dpkg-sig (0.8) unstable; urgency=low

  * HE:
    - debian/control:
      + Update the Uploaders field, i'm a DD now!
      + Depend on perl, not perl-base.

    - debian/rules:
      + Fix a dh_md5sum problem, it excludes all files with DEBIAN in their
        path (and we have such files as examples)

    - dpkg-sig:
      + Fixed the "Signed deb *changes" output to print out the signed deb,
        not the changes file it was referenced from.
      + Be a bit more verbose when signing .dscs and .changes.
      + Verify deb before signing it. [This lead also to a change on the 
        return value of get_md5sums internally]

 -- Marc 'HE' Brockschmidt <he@debian.org>  Thu, 11 Mar 2004 18:24:45 +0100

dpkg-sig (0.7) unstable; urgency=low

  * HE:
    - dpkg-sig:
      + Config file handling: Strip enclosing "s.
      + Die if gpg fails to sign. (Closes: #236183)
      + Rename get_md5_sums to get_md5sums.
      + Don't die when parsing a deb and reading a newline where we
        actually expected an ar header (can happen if people change
        stuff with vi). (Closes: #236185)
      + Cache md5sums in get_md5sums.
      + Don't ask for a passphrase if both -p/DPKGSIG_CACHE_PASS and
        -f are used (use the passphrase from the file specified with -f
        in that case)
      + Don't use die() if not needed for the weird stuff in eval{}.
        Created the cute _die() function to do that.
      + Added a "--remote-dpkg-sig" (also available as "-r") switch to
        allow users to specify where the dpkg-sig executable is. This
        is useful if you're not able to get the remote admin to install
        dpkg-sig.
      + Rearranged the main routine to drop duplicated code
      + Aliased add_file_to_ar_archive to add_sig_to_deb
      + add_sig_to_deb now starts a new ar archive if the file it should
        write to hasn't existed before.
      + New switches --get-hashes, --sign-hashes and --write-signature
        (also available as -h, -d and -w) The first one creates an
        archiv of hashes of a deb/changes, the second signs it
        (wherever you want) and the third one adds the signatures to
        the deb(s and corrects the changes file).
      + Make standard output more verbose.
      + Notice when people try dpkg-sig --sign foo --sign-changes *deb
        (--sign-changes uses an optional argument). Assume that this
        wasn't meant, choose yes for --sign-changes and process the files
        as other cli arguments.

    - dpkg-sig.1:
      + Document the new --remote-dpkg-sig stuff.
      + Document the new --get-hashes, --sign-hashes and --write-signature
        options.
      + Converted to POD, now available as dpkg-sig.pod

    - dpkg-sig.pod:
      + Added (converted from dpkg-sig.1)

    - debian/control:
      + Build-Depend on perl, we need pod2man to create the manpage.

    - debian/rules:
      + Create manpage from dpkg-sig.pod 

 -- Marc 'HE' Brockschmidt <he@debian.org>  Thu, 11 Mar 2004 14:04:35 +0100

dpkg-sig (0.6) unstable; urgency=high

  * he:
    - dpkg-sig:
      + Fixed bug with cached passphrases leading to invalid signatures.
        We don't use GnuPG anymore (we now talk to GPG directly).
      + Added a "--gpgoptions" (also available as "-g") to allow users to
        give gpg arbitrary options.
      + Don't use only -r to check if a .dsc file is readable. Replaced
        with file_readable, which can handle a ssh://HOST:FILE path.
    - debian/control: Remove the libgnupg-perl suggestion.
    - dpkg-sig.1:
      + We don't need the GnuPG perl module to read the passphrase from a file.
      + We don't need the GnuPG to use the cached passphrase.
      + Document the new "--gpgoptions" stuff. 

 -- Marc 'HE' Brockschmidt <he@debian.org>  Mon,  1 Mar 2004 19:08:40 +0100

dpkg-sig (0.5) unstable; urgency=low

  * he:
    - Added new switch "--passphrase-file" (also available as "-f"). Allows
      signers to store their gpg passphrase in a file.
    - Now signs *changes and *dsc without the help of debsign. This is very
      useful for people signing many debs, as it uses the cached passphrase
      or the file with the passphrase.
    - Added example of the signing process, with a sample package and all
      temp files. Have fun.
    - debian/{control,rules}: Changed to install the examples. Now uses
      debhelper version 4.
   * aba:
     - added the new options to the man page, and added an usage example.

 -- Andreas Barth <aba@not.so.argh.org>  Sun, 29 Feb 2004 16:41:09 +0100

dpkg-sig (0.4) unstable; urgency=high

  * Fixed the caching of the gpg passphrase.
  * Added support to (re)sign changes files with debsign.
  * Fixed a bug in the remote signing code (content of changes files deleted)
  * Added support for a --debug switch, leading to a log of the communication
    between master and client in the remote /tmp/dpkg-sig.log. Use with care.

 -- Marc Brockschmidt <marc@dch-faq.de>  Tue, 17 Feb 2004 00:36:23 +0100

dpkg-sig (0.3) unstable; urgency=low

  * Marc 'HE' Brockschmidt is now Co-Maintainer (and sprinkled some
    perl-magic on it)
  * Remote signing now possible.
  * Change the signature format to V3.
  * Fix error with devscripts containing @. Closes: #229545

 -- Andreas Barth <aba@not.so.argh.org>  Sun,  1 Feb 2004 22:18:38 +0100

dpkg-sig (0.2) unstable; urgency=low

  * Create temporary directory only once
  * Can now sign also changes-files.

 -- Andreas Barth <aba@not.so.argh.org>  Wed, 14 Jan 2004 21:53:08 +0100

dpkg-sig (0.1) unstable; urgency=low

  * Initial release. Closes: #223311

 -- Andreas Barth <aba@not.so.argh.org>  Sun, 14 Dec 2003 22:36:49 +0100
