Bug#377141: marked as done (lintian: please check for substvar usage that causes un-binNMUability)

[Debian Bug Tracking System]

Your message dated Mon, 21 Aug 2006 14:18:55 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#377141: fixed in lintian 1.23.23
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

Package: lintian
Version: 1.23.22
Severity: wishlist
Tags: patch

Hello!

The attached new version-substvars check checks the usage of the
${Source-Version}, ${source:Version}, and ${binary:Version} substvars in
the Depends field, and warns when it causes un-binNMUability of the
package.

Note that one of the tags is marked as error instead of warning. This is
because the maintainer has introduced a regression while moving from
${Source-Version} to the new vars, using source:Version instead of
binary:Version (for example, xulrunner_1.8.0.4-1).

Thanks.

lintian (1.23.23) unstable; urgency=low

  * checks/version-substvars: new check to warn about usage of the
    ${Source-Version}, ${source:Version} and ${binary:Version} substvars
    that results in the package not being safely binNMUable.

-- 
Adeodato Simó                                     dato at net.com.org.es
Debian Developer                                  adeodato at debian.org
 
                            Listening to: Maximilian Hecker - My Friends

# version-substvars -- lintian check script
#
# Copyright (C) 2006 Adeodato Simó
# 
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, you can find it on the World Wide
# Web at http://www.gnu.org/copyleft/gpl.html, or write to the Free
# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
# MA 02110-1301, USA.

# SUMMARY
# =======
#
# What breaks
# -----------
# 
# (b1) any -> any (= ${source:Version})          -> use b:V
# (b2) any -> all (= ${Source-Version}) [or b:V] -> use s:V
# (b3) all -> any (= ${either-of-them})          -> use (>= ${s:V}), optionally 
(<< ${s:V}.1~)


package Lintian::version_substvars;
use strict;

use Util;
use Tags;

sub run {

my $pkg = shift;
my $type = shift;

my @control_data = read_dpkg_control("debfiles/control");

shift @control_data; # skip source info entry

foreach (@control_data) {
        my ($pkg1, $pkg1_is_any, $pkg2, $pkg2_is_any, $substvar_strips_binNMU);

    $pkg1 = $_->{'package'};
        $pkg1_is_any = ($_->{'architecture'} ne 'all');

        foreach (split /,/, ($_->{'depends'} || "")) {
                next unless 
m/(\S+)\s*\(\s*=\s*\${((?:Source-|source:|binary:)Version)}/x;

                $pkg2 = $1;
                $substvar_strips_binNMU = ($2 eq 'source:Version');
                $pkg2_is_any = (slurp_entire_file("control/$pkg2/architecture") 
!~ m/^all$/);

                if ($pkg1_is_any) {
                        if ($pkg2_is_any and $substvar_strips_binNMU) {
                                # (b1) any -> any (= ${source:Version})
                                tag "not-binnmuable-any-depends-any", "$pkg1 -> 
$pkg2";
                        } elsif (not $pkg2_is_any and not 
$substvar_strips_binNMU) {
                                # (b2) any -> all (= ${Source-Version}) [or b:V]
                                tag "not-binnmuable-any-depends-all", "$pkg1 -> 
$pkg2";
                        }
                } elsif ($pkg2_is_any) {
                        # (b3) all -> any (= ${either-of-them})
                        tag "not-binnmuable-all-depends-any", "$pkg1 -> $pkg2";
                }

                # TODO (post-Etch?): warn/error about ${Source-Version} being 
deprecated
        }
}

}

1;

# vim: syntax=perl sw=4 ts=4 noet shiftround

Check-Script: version-substvars
Author: Adeodato Simó <[EMAIL PROTECTED]>
Abbrev: v-s
Standards-Version: 3.7.2
Type: source
Unpack-Level: 1
Needs-Info: debfiles, source-control-file
Info: This script checks for correct use of the various *Version
 substvars, e.g. deprecated substvars, or usage that can cause
 un-binNMUability

Tag: not-binnmuable-any-depends-any
Type: error
Info: The package is not safely binNMUable because an arch:any package
 depends on another arch:any package with a (= ${source:Version})
 relationship. Please use (= ${binary:Version}) instead.

Tag: not-binnmuable-any-depends-all
Type: warning
Info: The package is not safely binNMUable because an arch:any package
 depends on an arch:all package with a (= ${Source-Version}) or
 (= ${binary:Version}) relationship. Please use (= ${source:Version})
 instead.

Tag: not-binnmuable-all-depends-any
Type: warning
Info: The package is not safely binNMUable because an arch:all package
 depends on an arch:any package with a strict (= ${Source-Version}), or
 similar, relationship.
 .
 It is not possible for arch:all packages to depend so strictly on
 arch:any packages while having the package binNMUable, so please use
 one of these, whichever is more appropriate:
 .
   Depends: arch_any (>= ${source:Version})
   Depends: arch_any (>= ${source:Version}), arch_any (<< ${source:Version}.1~)

--- End Message ---

--- Begin Message ---

Source: lintian
Source-Version: 1.23.23

We believe that the bug you reported is fixed in the latest version of
lintian, which is due to be installed in the Debian FTP archive:

lintian_1.23.23.dsc
  to pool/main/l/lintian/lintian_1.23.23.dsc
lintian_1.23.23.tar.gz
  to pool/main/l/lintian/lintian_1.23.23.tar.gz
lintian_1.23.23_all.deb
  to pool/main/l/lintian/lintian_1.23.23_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Russ Allbery <[EMAIL PROTECTED]> (supplier of updated lintian package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 21 Aug 2006 10:28:14 -0700
Source: lintian
Binary: lintian
Architecture: source all
Version: 1.23.23
Distribution: unstable
Urgency: low
Maintainer: Debian Lintian Maintainers <[EMAIL PROTECTED]>
Changed-By: Russ Allbery <[EMAIL PROTECTED]>
Description: 
 lintian    - Debian package checker
Closes: 333311 370720 372748 374167 374314 374899 375318 375638 376030 376109 
376596 377141 377182 377616 377654 378054 378055 379176 379558 379749 380399 
381800 381965 383203
Changes: 
 lintian (1.23.23) unstable; urgency=low
 .
   The "new Python policy" release
 .
   * checks/binaries.desc:
     + [RA] Greatly expand the binary-or-shlib-defines-rpath long
       description based on recent discussion in debian-policy.  Add a
       reference to the wiki page.  (Closes: #378054, #378055)
   * checks/changelog-file{.desc,}:
     + [RA] Diagnose changelog files that are symlinks, using the new way
       the changelog-file collection script processes them.
   * checks/common_data.pm:
     + [RA] Add Python-Version as a known source and binary field.
   * checks/copyright-file:
     + [RA] Catch "<fill in http/ftp site>" as well as the string without
       "http/".  Thanks, Jari Aalto.  (Closes: #374167)
   * checks/deb-format{.desc,}:
     + [RA] Remove deb-created-with-broken-tar; the bug was actually in
       dpkg, and the dpkg in stable has been fixed.  Thanks Jari Aalto and
       Thijs Kinkhorst.  (Closes: #375638, #376030)
   * checks/debconf:
     + [RA] Diagnose a missing template description only once and avoid
       Perl warnings.  Thanks, Thomas Huriaux.  (Closes: #377654)
   * checks/debhelper:
     + [RA] Use the standard control file parser rather than a custom
       parser that can't handle continuation lines.
     + [RA] Warn if dh_python is used without debian/pycompat in non-CDBS
       packages and check for the debhelper version required for Python
       policy.  Thanks, Raphaël Hertzog.  (Closes: #375318)
   * checks/fields{.desc,}:
     + [RA] Don't warn virtual-package-depends-without-real-package-depends
       for Recommends and rewrite the tag description to be more accurate.
       Thanks to Martin F. Krafft for the report.  (Closes: #370720)
     + [RA] ~ is now permitted in version numbers.  (Closes: #381965)
     + [RA] Catch and check dependencies correctly for debconf-updatepo run
       from the clean target.  Thanks, James Westby.  (Closes: #380399)
     + [RA] Warn when encountering an aspell dictionary package that isn't
       arch: all.  Thanks, Piotr Engelking.  (Closes: #374899)
     + [RA] Check the syntax of the new Python-Version field.
     + [RA] Check for missing build dependencies on python-central or
       python-support.  Thanks, Raphaël Hertzog.
     + [RA] Check for old << dependencies on Python in Python packages that
       lack a Python-Version control field, as these are probably packages
       that don't follow the new Python policy.  Thanks, Raphaël Hertzog.
   * checks/files{.desc,}:
     + [RA] Provide a better explanation of why Debian packages shouldn't
       ship files in /srv.  (Closes: #379176)
     + [RA] Warn about files installed into /etc/gconf/schemas.
     + [RA] Warn about files in /usr/lib/site-python.  Thanks, Thomas
       Viehmann and Raphaël Hertzog.  (Closes: #372748)
   * checks/manpages{.desc,}:
     + [RA] Warn about manpage short descriptions of the form "manual page
       for program" (usually generated by help2man).
   * checks/menu:
     + [RA] Ignore trailing whitespace in doc-base files.  Patch from Bas
       Zoetekouw.  (Closes: #379749)
   * checks/nmu{.desc,}:
     + [RA] When checking for an NMU changelog entry, require "NMU" be
       surrounded by word boundaries.
     + [RA] Warn if the changelog incorrectly indicates an NMU.  Thanks to
       George Danchev for the report.
   * checks/scripts{.desc,}:
     + [RA] Except mkstemp from possibly-insecure-handling-of-tmp-files for
       maintainer scripts written in Perl.
     + [RA] Mention [[ ]] explicitly in the possible-bashism long
       description as requiring a Korn shell and make it clearer that the
       primary arbiter of this test is the POSIX shell specification.
       (Closes: #381800 by clarification)
     + [RA] Use the Dep library to check dependencies.  Add php5 to the
       interpreter list and correctly handle the dependencies for
       version-less PHP scripts.  (Closes: #379558)
     + [RA] Check for proper dependencies if gconf-schemas is called in
       maintainer scripts and diagnose calling gconftool(-2) directly.
       Thanks, Josselin Mouette.  (Closes: #333311)
   * checks/version-substvars{.desc,}:
     + [RA] New check from Adeodato Simó for proper use of substvars for
       versioned dependencies between packages built from the same source
       package so that NMUs will work properly.  Also catch use of such a
       substvar for a versioned dependency on a package not built from the
       same source.  (Closes: #377141, #376596)
 .
   * collection/changelog-file:
     + [RA] Be much more careful about changelog files that are symlinks.
       Don't skip over changelog symlinks just because they point to
       non-existant files, mark unsafe symlinks or symlinks to non-existent
       files by creating copyright as a symlink to a non-existent file in
       the lab, and don't create an empty dummy changelog if we couldn't
       find a changelog.  Correctly handle changelog files that are
       symlinks to other files in the same directory.
 .
   * debian/copyright:
     + [RA] Add Subversion repository location.
 .
   * frontend/lintian:
     + [JvW] Give error if there is no "Description" field in .changes, this is
       required by dak
 .
   * frontend/lintian-info:
     + [RA] Add the -t or --tags option that, given a tag name, prints out
       the description.  (Closes: #376109)
 .
   * lib/Tags.pm:
     + [RA] If a tag has been overriden via any mechanism, do not add it to
       any of the statistics (tag, severity, or significance).  Before, the
       override only suppressed a record for the specific statistic the
       override was based on, meaning that classic tag-based overrides
       didn't suppress severity statistics.  Overridden error tags would
       therefore cause lintian to exit with non-zero status.  Thanks,
       Andree Leidenfrost and Martin F. Krafft.  (Closes: #377182, #374314)
 .
   * man/lintian.1:
     + [RA] Better document the --archivedir and --dist options and how
       lintian constructs the path to an archive.  (Closes: #383203)
     + [RA] Document new version-substvars check script.
   * man/lintian-info.1:
     + [RA] Document the new -t or --tags option.
 .
   * reporting/html_reports:
     + [RA] Include the lintian version in HTML page footers.  Thanks,
       Thijs Kinkhorst.  (Closes: #377616)
Files: 
 da8f32e61a502e9799c3c4ff44685904 803 devel optional lintian_1.23.23.dsc
 b180a3d7af42209a6a36be62ccd38f8d 307986 devel optional lintian_1.23.23.tar.gz
 7098ad61fa1d7283e50b8d2c56db9fda 264248 devel optional lintian_1.23.23_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFE6hIS+YXjQAr8dHYRArRZAJ4sOrVbFGtZ/3nXHbiJOf6OIxsaOwCaAp/H
ZbRw4ZGNgjRqlLfKHEGXu4g=
=Fori
-----END PGP SIGNATURE-----

--- End Message ---