On 16/05/26 1:47 am, Thorsten Glaser wrote:
> Nilesh Patra dixit:
>
>>> The changelog in question is:
>
> You truncated my quote, though.
>
>
>>> * New upstream release
>>> * CVEs
>
> This is continued in a list:
> - CVE-1234-56789
> - …
>
>> The point of the tag is to prevent maintainers from writing
>> non-descriptive entries. If this does not suit your use-case, you may
>> override it.
>
> The entry is longer than lintian thinks it is because it fails
> to take line continuations into account. This is clearly a bug
> in lintian.
As has been said in the same bug report, it does not hurt to have
"Fixes the following CVEs:" or something similar.
I don't concur that this is a bug in lintian as such. Even if we
were to take up the full list, the question again becomes as to
where do we draw the line.
Consider an entry like:
* fix
- CVE-1248-93284
- CVE-1999-29894
This is much worse, and should be flagged. But with lintian being a
static analysis tool it becomes very hard to detect some of
the patterns. I feel that a little bit of more description does
not hurt, and that is the reason why this tag is pedantic in the
first place.
>> Removal of this tag would be a worse option. Hence, wontfix.
>
> Yeah, lintian’s use has been greatly reduced by all the useless
> maintainer churn, FPs and corresponding attitude, as well as
> long time to fix for even recognised bugs.
This tag has been there for a long time. I am a new maintainer.
There are ~500 bugs sitting. I've been working tirelessly, with approximately
~1 commit
every day or every couple of days.
Honestly, what am I supposed to do after reading words like these?
You keep ranting about the "useless" tags, but when I asked you previously about
what you objectively think, should be fixed, I received no helpful pointers [1].
Please do not mail me in future if these are the only things you have to say.
> Disappointed, but not surprised,
Same here.
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115177#35
