Debian Bug report logs - #732449
devscripts: uscan should check for likely URLs for upstream cryptographic signatures

version graph

Package: devscripts; Maintainer for devscripts is Devscripts Devel Team <devscripts-devel@lists.alioth.debian.org>; Source for devscripts is src:devscripts.

Reported by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Date: Wed, 18 Dec 2013 07:33:02 UTC

Severity: normal

Tags: patch

Found in version devscripts/2.13.8

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, dkg@fifthhorseman.net, Devscripts Devel Team <devscripts-devel@lists.alioth.debian.org>:
Bug#732449; Package devscripts. (Wed, 18 Dec 2013 07:33:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Daniel Kahn Gillmor <dkg@fifthhorseman.net>:
New Bug report received and forwarded. Copy sent to dkg@fifthhorseman.net, Devscripts Devel Team <devscripts-devel@lists.alioth.debian.org>. (Wed, 18 Dec 2013 07:33:06 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: devscripts: uscan should check for likely URLs for upstream cryptographic signatures
Date: Wed, 18 Dec 2013 02:24:27 -0500
[Message part 1 (text/plain, inline)]
Package: devscripts
Version: 2.13.8
Severity: normal
Tags: patch

now that pgpsigurlmangle is available, it would be nice to remind
package maintainers if upstream is offering something that looks like
a cryptographic signature.

the attached patch implements such a check.

    --dkg

-- Package-specific info:

--- /etc/devscripts.conf ---

--- ~/.devscripts ---
Not present

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.11-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages devscripts depends on:
ii  dpkg-dev     1.16.12
ii  libc6        2.17-97
ii  perl         5.18.1-5
ii  python3      3.3.2-17
pn  python3:any  <none>

Versions of packages devscripts recommends:
ii  at                          3.1.14-1
ii  curl                        7.33.0-1
ii  dctrl-tools                 2.23
ii  debian-keyring              2013.12.13
ii  dput-ng [dput]              1.7
ii  dupload                     2.7.0
pn  equivs                      <none>
ii  fakeroot                    1.18.4-2
ii  gnupg                       1.4.15-1.1
ii  libdistro-info-perl         0.11
ii  libencode-locale-perl       1.03-1
ii  libjson-perl                2.61-1
ii  liblwp-protocol-https-perl  6.04-2
ii  libparse-debcontrol-perl    2.005-4
pn  libsoap-lite-perl           <none>
ii  liburi-perl                 1.60-1
ii  libwww-perl                 6.05-2
ii  lintian                     2.5.20
ii  man-db                      2.6.5-2
ii  patch                       2.7.1-4
ii  patchutils                  0.3.2-3
ii  python3-debian              0.1.21+nmu2
pn  python3-magic               <none>
ii  sensible-utils              0.0.9
ii  strace                      4.5.20-2.3
ii  unzip                       6.0-10
ii  wdiff                       1.2.1-1
ii  wget                        1.14-5
ii  xz-utils                    5.1.1alpha+20120614-2

Versions of packages devscripts suggests:
ii  build-essential              11.6
pn  cvs-buildpackage             <none>
ii  devscripts-el                35.8
pn  gnuplot                      <none>
ii  gpgv                         1.4.15-1.1
ii  heirloom-mailx [mailx]       12.5-2
pn  libauthen-sasl-perl          <none>
pn  libfile-desktopentry-perl    <none>
ii  libnet-smtp-ssl-perl         1.01-3
pn  libterm-size-perl            <none>
ii  libtimedate-perl             2.3000-1
pn  libyaml-syck-perl            <none>
ii  mailutils [mailx]            1:2.99.98-1.1
pn  mutt                         <none>
ii  openssh-client [ssh-client]  1:6.4p1-1
ii  svn-buildpackage             0.8.5
pn  w3m                          <none>

-- debconf-show failed
[uscan-look-for-signature.diff (text/x-diff, attachment)]

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Apr 19 02:20:43 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.