Package: lintian Version: 2.5.22.1 Severity: important -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi, I hereby ask for downgrading most of the privacy-breach* checks from severity: error to pedantic. Because the severity of these lintian checks is relevant to the decision, if a package gets accepted into Debian I've added the FTP masters team this report to get their point of view. Why do I disagree to the severity chosen for these tags: - - The severity chosen for these tags/checks is not justified by any of our policies, neither the Debian policy, not the best packaging practises nor any legal reason! There is IMO one exception: the violation of Google AdSense terms is serious and shouldn't be changed. - - There is no technical nor social justification for this severity. Making it simple: either you have an internet connection or you don't. In the latter case there is no problem. If you have an internet connection you either use a technical solution/ anonymizer to disable any "tracking" services or you don't. In both cases you don't have a problem, either you decided you accept the existance of zero-byte gifs, cross-links, tracking services and stuffs or you already use a technical solution to "disable" this. So making our package compliant to this new privacy- policy doesn't add any value to our users. - - I simply morally disagree with removing donation requests from authors although this might be legally correct (and yes I know, you request to put this in the upstream metadata instead). IMHO it is simply not your choice to make, how the author makes a donation request. - - Because I cannot see any agreement on the position lintian authors took here and because I don't see any technical nor social justification for this choice, I find it unacceptable that the burden to make packages "privacy"- compliant to some users is put on the shoulders of myself and fellow DDs. I cannot argue with the position of the Debian project and IMHO neither can you, so I would suggest a conservative choice for severity of these tags as long as we don't have a common position of the project. Regards, Daniel - -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (850, 'unstable'), (700, 'testing'), (560, 'stable'), (500, 'oldstable'), (110, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.13-1-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages lintian depends on: ii binutils 2.24-5 ii bzip2 1.0.6-5 ii diffstat 1.58-1 ii file 1:5.17-1 ii gettext 0.18.3.2-1 ii hardening-includes 2.5 ii intltool-debian 0.35.0+20060710.1 ii libapt-pkg-perl 0.1.29+b1 ii libarchive-zip-perl 1.37-2 ii libclass-accessor-perl 0.34-1 ii libclone-perl 0.36-1 ii libdpkg-perl 1.17.6 ii libemail-valid-perl 1.192-1 ii libfile-basedir-perl 0.03-1 ii libipc-run-perl 0.92-1 ii liblist-moreutils-perl 0.33-2 ii libparse-debianchangelog-perl 1.2.0-1 ii libtext-levenshtein-perl 0.06~01-2 ii libtimedate-perl 2.3000-1 ii liburi-perl 1.60-1 ii man-db 2.6.6-1 ii patchutils 0.3.2-3 ii perl [libdigest-sha-perl] 5.18.2-2+b1 ii t1utils 1.37-2 Versions of packages lintian recommends: pn libperlio-gzip-perl <none> ii perl-modules [libautodie-perl] 5.18.2-2 Versions of packages lintian suggests: pn binutils-multiarch <none> ii dpkg-dev 1.17.6 ii libhtml-parser-perl 3.71-1+b1 ii libtext-template-perl 1.46-1 ii libyaml-perl 0.84-1 ii xz-utils 5.1.1alpha+20120614-2 - -- no debconf information -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlM/4okACgkQm0bx+wiPa4y7jwCgh/PCcIHyBliuYzPTmLcOfAUw /zsAoM+BIgeF3rkscqbxjNd6KqYG9hkZ =sT++ -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
