Package: lintian Version: 2.5.30+deb8u3 Severity: wishlist Tags: patch Through a discussion on IRC, it came up that many of the Python Team maintained packages use http(s)://pypi.python.org/packages/source/... URLs, which aren't currently working. Turns out that's not a URL that should be relied upon and http(s)://pypi.python.org/simple/... should be used instead.
The attached patch adds a new check for this, referring to the upstream documentation for this "simple HTML" API[0]. [0]: https://wiki.python.org/moin/PyPISimple Cheers, James -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages lintian depends on: ii binutils 2.25-4 ii bzip2 1.0.6-7+b2 ii diffstat 1.58-1 ii file 1:5.22+15-1 ii gettext 0.19.3-2 ii hardening-includes 2.7 ii intltool-debian 0.35.0+20060710.1 ii libapt-pkg-perl 0.1.29+b2 ii libarchive-zip-perl 1.39-1 ii libclass-accessor-perl 0.34-1 ii libclone-perl 0.37-1+b1 ii libdpkg-perl 1.17.23 ii libemail-valid-perl 1.195-1 ii libfile-basedir-perl 0.03-1 ii libipc-run-perl 0.92-1 ii liblist-moreutils-perl 0.33-2+b1 ii libparse-debianchangelog-perl 1.2.0-1.1 ii libtext-levenshtein-perl 0.11-1 ii libtimedate-perl 2.3000-2 ii liburi-perl 1.64-1 ii man-db 2.7.0.2-5 ii patchutils 0.3.3-1 ii perl [libdigest-sha-perl] 5.20.1-4 ii t1utils 1.38-3+b1 Versions of packages lintian recommends: ii libautodie-perl 2.25-1 ii libperlio-gzip-perl 0.18-3+b1 ii perl 5.20.1-4 ii perl-modules [libautodie-perl] 5.20.1-4 Versions of packages lintian suggests: pn binutils-multiarch <none> ii dpkg-dev 1.17.23 ii libhtml-parser-perl 3.71-1+b3 ii libtext-template-perl 1.46-1 ii libyaml-perl 1.13-1 ii xz-utils 5.1.1alpha+20120614-2+b3 -- no debconf information
>From ca5a5ebed9650db558e60141bee02c41be1c5110 Mon Sep 17 00:00:00 2001 From: James McCoy <james...@debian.org> Date: Sun, 25 Jan 2015 21:47:22 -0500 Subject: [PATCH] checks/watch-file: Add check for unsupported PyPI URL Signed-off-by: James McCoy <james...@debian.org> --- checks/watch-file.desc | 12 ++++++++++++ checks/watch-file.pm | 4 ++++ t/tests/watch-file-general/debian/debian/watch | 4 +++- t/tests/watch-file-general/desc | 1 + t/tests/watch-file-general/tags | 2 ++ 5 files changed, 22 insertions(+), 1 deletion(-) diff --git a/checks/watch-file.desc b/checks/watch-file.desc index 89b2ff2..fb8e98b 100644 --- a/checks/watch-file.desc +++ b/checks/watch-file.desc @@ -174,3 +174,15 @@ Certainty: certain Info: The watch file contains a standard template included by dh_make. Please remove them once you have implemented the watch file. +Tag: debian-watch-file-unsupported-pypi-url +Severity: important +Certainty: certain +Ref: https://wiki.python.org/moin/PyPISimple +Info: The watch file specifies a PyPI URL which is not a supported API. + Instead, use PyPI's Simple API: + . + https://pypi.python.org/simple/<distribution-name>/ + . + replacing <tt><distribution-name></tt> with the canonical name of the + Python project. + diff --git a/checks/watch-file.pm b/checks/watch-file.pm index cd0f8de..35522b8 100644 --- a/checks/watch-file.pm +++ b/checks/watch-file.pm @@ -132,6 +132,10 @@ sub run { tag 'debian-watch-file-should-use-sf-redirector', "line $."; } + if (m%https?://pypi\.python\.org/packages/source/%) { + tag 'debian-watch-file-unsupported-pypi-url', "line $."; + } + # This bit is as-is from uscan.pl: my ($base, $filepattern, $lastversion, $action) = split ' ', $_, 4; # Per #765995, $base might be undefined. diff --git a/t/tests/watch-file-general/debian/debian/watch b/t/tests/watch-file-general/debian/debian/watch index 260fa39..aa45280 100644 --- a/t/tests/watch-file-general/debian/debian/watch +++ b/t/tests/watch-file-general/debian/debian/watch @@ -20,5 +20,7 @@ version=42 # Specifies the same version number as the package. http://example.com/ foo([\d.]+)\.tar\.gz 2.0.ds1-1 uupdate +# Unsupported PyPi URL +https://pypi.python.org/packages/source/p/pip/ pip-(.*)\.tar\.gz -# without any pgpsigurlmangle \ No newline at end of file +# without any pgpsigurlmangle diff --git a/t/tests/watch-file-general/desc b/t/tests/watch-file-general/desc index bcb8112..f86823e 100644 --- a/t/tests/watch-file-general/desc +++ b/t/tests/watch-file-general/desc @@ -13,5 +13,6 @@ Test-For: debian-watch-file-should-use-sf-redirector debian-watch-file-specifies-wrong-upstream-version debian-watch-file-unknown-version + debian-watch-file-unsupported-pypi-url debian-watch-file-uses-deprecated-sf-redirector-method References: Debian Bug#510398 diff --git a/t/tests/watch-file-general/tags b/t/tests/watch-file-general/tags index de38a58..f37f4f5 100644 --- a/t/tests/watch-file-general/tags +++ b/t/tests/watch-file-general/tags @@ -1,3 +1,4 @@ +E: watch-file-general source: debian-watch-file-unsupported-pypi-url line 24 I: watch-file-general source: debian-watch-file-should-dversionmangle-not-uversionmangle line 5 P: watch-file-general source: debian-watch-may-check-gpg-signature W: watch-file-general source: debian-watch-file-declares-multiple-versions line 18 @@ -5,6 +6,7 @@ W: watch-file-general source: debian-watch-file-declares-multiple-versions line W: watch-file-general source: debian-watch-file-should-mangle-version line 12 W: watch-file-general source: debian-watch-file-should-mangle-version line 14 W: watch-file-general source: debian-watch-file-should-mangle-version line 15 +W: watch-file-general source: debian-watch-file-should-mangle-version line 24 W: watch-file-general source: debian-watch-file-should-use-sf-redirector line 12 W: watch-file-general source: debian-watch-file-should-use-sf-redirector line 14 W: watch-file-general source: debian-watch-file-should-use-sf-redirector line 15 -- 2.1.4
