Tags

5 pages

Open Source

Creating Debian packages from upstream Git

In this post, I demonstrate the optimal workflow for creating new Debian packages in 2025, preserving the upstream git history. The motivation for this is to lower the barrier for sharing improvements to and from upstream, and to improve software provenance and supply-chain security by making it easy to inspect every change at any level using standard git tooling. Key elements of this workflow include: Using a Git fork/clone of the upstream repository as the starting point for creating Debian packaging repositories. Consistent use of the same git-buildpackage commands, with all package-specific options in gbp.conf. DEP-14 tag and branch names for an optimal Git packaging repository structure. Pristine-tar and upstream signatures for supply-chain security. Use of Files-Excluded in the debian/copyright file to filter out unwanted files in Debian. Patch queues to easily rebase and cherry-pick changes across Debian and upstream branches. Efficient use of Salsa, Debian’s GitLab instance, for both automated feedback from CI systems and human feedback from peer reviews. To make the instructions so concrete that anyone can repeat all the steps themselves on a real package, I demonstrate the steps by packaging the command-line tool Entr. It is written in C, has very few dependencies, and its final Debian source package structure is simple, yet exemplifies all the important parts that go into a complete Debian package:

Creating Debian packages from upstream Git

Going Full-Time as an Open Source Developer

After careful consideration, I’ve decided to embark on a new chapter in my professional journey. I’ve left my position at AWS to dedicate at least the next six months to developing open source software and strengthening digital ecosystems. My focus will be on contributing to Linux distributions (primarily Debian) and other critical infrastructure components that our modern society depends on, but which may not receive adequate attention or resources.

Going Full-Time as an Open Source Developer

Should developers always just write code and never design documents?

In software engineering, most ideas can be implemented without writing any design document at all. This is particularly prominent in open source communities. For example, the Linux kernel has 35 million lines of code that have been written and rewritten many times over alongside 30 years of mailing list discussions. Linux wasn’t created as a result of a grandiose design document by Linus Torvalds, but it evolved organically in small increments of actual running code.

Should developers always just write code and never design documents?