Guidance, with my first deb, I seekj
Colin Watson
cjwatson at ubuntu.com
Sat May 28 15:09:46 CDT 2005
On Sat, May 28, 2005 at 09:17:44AM -0400, Jeff Bailey wrote:
> Le vendredi 27 mai 2005 à 21:48 -0700, Matt Zimmerman a écrit :
> > Colin Watson wrote:
> > > It looks like your i386 box doesn't have gnupg installed, or you have no
> > > GPG key on that machine. When doing test builds, I normally build with
> > > the -uc -us options to suppress signing.
> >
> > One Of These Days that really ought to become the default. Signing should
> > be part of the upload process, not the build process.
>
> I disagree - I like to know that an instance of the build that I have
> sitting there is signed and stable - then I can scp it to someplace else
> and be able to trust its integrity.
Isn't it just as easy to say "OK, that build went fine, run 'debsign'",
rather than having to say "damn, that build broke, now I have to ctrl-C
the signing process and maybe fix up my terminal afterwards"? I always
run 'debsign' by hand after I've checked that the build is good.
Cheers,
--
Colin Watson [cjwatson at ubuntu.com]
More information about the ubuntu-devel
mailing list