Guillem Jover writes ("Re: Bug#852822: signing buildinfo by default breaks
compatibility"):
> I actually realized this while I was waking up today, and brought it
> up on IRC. My biggest concern was the buildd network, because that
> is explicitly not signing files from inside the chroots. But due to
> gnupg not being installed anymore by default (and very few packages
> at least directly Build-Depending on it), and the buildd chroots not
> containing any home directory, the signing is not performed anyway.
> So in that sense the upload was "safe" from the major fallout. And I
> was then planning on fixing this for .20, after the testing migration
> as it indeed breaks user's and other tools expectations.
Thanks for fixing it earlier.
I didn't do thorough tests, but the change would have broken dgit.
Probably the test suite; perhaps the build wrapper methods; and
certainly the workflow documentation.
> Yes, that's also the conclusion I had arrived at noon, even though
> that makes the semantics suck a bit, but oh well. The other thing I
> was planning (and I've done locally), is to add a new --no-sign
> option which will make this kind of thing future-proof.
Can you please make a short alias for --no-sign ? Many tasks
(particularly ones done by non-dds) involve building packages without
signing them.
Also, please bear in mind that runes in documentation like
dgit-user(7) will live on in people's finger macros for many years.
Thanks,
Ian.
https://manpages.debian.org/testing/dgit/dgit-user.7.en.html
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
