Martin Pool [2011-02-17 18:02 +1100]: > <https://dev.launchpad.net/LEP/BuildFromBranchIntoPrimary>
> How do we distinguish commits that ought to be built from those that > don't? A very common workflow for packages is to commit the actual changes to the package while keeping the upload target as "UNRELEASED". Once you want to upload it, you do "dch -r" to flip the upload target to "natty" (or maverick-proposed, etc.), and commit that change with "debcommit -r", which will also tag the revision with the package version number. In order to fulfill the "at least as secure" requirement, we'd need to additionally GPG-sign that "release" commit. So IMHO a package should be built on each commit which has a tag and a GPG signature. Thanks! Martin -- Martin Pitt | http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org) -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel