Hi, On Sat, Jul 30, 2016 at 02:01:51PM -0700, Sean Whitton wrote: > Package: devscripts > Version: 2.16.6 > Severity: normal > > Dear maintainers, > > uscan tries appending .asc to the tarball download URI. If that returns > HTTP 200, it will say something like this: > > > uscan warn: Possible OpenPGP signature found at: > > > > https://addons.mozilla.org/firefox/downloads/file/423258/self_destructing_cookies-0.4.10-an+fx.xpi?src=version-history.asc. > > Please consider adding opts=pgpsigurlmangle=s/$/.asc/ > > to debian/watch. see uscan(1) for more details. > > However, as can be seen from this example, uscan has appended .asc to > the query string i.e. the part of the URI after the final '?' > character.
Yes. > It is highly unlikely that this will ever be a real > signature file. In this case, huristics does not work. > uscan should, in this kind of case, try the following URI: > > > https://addons.mozilla.org/firefox/downloads/file/423258/self_destructing_cookies-0.4.10-an+fx.xpi.asc?src=version-history The upstream tarball filename is normally found by taking the last component of the URL and removing everything after any '?' or '#'. Problem is that some query strings contain upstream archive name after ? Use of pgpsigurlmangle is one way to avoid this problem. But let me think if there is a bit more reasonable huristics with least complication. Osamu > i.e. append the .asc to the part of the URI before the query string. Yah... Osamu _______________________________________________ devscripts-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/devscripts-devel
