Your message dated Wed, 13 May 2026 12:09:06 +0000
with message-id <[email protected]>
and subject line Bug#1059734: fixed in devscripts 2.26.8
has caused the Debian Bug report #1059734,
regarding /usr/bin/uscan: refuses to download a tarball it says matches, does
nothing, exits 0
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1059734: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059734
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: devscripts
Version: 2.23.4+deb12u1
Severity: normal
File: /usr/bin/uscan
Dear Maintainer,
Given:
$ head debian/*
==> debian/changelog <==
snappy-tools (0-1) unstable; urgency=low
==> debian/watch <==
version=4
opts="pgpsigurlmangle=s:$:.asc:" \
https://git.sr.ht/~nabijaczleweli/snappy-tools/refs
.*/([0-9][0-9a-zA-Z]*)@ARCHIVE_EXT@
(and an equivalent but fully-populated debian/,
with a fully-correct d/changelog and populated d/upstream/signing-key.asc)
uscan gives me
$ uscan --download-current-version --force-download -v
uscan info: uscan (version 2.23.4+deb12u1) See uscan(1) for help
uscan info: Scan watch files in .
uscan info: Check debian/watch and debian/changelog in .
uscan: warning: debian/changelog(l1): found end of file where expected
start of change data
uscan info: package="snappy-tools" version="0-1" (as seen in debian/changelog)
uscan info: package="snappy-tools" version="0" (no epoch/revision)
uscan info: ./debian/changelog sets package="snappy-tools" version="0"
uscan info: Process watch file at: debian/watch
package = snappy-tools
version = 0
pkg_dir = .
uscan info: opts: pgpsigurlmangle=s:$:.asc:
uscan info: line: https://git.sr.ht/~nabijaczleweli/snappy-tools/refs
.*/([0-9][0-9a-zA-Z]*)(?i)(?:\.(?:tar\.xz|tar\.bz2|tar\.gz|tar\.zstd?|zip|tgz|tbz|txz))
uscan info: Parsing pgpsigurlmangle=s:$:.asc:
uscan info: line: https://git.sr.ht/~nabijaczleweli/snappy-tools/refs
.*/([0-9][0-9a-zA-Z]*)(?i)(?:\.(?:tar\.xz|tar\.bz2|tar\.gz|tar\.zstd?|zip|tgz|tbz|txz))
uscan info: Last orig.tar.* tarball version (from debian/changelog): 0
uscan info: Download the --download-current-version specified version: 0
uscan info: Requesting URL:
https://git.sr.ht/~nabijaczleweli/snappy-tools/refs
uscan info: Matching pattern:
(?:(?:https://git.sr.ht)?\/\~nabijaczleweli\/snappy\-tools\/)?.*/([0-9][0-9a-zA-Z]*)(?i)(?:\.(?:tar\.xz|tar\.bz2|tar\.gz|tar\.zstd?|zip|tgz|tbz|txz))
uscan info: Found the following matching hrefs on the web page (newest first):
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0.tar.gz (0)
index=0-1 matched with the download version
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0.tar.gz (0)
index=0-1 matched with the download version
uscan info: Scan finished
I use the exact same d/watch for urlview (and other packages),
and it works there.
Actually, having just made a fake version 0a, I see that it /did/
download that.
With --d-c-v I still saw
uscan info: Found the following matching hrefs on the web page (newest first):
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz (0a)
index=0a-1
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz (0a)
index=0a-1
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0.tar.gz (0)
index=0-1 matched with the download version
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0.tar.gz (0)
index=0-1 matched with the download version
uscan info: Scan finished
but without I got
uscan info: Found the following matching hrefs on the web page (newest first):
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz (0a)
index=0a-1
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz (0a)
index=0a-1
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0.tar.gz (0)
index=0-1
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0.tar.gz (0)
index=0-1
uscan info: Looking at $base =
https://git.sr.ht/~nabijaczleweli/snappy-tools/refs with
$filepattern =
.*/([0-9][0-9a-zA-Z]*)(?i)(?:\.(?:tar\.xz|tar\.bz2|tar\.gz|tar\.zstd?|zip|tgz|tbz|txz))
found
$newfile =
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz
$newversion = 0a
$lastversion = 0
uscan info: Matching target for downloadurlmangle:
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz
uscan info: Upstream URL(+tag) to download is identified as
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz
uscan info: Filename (filenamemangled) for downloaded file: 0a.tar.gz
Newest version of snappy-tools on remote site is 0a, local version is 0
=> Newer package available from:
=> https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz
uscan info: Downloading upstream package: 0a.tar.gz
uscan info: Requesting URL:
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz
uscan info: Successfully downloaded upstream package: 0a.tar.gz
uscan info: Downloading OpenPGP signature from:
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz.asc
(pgpsigurlmangled)
as 0a.tar.gz.asc
uscan info: Requesting URL:
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz.asc
uscan warn: In directory ., downloading
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz.asc
failed: 404 NOT FOUND
uscan die: FAIL Checking OpenPGP signature (no keyring).
(correct, I didn't sign it).
With sed -i s/0/0a/ debian/changelog and --d-c-v I see
uscan info: Found the following matching hrefs on the web page (newest first):
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz (0a)
index=0a-1 matched with the download version
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz (0a)
index=0a-1 matched with the download version
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0.tar.gz (0)
index=0-1
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0.tar.gz (0)
index=0-1
uscan info: Looking at $base =
https://git.sr.ht/~nabijaczleweli/snappy-tools/refs with
$filepattern =
.*/([0-9][0-9a-zA-Z]*)(?i)(?:\.(?:tar\.xz|tar\.bz2|tar\.gz|tar\.zstd?|zip|tgz|tbz|txz))
found
$newfile =
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz
$newversion = 0a
$lastversion = 0a
uscan info: Matching target for downloadurlmangle:
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz
uscan info: Upstream URL(+tag) to download is identified as
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz
uscan info: Filename (filenamemangled) for downloaded file: 0a.tar.gz
Newest version of snappy-tools on remote site is 0a, specified download
version is 0a
uscan info: Not downloading, using existing file: 0a.tar.gz
uscan info: Downloading OpenPGP signature from:
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz.asc
(pgpsigurlmangled)
as 0a.tar.gz.asc
uscan info: Requesting URL:
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz.asc
uscan warn: In directory ., downloading
https://git.sr.ht/~nabijaczleweli/snappy-tools/archive/0a.tar.gz.asc
failed: 404 NOT FOUND
uscan die: FAIL Checking OpenPGP signature (no keyring).
so idk.
Does uscan simply refuse to download version 0?
Is this a bizarre perlism (version "0" => if version => false)?
Best,
наб
-- Package-specific info:
--- /etc/devscripts.conf ---
Empty.
--- ~/.devscripts ---
Not present
-- System Information:
Debian Release: 12.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500,
'stable-debug'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.1.0-9-amd64 (SMP w/24 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND,
TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8),
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages devscripts depends on:
ii dpkg-dev 1.21.22
ii fakeroot 1.31-1.2
ii file 1:5.44-3
ii gnupg 2.2.40-1.1
ii gpgv 2.2.40-1.1
ii libc6 2.36-9+deb12u3
ii libfile-dirlist-perl 0.05-3
ii libfile-homedir-perl 1.006-2
ii libfile-touch-perl 0.12-2
ii libfile-which-perl 1.27-2
ii libipc-run-perl 20220807.0-1
ii libmoo-perl 2.005005-1
ii libwww-perl 6.68-1
ii patchutils 0.4.2-1
ii perl 5.36.0-7+deb12u1
ii python3 3.11.2-1+b1
ii sensible-utils 0.0.17+nmu1
ii wdiff 1.2.2-5
Versions of packages devscripts recommends:
ii apt 2.6.1
ii curl 7.88.1-10+deb12u5
ii dctrl-tools 2.24-3+b1
pn debian-keyring <none>
ii dput 1.1.3
ii equivs 2.3.1
ii libdistro-info-perl 1.5+deb12u1
ii libdpkg-perl 1.21.22
ii libencode-locale-perl 1.05-3
pn libgit-wrapper-perl <none>
pn libgitlab-api-v4-perl <none>
ii liblist-compare-perl 0.55-2
ii liblwp-protocol-https-perl 6.10-1
ii libsoap-lite-perl 1.27-3
pn libstring-shellquote-perl <none>
ii libtry-tiny-perl 0.31-2
ii liburi-perl 5.17-1
pn licensecheck <none>
ii lintian 2.116.3
ii man-db 2.11.2-2
ii patch 2.7.6-7.1
ii pristine-tar 1.50
ii python3-apt 2.6.0
ii python3-debian 0.1.49
pn python3-magic <none>
ii python3-requests 2.28.1+dfsg-1
pn python3-unidiff <none>
ii python3-xdg 0.28-2
ii strace 6.1-0.1
ii unzip 6.0-28
ii wget 1.21.3-1+b2
ii xz-utils 5.4.1-0.2
Versions of packages devscripts suggests:
pn adequate <none>
pn at <none>
pn autopkgtest <none>
pn bls-standalone <none>
ii build-essential 12.9
pn check-all-the-things <none>
pn cvs-buildpackage <none>
ii debhelper 13.11.4
pn diffoscope <none>
pn disorderfs <none>
pn dose-extra <none>
pn duck <none>
pn elpa-devscripts <none>
pn faketime <none>
ii gnuplot-nox [gnuplot] 5.4.4+dfsg1-2+b2
pn how-can-i-help <none>
ii libauthen-sasl-perl 2.1600-3
pn libdbd-pg-perl <none>
pn libfile-desktopentry-perl <none>
pn libterm-size-perl <none>
ii libtimedate-perl 2.3300-2
pn libyaml-syck-perl <none>
ii mailutils [mailx] 1:3.15-4
pn mmdebstrap <none>
pn mozilla-devscripts <none>
pn mutt <none>
ii openssh-client [ssh-client] 1:9.2p1-2+deb12u2
pn piuparts <none>
pn postgresql-client <none>
pn pristine-lfs <none>
ii quilt 0.67+really0.66-1
pn ratt <none>
pn reprotest <none>
pn svn-buildpackage <none>
ii w3m 0.5.3+git20230121-2
-- no debconf information
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: devscripts
Source-Version: 2.26.8
Done: Holger Levsen <[email protected]>
We believe that the bug you reported is fixed in the latest version of
devscripts, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Holger Levsen <[email protected]> (supplier of updated devscripts package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 13 May 2026 13:31:45 +0200
Source: devscripts
Architecture: source
Version: 2.26.8
Distribution: unstable
Urgency: medium
Maintainer: Devscripts Maintainers <[email protected]>
Changed-By: Holger Levsen <[email protected]>
Closes: 933555 1059734 1115546 1120369 1133886
Changes:
devscripts (2.26.8) unstable; urgency=medium
.
[ Jochen Sprickerhof ]
* Bump minimal black version.
* test_uscan_git: Fix for git version in trixie.
.
[ Charles Plessy ]
* uscan:
- get template from metadata and package name from d/copyright.
- remove stray print statement in CRAN template.
.
[ Agustin Martin Domingo ]
* Uscan/WatchSource.pm: Deal with "0" package version. Closes: #1059734.
* Uscan/Config.pm: Also support --nodownload as specified in docstrings.
Closes: #933555.
* Github.pm: Allow customized version regexps with new 'Custom-Version'
parameter. Closes: #1115546, #1120369.
.
[ Chow Loong Jin ]
* uscan:
- support `$pkg_$ver.tar.gz` filenames in mode:git
- fix misparsed version from filenamemangling result in vcs.
Closes: #1133886.
* salsa-ci: Disable test-uscan job.
.
[ Yadd ]
* uscan:
- update STABLE_VERSION to accept 0.x.y versions.
- fix USCAN_HTTP_HEADER failure when value contains a space.
.
[ cen ]
* debrebuild: document --cache flag usage.
.
[ Agustin Martin ]
* Gitlab.pm: Allow customized version regexps with new 'Custom-Version'
parameter.
.
[ Lukas Märdian ]
* debchange: Adopt for 'LTS Team' in favor of 'LTS Security Team'.
* po: Update debchange translations.
Checksums-Sha1:
ba5fc06718b6b87e108856194508b607918bf791 3474 devscripts_2.26.8.dsc
97d5e632185535e50f053e327c03bd3469573e5e 1118456 devscripts_2.26.8.tar.xz
f4f08d147f2db2ce87415bfdbd00fa6648f2dce3 20580
devscripts_2.26.8_source.buildinfo
Checksums-Sha256:
9e1d38b880f751b24e4a2153055451d52b98b5ddd5eee779c642bda1db57aa7a 3474
devscripts_2.26.8.dsc
3b97d88d14302761ad42f83d0a86a5148fd106df997802b8f72388b44f3d6d5f 1118456
devscripts_2.26.8.tar.xz
9bb9b601c531537b86cdd418b0bb9367f00f8e3e22f0746369f299db94552df6 20580
devscripts_2.26.8_source.buildinfo
Files:
0a966303b3a35067cc86ba8dc06cd96d 3474 devel optional devscripts_2.26.8.dsc
822b4d38941dafeb8c83bf8fc9c161fb 1118456 devel optional
devscripts_2.26.8.tar.xz
96314625d9bfd8fb2f2233382f934165 20580 devel optional
devscripts_2.26.8_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEuL9UE3sJ01zwJv6dCRq4VgaaqhwFAmoEYeYACgkQCRq4Vgaa
qhwl/w/9HDp+HSCq0UHJ1QM/8VXLIjQOEt9DtxN3Axmi4+mHeXhHQemiew7V9bcc
v0kBjlDrMnoy3ncC6OPYK3cEWIXPOhDSDf3s8OrHMSTx/aAI/gdXbXB8Q0+H/QL+
eT79wRCJCAU0lFUcmf0UhPdjdoWUjJkQELtU1j3QtA/MF2A4NGaXpb8iIjm7FzB3
urGKGzV2tqSEFCNLBWFkzOF07Np0sGbD7ZR+cVH4RcgSGbdyKQAZO5nmGyCYQ9zL
Jc9OQFMGRxcSAAeyKbit/Glz/4tdOWVYEUjz0wySmQ5ws6ZT33D7Bg9unuIb7EEz
W9eWYQmCsWHaAMIAu+gNu08b+Lfr6CULnQq6lKc+7ZMmT7WLCmq134Ie9rXXXp31
x4+7Wrk6b9WvXoavSer6l5I4s/YEbHy6fuTw2Jwfv4TjG3BXtzK7JToO6vHG7Sgt
lLOdPsUo4qLXGrpxZ9RugIwvsal5ZY2H8+9MKHipi6path86hKWY4z+HsZDn4Xfk
qyuymJ0WZawL3sLiVmAs+KyWU/0y+lKnj6Tzh/IP/aX7c/BmnhTVNuZSS0avjs19
2Q6jGuZ5A3VOtNt7/38T9re7BVJX+7cxKeScEVv7MSnnEj+0UVUICpqBGTtQ2quS
cExX2JeMWGBhaCN5MrHDiOJa19V0Qfm/u24GgskfMGiuQ9aNtcs=
=Y2Hp
-----END PGP SIGNATURE-----
pgpKlUscpeY24.pgp
Description: PGP signature
--- End Message ---
