devscripts - Debian Package Tracker

general

source: devscripts (main)
version: 2.25.23
maintainer: Devscripts Maintainers (DMD)
uploaders: Holger Levsen [DMD] – Benjamin Drung [DMD] – Mattia Rizzolo [DMD]
arch: all
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.21.3+deb11u1
oldstable: 2.23.4+deb12u2
old-bpo: 2.25.15~bpo12+1
stable: 2.25.15+deb13u1
stable-bpo: 2.25.22~bpo13+1
testing: 2.25.22
unstable: 2.25.23

versioned links

2.21.3+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.23.4+deb12u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.25.15~bpo12+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.25.15+deb13u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.25.22~bpo13+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.25.22: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.25.23: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

devscripts (532 bugs: 0, 212, 320, 0)

action needed

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2025-8454: It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then.

Created: 2025-07-14 Last update: 2025-11-02 18:01

1 security issue in forky high

There is 1 open security issue in forky.

1 important issue:

CVE-2025-8454: It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then.

Created: 2025-08-09 Last update: 2025-11-02 18:01

2 bugs tagged help in the BTS normal

The BTS contains 2 bugs tagged help, please consider helping the maintainer in dealing with them.

Created: 2025-08-23 Last update: 2025-11-03 23:30

46 bugs tagged patch in the BTS normal

The BTS contains patches fixing 46 bugs (48 if counting merged bugs), consider including or untagging them.

Created: 2025-01-06 Last update: 2025-11-03 23:30

Depends on packages which need a new maintainer normal

The packages that devscripts depends on which need a new maintainer are:

docbook-xsl (#802370)
- Build-Depends: docbook-xsl
svn-buildpackage (#726770)
- Suggests: svn-buildpackage

Created: 2019-11-22 Last update: 2025-11-03 22:01

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2.25.24, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 26d8b2208582e8d2424088e7289730af87f723bd
Merge: 6ea41e6b 39cd8376
Author: Yadd <yadd@debian.org>
Date:   Mon Nov 3 21:34:43 2025 +0100

    Merge branch 'uscan-clean-deps'

commit 6ea41e6b2dc510dbdbc093e9eb482e89b1534374
Merge: 6bb65f63 894f3910
Author: Yadd <yadd@debian.org>
Date:   Mon Nov 3 21:33:30 2025 +0100

    Merge remote-tracking branch 'yadd/salsa-retry-pipelines'

commit 6bb65f63ff24a59c471ebee685958e1d3af8baac
Author: Yadd <yadd@debian.org>
Date:   Mon Nov 3 21:17:01 2025 +0100

    uscan: add test for Gitlab with Uversion-Mangle

commit b8e0f86e1480b432b3c75c90ef5e48d1fbd2b93c
Merge: f55f4dcf 89c7a4b2
Author: Yadd <yadd@debian.org>
Date:   Mon Nov 3 21:15:57 2025 +0100

    Merge remote-tracking branch 'vdanjean/main'

commit f55f4dcf254baa9417f175f7f010595e7bd287a9
Author: Yadd <yadd@debian.org>
Date:   Sun Nov 2 13:15:42 2025 +0100

    Fix GitHub template when version contains a "-"
    
    Closes: #1111268

commit 036e30b6037a9fa5aef61a188bc804e0ca8cf8eb
Author: Yadd <yadd@debian.org>
Date:   Sun Nov 2 16:59:02 2025 +0100

    Fix Gitlab template when version starts with "v"
    
    Closes: #1113795

commit e7d669d8ae67ad5df48bc76f08cfb04a7c92ebfc
Author: Hugh McMaster <hmc@debian.org>
Date:   Mon Nov 3 10:28:25 2025 +1100

    debian/changelog: Fix whitespace typo
    
    Gbp-Dch: Ignore

commit c3557540c351198fbc101b39f75cf63f2def6267
Author: Yadd <yadd@debian.org>
Date:   Sun Nov 2 13:35:11 2025 +0100

    Update French translations

commit 68321a3d77c1b6cb4ed2e4f08ea546c5f83ff4cf
Author: Holger Levsen <holger@layer-acht.org>
Date:   Sun Nov 2 12:04:58 2025 +0100

    Start 2.25.24 development.
    
    d/changelog entries will be written on release
    using the git commit messages.
    
    Use 'gbp dch --since v2.25.23 --multimaint-merge'
    to write d/changelog entries since that last release.
    
    Gbp-Dch: ignore
    Signed-off-by: Holger Levsen <holger@layer-acht.org>

commit e081dc57673a0a79c82ab648a0ea8fc661b9ea24
Author: Holger Levsen <holger@layer-acht.org>
Date:   Sun Nov 2 11:53:47 2025 +0100

    release as 2.25.23
    
    Signed-off-by: Holger Levsen <holger@layer-acht.org>

commit eb70ed13eaf76c449ff98bba27f26e392220e02d
Author: Hugh McMaster <hmc@debian.org>
Date:   Sun Nov 2 16:53:14 2025 +1100

    test/test_uscan_git: Add testGitUpstreamHead* tests

commit 7b13b3a82142324c2caf39d27024473f313923a1
Author: Hugh McMaster <hmc@debian.org>
Date:   Sun Nov 2 16:52:04 2025 +1100

    uscan/Git.pm: Support archiving in upstream mode
    
    Closes: #1111962

commit 00f0cf254c84d9bfef4437e698afebcfc854c79f
Author: Hugh McMaster <hmc@debian.org>
Date:   Sun Nov 2 15:59:00 2025 +1100

    uscan/Downloader.pm: Handle user-specified git submodules in upstream mode

commit f7a538b3b61686e59f7ce3d9623dc88ada480d69
Author: Hugh McMaster <hmc@debian.org>
Date:   Mon Oct 27 22:32:59 2025 +1100

    test/test_uscan_git: Add and use verifyTarFiles() in all tests

commit a49fd45eb48fc37a11b835c583789dc56e550977
Author: Hugh McMaster <hmc@debian.org>
Date:   Sat Oct 25 23:07:38 2025 +1100

    test/test_uscan_git: Don't init or deinit submodules in upstream tests

commit 6c368671c606416d650a39eb5d7462ac662ef190
Author: Hugh McMaster <hmc@debian.org>
Date:   Sun Nov 2 17:25:12 2025 +1100

    scripts/debian-watch.pod: Remove erroneous =back instruction

commit 20c6e977e3f65d753fd471f88df37e7cb4f257e6
Author: Holger Levsen <holger@layer-acht.org>
Date:   Fri Oct 31 14:07:22 2025 +0100

    Update po4a.
    
    Signed-off-by: Holger Levsen <holger@layer-acht.org>

commit 287323a400e8c734d1f55448f0b0a17fd569dc1a
Author: Agustin Martin Domingo <agmartin@debian.org>
Date:   Tue Oct 28 00:40:23 2025 +0100

    scripts/debian-watch.pod: Document Update-Script: option for custom scripts. Closes: #1119152
    
    Signed-off-by: Holger Levsen <holger@layer-acht.org>

commit 190fb90b50d1a41c2ef315882ae6793e5253b22a
Author: Agustin Martin Domingo <agmartin@debian.org>
Date:   Mon Oct 27 23:54:10 2025 +0100

    scripts/debian-watch-4.pod: Minor change suggested in custom scripts section.
    
    Signed-off-by: Holger Levsen <holger@layer-acht.org>

commit 62a5c1b775e6ea3928fc5d1c1d417f5b65e7f283
Author: Jochen Sprickerhof <jspricke@debian.org>
Date:   Mon Oct 27 08:35:34 2025 +0100

    Start 2.25.23 development.
    
    d/changelog entries will be written on release
    using the git commit messages.
    
    Use 'gbp dch --since v2.25.22 --multimaint-merge'
    to write d/changelog entries since that last release.
    
    Gbp-Dch: ignore

commit 35e99ab19881b8372e6d8f866c5b850dc239327d
Merge: 3291b8b7 e31d6eb7
Author: Jochen Sprickerhof <jspricke@debian.org>
Date:   Mon Oct 27 08:31:03 2025 +0100

    Declare fast forward from 2.25.21
    
    [dgit --overwrite]

commit 3291b8b78ea45c2869a0ad04158fca3347e86008
Author: Jochen Sprickerhof <jspricke@debian.org>
Date:   Mon Oct 27 08:31:25 2025 +0100

    Update changelog for 2.25.22 release

commit 4e7c3c61673e35f8b16d3ec5a2167244e86f56fe
Author: Jochen Sprickerhof <jspricke@debian.org>
Date:   Sat Oct 18 20:04:56 2025 +0200

    debootsnap: query the unstable Debian archive
    
    This allows using the deb.debian.org archive in addition to
    snapshot.debian.org, for example when snapshost or metasnap is lagging
    behind.

commit 5b6fa5fcaf958f03d9681560261c26ed66d2c9fd
Author: Jochen Sprickerhof <jspricke@debian.org>
Date:   Thu Oct 23 15:31:50 2025 +0200

    scripts/devscripts/proxy.py: support all archive areas
    
    debootsnap queries for: debian debian-debug debian-security debian-ports
    debian-volatile debian-backports. Instead of keeping this list in sync
    just except more areas.

commit 1ad76afbefb244de82b2f35c63cbe728feaf22bb
Author: Holger Levsen <holger@layer-acht.org>
Date:   Fri Oct 24 10:28:29 2025 +0200

    Start 2.25.22 development.
    
    d/changelog entries will be written on release
    using the git commit messages.
    
    Use 'gbp dch --since v2.25.21 --multimaint-merge'
    to write d/changelog entries since that last release.
    
    Gbp-Dch: ignore
    Signed-off-by: Holger Levsen <holger@layer-acht.org>

commit 2cbd12d20e5651fdf218c52be10f11a33e06380a
Author: Holger Levsen <holger@layer-acht.org>
Date:   Fri Oct 24 10:17:24 2025 +0200

    release as 2.25.21
    
    Signed-off-by: Holger Levsen <holger@layer-acht.org>

commit 6e448eca72fe459c030fa7d3ff64688fb06460bb
Author: Holger Levsen <holger@layer-acht.org>
Date:   Fri Oct 24 10:14:26 2025 +0200

    Update po4a.
    
    Signed-off-by: Holger Levsen <holger@layer-acht.org>

commit e31d6eb720c92b9b15e800d5859f3752c25e710c
Merge: 04d4eb55 611c8998
Author: Holger Levsen <holger@debian.org>
Date:   Fri Oct 24 10:12:05 2025 +0200

    Record devscripts (2.25.21) in archive suite sid

commit 611c89984f97c78f54b1c05973dc570b86cbc991
Author: Holger Levsen <holger@debian.org>
Date:   Fri Oct 24 10:12:05 2025 +0200

    devscripts (2.25.21) unstable; urgency=medium
    
      [ Manuel Guerra ]
      * uscan: Add Pypi template.
    
      [ Yadd ]
      * Add test to prevent CVE-2025-8454 - see #1109251.
    
      [ Hugh McMaster ]
      * test/test_uscan_git:
        - Unify package version creation in testGitHead*() tests.
        - Group module-wide variables.
        - Move shunit2-helper-functions.sh block.
        - Update error message in makeDebianDir().
        - Append package name to TEMP_PKG_DIR.
        - Remove subshell from spawnGitDaemon().
        - Spawn git repositories in TEMP_SRV_DIR.
        - Use ${PKG} as the main git repository name.
        - Use a common git repository.
        - Check file presence in every test.
        - Replace 'cat' with 'echo -e'.
        - Spawn git modules before tagging as v2.0.
        - Pass main repository name to spawnGitRepo().
        - Format subshell code block in spawnGitRepo().
        - Group tests and update some test names.
        - Use a common Debian directory.
        - Remove un-needed comments from tests.
        - Add more IgnoreExclusions tests.
    
      [ Jonas Jelten ]
      * debchange: ubuntu native packages version increment support.
    
      [ Benjamin Drung ]
      * Lower git-debpush from Recommends to Suggests on Ubuntu.
    
      [ Bastian Triller ]
      * Fix typos in README and Uscan/WatchSource manpage.
    
      [ Holger Levsen ]
      * Drop Rules-Requires-Root: no (now the default).
      * Add "Closes: #1112388" for 2.25.20 changelog entry for !MR564/8b2652c87.
      * Update po4a.
    
    [dgit import package devscripts 2.25.21]

commit 44a4dde4ad7b9d5e2550168d99389c6a8e8e0cf1
Author: Manuel Guerra <ar.manuelguerra@gmail.com>
Date:   Mon Sep 22 18:43:54 2025 -0400

    uscan: Add Pypi template
    
    (cherry picked from commit 354cb8742f820458cdcbbbce651f71282f1edd11)
    Signed-off-by: Holger Levsen <holger@layer-acht.org>

commit c0bb75704b5a041fc23ec6fe0705262c9b423eae
Author: Holger Levsen <holger@layer-acht.org>
Date:   Fri Oct 24 09:05:55 2025 +0200

    Add "Closes: #1112388" for 2.25.20 changelog entry for !MR564/5a3efdf6
    
    Signed-off-by: Holger Levsen <holger@layer-acht.org>

commit 8792fa83e1da9096b71c822746fdf3c85334c889
Author: Benjamin Drung <benjamin.drung@canonical.com>
Date:   Thu Oct 23 19:19:49 2025 +0200

    Lower git-debpush from Recommends to Suggests on Ubuntu
    
    Ubuntu does not use dgit. So lower git-debpush from Recommends to
    Suggests on Ubuntu.

commit f5371ff734edcf7f5139c3e7afcd3da073841acd
Author: Yadd <yadd@debian.org>
Date:   Sat Aug 23 14:32:38 2025 +0200

    Add test to prevent CVE-2025-8454 - see #1109251
    
    (cherry picked from commit 30ca63ec89378b8dda31e158862cb369232fb101)
    Signed-off-by: Holger Levsen <holger@layer-acht.org>

commit da176e9f464d78dc7976f8927dc64379e135e595
Author: Holger Levsen <holger@layer-acht.org>
Date:   Thu Oct 23 12:44:49 2025 +0200

    Drop Rules-Requires-Root: no (now the default)
    
    Signed-off-by: Holger Levsen <holger@layer-acht.org>

commit 77fa11a11cbdcb2dc6f995437a0856296688cb09
Author: Bastian Triller <bastian.triller@gmail.com>
Date:   Sat Sep 20 18:34:41 2025 +0200

    Fix typos in README and Uscan/WatchSource manpage
    
    (cherry picked from commit 85aa3524de1f26fd74f8fd8065caa23838472e14)
    Signed-off-by: Holger Levsen <holger@layer-acht.org>

commit 0cb1352d0246b31573b202675fe730ddcda8981a
Author: Jonas Jelten <jonas.jelten@canonical.com>
Date:   Wed Aug 6 15:06:32 2025 +0200

    debchange: ubuntu native packages version increment support
    
    This supports ubuntu native packages with the form
        ${version}ubuntu
    
    The native package versioning discussion on the ubuntu-devel mailing list
    https://lists.ubuntu.com/archives/ubuntu-devel/2025-July/043402.html
    seems to favor `ubuntu` without a number as suffix for native packages,
    but `dch`/`debchange` wasn't able to properly increment this version number.
    
    This patch adds support for proper version and build increments,
    so versions are bumped like this:
    
    | old                   | new           |
    | --------------------- | ------------- |
    | `1ubuntu`             | `2ubuntu`     |
    | `1.2ubuntu`           | `1.3ubuntu`   |
    | `3.1.2ubuntu.build10` | `3.1.3ubuntu` |
    
    (cherry picked from commit c71a10963595fbbf6f8edce9b57a7eae6be9918e)
    Signed-off-by: Holger Levsen <holger@layer-acht.org>

commit 4c893d8d20e3c127e4b947d59904d44d2bf915b9
Author: Hugh McMaster <hmc@debian.org>
Date:   Tue Oct 21 23:19:11 2025 +1100

    test/test_uscan_git: Add more IgnoreExclusions tests

commit 7067a100465fed0f8ee2a6a1aa930dd65202e9e8
Author: Hugh McMaster <hmc@debian.org>
Date:   Tue Oct 21 23:11:21 2025 +1100

    test/test_uscan_git: Remove un-needed comments from tests

commit 67947f8be66796e41ada57727ca3f9d7965631fc
Author: Hugh McMaster <hmc@debian.org>
Date:   Tue Oct 21 18:19:31 2025 +1100

    test/test_uscan_git: Use a common Debian directory

commit a675137fc1b5b888cd5063d438b0a2b70ccd38d4
Author: Hugh McMaster <hmc@debian.org>
Date:   Mon Oct 20 21:52:47 2025 +1100

    test/test_uscan_git: Group tests and update some test names

commit cdbf6f6a97642eb26367bc3264262c13776eba0f
Author: Hugh McMaster <hmc@debian.org>
Date:   Mon Oct 20 21:18:49 2025 +1100

    test/test_uscan_git: Format subshell code block in spawnGitRepo()

commit 7103fd7d962da756a1bfa55d28334f772469df70
Author: Hugh McMaster <hmc@debian.org>
Date:   Mon Oct 20 21:17:34 2025 +1100

    test/test_uscan_git: Pass main repository name to spawnGitRepo()

commit 3ecbf177cdcca9e335789e5e04690147c1d4efa4
Author: Hugh McMaster <hmc@debian.org>
Date:   Mon Oct 20 21:13:52 2025 +1100

    test/test_uscan_git: Spawn git modules before tagging as v2.0

commit ca1f648d8fd271702c384a7a9cbdb7c058649a0a
Author: Hugh McMaster <hmc@debian.org>
Date:   Sun Oct 19 23:09:47 2025 +1100

    test/test_uscan_git: Replace 'cat' with 'echo -e'

commit 3196b5a61c1d110f6d4d1fec969bf3b69545c0bc
Author: Hugh McMaster <hmc@debian.org>
Date:   Sun Oct 19 22:12:44 2025 +1100

    test/test_uscan_git: Check file presence in every test

commit baedf4d9fb4daed2a32da2de93623c5d85dd95fa
Author: Hugh McMaster <hmc@debian.org>
Date:   Sun Oct 19 21:17:20 2025 +1100

    test/test_uscan_git: Use a common git repository

commit 2c9d9c766584919ba2df5c3d4c9864fa243e4698
Author: Hugh McMaster <hmc@debian.org>
Date:   Thu Oct 16 23:19:10 2025 +1100

    test/test_uscan_git: Use ${PKG} as the main git repository name

commit 86f233e5f77414d65ed19b55c5306782be84f09b
Author: Hugh McMaster <hmc@debian.org>
Date:   Thu Oct 16 23:07:13 2025 +1100

    test/test_uscan_git: Spawn git repositories in TEMP_SRV_DIR

commit 9effe06ecf1ca9a1a3bc688e81739b3314f70763
Author: Hugh McMaster <hmc@debian.org>
Date:   Thu Oct 16 22:40:51 2025 +1100

    test/test_uscan_git: Remove subshell from spawnGitDaemon()

commit be0bf106631fb99e19461f445b11eb1648dbbf67
Author: Hugh McMaster <hmc@debian.org>
Date:   Thu Oct 16 22:37:01 2025 +1100

    test/test_uscan_git: Append package name to TEMP_PKG_DIR

commit 58c58e77c84539dc125841a201448a547b6cad16
Author: Hugh McMaster <hmc@debian.org>
Date:   Thu Oct 16 22:36:34 2025 +1100

    test/test_uscan_git: Update error message in makeDebianDir()

commit 28ee019a32e382e9ed2655815089444069869d8a
Author: Hugh McMaster <hmc@debian.org>
Date:   Thu Oct 16 22:33:49 2025 +1100

    test/test_uscan_git: Move shunit2-helper-functions.sh block

commit 1db8308a9e3cbb241732cf6d7e96b31462e7c2cf
Author: Hugh McMaster <hmc@debian.org>
Date:   Mon Oct 13 22:51:40 2025 +1100

    test/test_uscan_git: Group module-wide variables

commit 0e86707845a35bd61f0e84f9f5d7a3f6407f77a0
Author: Hugh McMaster <hmc@debian.org>
Date:   Wed Oct 8 23:14:49 2025 +1100

    test/test_uscan_git: Unify package version creation in testGitHead*() tests

commit 36807d81f4a984416071e9a1d9b0ea0a67075068
Author: Holger Levsen <holger@layer-acht.org>
Date:   Sun Oct 19 16:55:02 2025 +0200

    Start 2.25.21 development.
    
    d/changelog entries will be written on release
    using the git commit messages.
    
    Use 'gbp dch --since v2.25.20 --multimaint-merge'
    to write d/changelog entries since that last release.
    
    Gbp-Dch: ignore
    Signed-off-by: Holger Levsen <holger@layer-acht.org>

commit 89c7a4b22b40a1d155b699d68c7db50919527fc8
Author: Vincent Danjean <vdanjean@debian.org>
Date:   Tue Sep 30 15:49:29 2025 +0000

    Fix spaces for perltidy

commit f03633f2e25fc68fe0cd1e257663fbab7c90ad80
Author: Vincent Danjean <vdanjean@debian.org>
Date:   Tue Sep 30 15:30:40 2025 +0000

    Fix tests : no v prefix in upstream versions anymore

commit 0b7af8674c45a619cf70c2af335a3df81ba76e75
Author: Vincent Danjean <vdanjean@debian.org>
Date:   Tue Sep 30 15:15:44 2025 +0000

    Using non-greedy catch-all regexp in default Matching-Pattern

commit cc5cf640ece7571582c38471c6e150d7d13fa658
Author: Vincent Danjean <vdanjean@debian.org>
Date:   Tue Sep 30 14:24:05 2025 +0000

    Allows one to specify the upstream version in Gitlab mode
    
    Use capturing blocks from Matching-Pattern in Gitlab mode to compute the upstream version
    (as per the docuimentation of Matching-Pattern is general case)

commit 8881887049f3ceb194d60a8e8228ec9094ed5068
Author: Vincent Danjean <vdanjean@debian.org>
Date:   Tue Sep 30 14:20:28 2025 +0000

    Allows one to specify Uversion-Mangle with Gitlab template

commit 2accd60155b68a768a10fb50690bf16062115099
Author: Serge Schneider <serge@raspberrypi.com>
Date:   Tue Aug 12 12:05:15 2025 +0100

    uscan/Downloader.pm: Escape $pkg variable in $fname regex
    
    Perl treats all characters between /Q and /E as a literal string.
    
    Escaping the package name allows uscan to handle names with special
    characters, such as plus signs.
    
    Closes: #995857, #1110911

commit 8b2652c87bc006d70b0c3ee585f8836109ef85d6
Author: Bastian Blank <waldi@debian.org>
Date:   Fri Sep 26 11:47:28 2025 +0000

    Use properly mangled version in vcs download again
    
    Approved-by: Hugh McMaster <hmc@debian.org>

commit 93126367ba0397b6e131789ee5142ada317e20b7
Author: Hugh McMaster <hmc@debian.org>
Date:   Thu Sep 25 10:04:37 2025 +1000

    debian-watch-4.pod: Update Description and correct a grammatical error

commit 03d628b86f45609b2de66b269f105b4a94ffe65b
Author: Hugh McMaster <hmc@debian.org>
Date:   Wed Sep 17 23:22:00 2025 +1000

    README.md: Wrap script description lines at 80 characters (Lintian)

commit 6185f58e8bc121616a5943d7908efdff208913e4
Author: Hugh McMaster <hmc@debian.org>
Date:   Tue Sep 16 23:28:25 2025 +1000

    scripts/*.pod: start manual page NAME section with one word (Lintian)

commit e7937c3fa5653381eb867bbb31f1f78c96ee2edf
Author: Hugh McMaster <hmc@debian.org>
Date:   Mon Sep 15 22:20:04 2025 +1000

    scripts/deb*.1: Print a straight quote instead of an acute accent (Lintian)

commit 0b845a7f1a0dc938805c27b271e92b09588c118a
Author: Hugh McMaster <hmc@debian.org>
Date:   Mon Sep 15 21:59:39 2025 +1000

    debian/copyright: Add missing License field (Lintian)

commit f02d600236e1ce7352ef34c28c5d9181c3c3f614
Author: Hugh McMaster <hmc@debian.org>
Date:   Mon Sep 15 21:55:34 2025 +1000

    debian-watch.pod: Minor updates

commit 430e4673e3e9965ee90ff3e5513d13e92db05773
Author: Hugh McMaster <hmc@debian.org>
Date:   Mon Sep 15 21:53:17 2025 +1000

    debian-watch.pod: Fix spelling issues (Lintian)

commit 16b7699bf6b6c471c221eb47c6e9ff905ec87e56
Author: Hugh McMaster <hmc@debian.org>
Date:   Wed Sep 24 23:23:22 2025 +1000

    test/test_uscan_git: Add tests for 'Git-Pretty: describe' mode

commit 9499869f481a65dad4a946648b624eed15521bf3
Author: Hugh McMaster <hmc@debian.org>
Date:   Wed Sep 24 23:04:06 2025 +1000

    test/test_uscan_git: Avoid use of perl in unit tests

commit 4aaa9c8654c92a2b732d64b274d2b4b234b47eb9
Author: Hugh McMaster <hmc@debian.org>
Date:   Wed Sep 24 22:20:00 2025 +1000

    test/test_uscan_git: Unify use of 'pristine' and 'upstream' tarball variables

commit 78832f5c05c93e3a330dbf59122713eb4353684a
Author: Hugh McMaster <hmc@debian.org>
Date:   Wed Sep 24 21:38:32 2025 +1000

    test/test_uscan_git: Uniformity updates

commit 052163caed079d88dc92f520809650dad11de2bc
Author: Hugh McMaster <hmc@debian.org>
Date:   Tue Sep 23 23:07:44 2025 +1000

    test/test_uscan_git: Set "Pgp-Mode: none" as a default in debian/watch

commit ce77ce84bc48005122213f34d2d1cc7593c5e8e5
Author: Hugh McMaster <hmc@debian.org>
Date:   Tue Sep 23 22:30:17 2025 +1000

    test/test_uscan_git: Rewrite writeDebianWatch() to use an associative array

commit bae3d9917835f0563715722bfdc93819b9eeb64f
Author: Simon Richter <Simon.Richter@hogyros.de>
Date:   Thu Sep 11 12:36:58 2025 +0900

    uscan: support for recursive submodules

commit b25b7b664429630131a7ae9cfb2f808209175743
Author: Yadd <yadd@debian.org>
Date:   Tue Sep 2 10:42:58 2025 +0200

    uscan: reject "version=5" in favor of "Version: 5" and report corresponding error

commit cf0a80171e3bc474b4b0ce185be843e95c166adb
Author: Jeremy Bícha <jbicha@ubuntu.com>
Date:   Thu Sep 11 22:56:51 2025 -0400

    uscan: capitalize GitHub and GitLab correctly in manpages

commit 01007becc2bf195146c529e0cc2c4883f7fabed9
Author: Jochen Sprickerhof <jspricke@debian.org>
Date:   Mon Sep 22 16:12:23 2025 +0200

    uscan: add references to new watch man pages

commit 3d1f957e318ba73da9bbfc4d0834e56cb4e41b47
Author: Hugh McMaster <hmc@debian.org>
Date:   Sun Sep 21 20:55:25 2025 +1000

    uscan: Fix regression preventing use of "safe.bareRepository = explicit"
    
    Closes: #1114902

commit fe655f15a334ce8329bceeb2ecbe707e5498bd3a
Author: Alexandre Detiste <alexandre.detiste@gmail.com>
Date:   Wed Sep 17 09:46:52 2025 +0200

    remove obsolete what-patch script
    
    Approved-by: Otto Kekäläinen <otto@debian.org>

commit 4e2aa2b69ed68934d0739985a3bd1cee3b5b6600
Author: Yadd <yadd@debian.org>
Date:   Mon Sep 15 19:05:53 2025 +0200

    Update uscan doc

commit 5c3ff4a1200f0f124cbdb0e1fe694eee925e05ff
Author: Hugh McMaster <hmc@debian.org>
Date:   Wed Sep 10 22:49:59 2025 +1000

    uscan: Pass @args to 'git fetch' when updating upstream repositories

commit 1db21512e12291718774c460b8e9ab6cec3d7f14
Author: Hugh McMaster <hmc@debian.org>
Date:   Fri Sep 12 22:13:35 2025 +1000

    test/test_uscan_git: Add more git upstream submodule tests

commit eb7c7412c935b6b4c63fec8b11b2329049a75233
Author: Hugh McMaster <hmc@debian.org>
Date:   Fri Sep 12 22:02:56 2025 +1000

    test/test_uscan_git: Separate git upstream submodules setup from initial test

commit 86ec69b99ef188629cf14b08548d19a2f7d466b5
Author: Hugh McMaster <hmc@debian.org>
Date:   Sat Sep 13 22:23:14 2025 +1000

    uscan/Git.pm: Fix cloning from branches with 'heads/<branch>' syntax
    
    This is a regression from 506623c0500b1e98c598853687d939920ea33b53.
    
    Closes: #1114750

commit 39cd8376031fb6512ed1c3c60aed76380d770915
Author: Yadd <yadd@debian.org>
Date:   Tue Aug 19 22:37:31 2025 +0200

    Drop unnecessary greater-than versioned dependencies and dependencies to essential packages

commit 1aa4f4f7d29a3b2a4cb107852274b86eb3e5e811
Author: Hugh McMaster <hmc@debian.org>
Date:   Wed Sep 10 21:55:08 2025 +1000

    uscan: Call 'git fetch' with  '--recurse-submodules' in submodules mode

commit 65de0cac5bd5094c32d761d4b33c2064a805bc3f
Author: Hugh McMaster <hmc@debian.org>
Date:   Wed Sep 10 21:44:03 2025 +1000

    test/test_uscan_git: Test individual git submodules

commit d1f23139cdc709035175dee17362f9a687a9e642
Author: Hugh McMaster <hmc@debian.org>
Date:   Tue Sep 9 23:00:16 2025 +1000

    test/test_uscan_git: Add second submodule to unit tests

commit 0478c4539eb5280c5e7f17d98e488862ed715ab3
Author: Hugh McMaster <hmc@debian.org>
Date:   Tue Sep 9 22:57:06 2025 +1000

    test/test_uscan_git: Simplify 'git submodule' tests

commit 6a2efb340c2070b97aaff9c2dde954448652ace1
Author: Hugh McMaster <hmc@debian.org>
Date:   Tue Sep 9 22:39:02 2025 +1000

    test/test_uscan_git: Stop 'git-daemon' if the process exists

commit 88f5af04cea55522cece131a2f3cf13aa41336fe
Author: Hugh McMaster <hmc@debian.org>
Date:   Sun Sep 7 23:03:30 2025 +1000

    uscan/WatchSource.pm: Fix logic error when cloning selected git submodules
    
    Closes: #1114540
    
    Thanks to Timo Röhling for the bug report and patch.

commit be9592a7e1aa9c91fdfb4c4640a6b0afef8631e3
Author: Hugh McMaster <hmc@debian.org>
Date:   Sat Sep 6 21:33:47 2025 +1000

    test/test_uscan_git: Test git upstream repositories with submodules

commit 70052b38ea82b2ab3a9f088d43f1cc9b0c48330b
Author: Hugh McMaster <hmc@debian.org>
Date:   Thu Sep 4 21:59:16 2025 +1000

    uscan/Downloader.pm: Support git upstream repositories with submodules
    
    This patch refactors two code paths ('git' and 'git_upstream') to
    avoid code duplication.

commit f039c2fb4c26892b13ea5ad74038743aa7989e18
Author: Hugh McMaster <hmc@debian.org>
Date:   Fri Sep 5 22:42:48 2025 +1000

    test/test_uscan_git: Separate writeDebianWatch() from makeDebianDir()

commit 0a0f9b058dca52c5d083b0ec0577ef5a2966491d
Author: Yadd <yadd@debian.org>
Date:   Tue Sep 2 06:44:06 2025 +0200

    uscan: update missing-template message to suggest an upgrade

commit 6e868af51f41083ca445b368ed633c7e7f345391
Author: Yadd <yadd@debian.org>
Date:   Sun Aug 31 21:54:43 2025 +0200

    uscan: indicate that "Source" is required in debian/watch unless a template is used
    
    Gbp-Dch: ignore

commit e8f4adf6d1954f22d83ee9623be13a34677b55de
Author: Xiyue Deng <manphiz@gmail.com>
Date:   Wed Aug 27 22:22:09 2025 -0700

    Use canonical field name in manpage
    
    - Prefer capitalized and hyphened caninocal name over names without
    hyphen.

commit e0a14232951ba685a396444cfca6fc0533496b8e
Merge: a647cbb1 d1269fd1
Author: Yadd <yadd@debian.org>
Date:   Sat Aug 30 11:20:49 2025 +0200

    Merge remote-tracking branch 'origin/uscan-choose-version-type-in-templates'

Created: 2025-07-29 Last update: 2025-11-03 21:01

20 open merge requests in Salsa normal

There are 20 open merge requests for this package on Salsa. You should consider reviewing and/or merging these merge requests.

Created: 2025-09-17 Last update: 2025-09-17 09:05

1 low-priority security issue in trixie low

There is 1 open security issue in trixie.

1 issue left for the package maintainer to handle:

CVE-2025-8454: (needs triaging) It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-08-09 Last update: 2025-11-02 18:01

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2025-8454: (needs triaging) It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-07-14 Last update: 2025-11-02 18:01

testing migrations

excuses:
- Migration status for devscripts (2.25.22 to 2.25.23): Will attempt migration (Any information below is purely informational)
- Additional info (not blocking):
- ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/d/devscripts.html
- ∙ ∙ Autopkgtest for devscripts/2.25.23: amd64: Pass, arm64: Pass, i386: Pass, ppc64el: Pass, riscv64: Pass, s390x: Pass
- ∙ ∙ Reproducible on amd64 - info ♻
- ∙ ∙ Waiting for reproducibility test results on arm64 - info ♻
- ∙ ∙ Required age reduced by 3 days because of autopkgtest
- ∙ ∙ 2 days old (needed 2 days)

news

[rss feed]

[2025-11-02] Accepted devscripts 2.25.23 (source) into unstable (Holger Levsen)
[2025-10-30] devscripts 2.25.22 MIGRATED to testing (Debian testing watch)
[2025-10-29] Accepted devscripts 2.25.22~bpo13+1 (source) into stable-backports (Jochen Sprickerhof)
[2025-10-27] Accepted devscripts 2.25.22 (source) into unstable (Jochen Sprickerhof)
[2025-10-26] devscripts 2.25.21 MIGRATED to testing (Debian testing watch)
[2025-10-24] Accepted devscripts 2.25.21 (source) into unstable (Holger Levsen)
[2025-10-22] devscripts 2.25.20 MIGRATED to testing (Debian testing watch)
[2025-10-19] Accepted devscripts 2.25.20 (source) into unstable (Holger Levsen)
[2025-09-22] Accepted devscripts 2.25.19~bpo13+1 (source all) into stable-backports (Debian FTP Masters) (signed by: Roger Shimizu)
[2025-08-25] devscripts 2.25.19 MIGRATED to testing (Debian testing watch)
[2025-08-24] Accepted devscripts 2.25.15+deb13u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Sebastiaan Couwenberg)
[2025-08-23] Accepted devscripts 2.25.19 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2025-08-15] Accepted devscripts 2.25.18 (source) into unstable (Sean Whitton)
[2025-07-28] Accepted devscripts 2.25.17 (source) into experimental (Yadd) (signed by: Xavier Guimard)
[2025-07-20] Accepted devscripts 2.25.16 (source all) into experimental (Yadd) (signed by: Xavier Guimard)
[2025-07-11] Accepted devscripts 2.25.15~bpo12+1 (source) into stable-backports (Roger Shimizu)
[2025-06-21] devscripts 2.25.15 MIGRATED to testing (Debian testing watch)
[2025-06-16] Accepted devscripts 2.25.15 (source) into unstable (Holger Levsen)
[2025-06-01] devscripts 2.25.14 MIGRATED to testing (Debian testing watch)
[2025-05-26] Accepted devscripts 2.25.14 (source) into unstable (Holger Levsen)
[2025-05-22] Accepted devscripts 2.25.13 (source) into unstable (Holger Levsen)
[2025-05-20] devscripts 2.25.12 MIGRATED to testing (Debian testing watch)
[2025-05-11] Accepted devscripts 2.25.12 (source) into unstable (Holger Levsen)
[2025-05-10] devscripts 2.25.11 MIGRATED to testing (Debian testing watch)
[2025-04-29] Accepted devscripts 2.25.11 (source) into unstable (Holger Levsen)
[2025-04-29] Accepted devscripts 2.25.10~bpo12+1 (source) into stable-backports (Roger Shimizu)
[2025-04-27] devscripts 2.25.10 MIGRATED to testing (Debian testing watch)
[2025-04-17] Accepted devscripts 2.25.10 (source) into unstable (Holger Levsen)
[2025-04-16] devscripts 2.25.9 MIGRATED to testing (Debian testing watch)
[2025-04-12] Accepted devscripts 2.25.8~bpo12+1 (source all) into stable-backports (Debian FTP Masters) (signed by: Roger Shimizu)

bugs [bug history graph]

all: 523 539
RC: 0
I&N: 206 212
M&W: 315 323
F&P: 2 4
patch: 46 48
help: 2
NC: 1

links

lintian
buildd: logs, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (89, -)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.25.19ubuntu2
46 bugs (2 patches)
patches for 2.25.19ubuntu2