Hi Paul, Thanks for your time reviewing this package. I've tried to fix as much issues as I'm capable.
Here is a list of changes I've applied on the new package : - Binary package renamed to python3-minidb - Switched to github orig.tar.gz to be consistent with debian/watch - Switched from setup-tools to distutils as declared build dependency - Added file example.py in minidb.example to be deployed by dh_installexamples - Changed debian/* licence to ISC (same as source package) - Cleaned Licence text in debian/copyright - Wraped-and-sorted debian directory - Wraped and fixed debian/watch - Added an upstream/metadata file - Removed trailing spaces in debian/* files - Updated URL to use secured ones - Removed section from debian/control binary package (to avoid duplication with source package) - Upgraded debian/compat to 11 - Added AutoPkgTest stanza I've some more work to do but not in the packaging project : - File a bug against gpodder to depends upon minidb package - Ask upstream to sign minidb releases - Discuss with upstream about others check-all-the-things warnings Best Regards, Maxime 2018-01-21 6:25 GMT+01:00 Paul Wise <[email protected]>: > Control: owner -1 ! > Control: tags -1 + moreinfo > > I intend to sponsor this because the urlwatch RFS needs it. > > On Fri, Jan 19, 2018 at 4:42 AM, Maxime Werlen wrote: > > > I am looking for a sponsor for my package "minidb" > > In future, I'd recommend using the BTS block command when filing an RFS > that depends on another RFS. > > https://www.debian.org/Bugs/server-control#block > > You can use this syntax when mailing submit@ or existing bugs (-1 means > the bug you are mailing or submitting): > > Control: block 887659 by -1 > > These issues block the upload of minidb to Debian: > > Since minidb only includes a Python 3 module, you need to rename the > binary package to python3-minidb. The source package can stay the same. > > The orig.tar.gz you uploaded to Debian mentors is different to the one > that the debian/watch file downloads. You can use diffoscope to see the > differences, but it looks like you used the one from pip? That is > missing example.py but has a new PKG-INFO file. > > It would be nice to fix these issues at some point: > > Upstream is using distutils but debian/control has python3-setuptools. > The package still builds because python3-distutils is installed anyway. > > Please include example.py from the github tar.gz as an example in the > binary package, using dh_installexamples. > > Once minidb is accepted, please file a bug against gpodder asking the > maintainer to depend on minidb instead of using the internal copy. > > I suggest licensing the debian/ directory under the same license as > upstream, so that they can include any patches or other info from > Debian with zero friction. > > Please remove the comment characters, the ASCII minidb logo and the > Copyright line from the ISC license in debian/copyright. > > Please remove the commented-out Vcs-* fields from debian/control unless > you intend to use them, please note that alioth has been replaced by > salsa.debian.org. > > I like to wrap and sort the debian/ directory: > > wrap-and-sort --short-indent --wrap-always --sort-binary-packages > --trailing-comma > > I like to wrap debian/watch to separate fields. > > uscan fails unless I delete the filenamemangle: > > $ uscan --verbose --download-current-version --destdir . > ... > Could not read .//thp/minidb/archive/minidb-2.0.2.tar.gz: No such file or > directory at /usr/bin/mk-origtargz line 397. > uscan: error: mk-origtargz --package minidb --version 2.0.2 --rename > --compression gzip --directory . --copyright-file debian/copyright > .//thp/minidb/archive/minidb-2.0.2.tar.gz subprocess returned exit status > 2 > > Please add some upstream metadata: > > https://wiki.debian.org/UpstreamMetadata > > Please ask upstream to sign their commits and tarballs with OpenPGP: > > https://mikegerwitz.com/papers/git-horror-story > https://wiki.debian.org/Creating%20signed%20GitHub%20releases > > Automatic checks: > > lintian > > I: minidb source: binary-control-field-duplicates-source field "section" > in package minidb > P: minidb source: file-contains-trailing-whitespace debian/changelog > (line 3) > P: minidb source: file-contains-trailing-whitespace debian/control (line > 4) > P: minidb source: package-uses-old-debhelper-compat-version 10 > P: minidb source: insecure-copyright-format-uri > http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ > I: minidb source: testsuite-autopkgtest-missing > P: minidb source: debian-watch-may-check-gpg-signature > P: minidb: no-upstream-changelog > I: minidb: extended-description-is-probably-too-short > > check-all-the-things > > $ env PERL5OPT=-m-lib=. duck > I: debian/copyright:1: URL: http://www.debian.org/doc/pack > aging-manuals/copyright-format/1.0/: INFORMATION (Certainty:possible) > URL schema changed from HTTP to HTTPS during redirect(s): > http://www.debian.org -> https://www.debian.org > Please investigate and update the URL eventually, to avoid unneccesary > redirects! > > I: debian/copyright:48: URL: http://www.gnu.org/licenses/: INFORMATION > (Certainty:possible) > The web page at http://www.gnu.org/licenses/ works, but is also > available via https://www.gnu.org/licenses/, please consider switching to > HTTPS urls. > > I: debian/control: Homepage: http://thp.io/2010/minidb/: INFORMATION > (Certainty:certain) > URL schema changed from HTTP to HTTPS during redirect(s): http://thp.io > -> https://thp.io > Please investigate and update the URL eventually, to avoid unneccesary > redirects! > > # check if these can be switched to https:// > $ grep -nHrF http: . > ./PKG-INFO:5:Home-page: http://thp.io/2010/minidb/ > ./PKG-INFO:9:Download-URL: http://thp.io/2010/minidb/minidb-2.0.2.tar.gz > ./test/test_minidb.py:277: # http://probablyprogramming.com > /2009/03/15/the-tiniest-gif-ever > ./debian/copyright:1:Format: http://www.debian.org/doc/pack > aging-manuals/copyright-format/1.0/ > ./debian/copyright:48: along with this program. If not, see < > http://www.gnu.org/licenses/> > ./debian/control:9:Homepage: http://thp.io/2010/minidb/ > ./debian/control:11:#Vcs-Browser: http://git.debian.org/?p=colla > b-maint/minidb.git;a=summary > ./minidb.py:27:__url__ = 'http://thp.io/2010/minidb/' > > $ find . -type f -iname '*.py' -exec mypy --fast-parser {} + > <lots> > > # This command checks style. While a consistent style > # is a good idea, people who have different style > # preferences will want to ignore some of the output. > # Do not bother adding non-upstreamable patches for this. > $ find . -type f -iname '*.py' -exec pycodestyle --ignore W191 {} + > <lots> > > # This command checks style. While a consistent style > # is a good idea, people who have different style > # preferences will want to ignore some of the output. > # Do not bother adding non-upstreamable patches for this. > $ pydocstyle . > <lots> > > $ find . -type f -iname '*.py' -exec pyflakes3 {} + > <lots> > > $ find . -type f -iname '*.py' -exec pylint3 --rcfile=/dev/null > --msg-template='{path}:{line}:{column}: [{category}:{symbol}] {obj}: > {msg}' --reports=n {} + > <lots> > > $ python3-bandit -r . > <lots> > > $ find . -type d \( -iname .bzr -o -iname .git -o -iname .hg -o -iname > .svn -o -iname CVS -o -iname RCS -o -iname SCCS -o -iname _MTN -o -iname > _darcs -o -iname .pc -o -iname .cabal-sandbox -o -iname .cdv -o -iname > .metadata -o -iname CMakeFiles -o -iname _build -o -iname _sgbak -o -iname > autom4te.cache -o -iname blib -o -iname cover_db -o -iname node_modules -o > -iname '~.dep' -o -iname '~.dot' -o -iname '~.nib' -o -iname '~.plst' \) > -prune -o -type f ! \( -iname '*.bak' -o -iname '*.swp' -o -iname '#.*' -o > -iname '#*#' -o -iname 'core.*' -o -iname '*~' -o -iname '*.gif' -o -iname > '*.jpg' -o -iname '*.jpeg' -o -iname '*.png' -o -iname '*.min.js' -o -iname > '*.js.map' -o -iname '*.js.min' -o -iname '*.min.css' -o -iname '*.css.map' > -o -iname '*.css.min' -o -iname '*.wav' \) -exec env PERL5OPT=-m-lib=. > spellintian --picky {} + > ./README: python -> Python > ./debian/copyright: python -> Python > ./minidb.py: python -> Python > > $ grep -nHriE 'fixme|todo|hack|xxx+|broken' . > ./minidb.py:201: # TODO: What to do with extraneous columns? > > $ vulture . > <lots> > > -- > bye, > pabs > > https://wiki.debian.org/PaulWise >
