Upstream tarballs usually come with detached signatures, which would be
useful to have in the source package, as an additional check that could
be performed to verify its integrity and provenance.
dpkg-source supports this since 1.17.20.
Closes: #759401
(r'tar.gz', ('native_tar_gz', 'native_tar')),
(r'debian\.tar\.(gz|bz2|xz)', ('debian_tar',)),
(r'orig\.tar\.(gz|bz2|xz)', ('orig_tar',)),
(r'tar.gz', ('native_tar_gz', 'native_tar')),
(r'debian\.tar\.(gz|bz2|xz)', ('debian_tar',)),
(r'orig\.tar\.(gz|bz2|xz)', ('orig_tar',)),
+ (r'orig\.tar\.(gz|bz2|xz)\.asc', ('orig_tar_sig',)),
(r'tar\.(gz|bz2|xz)', ('native_tar',)),
(r'orig-.+\.tar\.(gz|bz2|xz)', ('more_orig_tar',)),
(r'tar\.(gz|bz2|xz)', ('native_tar',)),
(r'orig-.+\.tar\.(gz|bz2|xz)', ('more_orig_tar',)),
+ (r'orig-.+\.tar\.(gz|bz2|xz)\.asc', ('more_orig_tar_sig',)),
reject("%s: unexpected source file '%s'" % (dsc_filename, f))
# Check for multiple files
reject("%s: unexpected source file '%s'" % (dsc_filename, f))
# Check for multiple files
- for file_type in ('orig_tar', 'native_tar', 'debian_tar', 'debian_diff'):
+ for file_type in ('orig_tar', 'orig_tar_sig', 'native_tar', 'debian_tar', 'debian_diff'):
if has[file_type] > 1:
rejmsg.append("%s: lists multiple %s" % (dsc_filename, file_type))
if has[file_type] > 1:
rejmsg.append("%s: lists multiple %s" % (dsc_filename, file_type))