review for pipenv/2022.10.12-1

[Jeroen Ploemen]

hi Ileana,

I took a look at the package update you prepared and put up for
sponsorship in the Python team:

* leftover boilerplate comments and examples remain throughout the
  packaging (control, rules, watch), please remove when unused.
* changelog: isn't #941447 also fixed by the new release? See
  upstream's comment on https://github.com/pypa/pipenv/issues/4144
* copyright:
  + packaging year bumped for vent...@debian.org but his last
involvement actually does appear to have been in 2018; you
probably want to add yourself instead with a 2022 entry?
  + `grep -irn --exclude-dir=debian 'copyr.*\(19\|20\)[0-9]\{2\}' *`
turns up numerous copyright holders that are missing from
d/copyright.
* watch: filenamemangle introduces literal "" string into
  the filename.
* lintian:
  + numerous hits for 'extra-license-file' and
'package-contains-documentation-outside-usr-share-doc', triggered
by license and readme files inside vendored libs; these files
could easily be removed during build.
  + E: pipenv: python-traceback-in-manpage is a false positive,
please override.


PS: I'm kind of surprised a package with this amount of vendoring
managed to survive the ftp masters' review. Apparently, sometimes
miracles do happen.


pgpiIaS9dS9qj.pgp
Description: OpenPGP digital signature

Bug#1022243: ITP: thefuzz -- Fuzzy string matching in Python (was fuzzywuzzy)

[Edward Betts]

Package: wnpp
Severity: wishlist
Owner: Edward Betts 
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-python@lists.debian.org

* Package name: thefuzz
  Version : 0.19.0
  Upstream Author : Adam Cohen 
* URL : https://github.com/seatgeek/thefuzz
* License : GPL-2
  Programming Lang: Python
  Description : Fuzzy string matching in Python

  Various methods for fuzzy matching of strings in Python, including:
  .
- String similarity: Gives a measure of string similarity between 0 and 100.
- Partial string similarity: Inconsistent substrings are a common problem
  when string matching. To get around it, use a "best partial" heuristic
  when two strings are of noticeably different lengths.
- Token sort: This approach involves tokenizing the string in question,
  sorting the tokens alphabetically, and then joining them back into a
  string.
- Token set: A slightly more flexible approach. Tokenize both strings, but
  instead of immediately sorting and comparing, split the tokens into two
  groups: intersection and remainder.

I plan to maintain this package as part of the Python team.

This Python library was previously known as fuzzywuzzy before being renamed to
thefuzz.

There are five packages in Debian that depend on fuzzywuzzy:

  gnome-pass-search-provider
  python3-fluids
  wajig
  sublime-music
  python3-fluids

Once these packages have switched to using thefuzz I will write to FTP master
and ask for fuzzywuzzy to be deleted from the archive.

Re: Review of Debian package lazy-loader

[Bo YU]

Hi,
On Fri, Oct 21, 2022 at 11:58:38PM -0400, Louis-Philippe Véronneau wrote:

Hello,

This is my review of the lazy-loader package you asked the Debian 
Python Team to sponsor in the Debian archive.


1. In d/control, I'm not sure to understand why the binary package is 
marked as "Multi-Arch: foreign", as this package isn't arch dependent?


The binary package is arch dependent as it was marked as "Architecture: all"
I think. There is more knowledge for me to here:
https://wiki.debian.org/MultiArch/Hints#set_Multi-Arch:_foreign

Fixed it.






[...]
You should instead run the upstream test suite as autopkgtests: they 
are much more meaningful.


Have a look at this example:

https://salsa.debian.org/python-team/packages/metalfinder/-/tree/debian/master/debian/tests



Ok, The package now is updated according to the all above review comments.

6. In d/changelog, you marked your entry as "unstable", whereas it 
should be UNRELEASED. Please re-read the DPT's policy with regards to 
this.


Ok, this is different entry with previous package that has been
sponsored by others DD. But I think 'UNRELEASED' entry is right:)


7. Although I have not listed them here, pretty much all of the 
lintian tags raised are relevant errors that you should fix.


Yeah, I run lintian the package this time and it got nothing from my
chroot build. The only error from mentor is:
```
Package uploaded for the UNRELEASED distribution

I think it should be ok this time.



--

You're 90% there!

I've removed your package from the sponsor queue for now, but feel 
free to re-add it when you feel like you've dealt with my review. I'll 
be happy to sponsor it then.


Thanks you very much! I have updated it from your valueable review.
Please let me know if there is any issues.

--
Regards,
--
  Bo YU



signature.asc
Description: PGP signature