Packaging when upstream source filename doesn't change for revisions

Eric Smith eric at
Mon May 21 00:18:32 UTC 2007

Nicolas Mailhot wrote:
>> You leave the file as-is. Except when one needs to remove embargoed
>> content (patented code, etc=E2=80=A6) you shall not do any
>> reprocessing/renaming
>> outside the spec file, that just kills the rpm audit trail and general
>> reproduceability.

Tom Lane wrote:
> That sounds like a knee-jerk response that completely misses the
> problem.  If upstream issues different tarballs under the same name
> at different times, you've got an audit and reproduceability issue
> no matter what --- which version were you using in SRPM xyz?
> I think I'd argue that renaming the tarballs locally is the least bad
> answer, as that at least makes it easier to keep them straight
> internally.

That had been my feeling as well, but apparently there's not a
consensus on it.

>> It may be important to you as packager. In that case your job is to
>> convince upstream to fix their habits.
> Agreed, the best answer is to persuade upstream that he's out of step
> with the packaging practices of the entire world.

Fortunately in this particular case, as Trond Danielsen pointed out,
there actually are files available with versioned filenames; they just
weren't linked from the official download page so I had not noticed

I've updated the spec file appropriately.  Once I verify it again
with rpmlint, mock, and some sample assemblies, I'll request a


More information about the fedora-devel-list mailing list