Creating Debian packages from upstream Git

In this post, I demonstrate the optimal workflow for creating new Debian packages in 2025, preserving the upstream git history. The motivation for this is to lower the barrier for sharing improvements to and from upstream, and to improve software provenance and supply-chain security by making it easy to inspect every change at any level using standard git tooling. Key elements of this workflow include: Using a Git fork/clone of the upstream repository as the starting point for creating Debian packaging repositories. Consistent use of the same git-buildpackage commands, with all package-specific options in gbp.conf . commands, with all package-specific options in . DEP-14 tag and branch names for an optimal Git packaging repository structure. Pristine-tar and upstream signatures for supply-chain security. Use of Files-Excluded in the debian/copyright file to filter out unwanted files in Debian. in the file to filter out unwanted files in Debian. Patch queues to easily rebase and ... Read full article.