Colin Watson wrote:
> I was wondering about this today.  I'd like to get to the point where we
> can say for a large number of packages that they only contain debhelper
> autoscript code; this would make it much quicker to audit those packages
> for safety.  Along with adding some more operations to
> dpkg-maintscript-helper, this seems like a good way to approach that.
> 
> It would be better if we weren't looking at shell code pasted in from
> another file, though, since that just creates another file we need to
> audit.  I think perhaps debian/maintscript should be parsed rather than
> just inserted, and this would allow us to generate appropriate
> Pre-Depends as well.
> 
> As a strawman, how about something like this?  This implementation does
> mean that you can't move conffiles whose names contain spaces; I'm not
> sure if that matters.  I just did it in dh_installdeb rather than
> introducing another script, since there wasn't much code involved.

I like this implementation.

The only glaring problem is that Pre-Depends: ${misc:Pre-Depends} needs to be
added -- but I suppose lintian can be made to check for that.

-- 
see shy jo

Attachment: signature.asc
Description: Digital signature

Reply via email to