I reviewed zope.component 4.3.0-1 as checked into eoan. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
Zope is a free and open source web application server written in the
object-oriented programming language “Python”.
zope.component is a framework that provides facilities for defining,
registering and looking up components.
The project didn't receive a commit for the past 8 months but it is still
maintained and the code is mature.
- No CVE History:
- Build-Depends
- dh-python
- python-all
- python-persistent
- python-setuptools
- python-zope.configuration
- python-zope.event
- python-zope.interface
- python-zope.proxy
- python-zope.security
- python3-all
- python3-persistent
- python3-setuptools
- python3-zope.configuration
- python3-zope.event
- python3-zope.interface
- python3-zope.proxy
- python3-zope.security
- prerm and postinst added automatically
- No init scripts
- No systemd units
- No dbus services
- No setuid binaries
- No binaries in PATH
- No sudo fragments
- No udev rules
- unit tests on src/zope/component/tests/
- There are lots of tests, some of them also check coverage.
- No cron jobs
- Build logs:
dpkg-scanpackages: warning: Packages in archive but missing from override file:
dpkg-scanpackages: warning: sbuild-build-depends-core-dummy
dpkg-scanpackages: warning: Packages in archive but missing from override file:
dpkg-scanpackages: warning: sbuild-build-depends-core-dummy
sbuild-build-depends-zope.component-dummy
dpkg-source: warning: extracting unsigned source package
(zope.component_4.3.0-1.dsc)
warning: no previously-included files matching '*.dll' found anywhere in
distribution
warning: no previously-included files matching '*.pyc' found anywhere in
distribution
warning: no previously-included files matching '*.pyo' found anywhere in
distribution
warning: no previously-included files matching '*.so' found anywhere in
distribution
warning: no previously-included files matching 'coverage.xml' found anywhere in
distribution
warning: no previously-included files matching '*.dll' found anywhere in
distribution
warning: no previously-included files matching '*.pyc' found anywhere in
distribution
warning: no previously-included files matching '*.pyo' found anywhere in
distribution
warning: no previously-included files matching '*.so' found anywhere in
distribution
warning: no previously-included files matching 'coverage.xml' found anywhere in
distribution
warning: no previously-included files matching '*.dll' found anywhere in
distribution
warning: no previously-included files matching '*.pyc' found anywhere in
distribution
warning: no previously-included files matching '*.pyo' found anywhere in
distribution
warning: no previously-included files matching '*.so' found anywhere in
distribution
warning: no previously-included files matching 'coverage.xml' found anywhere in
distribution
warning: no previously-included files matching '*.dll' found anywhere in
distribution
warning: no previously-included files matching '*.pyo' found anywhere in
distribution
warning: no previously-included files matching '*.so' found anywhere in
distribution
warning: no previously-included files matching 'coverage.xml' found anywhere in
distribution
warning: no previously-included files matching '*.dll' found anywhere in
distribution
warning: no previously-included files matching '*.pyo' found anywhere in
distribution
warning: no previously-included files matching '*.so' found anywhere in
distribution
warning: no previously-included files matching 'coverage.xml' found anywhere in
distribution
warning: no previously-included files matching '*.dll' found anywhere in
distribution
warning: no previously-included files matching '*.pyo' found anywhere in
distribution
warning: no previously-included files matching '*.so' found anywhere in
distribution
warning: no previously-included files matching 'coverage.xml' found anywhere in
distribution
dpkg-gencontrol: warning: package python-zope.component: substitution variable
${python:Provides} unused, but is defined
dpkg-gencontrol: warning: package python-zope.component: substitution variable
${python:Versions} unused, but is defined
dpkg-scanpackages: warning: Packages in archive but missing from override file:
dpkg-scanpackages: warning: sbuild-build-depends-core-dummy
sbuild-build-depends-lintian-dummy sbuild-build-depends-zope.component-dummy
- No processes spawned (only in tests)
- No memory management
- No file IO
- No logging
- No environment variable usage
- No use of privileged functions
- No Use of cryptography
- No use of temp files
- No use of networking
- No use of WebKit
- No use of PolicyKit
- No Coverity issues
Security team ACK for promoting zope.component to main.
** Changed in: zope.component (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1820233
Title:
[MIR] zope.component as dependency of mailman3
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/zope.component/+bug/1820233/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
