[Bug 1078697] Re: Ubuntu archive is missing SHA-1/SHA-256 hashes for some packages

[Brian Murray]

I installed apt-utils version 0.8.16~exp12ubuntu10.11 from precise-
proposed and confirm that the checksums are generated with it.

(precise-amd64)root at impulse:/home/bdmurray/test# apt-ftparchive sources .
  beef has no source override entry
  beef has no binary override entry either
Package: beef
Binary: beef
Version: 0.0.6-2
Maintainer: Andrea Bolognani <eof at kiyuko.org>
Build-Depends: debhelper (>= 5.0.0)
Architecture: any
Standards-Version: 3.7.3
Format: 1.0
Files:
 4c6c354df2b5225d0c37790ed2b423bb 585 beef_0.0.6-2.dsc
 d991b00fba0067a7219cc926f777b8d3 14092 beef_0.0.6.orig.tar.gz
 6681e264aee438aba3f8723da6de9283 2031 beef_0.0.6-2.diff.gz
Homepage: http://www.kiyuko.org/beef
Checksums-Sha1:
 f6283f2f4393c360b52a7e905b79d493872635da 585 beef_0.0.6-2.dsc
 df43c00f538ee7d072c6b2b863557a9e390d0853 14092 beef_0.0.6.orig.tar.gz
 eca712929f4414ea0afe3849d4d9044401d49d9f 2031 beef_0.0.6-2.diff.gz
Checksums-Sha256:
 3c0d719aacd29eb1f0123295eb27a5dff780e9557c05ec8045fca6c75dedb2a5 585 beef_0.0.6-2.dsc
 ed23a998e3a50b0e4b3382b6415c3042c2cadd40b24c1a198bc309f9b3819217 14092 beef_0.0.6.orig.tar.gz
 01216e0972a4ede696388924e761f5ae909d46c06a038637ddf447bc64a3e2e8 2031 beef_0.0.6-2.diff.gz
Checksums-Sha512:
 8bda5c00d6e3319ad8a38a2d1af38bf2d3b49401efba36b5d7ce55da85e589faa3572aba52bd6d2eda01fe8a7b3f436ea9ecc97df08ac137ed9664c35ec0a685 585 beef_0.0.6-2.dsc
 fc2c8623b54c21415fa49b304d9de3d42b3de9b715d4d330af684921003d0512ac3c6ebee9f260336e99ddd5416c45b224a2ef6b82f5762d2d701d7a929c2bee 14092 beef_0.0.6.orig.tar.gz
 f51a016b8b800df6dab209cb17df3aba38a94a8792997e0d71b72c6804bc9298606d62a2d141d33ef7217ccd47721fb8f549be47cd6644fbd2911651069d8ee1 2031 beef_0.0.6-2.diff.gz

** Tags added: verification-done-precise

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1078697

Title:
  Ubuntu archive is missing SHA-1/SHA-256 hashes for some packages

Status in Launchpad itself:
  Fix Released
Status in “apt” package in Ubuntu:
  Fix Released
Status in “apt” source package in Lucid:
  Triaged
Status in “apt” source package in Precise:
  Fix Committed
Status in “apt” source package in Raring:
  Fix Released

Bug description:
  As part of the Debian derivatives census, we are doing some checks on
  all derivatives. We noticed that a number of source packages are missing
  SHA-1/SHA-256 hashes. You may have inherited this issue from Debian, we
  had the same issue until recently. Here are some sample messages from
  the report below, which is generated daily.

  WARNING: source cvstrac 2.0.1-3: SHA-256 hashes but no hash for the dsc file
  WARNING: source cvstrac 2.0.1-3: SHA-1 hashes but no hash for the dsc file
  WARNING: source diveintopython 5.4-2ubuntu2: no SHA-256 hash
  WARNING: source diveintopython 5.4-2ubuntu2: no SHA-1 hash

  http://dex.alioth.debian.org/census/Ubuntu/check-package-list

  Please ignore the warnings about GPG and InRelease stuff, they are due
  to python-apt not supporting some things in Debian squeeze.

   affects launchpad
   subscribe ubuntu-archive

  --
  bye,
  pabs

  http://wiki.debian.org/PaulWise

  SRU for Precise:

  [Impact]
  `apt-ftparchive sources .` on a directory with a .dsc not containing checksums will produce output also without checksums.  By making this patch available on Precise, we will backport the Precise version to lucid-cat for fixing on Launchpad.

  [Test Case]
  Grab the source package for beef-0.0.6-2 the dsc of which has no checksums, put this in /tmp then cd to /tmp.  Run `apt-ftparchive sources .` and observe that no checksums are output.  Upgrade to the fixed version and re-run the command and observe that checksums are now output correctly.

  [Regression Potential]
  None known.

To manage notifications about this bug go to:
https://bugs.launchpad.net/launchpad/+bug/1078697/+subscriptions