Bug#1112402: RFS: python-cvss/3.6-1 -- CVSS2/3/4 library with interactive calculator for Python

Thu, 04 Sep 2025 10:49:41 -0700 

Thanks Jeroen for the feedback, I have updated the package according to
these suggested changes.

The package has been updated to mentors.debian.net [1] and on salsa [2] as well

Changes since the last upload:

 python-cvss (3.6-1) unstable; urgency=medium
 .
   * New upstream release: v3.6
   * d/control: Update description same as upstream
   * d/copyright: Add missing license info for tests/schemas/*
   * d/rules: remove static manpage from debian/ generated using h2m
   * Remove d/tests directory as it is redundant to tests running during
     build time

Thanks

//0xnishit

[1]: https://mentors.debian.net/package/python-cvss/
[2]:
https://salsa.debian.org/python-team/packages/python-cvss/-/commits/debian/master

On 04/09/25 20:58, Jeroen Ploemen wrote:
> Control: tags -1 moreinfo
> 
> On Fri, 29 Aug 2025 17:22:01 +0530
> Nishit Majithia <[email protected]> wrote:
> 
>> I am looking for a sponsor for my package python-cvss:
> 
> hi Nishit,
> 
> took a look at the package, and found a couple things that need
> attention:
> 
> * copyright: missing info for a bunch of files that appear to be 
>   licensed under 3-clause bsd or similar:
>   tests/schemas/cvss-v2.0.json:3:        "Copyright (c) 2017, FIRST.ORG, 
> INC.",
>   tests/schemas/cvss-v3.1.json:3:        "Copyright (c) 2021, FIRST.ORG, 
> INC.",
>   tests/schemas/cvss-v4.0.json:3:        "Copyright (c) 2023, FIRST.ORG, 
> INC.",
>   tests/schemas/cvss-v3.0.json:3:        "Copyright (c) 2017, FIRST.ORG, 
> INC.",
> 
> * control: the long description would benefit from spelling out the
>   meaning of the "CVSS" abbreviation, along the lines of the upstream
>   README file.
> 
> * the manpage is auto-generated with help2man and gets overwritten on
>   every build. Updating the version in the static copy that sits in
>   the debian directory is therefore pointless, as is keeping that
>   file around in the first place.
> 
> * tests: d/control sets 'Testsuite: autopkgtest-pkg-pybuild', but
>   there's also a "manual" definition in d/tests that appears to run
>   the identical set of tests again. If so, the latter is redundant;
>   if not, it should be fixed to not run tests inside the extracted
>   source package (use the $AUTOPKGTEST_TMP directory instead).
> 
> 
> Let me know when you have an updated package ready.

Attachment: OpenPGP_0x05F608E82C53AE39.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature

Reply via email to