Hi, Globe Trotter via devel <devel@xxxxxxxxxxxxxxxxxxxxxxx> writes: > Thank you to Dan Čermák for reviewing this package. However, I had two questions from his comments. The first was that the spec file should use gpgverify. > So, I went to the suggested webpage: https://docs.fedoraproject.org/en-US/packaging-guidelines/#_source_file_verification > and did the following to get my signature > > Source0: https://www.x.org/pub/individual/app/%{name}-%{version}.tar.gz > Source1: %{source0}.sig > > but can not tell how to get the gpg keyring from the site. > > Second, it is also suggested that I start using rpmautospec, as that will make package maintenance simpler in the long run. I like that of course, but I am trying to understand where this is used? rpmautospec reduces the necessary churn when updating packages, in the simplest case it boils down to this: - use `Release: %autorelease` instead of bumping it yourself - don't write the %changelog yourself, just put: --8<---------------cut here---------------start------------->8--- %changelog %autochangelog --8<---------------cut here---------------end--------------->8--- at the bottom of the spec The rpmautospec automation will then bump the release via %autorelease on each git commit and put every commit message into the changelog. This has the huge advantage, that it makes updating across all branches rather easy as you do not have to resolve merge conflicts due to diverging changelogs or different release numbers any more. Hope this explains it a bit, feel free to reach out directly if you've got further questions, Dan _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
