Dpkg::Source::Package - manipulate Debian source packages
| Use Case | Command | Description |
|---|---|---|
| Create from .dsc | $p = Dpkg::Source::Package->new(filename => 'pkg.dsc') | Initialise object from a source description file |
| Create for format | $p = Dpkg::Source::Package->new(format => '3.0 (quilt)') | Prepare object for a specific source format (≥ dpkg 1.19.3) |
| Extract source | $p->extract($targetdir) | Unpack source package into target directory |
| Verify checksums | $p->check_checksums() | Confirm integrity of referenced files |
| Check signature | $p->check_signature() | Validate embedded OpenPGP signature |
| Verify orig tarballs | $p->check_original_tarball_signature($dir, @asc) | Use upstream signing key to check tarball signatures |
| List files | $p->get_files() | Return list of files in the source package |
| Get signing key file | $p->get_upstream_signing_key($dir) | Get path to upstream key inside unpacked source tree |
This module provides a class that can manipulate Debian source packages. While it supports both the extraction and the creation of source packages, the only API that is officially supported is the one that supports the extraction of the source package.
$string = get_default_diff_ignore_regex() — Returns the default diff ignore regex.set_default_diff_ignore_regex($string) — Set a regex as the new default diff ignore regex.@array = get_default_tar_ignore_pattern() — Returns the default tar ignore pattern, as an array.$p = Dpkg::Source::Package->new(%opts, options => {})The options key is a hash ref which supports the following options:
$p->get_filename() — Returns the filename of the DSC file.$p->get_files() — Returns the list of files referenced by the source package. The filenames usually do not have any path information.$p->check_checksums()If the object has been created with the "require_strong_checksums" option, then any problem will result in a fatal error.
$p->get_upstream_signing_key($dir) — Get the filename for the upstream key.$p->check_original_tarball_signature($dir, @asc)@asc using the upstream public keys. It requires the origin upstream tarballs, their signatures and the upstream signing key, as found in an unpacked source tree $dir. If any inconsistency is discovered, it immediately errors out.
$bool = $p->is_signed() — Returns 1 if the DSC files contains an embedded OpenPGP signature. Otherwise returns 0.$p->check_signature()If the object has been created with the "require_valid_signature" option, then any problem will result in a fatal error.
$p->extract($targetdir)$targetdir. Beware that if $targetdir already exists, it will be erased (as long as the no_overwrite_dir option is set).
get_upstream_signing_key().check_original_tarball_signature().$diff_ignore_default_regexp.@tar_ignore_default_pattern.new().check_checksums().get_default_diff_ignore_regex(), set_default_diff_ignore_regex(), get_default_tar_ignore_pattern()$diff_ignore_default_regexp, @tar_ignore_default_patternGenerated by phpman v4.9.25-3-gdbaf087 · Markdown · JSON · MCP Author: Che Dong Under GNU General Public License
2026-07-06 23:11 @216.73.217.93
CrawledBy Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Enhanced by LLM: deepseek-v4-pro / taotoken.net / www.chedong.com - original format