Your message dated Sat, 01 Oct 2016 04:52:30 +0000 with message-id <e1bqchm-0001m2...@franck.debian.org> and subject line Bug#838184: fixed in devscripts 2.16.8 has caused the Debian Bug report #838184, regarding chdist: compare-bin-packages not always uses the latest versions to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 838184: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838184 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: devscripts Version: 2.16.7 Severity: important Dear Maintainer, using "chdist compare-bin-packages" I was quite surprised to learn not always the newest version of the respective DIST is taken into account. How to repeat: * Create two DISTs, for the sake of this example called "wheezy-plain" and "wheezy-security" # chdist create wheezy-plain # chdist create wheezy-security * Populate the respective sources.list as follows wheezy-plain: | deb http://ftp.de.debian.org/debian wheezy main contrib non-free | deb-src http://ftp.de.debian.org/debian wheezy main contrib non-free wheezy-security: | deb http://ftp.de.debian.org/debian wheezy main contrib non-free | deb-src http://ftp.de.debian.org/debian wheezy main contrib non-free | deb http://security.debian.org wheezy/updates main contrib non-free | deb-src http://security.debian.org wheezy/updates main contrib non-free * Update the DISTs # chdist apt-get wheezy-plain update # chdist apt-get wheezy-security update * Compare them # chdist compare-bin-packages wheezy-plain wheezy-security |& grep tcpreplay Background: The tcpreplay package was updated after the last wheezy point release. Expected output: | tcpreplay 3.4.3-2+wheezy1 3.4.3-2+wheezy2 ^ Actual output: | W: Package tcpreplay is already listed for wheezy-security. Not overriding. | tcpreplay 3.4.3-2+wheezy1 3.4.3-2+wheezy1 ^ Analysis: The additional warning message gives the right hint: If a binary package is seen several times, only the first occurence is taken into account. Even if any later has a higher version. Suggested fix: The patch attached implements the expected behaviour: If the second occurence has a higher version number, that one is used. If the version number is identical, also the warning is suppressed. Additionally, the patch contains a safeguard in case there there is no version number. Feel free to drop that. The compare_src_bin function probably needs a fix, too. I could however not trigger this. Background: I maintain local backports and forks of several packages in Debian. This needs a tool to notify about new versions in Debian that require according work. I moved from an ugly hand-written solution to something based on chdist and found regressions. Justification: Besides this is unexpected behaviour and does not match the output of apt-cache policy on both sides (after some parsing) ... Assuming more people do track Debian in a similar way, they will face the same problem: They might not learn about updates that are necessary on their site, perhaps leading to something between functionality loss, or a security issue not getting fixed. Please also fix this in a stable point release: The patch applies to jessie as well (with an offset). Christoph -- Package-specific info: --- /etc/devscripts.conf --- --- ~/.devscripts --- Not present -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.4.20 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Init: unable to detect Versions of packages devscripts depends on: ii dpkg-dev 1.18.10 ii libc6 2.23-5 ii perl 5.22.2-5 pn python3:any <none> Versions of packages devscripts recommends: ii apt 1.3~rc4 pn at <none> ii curl 7.50.1-1 ii dctrl-tools 2.24-2 pn debian-keyring <none> pn dput | dupload <none> pn equivs <none> ii fakeroot 1.21-2 ii file 1:5.28-4 ii gnupg 1.4.20-6 ii gnupg2 2.1.11-7 ii libdistro-info-perl 0.14 ii libencode-locale-perl 1.05-1 ii liblwp-protocol-https-perl 6.06-2 pn libsoap-lite-perl <none> ii liburi-perl 1.71-1 ii libwww-perl 6.15-1 pn licensecheck <none> ii lintian 2.5.47 ii man-db 2.7.5-1 ii patch 2.7.5-1 ii patchutils 0.3.4-1 ii python3-debian 0.1.29 ii python3-magic 1:5.28-4 ii sensible-utils 0.0.9 ii strace 4.12-3 ii unzip 6.0-20 ii wdiff 1.2.2-1+b1 ii wget 1.18-2+b1 ii xz-utils 5.1.1alpha+20120614-2.1 Versions of packages devscripts suggests: pn bsd-mailx | mailx <none> ii build-essential 12.2 pn cvs-buildpackage <none> pn devscripts-el <none> ii diffoscope 60 pn dose-extra <none> pn gnuplot <none> ii gpgv 1.4.20-6 pn libauthen-sasl-perl <none> ii libfile-desktopentry-perl 0.22-1 ii libnet-smtp-ssl-perl 1.03-1 pn libterm-size-perl <none> ii libtimedate-perl 2.3000-2 pn libyaml-syck-perl <none> ii mozilla-devscripts 0.47 ii mutt 1.7.0-1 ii openssh-client [ssh-client] 1:7.3p1-1 pn reprotest <none> pn svn-buildpackage <none> ii w3m 0.5.3-29 -- no debconf information--- /usr/bin/chdist +++ /tmp/chdist @@ -471,10 +471,17 @@ my $parsed_file = parseFile($file); foreach my $package ( keys(%{$parsed_file}) ) { if ( $packages{$dist}{$package} ) { - warn "W: Package $package is already listed for $dist. Not overriding.\n"; - } else { - $packages{$dist}{$package} = $parsed_file->{$package}; - } + my $version = $packages{$dist}{$package}{'Version'}; + my $alt_ver = $parsed_file->{$package}{'Version'}; + my $delta = $version && $alt_ver && version_compare($version, $alt_ver); + if (defined ($delta) && $delta < 0) { + $packages{$dist}{$package} = $parsed_file->{$package}; + } elsif (!defined ($delta) || $delta < 0) { + warn "W: Package $package is already listed for $dist. Not overriding.\n"; + } + } else { + $packages{$dist}{$package} = $parsed_file->{$package}; + } } } }signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---Source: devscripts Source-Version: 2.16.8 We believe that the bug you reported is fixed in the latest version of devscripts, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 838...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. James McCoy <james...@debian.org> (supplier of updated devscripts package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 30 Sep 2016 22:17:07 -0400 Source: devscripts Binary: devscripts Architecture: source Version: 2.16.8 Distribution: unstable Urgency: medium Maintainer: Devscripts Devel Team <devscripts-devel@lists.alioth.debian.org> Changed-By: James McCoy <james...@debian.org> Description: devscripts - scripts to make the life of a Debian Package maintainer easier Closes: 786755 836725 838184 838185 Changes: devscripts (2.16.8) unstable; urgency=medium . [ Paul Wise ] * Add some more Debian development & QA tools to Suggests: adequate autopkgtest bls-standalone check-all-the-things duck how-can-i-help piuparts ratt . [ Antonio Terceiro ] * New script: debrepro, a simple reproducibility tester specific for Debian packages. (Closes: #786755) . [ James McCoy ] * deb-reversion: Update md5sum of changelog if it's changed. (Closes: #836725) * Change Getopt::Long configuration to disable gnu_compat so an '=' isn't required for optional arguments (e.g. "dch --news="). * chdist: + Silence warnings about uninitialized values. Thanks to Christoph Biedl for the patch. (Closes: #838185) + For compare-bin-packages, use the newest version of a package if multiple versions exist. Thanks to Christoph Biedl for the patch. (Closes: #838184) Checksums-Sha1: 45d94ef88e2f657c01fc57462aa089c4120c44e5 2356 devscripts_2.16.8.dsc 72d2ac50df60784d3e061604294c7ccf9eb66943 677664 devscripts_2.16.8.tar.xz Checksums-Sha256: 8329e760aaa8e53c4d6730fb7190d3a17ecc6e07a156b8d10189d0a38b70ab93 2356 devscripts_2.16.8.dsc 014a6915b32feb3c5d88978360a1511bf815c6bcc940869e21dd459bf1b6c177 677664 devscripts_2.16.8.tar.xz Files: 07ac1f7e36421c4474c572bf04a8c353 2356 devel optional devscripts_2.16.8.dsc 0c2b08416a2c24ea5f2523bf180f0337 677664 devel optional devscripts_2.16.8.tar.xz -----BEGIN PGP SIGNATURE----- iQJ8BAEBCgBmBQJX7x5IXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ5MUJGQkY0RDY5NTZCRDVERjdCNzJEMjNE RkU2OTFBRTMzMUJBM0RCAAoJEN/mka4zG6Pb2YEP+wTWDm6JDZkgg9xIQ6+sVK7R U2WMQ88fe3ZGxIwaO9vxSnZVn7Zp8DpJWKOyDpJuioNnSb4IM9+RGZ9a3FaxDNKd v62suQoC9nFJeOyx+hv1jpyuz46rSDJAO/GPmmLYWhg11ssPnpIPXLxgEwq2Bs66 dYEyQNAyNCzuNQYQi+hVDpKS+5u4LH5HbKOLgCvOxr/NJBU0cS3skiyXEihWHbt5 QBpZw8Edb0PLp/EMdtIgZ/RGXsF7FuMQ1WUEjr1c14awu3+L0JSJtNEqV4uITORe NLg9DLVfkU3fgYCX9S4P0ygLJe+u0KdcvU0+0go7jdPXMVFkk898U1CBl6B/fWgC 0N11bDrfWfrkW/E8jBy9ZPjnpcYm24pa+WVAdfQUep5N7uX8G4TuOhY3XVf2HSCr KVP6UTgOnQKVHbonDZyNfLMzUsqxD1vVVwRy0cENllbWA51kPYMgeWnqcvC3vr0R dAR1qsDhe6T0SNZcg0l8XjHMDfCZuO8Tal5i5z5937ZxHiAqK4psaNTUndT7o9Ho IYTyI6zQhtoSBqs4V/vNb+nkwRfSgVrCZ3jQvpmrm3Dzh+/0WdX+SM2CpOLh4tFY 78Hx4fjfEGqRZWTVJ4HKvVhg1k/WnLqL/bnJz//v+jq3/OMgkE4aOaa6+EYT6D5z LaqF/ZwmjD2WxtucKfDs =nPiA -----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________ devscripts-devel mailing list devscripts-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/devscripts-devel