Hello Pollo, Thank you for starting this task!
I agree with all the removals suggested. By the way Debusine does display experimental ones: https://debusine.debian.net/debian/developers/work-request/303038/ The update-debian-copyright is not always a bad tag, it reminds me to bump all the copyright years with the last upstream release. The very long line length is a painful tag that should go away IMO. prefer-uscan-symlink should really go away as it goes against the goal of https://orig-check.debian.net/ And the source code of the tag does only support the watch file before version 5. debian-watch-does-not-check-openpgp-signature could have been a nice one, but the origin check project is more the right one to do such suggestions. I often found that applying the suggestion is not possible because upstreams either not sign their git tags. Or have random maintainers making releases, as no rule is established it is unclear of what to set as the upstream signing key. -- William Desportes ---- Le Sun, 04 Jan 2026 06:03:46 +0100 [email protected] a écrit ---- > Hello! > > In an act of productive procrastination, I spent a few hours yesterday looking > at the tags in Lintian that are currently marked as "Experimental: yes". > > As far as I understand, very few people run Lintian at the experimental level, > which means these tags are still ran, but not really shown to users (and thus > waste CPU cycles). > > I'm emailing the Lintian and QA lists in order to get some feedback before > creating a big MR with tens of commits removing the tags I feel should be > removed. If you think the reasoning below is flawed, please reply to this > message and let me know! > > === Tags I'm planning to remove === > > * update-debian-copyright > - last updated: 2022-12 > - 22,597 entries in UDD > - This tag was highly controversial when it was implemented and I don't see > its usefulness. > > * spelling-error-in-binary > - last updated: 2019-03 > - 336,571 entries in UDD > - As many pointed out, this tag frequently has false positives and even when > the issue is valid, it's often hard to fix them upstream. > > * systemd-service-file-missing-hardening-features > - last updated: 2018-12 > - 6,458 entries in UDD > - This check only looks if the systemd service file includes at least 1 > feature in a long list of "hardening" features. IMO, this is an overly > simplistic solution to a very hard problem. > > * binary-file-built-without-LFS-support > - last updated: 2019-09 > - 25,628 entries in UDD > - To comply with this tag, the description mentions "[upstream] code review > might be needed". Considering the number of packages flagged and the > difficulty of the task, I feel this is outside of the scope of what a lintian > tag should recommend. > > * exit-in-shared-library > - last updated: 2021-11 > - 33,020 entries in UDD > - The tag's description acknowledges that "In most cases, removing the call > should be discussed with upstream, particularly as it may produce an ABI > change". I feel this is outside of the scope of what a lintian tag should > recommend. > > * mentions-deprecated-usr-lib-perl5-directory > - last updated: 2018-08 > - The logic behind this tag seems dubious. The 9 entries in UDD all seem like > false-positives. > > * prefer-uscan-symlink > - last updated: 2021-11 > - 14,294 entries in UDD > - This tag asks individual users to change their ~/.devscripts configuration > file instead of using the filenamemangle option in debian/watch. I don't > understand how an individual change can be the solution to a collective > problem? > > * debian-watch-does-not-check-openpgp-signature > - last updated: 2018-12 > - 35,725 entries in UDD > - This tag was changed to Experimental because it was not really actionable > (#916207). I feel this is outside of the scope of what a lintian tag should > recommend. > > * duplicate-files > - last updated: 2019-10 > - 117,663 entries in UDD > - This tag has been Experimental since 2011 and asks maintainers to do very > complex work (hunting and replacing "duplicate" files by symlinks) for very > little results. I feel this is outside of the scope of what a lintian tag > should recommend. > > * dependency-on-python-version-marked-for-end-of-life > - 1 entry in UDD > - Python 2 has been removed from the archive a while ago and isn't coming > back. I have opened #1124516 to flag this issue for the only package that > raises this check. > > * application-in-library-section > - 9,847 entries in UDD > - The logic behind this check is flawed, as proven by the large number of > false-positives from the Python and Ruby sections. For certain languages, the > difference between "applications" and "libraries" is often arbitrary. > > * library-package-name-for-application > - 7,769 entries in UDD > - The logic behind this check is flawed, as proven by the large number of > false-positives from the Python and Ruby sections. For certain languages, the > difference between "applications" and "libraries" is often arbitrary. > > * bin-sbin-mismatch > - last updated: 2020-08 > - 3,062 entries in UDD > - This tag checks to see if /usr/bin/foo is mentioned in a script which is > installed in /usr/sbin/foo. This logic seems somewhat dubious. It is also > apparently prone to false positives on ELF files. > > * maybe-not-arch-all-binnmuable > - last updated: pre-2020 > - 1,215 entries in UDD > - This tag looks like it was a real "experiment" to verify something in the > archive. From discussing it on IRC, I think the experiment is now over. > > === Tags I think should be removed, but could probably stay Experimental? === > > * bad-intended-distribution > - last updated: 2014-11 > - 15 entries in UDD > - I don't really understand this tag? It seems to me like the > unreleased-changelog-distribution tag already takes care these kind of issues. > The entries in UDD mostly look like false-positives. > > * executable-in-usr-lib > - last updated: 2022-01 > - 159,250 entries in UDD > - The logic behind this tag is valid. Considering the very large number of > entries in UDD, I don't think this will be fixed. What is the point of having > a tag if we're not willing to show it for fear of "wasting people's time"? > > * elf-warning > - last updated: 2021-11 > - 54,241 entries in UDD > - This tag uses the same valid logic as the elf-error tag, but for the WARNING > debug level. Considering the very large number of entries in UDD, I don't > think this will be fixed. What is the point of having a tag if we're not > willing to show it for fear of "wasting people's time"? > > * portable-executable-missing-security-features > - last updated: 2019-02 > - 499 entries in UDD > - This tag's description is horrendously confusing and includes a whole > section marked as "The following advice is historical. PLEASE DO NOT FOLLOW > IT." Not really sure if this is still relevant. > > * non-consecutive-debian-revision > - last updated: 2021-01 > - 45 entries in UDD > - The logic in this tag is interesting, but it also applies to packages that > have already been released in the Debian archive (and as such, can't be > changed). > > === Tags I think should be kept as Experimental === > > * unicode-trojan > - last updated: 2021-11 > - 86 entries in UDD > - This tag is pretty old, and seems prone to false-positives. The logic behind > it is interesting though. > > * very-long-line-length-in-source-file > - 292,241 entries in UDD > - Infamously prone to false-positives. Most of the time it's not actionable. A > recent attempt to remove this tag failed, as it was not consensual: > https://salsa.debian.org/lintian/lintian/-/merge_requests/505[https://salsa.debian.org/lintian/lintian/-/merge_requests/505] > > * source-is-missing > - last updated: 2020-06 > - 99,660 entries in UDD > - Uses the problematic very-long-line-length-in-source-file tag as a trigger. > > * file-in-etc-modprobe.d > - last updated: 2025-06 > - 194 entries in UDD > - This is a very recent tag and there is a chance work might be done to > improve it. > > * package-contains-no-arch-dependent-files > - last updated: 2018-12 > - 30,807 entries in UDD > - The logic behind this tag looks valid. Changes have been proposed (#1036746) > to make it less prone to false-positives. > > * hardening-no-fortify-functions > - last updated: 2025-10 > - 90,154 entries in UDD > - This tag was updated recentl and there is a chance work might be done to > improve it. > > === Tags I think should be kept but not be Experimental === > > * upstream-metadata-file-is-missing > - 17,339 entries in UDD > - Although it is raised for a large number of packages, this tag is pedantic, > looks like a valid check and has a simple fix. > > * bogus-python-prerequisite > - 19 entries in UDD > - This tag was marked as Experimental for technicalities that have now been > resolved. > > * empty-udeb-package > - 0 entries in UDD > - This tag uses the same code as the non-Experimental empty-binary-package > tag, but for udeb packages. > > * embedded-pear-module > - 13 entries in UDD > - This looks like a valid check. > > * maintainer-script-supports-ancient-package-version > - 158 entries in UDD > - This looks like a valid check. > > * maintainer-script-calls-service > - 57 entries in UDD > - This looks like a valid check. > > * maintainer-script-switches-dir-to-symlink-unsafely > - 44 entries in UDD > - This looks like a valid check. > > * perl-module-name-not-mentioned-in-description > - 164 entries in UDD. > - This looks like a valid check, but should be downgraded to pedantic. > > * debian-rules-uses-as-needed-linker-flag > - 663 entries in UDD > - This tag should have been changed to "Experimental: no" after the Bullseye > release. Its description needs to be updated. > > * deprecated-configure-filename > - 356 entries in UDD > - This looks like a valid check, but its description needs to be updated to > specify the deprecation of "configure.in" was made in automake 1.14. > > * development-package-ships-elf-binary-in-path > - 212 entries in UDD > - This looks like a valid check. > > * libmodule-build-tiny-perl-needs-to-be-in-build-depends > - 3 entries in UDD > - This looks like a valid check. > > * libmodule-build-perl-needs-to-be-in-build-depends > - 20 entries in UDD > - This looks like a valid check. > > === Tags that are explicitly "Experimental: no" (which is the default) === > > * systemd-service-file-shutdown-problems > * binaries-have-file-conflict > > -- > ⢀⣴⠾⠻⢶⣦⠀ > ⣾⠁⢠⠒⠀⣿⡁ Louis-Philippe Véronneau > ⢿⡄⠘⠷⠚⠋ [email protected][mailto:[email protected]] / veronneau.org > ⠈⠳⣄
