Chris Lamb pushed to branch stretch-backports at lintian / lintian
Commits: d65209a3 by Chris Lamb at 2019-12-09T11:46:11Z Open new changelog entry. Gbp-Dch: ignore - - - - - 123711c9 by Guido Günther at 2019-12-09T13:10:40Z Update the PureOS distribution names in the "vendor" configuration. Signed-off-by: Chris Lamb <[email protected]> - - - - - 082da3a7 by Chris Lamb at 2019-12-09T17:09:19Z Don't attempt to check manual section if we don't know the section numer in order to silence Perl warnings on the commandline. (Closes: #946471) - - - - - b66a3187 by Felix Lechner at 2019-12-10T01:51:00Z Add new tag quoted-placeholder-in-mailcap-entry. In response to #33486. - - - - - 6a07df2e by Felix Lechner at 2019-12-10T01:57:58Z Add new check for unsafe mailcap entries. (Closes: #33486) This check parses mailcap files line by line. It emits a tag if the placeholder (%s) is used with quotes. As detailed in these references, quoting should be left to the program that uses the files. Otherwise, it is considered unsafe. Bug#33486 Bug#90483 Bug#745141 http://bugs.debian.org/745141#17 https://lists.debian.org/debian-user/2005/04/msg01185.html https://tools.ietf.org/rfc/rfc1524.txt The bug is from 1999. The mailcap specification is from 1993. The quoting question was presumably considered with some care. Only a few programs still ship mailcap files. - - - - - 96f268ee by Felix Lechner at 2019-12-10T01:59:54Z Regenerate profiles to include new check mailcap. In response to #33486. Gbp-Dch: ignore - - - - - 5e74a8e0 by Felix Lechner at 2019-12-10T01:59:54Z Provide three test cases for new tag quoted-placeholder-in-mailcap-entry. Gbp-Dch: ignore - - - - - 4e239d29 by Felix Lechner at 2019-12-10T04:45:44Z Remove unnecessary collection prerequisites for check mailcap. These types of adjustments will soon become a thing of the past. Lintian will create (and cache) the needed data structures on demand. Gbp-Dch: ignore - - - - - 872aecfd by Felix Lechner at 2019-12-10T12:40:41Z Add two FORTRAN tags for new fortran check. Prompted by Bug#796352. - - - - - a2dcbd19 by Felix Lechner at 2019-12-10T12:41:30Z Add new check fortran to check module versions and prerequisites. (Closes: #796352) Emits two tags that are helpful with automatic rebuilds as a result of fortran compiler updates. Looks for GFORTRAN module versions and compares them to the package prerequisites. More details may be available here: Bug#796352 Bug#714730 https://salsa.debian.org/science-team/dh-fortran-mod/blob/debian/master/dh_fortran_mod.in The new check can be extended for other FORTRAN issues. - - - - - 8226e9ae by Felix Lechner at 2019-12-10T12:48:25Z Regenerate profiles to include new fortran check. Gbp-Dch: ignore - - - - - d15fc80a by Felix Lechner at 2019-12-10T12:48:37Z Provide two tests for new fortran check. In response to Bug#796352. Gbp-Dch: ignore - - - - - eb3d2f14 by Felix Lechner at 2019-12-13T13:22:38Z In tests, armor upstream signatures. Gbp-Dch: ignore - - - - - 53c836e0 by Felix Lechner at 2019-12-13T13:22:38Z Reassign tag orig-tarball-missing-upstream-signature to new check upstream-signature. Gbp-Dch: ignore - - - - - 09813fcb by Felix Lechner at 2019-12-13T13:22:38Z Add new check upstream-signature and move some parts from check debian/control. Gbp-Dch: ignore - - - - - 80bcd50e by Felix Lechner at 2019-12-13T13:22:38Z Regenerate profiles to activate new check upstream-signatures. Gbp-Dch: ignore - - - - - e1609039 by Felix Lechner at 2019-12-13T13:22:38Z Associate some tests with new check upstream-signature from debian/control. Gbp-Dch: ignore - - - - - 2bed5e8b by Felix Lechner at 2019-12-13T14:57:48Z Remove old packages and package sources left over from previous builds of test packages. Gbp-Dch: ignore - - - - - b6b7c15b by Felix Lechner at 2019-12-13T19:03:00Z New tags to address deficiencies in upstream signatures. Prompted by Bug#929429, Bug#929434, Bug#929435, and Bug#929436. - - - - - 242fc066 by Felix Lechner at 2019-12-13T19:04:05Z New checks to address deficiencies in upstream signatures. (Closes: #929429, #929434, #929435, #929436) Besides the bug reports, some additional information may be available at: https://lists.debian.org/debian-devel/2019/04/msg00459.html - - - - - 9f30dde1 by Felix Lechner at 2019-12-13T19:05:56Z Provide tests with deficiencies in upstream signatures. Prompted by Bug#929429, Bug#929434, Bug#929435, and Bug#929436. Gbp-Dch: ignore - - - - - c9b36898 by Felix Lechner at 2019-12-13T23:08:39Z Amend tag description with details about spurious fields generated by old gpg versions. Gbp-Dch: ignore - - - - - e44c084c by Felix Lechner at 2019-12-14T14:42:14Z Add new tag for empty upstream sources. This commit was prompted by Bug#471537. The patch submitted there no longer worked with the current source tree, but some relevant ideas were extracted. Lintian now issues a warning for empty orig sources. The check for repackaged source was transfered to debian/copyright. It now makes sure the version string reflects a repackaging. The idea to check for the rules target get-origtargz was not adopted, as uscan is now widely used for automated repacking. This commit series does not check the contents of watch files. - - - - - a41e0a30 by Felix Lechner at 2019-12-14T14:48:30Z Add new check for orig tarball. (Closes: #471537) This commit was prompted by Bug#471537. The patch submitted there no longer worked with the current source tree, but some relevant ideas were extracted. Lintian now issues a warning for empty orig sources. The check for repackaged source was transfered to debian/copyright. It now makes sure the version string reflects a repackaging. The idea to check for the rules target get-origtargz was not adopted, as uscan is now widely used for automated repacking. This commit series does not check the contents of watch files. - - - - - d0eefd94 by Felix Lechner at 2019-12-14T14:48:36Z Regenerate profiles to include new check origtar. This commit was prompted by Bug#471537. The patch submitted there no longer worked with the current source tree, but some relevant ideas were extracted. Lintian now issues a warning for empty orig sources. The check for repackaged source was transfered to debian/copyright. It now makes sure the version string reflects a repackaging. The idea to check for the rules target get-origtargz was not adopted, as uscan is now widely used for automated repacking. This commit series does not check the contents of watch files. Gpb-Dch: ignore - - - - - 8b70a6bf by Felix Lechner at 2019-12-14T14:48:55Z Provide test for new check origtar. This commit was prompted by Bug#471537. The patch submitted there no longer worked with the current source tree, but some relevant ideas were extracted. Lintian now issues a warning for empty orig sources. The check for repackaged source was transfered to debian/copyright. It now makes sure the version string reflects a repackaging. The idea to check for the rules target get-origtargz was not adopted, as uscan is now widely used for automated repacking. This commit series does not check the contents of watch files. Gbp-Dch: ignore - - - - - 639af293 by Felix Lechner at 2019-12-14T14:49:07Z Adjust existing tests for new check origtar; add files to avoid empty warnings. This commit was prompted by Bug#471537. The patch submitted there no longer worked with the current source tree, but some relevant ideas were extracted. Lintian now issues a warning for empty orig sources. The check for repackaged source was transfered to debian/copyright. It now makes sure the version string reflects a repackaging. The idea to check for the rules target get-origtargz was not adopted, as uscan is now widely used for automated repacking. This commit series does not check the contents of watch files. Gbp-Dch: ignore - - - - - 74d011a5 by Felix Lechner at 2019-12-14T14:49:25Z Add new tag for when repackaged sources are not properly advertised. This commit was prompted by Bug#471537. The patch submitted there no longer worked with the current source tree, but some relevant ideas were extracted. Lintian now issues a warning for empty orig sources. The check for repackaged source was transfered to debian/copyright. It now makes sure the version string reflects a repackaging. The idea to check for the rules target get-origtargz was not adopted, as uscan is now widely used for automated repacking. This commit series does not check the contents of watch files. - - - - - 91a30c99 by Felix Lechner at 2019-12-14T14:49:32Z Issue new tag for repackaged sources that are not properly advertised. This commit was prompted by Bug#471537. The patch submitted there no longer worked with the current source tree, but some relevant ideas were extracted. Lintian now issues a warning for empty orig sources. The check for repackaged source was transfered to debian/copyright. It now makes sure the version string reflects a repackaging. The idea to check for the rules target get-origtargz was not adopted, as uscan is now widely used for automated repacking. This commit series does not check the contents of watch files. - - - - - dbcf8904 by Felix Lechner at 2019-12-14T14:49:41Z Provide test for repackaged source that are not properly advertised. This commit was prompted by Bug#471537. The patch submitted there no longer worked with the current source tree, but some relevant ideas were extracted. Lintian now issues a warning for empty orig sources. The check for repackaged source was transfered to debian/copyright. It now makes sure the version string reflects a repackaging. The idea to check for the rules target get-origtargz was not adopted, as uscan is now widely used for automated repacking. This commit series does not check the contents of watch files. Gbp-Dch: ignore - - - - - 40298c3a by Felix Lechner at 2019-12-14T14:49:51Z Adjust existing tests to new tag for repackaged sources that are not properly advertised. This commit was prompted by Bug#471537. The patch submitted there no longer worked with the current source tree, but some relevant ideas were extracted. Lintian now issues a warning for empty orig sources. The check for repackaged source was transfered to debian/copyright. It now makes sure the version string reflects a repackaging. The idea to check for the rules target get-origtargz was not adopted, as uscan is now widely used for automated repacking. This commit series does not check the contents of watch files. Gbp-Dch: ignore - - - - - 49287b02 by Felix Lechner at 2019-12-14T19:57:20Z Drop tag 'source-contains-empty-directory', a nuisance ignored by many. (Closes: #907727) This tag was determined to be a nuisance after a careful discussion in the bug. Across the archive, it was triggered more than 7,000 times, with 83 overrides. As the evidence showed, maintainers either could not do anything about it (if upstream abandoned the project) or were too embarrassed to ask. Furthermore, many upstream authors ship empty folders. It is fair to conclude that the tag existed primarily because some of our tools have issues with empty directories. The tag description, now deleted, admitted as much: Keeping the empty directory in the source package can prevent others from contributing to the package when using tools like git-buildpackage(1). Those problems should be addressed in our toolchain. It was not right to blame upstream. Removes the tag, and the code in the cruft check that issued it. - - - - - 756f39cc by Felix Lechner at 2019-12-14T19:58:00Z Remove test for dropped tag source-contains-empty-directory. Gbp-Dch: ignore - - - - - 3f447271 by Felix Lechner at 2019-12-15T05:26:00Z Add new tag no-dh-sequencer. This commit is part of a series to introduce more features and tags surrounding the dh sequencer. It was prompted by Bug#930679 and is a work in progress. - - - - - d0b5b337 by Felix Lechner at 2019-12-15T06:12:15Z Add new check debian/rules/dh-sequencer; issue a tag when dh sequencer is not used. This currently issues only the new tag no-dh-sequencer. More dh-related functionality will be transfered from debian/rules in the near future. The present commit does not address all aspects of the new tag discussed in the bug filing. That is why the bug is not being closed. The tag name is different and shorter than discussed. Also, the severity is wishlist (I), even though some advocates had embraced the higher level of normal (W). An attempt was made to bypass Haskell packages. They are identified by looking for the strings "include /usr/share/cdbs/1/class/hlibrary.mk" or "DEB_CABAL_PACKAGE" in d/rules. A brand new check file was started to make space for lots of new features and tags related to the dh sequencer. This commit is part of a series to introduce more features and tags surrounding the dh sequencer. It was prompted by Bug#930679 and is a work in progress. - - - - - b199c411 by Felix Lechner at 2019-12-15T06:12:21Z Regenerate profiles to include the new check debian/rules/dh-sequencer. This commit is part of a series to introduce more features and tags surrounding the dh sequencer. It was prompted by Bug#930679 and is a work in progress. Gbp-Dch: ignore - - - - - 89f9c3e5 by Felix Lechner at 2019-12-15T06:12:21Z Adjust existing tests for presence of the new check debian/rules/dh-sequencer. This commit is part of a series to introduce more features and tags surrounding the dh sequencer. It was prompted by Bug#930679 and is a work in progress. Gbp-Dch: ignore - - - - - 31cb0117 by Felix Lechner at 2019-12-15T06:12:21Z Provide a test for the new tag no-dh-sequencer. This commit is part of a series to introduce more features and tags surrounding the dh sequencer. It was prompted by Bug#930679 and is a work in progress. Gbp-Dch: ignore - - - - - e22a455d by Felix Lechner at 2019-12-15T15:43:01Z Remove bogus tag service-key-has-whitespace. (Closes: #946763) This key is either bogus or has become outdated. According to a clarification from systemd's upstream from February 2019, such spaces are now safely ignored: https://github.com/systemd/systemd/commit/170342c90be07f418ab786718d95ef76289126a0 That will presumably prevent the third-party tools mentioned in the tag description from breaking. Removes tag definition and the relevant check code. - - - - - b803b62c by Felix Lechner at 2019-12-15T15:47:33Z Adjust tests for removal of bogus tag service-key-has-whitespace. Gbp-Dch: ignore - - - - - f3a6f4e4 by Felix Lechner at 2019-12-16T22:09:46Z Add libfonf-ttf-perl to Depends and Build-Depends in d/control. Also filed for lintian.d.o under RT#8055. - - - - - 9c019ecd by Felix Lechner at 2019-12-16T22:18:27Z Add new tags for TrueType and OpenType fonts. Prompted by Bug#635068. - - - - - 6d0c3d8b by Felix Lechner at 2019-12-16T22:18:27Z Check TrueType and OpenType fonts for licensing terms. (Closes: #635068) - - - - - 6a691cb5 by Felix Lechner at 2019-12-16T22:18:27Z Regenerate profiles to include checks for TrueType and OpenType fonts. Prompted by Bug#635068. Gbp-Dch: ignore - - - - - 039cadde by Felix Lechner at 2019-12-16T22:18:27Z Provide tests for new checks regarding TrueType and OpenType fonts. Prompted by Bug#635068. Gbp-Dch: ignore - - - - - 4cad15a8 by Felix Lechner at 2019-12-17T01:24:14Z Allow boolean-false directory components in link targets. (Closes: #892127) Contrary to hints about link resolution in the initial report, this was a genuine bug when resolving relative link targets. An offending package, libaddresses0_0.4.8-3+b1_amd64.deb, and probably many other packages in GNUstep, used a subdirectory '0' to indicate a zero version. That directory was resolved incorrectly when part of a link target. The relevant routine aborted early because the component evaluated to boolean false when there were in fact additional components to process. Specifically, usr/lib/libAddresses.so.0 was resolved to usr/lib/GNUstep/Frameworks/Addresses.framework/Versions when the correct result was usr/lib/GNUstep/Frameworks/Addresses.framework/Versions/0/libAddresses.so.0 This commit delivers the correct path and resolves the bug. Thanks to Yavor Doganov from the GNU Project for taking the time to make the initial report! - - - - - f0ec907d by Felix Lechner at 2019-12-17T01:49:59Z Also recognize shared library candidates with up to three dotted version digits at the end. Expands the regular expression to locate shared library candidates in the file system (not those obtained from the objdump collection) to include specific versions similar to: usr/lib/libAddresses.so.0 usr/lib/libAddresses.so.0.0.1 This commit furthermore renames two variables prompted by the extreme similarity of the two hash variables SONAME and SONAMES. Gbp-Dch: ignore - - - - - ee895b2e by Chris Lamb at 2019-12-17T18:19:41Z Revert "Don't attempt to check manual section if we don't know the section numer in order to silence Perl warnings on the commandline. (Closes: #946471)" See discussion on: https://salsa.debian.org/lintian/lintian/commit/082da3a71217d76c444d4921dc418fcfe9f785fb - - - - - ada6d72f by Louis-Philippe Véronneau at 2019-12-17T19:52:02Z Check proper VCS location for DPMT|PAPT packages. Signed-off-by: Chris Lamb <[email protected]> - - - - - dcf73b4f by Felix Lechner at 2019-12-18T18:03:39Z Do not consider manpages from related packages when looking for manpages without executables. (Closes: #946471) The immediate cause of the bug was that section numbers were not recorded for manpages provided in related packages. The key to resolving the bug, however, was the realization that those manpages should not be considered when looking for ophaned manpages. They are only considered to when looking for undocumented executables. To simplify the list comparisons, this commit uses List::Compare to implement some of the logic in the manpages check. As a side note, it is not clear that links should be excluded when requiring that manpages for commands in /usr/sbin are in section 8, not 1. The check currently looks only at regular files. - - - - - ea7a41e2 by Felix Lechner at 2019-12-18T19:57:17Z Remove unnecessary references to info structures; they refer to their own object. The info data structures previously provided by (Lintian::Collect) were folded into Processable and Processeable::Group, respectively. They available inside those objects. Gbp-Dch: ignore - - - - - 2bee4bce by Felix Lechner at 2019-12-18T19:57:17Z Remove group reference from Processable. This circular reference was eliminated in an effort to track down inconsistencies trying to find the 'source' processable in a group. Gbp-Dch: ignore - - - - - ac49cd89 by Felix Lechner at 2019-12-19T06:04:02Z Add new tag inconsistent-maintainer for maintainer mismatches between changes and source. Prompted by Bug#546525. - - - - - ff44cb40 by Felix Lechner at 2019-12-19T06:04:23Z Add check for consistent maintainer between changes and source processables. (Closes: #546525) Deviating from the request in the bug report, this this does not check the maintainer from the changes file against d/control, but rather against the maintainer field in the source. The author of this commit hopes that such course of action will satify the reporting party. - - - - - 30ea6bc7 by Felix Lechner at 2019-12-19T06:06:21Z Provide tests for new tag inconsistent-maintainer in check fields/maintainer. Prompted by Bug#546525. - - - - - d16d23b2 by Chris Lamb at 2019-12-19T12:01:31Z Release lintian/2.42.0 into unstable. - - - - - 9434f549 by Chris Lamb at 2019-12-27T18:16:05Z Merge tag '2.42.0' into stretch-backports Release lintian/2.42.0 into unstable. Format: 1.8 Date: Thu, 19 Dec 2019 12:01:30 +0000 Source: lintian Architecture: source Version: 2.42.0 Distribution: unstable Urgency: medium Maintainer: Debian Lintian Maintainers <[email protected]> Changed-By: Chris Lamb <[email protected]> Closes: 33486 471537 546525 635068 796352 892127 907727 929429 929434 929435 929436 946471 946763 Changes: lintian (2.42.0) unstable; urgency=medium . [ Felix Lechner ] * Add new checks to identify and notify about issues in upstream signatures. (Closes: #929429, #929434, #929435, #929436) * Do not consider manpages from related packages when looking for manpages without executables. (Closes: #946471) * Add a new check for unsafe mailcap entries. (Closes: #33486) * Add new Fortran checks to validate module versions and prerequisites. (Closes: #796352) * Add new checks for empty upstream sources and for when repackaged sources are not properly advertised as such. (Closes: #471537) * Drop the source-contains-empty-directory tag as it was mostly ignored. (Closes: #907727) * Remove the bogus service-key-has-whitespace tag. (Closes: #946763) * Check TrueType and OpenType fonts for licensing terms. (Closes: #635068) * Allow "boolean false" directory components in link targets. (Closes: #892127) * Add a new tag for consistent maintainer fields between changes and source processables. (Closes: #546525) * Add a new no-dh-sequencer tag to be issued when the debhelper(7) dh(1) sequencer is not used. . [ Guido Günther ] * Update the PureOS distribution names in the "vendor" configuration. . [ Louis-Philippe Véronneau ] * Ensure proper VCS location for Debian Python Module Team and Debian Python Application Team packages. Checksums-Sha1: e1d3d14b950463cd7bf04ef01bdedc297062bdf4 3218 lintian_2.42.0.dsc cdf18f0edfc99dcea694a1ec3c5d9c29fa10f5fd 1863732 lintian_2.42.0.tar.xz e6d2847bfb5e6b8705a03f248283754ad215856e 16210 lintian_2.42.0_amd64.buildinfo Checksums-Sha256: fc9c92aed75a1ad354a474379d2baab94957dbab49a52081cfd73ca25eee2eb0 3218 lintian_2.42.0.dsc a7d87722f7655f02f52e9dacbe89a9d06f3e627477e4b1909788b721da303542 1863732 lintian_2.42.0.tar.xz 5c9b88edd6fec4ea2bba26f0acb807ef1970101a4d5390ded26a0633406a420b 16210 lintian_2.42.0_amd64.buildinfo Files: a03b39e0a118ec3c7e6a769519777f42 3218 devel optional lintian_2.42.0.dsc b83304938a0cfea28ec954c8291590c0 1863732 devel optional lintian_2.42.0.tar.xz 07760fdea5d247f1f60dbf335e6556b1 16210 devel optional lintian_2.42.0_amd64.buildinfo * tag '2.42.0': (56 commits) Release lintian/2.42.0 into unstable. Provide tests for new tag inconsistent-maintainer in check fields/maintainer. Add check for consistent maintainer between changes and source processables. (Closes: #546525) Add new tag inconsistent-maintainer for maintainer mismatches between changes and source. Remove group reference from Processable. Remove unnecessary references to info structures; they refer to their own object. Do not consider manpages from related packages when looking for manpages without executables. (Closes: #946471) Check proper VCS location for DPMT|PAPT packages. Revert "Don't attempt to check manual section if we don't know the section numer in order to silence Perl warnings on the commandline. (Closes: #946471)" Also recognize shared library candidates with up to three dotted version digits at the end. Allow boolean-false directory components in link targets. (Closes: #892127) Provide tests for new checks regarding TrueType and OpenType fonts. Regenerate profiles to include checks for TrueType and OpenType fonts. Check TrueType and OpenType fonts for licensing terms. (Closes: #635068) Add new tags for TrueType and OpenType fonts. Add libfonf-ttf-perl to Depends and Build-Depends in d/control. Adjust tests for removal of bogus tag service-key-has-whitespace. Remove bogus tag service-key-has-whitespace. (Closes: #946763) Provide a test for the new tag no-dh-sequencer. Adjust existing tests for presence of the new check debian/rules/dh-sequencer. ... - - - - - b1819ffd by Chris Lamb at 2019-12-27T18:16:12Z Rebuild for stretch-backports. - - - - - 30 changed files: - checks/cruft.pm - checks/debian/changelog.pm - checks/debian/control.pm - checks/debian/copyright.pm - checks/debian/readme.pm - + checks/debian/rules/dh-sequencer.desc - + checks/debian/rules/dh-sequencer.pm - checks/fields/description.pm - checks/fields/maintainer.desc - checks/fields/maintainer.pm - checks/fields/vcs.pm - + checks/fonts/opentype.desc - + checks/fonts/opentype.pm - + checks/fonts/truetype.desc - + checks/fonts/truetype.pm - + checks/fortran.desc - + checks/fortran.pm - checks/group-checks.pm - + checks/mailcap.desc - + checks/mailcap.pm - checks/manpages.pm - checks/menu-format.pm - checks/menus.pm - + checks/origtar.desc - + checks/origtar.pm - checks/patch-systems.pm - checks/shared-libs.pm - checks/symlinks.pm - checks/systemd.pm - + checks/upstream-signature.desc The diff was not included because it is too large. View it on GitLab: https://salsa.debian.org/lintian/lintian/compare/44d8aa4a876405c47c91125cb9e853a5f849cb1f...b1819ffdcc0e1c27bb19939476892bfadff3965a -- View it on GitLab: https://salsa.debian.org/lintian/lintian/compare/44d8aa4a876405c47c91125cb9e853a5f849cb1f...b1819ffdcc0e1c27bb19939476892bfadff3965a You're receiving this email because of your account on salsa.debian.org.
