Hi, (This is RFH) On Mon, Aug 21, 2017 at 09:43:13AM +0200, Kurt Roeckx wrote: > On Mon, Aug 21, 2017 at 09:30:41AM +0200, Vincent Bernat wrote: > > ❦ 15 juillet 2017 23:06 +0100, Chris Lamb <la...@debian.org> : ... > > Integration with uscan is not done either.
The stretch uscan has download and verification included. The buster uscan is aiming to do the proper renaming to match dpkg-source expectation. > There is a bug against uscan to do this, I understand that it's > been committed just not uploaded yet. Yes. With test script run on the build time, I confirmed it is working. (Cross my fingers) The updated uscan should support typical upstream combinations: 1) (foo-ver.tar.gz, foo-ver.tar.gz.{pgp,gpg,sgn,sign,asc}) -> (foo_ver.tar.orig.gz, foo_ver.orig.tar.gz.asc) 2) (foo-ver.tar.gz, foo-ver.tar.{pgp,gpg,sgn,sign,asc}) -> (foo_ver.tar.orig.gz, foo_ver.orig.tar.asc) I think the output of 1) is supported by the stretch dpkg-source but I am not sure for the output of 2). There is another way of signing package: non-detached signature with gpg -s or gpg -sa. Not so popular but there were wishlist bug for it in BTS. For such an upstream file, I wish to convert to -> (foo_ver.tar.orig.gz, foo_ver.orig.tar.gz.asc) I know how to get the foo_ver.tar.orig.gz but the conversion of signature to detached format seems non-intuitive task. Your expert help on gpg trick is most appreciated. Regards, Osamu