* Niels Thykier ni...@thykier.net, 2013-04-16, 22:06:
API stability not included, so packages should add dependencies on
Lintian accordingly.
Well, adding dependencies would be required even if we guaranteed API
stability. :) Perhaps dependencies misses an adjective such as
strict or tight?
On 2013-04-17 21:14, Jakub Wilk wrote:
* Niels Thykier ni...@thykier.net, 2013-04-16, 22:06:
API stability not included, so packages should add dependencies on
Lintian accordingly.
Well, adding dependencies would be required even if we guaranteed API
stability. :) Perhaps dependencies
* Niels Thykier ni...@thykier.net, 2013-04-17, 21:51:
With that in mind, that would be something like:
lintian (= 2.5.12), lintian ( 2.5.13~)
If I am not mistaken. We should probably stress the need for ~ in
the upper bound to avoid issues in stable backports.
ACK, it's easy to forget
Hi Niels,
Niels Thykier ni...@thykier.net writes:
I thought this was safe, but it does have an issue as well. Consider
symlink chaining:
safe-symlink - unsafe-symlink
unsafe-symlink - ../../../../etc/passwd
$path-link_resolved will approve safe-symlink because it can be
resolved
* Niels Thykier ni...@thykier.net, 2013-04-17, 21:51:
lintian (= 2.5.12), lintian ( 2.5.13~)
2.5.12 could have a tilde too (although it's arguably less important
than for the other version).
--
Jakub Wilk
--
To UNSUBSCRIBE, email to debian-lint-maint-requ...@lists.debian.org
with a
5 matches
Mail list logo
