severity 1062437 important tags 1062437 +confirmed thanks Thanks for the bugreport! I agree that this is an important thing to fix and we're not following the specification in https://dep-team.pages.debian.net/deps/dep5/ here.
I don't think it violates policy 2.3 though; the meaning of the copyright files doesn't change, and DEP-5 is not part of policy. python-debian's own copyright file is not invalid (which is how I would read policy 2.3). So downgrading this to important. Jelmer On Thu, Feb 01, 2024 at 02:39:06PM +0100, Carmen Bianca BAKKER wrote: > Source: python-debian > Version: 0.1.49 > Severity: serious > Tags: upstream > Justification: Policy 2.3 > > So this is an interesting bug inside of the python-debian source code first > spotted in <https://github.com/fsfe/reuse-tool/issues/900> by Chris Pressey. I > marked it as serious because fixing the bug might potentially break the > debian/copyright of an unknown number of Debian packages. > > Problem description: > > When `Files:` contains a whitespace-separated list of paths, each non-ultimate > path appears to be matched as if there were a glob at the end. > > To reproduce: > > 1. Create a debian/copyright file with a `Files:` paragraph that has one line > for 'foo', and one line for 'bar'. > 2. Use the method Copyright.find_files_paragraph("foo quz") > > Result: > > A match is found on the paragraph. > > Running Copyright.find_files_paragraph("bar quz") here results in no match, > unless you add an extra item to the `Files:` list. > > Expected result: > > No match is found on the paragraph. > > > I have a repository at <https://codeberg.org/carmenbianca/dep5-eager-example> > that serves as example. > > Yours with kindness, > Carmen > > > -- System Information: > Debian Release: 12.4 > APT prefers stable-updates > APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, > 'stable') > Architecture: amd64 (x86_64) > > Kernel: Linux 6.1.0-17-amd64 (SMP w/4 CPU threads; PREEMPT) > Locale: LANG=eo.UTF-8, LC_CTYPE=eo.UTF-8 (charmap=UTF-8), LANGUAGE not set > Shell: /bin/sh linked to /usr/bin/dash > Init: systemd (via /run/systemd/system) > LSM: AppArmor: enabled > > -- > https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-python-debian-maint
