Tags

12 pages

Software Quality

Creating Debian packages from upstream Git

In this post, I demonstrate the optimal workflow for creating new Debian packages in 2025, preserving the upstream git history. The motivation for this is to lower the barrier for sharing improvements to and from upstream, and to improve software provenance and supply-chain security by making it easy to inspect every change at any level using standard git tooling. Key elements of this workflow include: Using a Git fork/clone of the upstream repository as the starting point for creating Debian packaging repositories. Consistent use of the same git-buildpackage commands, with all package-specific options in gbp.conf. DEP-14 tag and branch names for an optimal Git packaging repository structure. Pristine-tar and upstream signatures for supply-chain security. Use of Files-Excluded in the debian/copyright file to filter out unwanted files in Debian. Patch queues to easily rebase and cherry-pick changes across Debian and upstream branches. Efficient use of Salsa, Debian’s GitLab instance, for both automated feedback from CI systems and human feedback from peer reviews. To make the instructions so concrete that anyone can repeat all the steps themselves on a real package, I demonstrate the steps by packaging the command-line tool Entr. It is written in C, has very few dependencies, and its final Debian source package structure is simple, yet exemplifies all the important parts that go into a complete Debian package:

Creating Debian packages from upstream Git

Debian source packages in git explained

Most people with Linux experience have at some point installed .deb files on Debian or the more famous variant of it, Ubuntu. Programmers who have been involved with packaging and shipping software know that the code that generates those .deb packages is always in the debian/ subdirectory in a software project. However, anyone who has tried to do Debian packaging also knows that all the automation involved can be challenging to grasp, and building packages, modifying packaging files, and repeatedly rebuilding them can feel way more frustrating than iterating in regular software development. As Debian has been around for three decades already, there is a lot of online documentation available, but unfortunately, most of it is outdated, and reading about old tools might just add to the confusion. Thus, let me introduce an explainer of what the structure in 2025 should look like on a well-maintained Debian package source, and what benefits it brings. First, I’ll run through the basics to ensure all readers have them fresh in their mind, and further down, I get into the increasingly complex workings of how Debian source packaging works and why they have a certain git repository structure.

Featured image of post Debian source packages in git explained

Learn to write better git commit messages by example

When people learn programming they – for completely obvious and natural reasons – initially focus on learning the syntax of programming languages and libraries. However, these are just tools. The essence of software engineering is about automating thought, applying algorithmic thinking and anticipation of the known and unknown. The code might be succinct, but the reasoning behind it can be extensive, and it needs to show in the communication around the code. The more senior a programmer is, the more their success depends on their communication skills.

Learn to write better git commit messages by example