Source: python-debian Version: 0.1.49 Severity: serious Tags: upstream Justification: Policy 2.3
So this is an interesting bug inside of the python-debian source code first spotted in <https://github.com/fsfe/reuse-tool/issues/900> by Chris Pressey. I marked it as serious because fixing the bug might potentially break the debian/copyright of an unknown number of Debian packages. Problem description: When `Files:` contains a whitespace-separated list of paths, each non-ultimate path appears to be matched as if there were a glob at the end. To reproduce: 1. Create a debian/copyright file with a `Files:` paragraph that has one line for 'foo', and one line for 'bar'. 2. Use the method Copyright.find_files_paragraph("foo quz") Result: A match is found on the paragraph. Running Copyright.find_files_paragraph("bar quz") here results in no match, unless you add an extra item to the `Files:` list. Expected result: No match is found on the paragraph. I have a repository at <https://codeberg.org/carmenbianca/dep5-eager-example> that serves as example. Yours with kindness, Carmen -- System Information: Debian Release: 12.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-17-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=eo.UTF-8, LC_CTYPE=eo.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled