Packaging Scribus rpms, debs or plug-ins - What should I do?
Downstream packagers are asking for and may soon demand GPG signed tarballs. For Fedora, this is not a requirement, but does ease acceptance of packages. It also shows we are doing "The Right Thing". md5sums are not foolproof.
To create a gpg signed tarball:
$gpg -u packager@foo.net --armor --output tarball.sig --detach-sig tarball.tar.gz
To verify :
$gpg --verify ./tarball.asc ./tarball.tar.gz
Packaging plug-ins:
Plug-ins should be named scribus-something. This helps packagers deal with revisions and obsoletes when upgrading.
Signing your package,deb,tar etc.
First, you need to have a public/private keypair. This can be generated with GPG using <code>gpg --gen-key</code>
To add a signature to an existing package, use the command rpm --addsign /path/to/package.rpm To sign in the process of building a package, use rpmbuild -bb --sign
To check the signature on a package, use rpm --checksig
I have a great idea for adding something to Scribus. How can I write a plug-in?
Thanks to Petr Vanek, there is nicely done article: Scribus Plug-in Howto online.
Back to topI am interested in contributing. Is there documentation on coding style or other reference?
Glad you asked. There is a Scribus Coding section which outlines coding style and recommendations for code submissions.
Back to top