Re: pristine sources?

To: Guy Maor <maor@ece.utexas.edu>
Cc: debian-devel@lists.debian.org
Subject: Re: pristine sources?
From: Andreas Jellinghaus <aj@dungeon.inka.de>
Date: Fri, 10 Oct 1997 19:32:53 +0200
Message-id: <[🔎] 19971010193253.06864@dungeon.inka.de>
In-reply-to: <[🔎] 8790w1zq27.fsf@slip-115-3.ots.utexas.edu>; from Guy Maor on Fri, Oct 10, 1997 at 08:49:04AM -0500
References: <[🔎] Pine.LNX.3.96.971010084539.17386A-100000@dwarf.polaris.net> <[🔎] 8790w1zq27.fsf@slip-115-3.ots.utexas.edu>

> The new procedure is:
> Unpack the upstream source into <package>-<version>.
> Rename the upstream source file into <package>-<version>.orig.tar.gz.
> Add the debian directories, do a dpkg-buildpackage.

so, if a debian .orig.tar.gz has the same md5sum like on tar.gz on
sunsite, it is a pristine source. if it has a different md5sum, it could
be :
a) a modified tar.gz
b) a orig.tar.gz created by debian

as far as i understood, pristine sources should add more security, so we
can directly compare our md5sums with those of sunsite and other
servers. but where is the sence, if we never now, if a file is pristine
source, or a source modified by us ? 

i know : we can look into the tar, and if it unpacks in *orig/, we
modified it. but some name convention or so could be better ?

andreas


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Follow-Ups:
- Re: pristine sources?
  - From: Guy Maor <maor@ece.utexas.edu>

References:
- Re: pristine sources?
  - From: Dale Scheetz <dwarf@polaris.net>
- Re: pristine sources?
  - From: Guy Maor <maor@ece.utexas.edu>

Prev by Date: "Libc6 runtime kit" for bo
Next by Date: Re: pristine sources?
Previous by thread: Re: pristine sources?
Next by thread: Re: pristine sources?
Index(es):
- Date
- Thread