[Releasing] Testing: 08/29/2012 + na [fail]
Thiago Macieira
thiago.macieira at intel.com
Wed Aug 29 19:48:50 CEST 2012
On quarta-feira, 29 de agosto de 2012 18.13.20, Stephen Kelly wrote:
> Comments:
> There is no sha1 information available to verify package signatures.
It should be in the .tags file, but it's completely irrelevant since the source
tree is modified before being packaged. I've already removed the changes to
qglobal.h and will try to remove the remaining ones to the INSTALL, README and
qdoc files so that the sources are exactly like the Git repository.
Then I'll change the building order so that the split-module sources are the
exact output from git archive, which means the SHA-1 gets embedded. If the
packager uses the --tag option when running mksrc.sh, the script will git
archive from the tag itself, meaning that it will produce an always repeatable
& reproduceable tarball.
> I don't know what are the 'correct licenses'. I was offered the LGPL 2.1,
> but no GPL version.
We're missing the GPLv3 file in qtbase's top dir, but let's ignore that for the
moment. The final release should have the v3 due to the requirements of the KDE
Free Qt Foundation, but all other releases and the repository can stay
LGPLv2.1.
--
Thiago Macieira - thiago.macieira (AT) intel.com
Software Architect - Intel Open Source Technology Center
Intel Sweden AB - Registration Number: 556189-6027
Knarrarnäsgatan 15, 164 40 Kista, Stockholm, Sweden
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.qt-project.org/pipermail/releasing/attachments/20120829/d8a44e2b/attachment.sig>
More information about the Releasing
mailing list