Hi, I imported a new package called voikko-fi yesterday. I think I hit a bug in fedpkg, but I'm not sure. The packaging guidelines say "Any detached signature file (e.g. foo.tar.gz.asc or foo.tar.gz.sig) must be uploaded to the package lookaside cache alongside the source code, while the keyring must be committed directly to the package SCM."
I think fedpkg import did this the other way around. The keyring (called gpgkey-AC5D65F10C8596D7E2DAE2633D309B604AE3942E.gpg) was uploaded to the lookaside cache. The signature file (called voikko-fi-2.4.tar.gz.asc) was about to be committed to git. I fixed things manually as much as I could. I don't have the shell history available anymore and I may have made an error somewhere myself. I have not looked at the fedpkg source code yet, it'd be interesting to know how to test the import again without breaking anything. -Ville-Pekka _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
