When aptly publish is used e.g. with -skip-contents or -skip-bz2, it probably should make sure these files are actually removed if present on the disk.
When this is important: For example, I needed to change the PGP signing key, and I regenerated the published repository by hand. Unfortunately, I forgot to pass the same options as usual, and created these extra files, which won’t be updated by our package building machinery later and will become stale. When apt uses these repositories, it may get confused or outright refuse to use them, especially if the PGP key changed after the files were mistakenly created. Of course, this is also the case when skip-contents is enabled after the repository is published for the first time.
When
aptly publish
is used e.g. with-skip-contents
or-skip-bz2
, it probably should make sure these files are actually removed if present on the disk.When this is important: For example, I needed to change the PGP signing key, and I regenerated the published repository by hand. Unfortunately, I forgot to pass the same options as usual, and created these extra files, which won’t be updated by our package building machinery later and will become stale. When apt uses these repositories, it may get confused or outright refuse to use them, especially if the PGP key changed after the files were mistakenly created. Of course, this is also the case when skip-contents is enabled after the repository is published for the first time.