Package: lintian Version: 2.5.46 Severity: wishlist -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Apparently it is a trend for Ruby Gems to stuff convenience code copies of javascript code into /vendor/ dirs. Those should, according to Policy ยง 3.14, instead be packaged separately as a libjs-* package (see bug#798983). The detection involves multiple parts: a) Package name is not "libjs-*" b) Path contains "/vendor/" c) File contains ".js" d) File is truly a file (not a symlink) Beware that file may not _end_ in ".js": Some Ruby packages add an ".erb" suffix (see e.g. ruby-leaflet-rails 0.7.7-1). Related detections: ... d) File is a symlink not pointing below /usr/share/javascript ... d) File is a symlink pointing below /usr/share/javascript e) Package does not depend on package providing symlink For some concrete examples of the kind of bugs this would catch, see bug#835508, #835509, #835512 The lintian message should probably mention the file specifically: Bug#835512 is an example where one of two files needs fixing but the other would trigger a false positive sensible to suppress: The former Javascript library has separate upstream whereas the latter does not. - Jonas -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJXwD2PAAoJECx8MUbBoAEhxu0P/3H2L8ThgsitolyzppFvwr2S 47ujDaRarBSJlMDxHmWMYidLRPVgvxkyFrgKnLeibJWN55U6E+7iOIOWwZvo2LKf 9plkIgqH23glnRSaOveoUPY31pCx+6bqbvsTf/IlQE3ASExtmukYUkY9JS00F8ax QBxNLhDKWklHucyb/9C/mLeFovJkYWXpRJFOhfUI0no2iIiAqXLrIKLJRtVNVSZv 0aMDgLbDUFmllDqZuPYzY/R3MhomLNkODyRf8UdP1ekVMg9oHOrVSYeZwSzKOQbX QNo8QR52KH8TwByPdsvvv6clH7NziPDBWEZSBHBGHGQ3VaWpDn1uXF2rExJP+CcU nAxJqP38XWTSqxnp6K/NBjkyB4ajKzQYpX9+T6aYJCQaO8M1n2bfpAOhmXShpVt6 lL7lsGOqTFdPk+GcuvPKlc3LurEzoHDdtTZURivKRD0DjctZp8ncjRN7d4YtXnJG n+1ehLT5quv0pD2uLlW/0SdCkhKH8VXGqOunmElqke+3rPI63v4fHQefclKIN2fG 4aHnSy0EiavxxWQOUjbOKJUWTSbIVqKJnwJ5AInVT72W33P/NvpteO7nNSXCdM/W iHX6JTw0OJCGeB8Tib8UhR8y0IdDQAs6mcl3J4gjQ3xFU/UR2/QuYU6wDHNEpEtQ JXnZ3OwqLWLwqB9y9Z4A =44pr -----END PGP SIGNATURE-----
