Optimal Debian Packaging Workflow for 2025
This post outlines the optimal workflow for creating new Debian packages in 2025 while preserving upstream Git history. The goal is to simplify sharing improvements between upstream and Debian, and enhance software provenance and supply-chain security by easily inspecting every change using standard Git tools. Key elements include: using a Git fork/clone of the upstream repository; consistent use of `git-buildpackage` commands with package options in `gbp.conf`; DEP-14 tagging and branching; pristine-tar and upstream signatures; using `Files-Excluded` in `debian/copyright`; patch queues for rebasing and cherry-picking; leveraging Salsa (Debian's GitLab) for CI/CD and peer review. The process is demonstrated by packaging the `entr` command-line tool, walking through each step from repository creation to Merge Request submission on Salsa.