verifying reproducible APKs: apksigcopier
holger at layer-acht.org
Mon Mar 29 12:25:46 UTC 2021
On Mon, Mar 29, 2021 at 03:02:33AM +0200, Felix C. Stegerman wrote:
> The F-Droid reproducible builds & verification effort recently led 
> to the development of apksigcopier , a tool to copy APK signatures
> from a signed APK to an unsigned one.
nice, that seems very useful! :) & thank you for bringing this up here!
> ( I've started packaging it for Debian  and intend to file an ITP
> soon, but since I'm not a Debian developer -- yet, though I'd like
> to become one -- I could use some help with that. )
I'd be glad to mentor a bit and sponsor your uploads.
>  https://salsa.debian.org/obfusk/apksigcopier/-/commits/debian/sid
on a very quick look seems like a pretty good start!
debhelper-compat could be 13 and standards-version 4.5.1, and I'm pretty
sure d/copyright needs parts of the actual licence text and not only a
pointer. did you run lintian on the binary .changes file?
Please ping me / this list once the ITP bug is there and once you consider
the packaging to be ready!
⢿⡄⠘⠷⠚⠋⠀ PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C
"There's no glory in prevention." (Christian Drosten)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the rb-general