# (With --cron AUTH-SPEC is not used and may be the empty string.)
use strict;
-$SIG{__WARN__} = sub { die $_[0]; };
+
+use Debian::Dgit qw(:DEFAULT :policyflags);
+setup_sigwarn();
# DGIT-REPOS-DIR contains:
# git tree (or other object) lock (in acquisition order, outer first)
# as a result of this the stunt pre-receive hook runs; it does this:
# + understand what refs we are allegedly updating and
# check some correspondences:
-# * we are updating only refs/tags/DISTRO/* and refs/dgit/*
+# * we are updating only refs/tags/[archive/]DISTRO/* and refs/dgit/*
# * and only one of each
# * and the tag does not already exist
# and
# * the signed tag must refer to a commit
# * the signed tag commit must be the refs/dgit value
# * the name in the signed tag must correspond to its ref name
-# * the tag name must be debian/<version> (massaged as needed)
+# * the tag name must be [archive/]debian/<version> (massaged as needed)
# * the suite is one of those permitted
# * the signed tag has a suitable name
# * run the "push" policy hook
use File::Path qw(rmtree);
use File::Temp qw(tempfile);
-use Debian::Dgit qw(:DEFAULT :policyflags);
-
initdebug('');
our $func;
ensuredir "$dgitrepos/_removed-tags";
open PREVIOUS, ">>", removedtagsfile or die removedtagsfile." $!";
- git_for_each_ref('refs/tags/'.debiantag('*',$distro), sub {
+ git_for_each_ref('refs/tags/'.debiantag_old('*',$distro), sub {
my ($objid,$objtype,$fullrefname,$reftail) = @_;
print PREVIOUS "\n$objid $reftail .\n" or die $!;
}, $real);
printdebug " dm_txt_check $keyid $dmtxtfn\n";
open DT, '<', $dmtxtfn or die "$dmtxtfn $!";
while (<DT>) {
- m/^fingerprint:\s+$keyid$/oi
+ m/^fingerprint:\s+\Q$keyid\E$/oi
..0 or next;
if (s/^allow:/ /i..0) {
} else {
tagh1('object') eq $commit or reject "tag refers to wrong commit";
tagh1('tag') eq $tagname or reject "tag name in tag is wrong";
- my $expecttagname = debiantag $version, $distro;
+ my $expecttagname = debiantag_old $version, $distro;
printdebug "expected tag $expecttagname\n";
$tagname eq $expecttagname or die;