Stefan Fritsch
2007-Jun-23 12:43 UTC
[Secure-testing-team] Making testing-security uploads easier
Hi, I briefly talked to aj on Thursday about changes to the testing-security upload procedure: Creating some script that copies (or allows sec_public to copy) stable-security releases to testing-security should not be a problem. aj agreed to look into that. Doing automated recompiles of unstable packages to testing is not possible (or would be very difficult to implement) because the source would need a new version number (with ~lenny), and the arch all packages would need to be built, i.e. the procedure would be quite different from binNMUs. aj was of the opinion that the signing of the buildlogs should be done by us and not the buildd admins. He thought the signing wasn''t much work with the mutt scripts. Being able to copy stable-security releases would certainly help in the time after a stable release, but it won''t help much shortly before a release. Writing a script that downloads source from unstable, mangles the changelog, and then puts it into pbuilder wouldn''t be difficult. I guess that would already help a bit. About the buildlog signing I am not sure. Would it be possible to upload to t-p-u instead? But this would put strain on the release team because they have to approve the packages. OTOH, I have not tried the mutt scripts yet (haven''t used mutt so far). Cheers, Stefan