Package: devscripts Version: 2.22.2 Hello,
Package 'guzzle' [1] has the following debian/watch file: version=4 opts=uversionmangle=s/-?([^\d.]+)/~$1/;tr/A-Z/a-z/,\ mode=git,gitmode=full,gitexport=all,pgpmode=gittag \ https://github.com/guzzle/guzzle \ refs/tags/v?(\d.+) Upstream signs their tags, but their signatures do not conform to regex in /usr/share/perl5/Devscripts/Uscan/Keyring.pm. This is signature text extracted via 'git cat-file' inside uscan-cloned git repository (using 'uscan --debug'): $ git cat-file -p 1dd98b0564cb3f6bd16ce683cb755f94c10fbd82 tree 4f4eec867a386baf9c28f21f14fe4fe7cc8f4108 parent 8d2ce4ed2e29c39be53e39701fa6641d0f125441 author Graham Campbell <grahamcampb...@users.noreply.github.com> 1655763373 +0100 committer GitHub <nore...@github.com> 1655763373 +0100 gpgsig -----BEGIN PGP SIGNATURE----- wsBcBAABCAAQBQJisPGtCRBK7hj4Ov3rIwAAxTUIAAdH68qdj8RlwkYyAnwPjarj d3Fze62RSSsHGyBsJSGhrCRAbVWRuKK3Rgz6R46yxO/dtrvz7ylhx71cM3CN+F8x CwI+4CDP6tx10oqz1FduN/0EYCX3FrycUR0/ENAbPk7vyhOWAjW8Buw1r+rQ09Eo nptloOVzPbLtFryGAF2CUa9/OlBHk9r5n64g+PwO5oJiOsBryZlQjWxv0G1baqio Lm7x09Xj1IGt9ounK6wE/nAnAzCpd7Tc/yFI65Ll68+sODWTLbY10ib1Zi7Mqi+p 3je59I2xXluwvFBOjQ8lKqZL+5qsyrFx1wtkYdpcdhUifeum2ljezD17Cf51mgc= =AE1A -----END PGP SIGNATURE----- Release 7.4.5 (#3043) The line with 'BEGIN PGP SIGNATURE' starts with 'gpgsig', which does not conform to the said regex. I have no idea whether such format is correct, but this seems to be the way GitHub creates and signs tags. [1] https://salsa.debian.org/php-team/pear/php-guzzlehttp-guzzle, git commit 566758a46d5697a76e08d8801dcdbdafcefef939 Andrius
