X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=developers-reference.git;a=blobdiff_plain;f=pkgs.dbk;h=40ace63772f27819c5a533f4a79e5800c5b3caf3;hp=3dc249e11ba10581acf0c0125f27a62672396574;hb=f67750abdac139d21380c34ca0ba540e09e03153;hpb=f81208222903239b23f392916c1fe194d395cddd diff --git a/pkgs.dbk b/pkgs.dbk index 3dc249e..40ace63 100644 --- a/pkgs.dbk +++ b/pkgs.dbk @@ -223,23 +223,25 @@ distinction between the original sources and the patches applied for Debian the (more common) packages where there's an original source tarball file -accompanied by another file that contains the patches applied for Debian +accompanied by another file that contains the changes made by Debian For the native packages, the source package includes a Debian source control file (.dsc) and the source tarball -(.tar.gz). A source package of a non-native package +(.tar.{gz,bz2,lzma}). A source package of a non-native package includes a Debian source control file, the original source tarball -(.orig.tar.gz) and the Debian patches -(.diff.gz). +(.orig.tar.{gz,bz2,lzma}) and the Debian changes +(.diff.gz for the source format “1.0” or +.debian.tar.{gz,bz2,lzma} for the source format “3.0 (quilt)”). -Whether a package is native or not is determined when it is built by - dpkg-buildpackage -1 . The rest of this section relates -only to non-native packages. +With source format “1.0”, whether a package is native or not was determined +by dpkg-source at build time. Nowadays it is recommended +to be explicit about the desired source format by putting either “3.0 (quilt)” +or “3.0 (native)” in debian/source/format. +The rest of this section relates only to non-native packages. The first time a version is uploaded which corresponds to a particular upstream @@ -251,8 +253,8 @@ will not need to be re-uploaded. By default, dpkg-genchanges and dpkg-buildpackage will include the original source tar file -if and only if the Debian revision part of the source version number is 0 or 1, -indicating a new upstream version. This behavior may be modified by using +if and only if the current changelog entry has a different upstream version +from the preceding entry. This behavior may be modified by using -sa to always include it or -sd to always leave it out. @@ -265,8 +267,10 @@ the archive. Please notice that, in non-native packages, permissions on files that are not -present in the .orig.tar.gz will not be preserved, as diff does not store file -permissions in the patch. +present in the .orig.tar.{gz,bz2} will not be preserved, as diff does not store file +permissions in the patch. However when using source format “3.0 (quilt)”, +permissions of files inside the debian directory are +preserved since they are stored in a tar archive. @@ -297,7 +301,7 @@ time. Special case: uploads to the <literal>stable</literal> and <literal>oldstable</literal> distributions -Uploading to stable means that the package will transfered +Uploading to stable means that the package will transferred to the proposed-updates-new queue for review by the stable release managers, and if approved will be installed in stable-proposed-updates directory of the Debian archive. @@ -884,7 +888,7 @@ below on how to prepare packages for the Security Team to handle. The Security Tracker The security team maintains a central database, the -Debian Security Tracker. +Debian Security Tracker. This contains all public information that is known about security issues: which packages and versions are affected or fixed, and thus whether stable, testing and/or unstable are vulnerable. Information that is still confidential @@ -969,7 +973,7 @@ has become public. The Security Team has a PGP-key to enable encrypted communication about -sensitive issues. See the Security Team FAQ for details. +sensitive issues. See the Security Team FAQ for details. @@ -1110,7 +1114,7 @@ Be sure to verify the following items: Target the right distribution in your debian/changelog. For stable this is stable-security and -for testing this is testing-security, and for the previous +for testing this is testing-security, and for the previous stable release, this is oldstable-security. Do not target distribution-proposed-updates or stable! @@ -1158,7 +1162,7 @@ upload without upstream source ( dpkg-buildpackage -sd). Be sure to use the exact same -*.orig.tar.gz as used in the +*.orig.tar.{gz,bz2} as used in the normal archive, otherwise it is not possible to move the security fix into the main archives later. @@ -1244,7 +1248,7 @@ control information to place the package in the desired section, and re-upload the package (see the Debian Policy Manual for details). You must ensure that you include the -.orig.tar.gz in your upload (even if you are not uploading +.orig.tar.{gz,bz2} in your upload (even if you are not uploading a new upstream version), or it will not appear in the new section together with the rest of the package. If your new section is valid, it will be moved automatically. If it does not, then contact the ftpmasters in order to @@ -1393,9 +1397,10 @@ Note that this applies to each part of your package, including the sources: if you wish to replace the upstream source tarball of your package, you will need to upload it with a different version. An easy possibility is to replace foo_1.00.orig.tar.gz with -foo_1.00+0.orig.tar.gz. This restriction gives each file -on the ftp site a unique name, which helps to ensure consistency across the -mirror network. +foo_1.00+0.orig.tar.gz or +foo_1.00.orig.tar.bz2. This restriction gives each +file on the ftp site a unique name, which helps to ensure consistency +across the mirror network. @@ -1842,8 +1847,7 @@ fail also, and indicate this to a human reader without actually trying. In order to prevent autobuilders from needlessly trying to build your package, it must be included in packages-arch-specific, a list used by the wanna-build script. The current version is available -as ; +as ; please see the top of the file for whom to contact for changes.