 - checker sub has expected fields in $_
ok 12 - load_check detected missing field (from checker sub)
ok 13
ok 14
ok 15
ok 16
1..16
ok

Second run:

 dpkg-source -b .
dpkg-source: info: using source format '3.0 (quilt)'
dpkg-source: info: building libconfig-identity-perl using existing ./libconfig-identity-perl_0.0019.orig.tar.gz
dpkg-source: error: cannot represent change to libconfig-identity-perl-0.0019/t/assets/gpg/S.gpg-agent.ssh: device or socket is not allowed
dpkg-source: error: cannot represent change to libconfig-identity-perl-0.0019/t/assets/gpg/S.gpg-agent: device or socket is not allowed
dpkg-source: error: cannot represent change to libconfig-identity-perl-0.0019/t/assets/gpg/S.gpg-agent.extra: device or socket is not allowed
dpkg-source: error: cannot represent change to libconfig-identity-perl-0.0019/t/assets/gpg/S.gpg-agent.browser: device or socket is not allowed
dpkg-source: warning: newly created empty file 't/assets/gpg/.gpg-v21-migrated' will not be represented in diff
dpkg-source: error: cannot represent change to t/assets/gpg/private-keys-v1.d/9E09C5BF10F2273196F58D070479572BF264FC89.key: binary file contents changed
dpkg-source: error: add t/assets/gpg/private-keys-v1.d/9E09C5BF10F2273196F58D070479572BF264FC89.key in debian/source/include-binaries if you want to store the modified binary in the debian tarball
dpkg-source: error: cannot represent change to t/assets/gpg/private-keys-v1.d/9E33E8D390FB2C4244520DD2866F07EFBB6606ED.key: binary file contents changed
dpkg-source: error: add t/assets/gpg/private-keys-v1.d/9E33E8D390FB2C4244520DD2866F07EFBB6606ED.key in debian/source/include-binaries if you want to store the modified binary in the debian tarball
dpkg-source: error: cannot represent change to t/assets/gpg/pubring.gpg: binary file contents changed
dpkg-source: error: add t/assets/gpg/pubring.gpg in debian/source/include-binaries if you want to store the modified binary in the debian tarball
dpkg-source: error: cannot represent change to t/assets/gpg/trustdb.gpg: binary file contents changed
dpkg-source: error: add t/assets/gpg/trustdb.gpg in debian/source/include-binaries if you want to store the modified binary in the debian tarball
dpkg-buildpackage: error: dpkg-source -b . subprocess returned exit status 127


I guess that's what I meant with "leaves more files behind" in the
old changelog entry :)


Next step: There's already machinery for backupping and restoring a
file in debian/rules, maybe we can expand it easily …

Ok, seems to work at the second try.
Not the most beautiful d/rules ever :)


Alright, changes pushed to https://salsa.debian.org/perl-team/modules/packages/libconfig-identity-perl.git
but I wouldn't mind a second (yours or someone else's :)) pair of
eyes before uploading.


Cheers,
gregor

-- 
 .''`.  https://info.comodo.priv.at -- Debian Developer https://www.debian.org
 : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D  85FA BB3A 6801 8649 AA06
 `. `'  Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe
   `-   NP: Aimee Mann: Just Like Anyone
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: Digital Signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-perl-maintainers/attachments/20201215/c46ba5db/attachment.sig>

More information about the pkg-perl-maintainers mailing list