[Pkg-privacy-maintainers] RFS: codecrypt, the post-quantum cryptography tool
Ximin Luo
infinity0 at debian.org
Mon Apr 18 21:39:22 UTC 2016
Miroslav Kratochvil:
>> a) debian/copyright: https links please
>
> I guess that the "Format:" link stays http-only?
>
No that can be HTTPS as well :) The url works and any tool should support that at least.
>> b) debian/rules: if you want, you can add 'export DEB_BUILD_MAINT_OPTIONS
>> = hardening=+all' before the dpkg-buildflags stuff to switch on PIE and
>> bindnow. They are off by default because they break some builds, more info
>> on https://wiki.debian.org/Hardening.
>>
>
> Is it reasonable to add it by default? (I couldn't think of any situation
> where it would result in problems, but just to be sure...)
>
We'd have to go through the maintainers of dpkg-buildflags for that. But if you want to just "use whatever is the default in Debian" that's fine as well. (Perhaps they will add it in the future when less things break.)
>
>> [...]
>> For the versions that you already commited to the 'upstream' branch, you
>> will have to add the original tarballs by manually running 'pristine-tar
>> commit <orig.targz>' directly.
>>
>
> I hope I got it right. (anyway, should the resulting branch really stay
> unmerged to master?)
>
Yes, it remains unmerged - the tarballs aren't "part of" the main source tree.
You got it almost right, but unfortunately they need to be named exactly codecrypt_$version.orig.tar.gz - otherwise I get this error:
gbp:error: Pristine-tar couldn't checkout "codecrypt_1.7.4.orig.tar.gz": fatal: Path 'codecrypt_1.7.4.orig.tar.gz.delta' does not exist in 'refs/heads/pristine-tar'
Everything else looks good though.
> Anyway, I somehow registered at alioth as "exa-guest" (it forced the -guest
> suffix), but failed to find a button that would create some project or
> repo. Am I bad at searching or is there some required administrator action?
>
> :]
Click on the "request to join" button here: https://alioth.debian.org/projects/pkg-privacy/ then after we approve, you can log into SSH then create a git repo using the /srv/git.debian.org/git/pkg-privacy/setup-repository script. Let us know if you run into any other issues. :)
X
--
GPG: ed25519/56034877E1F87C35
GPG: rsa4096/1318EFAC5FBBDBCE
git://github.com/infinity0/pubkeys.git
More information about the Pkg-privacy-maintainers
mailing list