Debian Security Tools Packaging Team (pkg-security)

Infrastructure

Interacting with the team

Usual roles

Task description

Maintain correctly all security related tools. Merge back tools packaged by security-oriented Debian derivatives.

Get involved

Packaging rules

Git packaging tool and repository layout

We use git-buildpackage with full sources stored in the repository and with pristine-tar to be able to retrieve the orig tarball out of the git repository. We strive to respect DEP-14 for the repository layout so the default branch should be "debian/master".

For a better experience you might want to set the following options in ~/.gbp.conf:

[DEFAULT]
pristine-tar = True
cleaner = /bin/true

[buildpackage]
sign-tags = True
export-dir = ../build-area/
ignore-branch = True

[import-orig]
filter-pristine-tar = True

[pq]
patch-numbers = False

[dch]
multimaint-merge = True

The "ignore-branch" is important so that git-buildpackage doesn't complain of the unexpected name of the packaging branch. The "export-dir" setting ensures builds are done on a separate copy of the sources, thus avoiding to pollute/break the git repository with build artifacts.

Creating new repositories

Salsa team's masters and owners can create new repositories. If you don't have the required permissions, feel free to ask for a new repository on the project mailing list. Someone will set it up for you and grant you full access to it.

When you create a new repository, you should configure it in the following way:

Packaging helper

We use the "dh" command provided by debhelper to ensure we have short but expressive debian/rules files.

Maintainer field

The Maintainer field should be set to Debian Security Tools <team+pkg-security@tracker.debian.org>. That way the package will be automatically added to the pkg-security team on tracker.debian.org and the discussion mailing list is not polluted with bug reports and all other maintainer emails.