Hi, On Wed, Jan 27, 2016 at 11:36:52AM +0100, Uwe Kleine-König wrote: > Package: devscripts > Version: 2.15.10 > Severity: normal > File: /usr/bin/uscan > Control: user adn+...@diwi.org > Control: usertag -1 + uscan > > Hello, > > I started experimenting with uscan's pgp mechanism to verfiy the > signature of rt-tests. You can reproduce my tests using: > > debcheckout rt-tests > cd rt-tests > echo > debian/watch 'version=4' > echo >> debian/watch > echo >> debian/watch 'opts="pgpsigurlmangle=s%.xz$%.sign%, decompress" > \' > echo >> debian/watch > 'http://www.kernel.org/pub/linux/utils/rt-tests/rt-tests-(.*)\.tar\.xz' ... > where the problem seems to be that uscan decompresses the archive but in > the same go removes the tar.xz for mk-origtargz. > > Without decompress in the options the signature verification obviously > fails.
You are right. uscan should keep the compressed file when decompressing it for the signature verification. > Is this just me using uscan in a wrong way, or is there something fishy > with uscan? In the first case an example would be great. No it is uscan problem I created. Osamu