Bug#863384: lintian: check license-problem-gfdl-invariants is incorrect
tags 863384 + pending thanks Fixed in Git: https://anonscm.debian.org/git/lintian/lintian.git/commit/?id=41bb73396b9a203598295c8c290ff0b322119f0a Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-
Processed: Re: lintian: check license-problem-gfdl-invariants is incorrect
Processing commands for cont...@bugs.debian.org: > tags 863384 + pending Bug #863384 [lintian] lintian: check license-problem-gfdl-invariants is incorrect Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 863384: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863384 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
[lintian] 01/01: checks/cruft.pm: Ignore TeX \section (etc.) titles when checking for GFDL license. Thanks, Norbert Preining for the report. (Closes: #863384)
This is an automated email from the git hooks/post-receive script.
lamby pushed a commit to branch master
in repository lintian.
commit 41bb73396b9a203598295c8c290ff0b322119f0a
Author: Chris Lamb
Date: Fri Jan 12 11:03:12 2018 +0530
checks/cruft.pm: Ignore TeX \section (etc.) titles when checking for GFDL
license. Thanks, Norbert Preining for the report. (Closes: #863384)
---
checks/cruft.pm | 2 ++
debian/changelog | 3 +++
t/tests/cruft-gfdl-invariants/debian/src/dvipdfmx.tex | 6 ++
3 files changed, 11 insertions(+)
diff --git a/checks/cruft.pm b/checks/cruft.pm
index f1790a3..cad619d 100644
--- a/checks/cruft.pm
+++ b/checks/cruft.pm
@@ -1406,6 +1406,8 @@ sub _clean_block {
# Texinfo end tag (could be more clever but brute force is fast)
$text =~ s/}/ /gxms;
+# Tex section titles
+$text =~ s/^\s*\\(sub)*section\*?\{\s*\S+/ /gxms;
# single char at end
# String, C-style comment/javadoc indent,
# quotes for strings, pipe and backslash, tilde in some txt
diff --git a/debian/changelog b/debian/changelog
index 9ac4a5e..80a29cf 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,9 @@ lintian (2.5.69) UNRELEASED; urgency=medium
XXX: generate tag summary
+ * checks/cruft.pm:
++ [CL] Ignore TeX \section (etc.) titles when checking for GFDL
+ license. Thanks, Norbert Preining for the report. (Closes: #863384)
* checks/python.{pm,desc}:
+ [CL] Don't emit new-package-should-not-package-python2-module if
the maintainer justifies its inclusion in the changelog entry.
diff --git a/t/tests/cruft-gfdl-invariants/debian/src/dvipdfmx.tex
b/t/tests/cruft-gfdl-invariants/debian/src/dvipdfmx.tex
new file mode 100644
index 000..a0a6634
--- /dev/null
+++ b/t/tests/cruft-gfdl-invariants/debian/src/dvipdfmx.tex
@@ -0,0 +1,6 @@
+\section*{GNU Free Documentation License}\label{SEC:FDL}
+\subsection*{GNU Free Documentation License}\label{SEC:FDL}
+ \subsubsection{GNU Free Documentation License}\label{SEC:FDL}
+
+This document is distributed under the term of the GNU Free Documentation
+License. See, the attached file for copying conditions.
--
Alioth's /usr/local/bin/git-commit-notice on
/srv/git.debian.org/git/lintian/lintian.git
[lintian] branch master updated (57867b1 -> 41bb733)
This is an automated email from the git hooks/post-receive script. lamby pushed a change to branch master in repository lintian. from 57867b1 data/fields/name_section_mappings: Ensure that NSS (Name Services Switch) modules are placed in the "admin" section. Thanks to Mathieu Parent (sathieu) for the patch. (Closes: #886961) new 41bb733 checks/cruft.pm: Ignore TeX \section (etc.) titles when checking for GFDL license. Thanks, Norbert Preining for the report. (Closes: #863384) The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference. Summary of changes: checks/cruft.pm | 2 ++ debian/changelog | 3 +++ t/tests/cruft-gfdl-invariants/debian/src/dvipdfmx.tex | 6 ++ 3 files changed, 11 insertions(+) create mode 100644 t/tests/cruft-gfdl-invariants/debian/src/dvipdfmx.tex -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Processed: Re: lintian: version-substvar-for-external-package raised for dbgsym packages from same source
Processing commands for cont...@bugs.debian.org: > tags 859659 + wontfix Bug #859659 [lintian] lintian: version-substvar-for-external-package raised for dbgsym packages from same source Added tag(s) wontfix. > thanks Stopping processing here. Please contact me if you need assistance. -- 859659: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859659 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#859659: marked as done (lintian: version-substvar-for-external-package raised for dbgsym packages from same source)
Your message dated Fri, 12 Jan 2018 10:38:11 +0530
with message-id
<1515733691.1515904.1232771064.4eef0...@webmail.messagingengine.com>
and subject line Re: lintian: version-substvar-for-external-package raised for
dbgsym packages from same source
has caused the Debian Bug report #859659,
regarding lintian: version-substvar-for-external-package raised for dbgsym
packages from same source
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
859659: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859659
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: lintian
Version: 2.5.50.1
Severity: normal
Dear Maintainer,
TL;DR: Lintian reports the version-substvar-for-external-package error when the
"external package" in question is actually a dbgsym package generated by the
same source package.
I maintain a source package, dpdk [1], which builds a great many libraries.
Consequently, in stretch, a lot of dbgsym packages are generated.
As a shortcut, a colleague wanted to add an empty metapackage, libdpdk-dbgsym,
which depends on all the generated -dbgsym packages. Unfortunately Lintian
raises the (unoverridable) error mentioned above due to a line similar to this:
Package: libfoo
...
Package: libbar
...
Package: foobar-dbg-meta
Depends: libfoo-dbgsym (= ${binary:Version}), libbar-dbgsym (=
${binary:Version})
Given all the dbgsym packages have predictable names, and are created from
packages listed in debian/control (ie: libfoo will be in d/control), could
Lintian perhaps recognize this and avoid raising this error?
Thank you!
Kind regards,
Luca Boccassi
[1] https://tracker.debian.org/pkg/dpdk
-- System Information:
Debian Release: 9.0
APT prefers testing-proposed-updates
APT policy: (500, 'testing-proposed-updates'), (500,
'testing-debug'), (500, 'testing'), (103, 'unstable'), (102,
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages lintian depends on:
ii binutils 2.28-2
ii bzip2 1.0.6-8.1
ii diffstat 1.61-1+b1
ii file 1:5.29-3
ii gettext 0.19.8.1-2
ii intltool-debian 0.35.0+20060710.4
ii libapt-pkg-perl 0.1.32
ii libarchive-zip-perl 1.59-1
ii libclass-accessor-perl0.34-1
ii libclone-perl 0.38-2+b1
ii libdpkg-perl 1.18.23
ii libemail-valid-perl 1.202-1
ii libfile-basedir-perl 0.07-1
ii libipc-run-perl 0.94-1
ii liblist-moreutils-perl0.416-1+b1
ii libparse-debianchangelog-perl 1.2.0-12
ii libperl5.24 [libdigest-sha-perl] 5.24.1-2
ii libtext-levenshtein-perl 0.13-1
ii libtimedate-perl 2.3000-2
ii liburi-perl 1.71-1
ii libyaml-libyaml-perl 0.63-2
ii man-db2.7.6.1-2
ii patchutils0.3.4-2
ii perl 5.24.1-2
ii t1utils 1.39-2
ii xz-utils 5.2.2-1.2+b1
Versions of packages lintian recommends:
ii dpkg 1.18.23
ii libperlio-gzip-perl 0.19-1+b2
ii perl 5.24.1-2
ii perl-modules-5.24 [libautodie-perl] 5.24.1-2
Versions of packages lintian suggests:
ii binutils-multiarch 2.28-2
ii dpkg-dev 1.18.23
ii libhtml-parser-perl3.72-3
ii libtext-template-perl 1.46-1
-- no debconf information
--- End Message ---
--- Begin Message ---
tags 859659 + wontfix
thanks
Luca Boccassi wrote:
> In our specific case at work, as you correctly guessed, we don't have a
> separate archive (build and repository management system is Suse's OBS)
> so it does work. Of course being an external use case from Debian I
> can't ask for it to be supported, so please feel free to close the bug
> if you wish.
Will do - many thanks :)
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
` End Message ---
Processed: Re: lintian: W-shlibs-symbol-not-found: false positive
Processing commands for cont...@bugs.debian.org: > tags 879722 + moreinfo Bug #879722 [lintian] lintian: W-shlibs-symbol-not-found: false positive Added tag(s) moreinfo. > thanks Stopping processing here. Please contact me if you need assistance. -- 879722: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879722 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#879722: lintian: W-shlibs-symbol-not-found: false positive
tags 879722 + moreinfo thanks Hi Shawn. > dpkg-shlibdeps: warning: symbol __aeabi_atexit@CXXABI_ARM_1.3.3 used by > debian/libkyotocabinet16v5/usr/lib/arm-linux-gnueabi/libkyotocabinet.so.16.13.0 > found in none of the libraries I'm not sure I understand your report, sorry. :) These are warnings from dpkg-shlibdeps, not in Lintian. Also, there is no such tag "shlibs-symbol-not-found" in Lintian, and nor has there ever been one similar! Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-
Processed: Re: lintian: please don't map implementation language to sections
Processing commands for cont...@bugs.debian.org: > tags 883772 + moreinfo Bug #883772 [lintian] lintian: please don't map implementation language to sections Added tag(s) moreinfo. > thanks Stopping processing here. Please contact me if you need assistance. -- 883772: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883772 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#883772: lintian: please don't map implementation language to sections
tags 883772 + moreinfo thanks Hey David! > the programming-language sections are a mess Whilst I don't necessarily disagree, I'm not sure what the next steps for Lintian are here. Putting it another way, I see you linked #802488 but until that gets some kind of resolution (or some change to Policy), what is there for us to do..? Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-
Bug#886961: lib-nss* packages should go in the admin section too
tags 886961 + pending thanks Fixed in Git; thanks! https://anonscm.debian.org/git/lintian/lintian.git/commit/?id=57867b19ae24d8684be47ebee3c4f76c923e3894 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-
Processed: Re: lib-nss* packages should go in the admin section too
Processing commands for cont...@bugs.debian.org: > tags 886961 + pending Bug #886961 [lintian] lib-nss* packages should go in the admin section too Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 886961: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886961 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
[lintian] 01/01: data/fields/name_section_mappings: Ensure that NSS (Name Services Switch) modules are placed in the "admin" section. Thanks to Mathieu Parent (sathieu) for the patch. (Closes: #886961
This is an automated email from the git hooks/post-receive script.
lamby pushed a commit to branch master
in repository lintian.
commit 57867b19ae24d8684be47ebee3c4f76c923e3894
Author: Chris Lamb
Date: Fri Jan 12 07:53:37 2018 +0530
data/fields/name_section_mappings: Ensure that NSS (Name Services Switch)
modules are placed in the "admin" section. Thanks to Mathieu Parent (sathieu)
for the patch. (Closes: #886961)
---
data/fields/name_section_mappings | 2 +-
debian/changelog | 4
t/tests/fields-wrong-section/debian/debian/control.in | 12
t/tests/fields-wrong-section/tags | 1 +
4 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/data/fields/name_section_mappings
b/data/fields/name_section_mappings
index 695523f..fba241b 100644
--- a/data/fields/name_section_mappings
+++ b/data/fields/name_section_mappings
@@ -34,7 +34,7 @@ lib.*-cil(?:-dev)?$ => cli-mono
# data files
^gir\d+\.\d+-.*-\d+\.\d+$=> introspection
^(?:x?fonts|ttf)- => fonts
-^libpam-=> admin
+^lib(?:nss|pam)-=> admin
^(?:aspell|hunspell|myspell|mythes)-=> localization
^hyphen-[a-z]{2}(?:-[a-z]{2})?$ => localization
^dict-freedict- => localization
diff --git a/debian/changelog b/debian/changelog
index c81dca1..9ac4a5e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -16,6 +16,10 @@ lintian (2.5.69) UNRELEASED; urgency=medium
* data/files/fnames:
+ [CL] Warn about packages that ship (eg.) test_foo.py files in the
global Python module namespace.
+ * data/fields/name_section_mappings:
++ [CL] Ensure that NSS (Name Services Switch) modules are placed in the
+ "admin" section. Thanks to Mathieu Parent (sathieu) for the patch.
+ (Closes: #886961)
-- Chris Lamb Tue, 09 Jan 2018 20:55:21 +0530
diff --git a/t/tests/fields-wrong-section/debian/debian/control.in
b/t/tests/fields-wrong-section/debian/debian/control.in
index 77da84d..73bc853 100644
--- a/t/tests/fields-wrong-section/debian/debian/control.in
+++ b/t/tests/fields-wrong-section/debian/debian/control.in
@@ -206,6 +206,18 @@ Description: {$description} (gir1.2-pkg)
things. It should not be installed like a regular package. It may
be an empty package.
+Package: libnss-{$source}
+Architecture: all
+Section: web
+Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
+Description: {$description} (NSS module)
+ Test for NSS modules.
+ .
+ This is a test package designed to exercise some feature or tag of
+ Lintian. It is part of the Lintian test suite and may do very odd
+ things. It should not be installed like a regular package. It may
+ be an empty package.
+
Package: libpam-{$source}1
Architecture: all
Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
diff --git a/t/tests/fields-wrong-section/tags
b/t/tests/fields-wrong-section/tags
index 3dbb951..79c74d9 100644
--- a/t/tests/fields-wrong-section/tags
+++ b/t/tests/fields-wrong-section/tags
@@ -12,6 +12,7 @@ W: libfields-wrong-section-perl:
wrong-section-according-to-package-name libfiel
W: libfields-wrong-section-ruby1.8: wrong-section-according-to-package-name
libfields-wrong-section-ruby1.8 => ruby
W: libghc-fields-wrong-section: wrong-section-according-to-package-name
libghc-fields-wrong-section => haskell
W: libjs-fields-wrong-section: wrong-section-according-to-package-name
libjs-fields-wrong-section => javascript
+W: libnss-fields-wrong-section: wrong-section-according-to-package-name
libnss-fields-wrong-section => admin
W: libpam-fields-wrong-section1: wrong-section-according-to-package-name
libpam-fields-wrong-section1 => admin
W: libphp-fields-wrong-section: wrong-section-according-to-package-name
libphp-fields-wrong-section => php
W: python-fields-wrong-section: wrong-section-according-to-package-name
python-fields-wrong-section => python
--
Alioth's /usr/local/bin/git-commit-notice on
/srv/git.debian.org/git/lintian/lintian.git
[lintian] branch master updated (d36a0f1 -> 57867b1)
This is an automated email from the git hooks/post-receive script. lamby pushed a change to branch master in repository lintian. from d36a0f1 checks/source-copyright: Warn about insecure "Format:" URIs that reference debian.org. Based on a patch by Nicolas Braud-Santoni. (Closes: #886930) new 57867b1 data/fields/name_section_mappings: Ensure that NSS (Name Services Switch) modules are placed in the "admin" section. Thanks to Mathieu Parent (sathieu) for the patch. (Closes: #886961) The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference. Summary of changes: data/fields/name_section_mappings | 2 +- debian/changelog | 4 t/tests/fields-wrong-section/debian/debian/control.in | 12 t/tests/fields-wrong-section/tags | 1 + 4 files changed, 18 insertions(+), 1 deletion(-) -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Bug#886961: lib-nss* packages should go in the admin section too
Package: lintian Version: 2.5.68 Severity: normal Hi, As a followup to #885899, please add this to data/fields/name_section_mappings: ^libnss-=> admin Regards Mathieu Parent
Bug#886930: lintian: Check that debian/copyright uses HTTPS in its format URI
tags 886930 + pending thanks Hi Nicolas, I just applied the following in Git based on your patch: https://anonscm.debian.org/git/lintian/lintian.git/commit/?id=d36a0f117659aa945fc004e1757bc65525b6f8e7 Many thanks :) Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-
Processed: Re: lintian: Check that debian/copyright uses HTTPS in its format URI
Processing commands for cont...@bugs.debian.org: > tags 886930 + pending Bug #886930 [lintian] lintian: Check that debian/copyright uses HTTPS in its format URI Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 886930: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886930 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
[lintian] branch master updated (4b235fa -> d36a0f1)
This is an automated email from the git hooks/post-receive script.
lamby pushed a change to branch master
in repository lintian.
from 4b235fa doc/releases.md: Correct location of
/srv/lintian.debian.org/etc/cron.
new d36a0f1 checks/source-copyright: Warn about insecure "Format:"
URIs that reference debian.org. Based on a patch by Nicolas Braud-Santoni.
(Closes: #886930)
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Summary of changes:
checks/source-copyright.desc | 11 +++
checks/source-copyright.pm| 9 -
debian/changelog | 3 +++
debian/copyright | 2 +-
t/templates/debs/skel/copyright | 2 +-
t/templates/source/skel/copyright | 2 +-
t/templates/tests/pedantic/debian/copyright | 2 +-
t/templates/tests/skel/debian/copyright | 2 +-
.../copyright-missing-apache2-license-pointer.copyright | 2 +-
.../debian/debian/copyright-mentions-apache.copyright | 2 +-
.../debian/debian/copyright-mentions-apache2.copyright| 2 +-
.../debian/debian/copyright-mentions-apache3.copyright| 2 +-
.../debian/debian/copyright-mentions-gfdl.copyright | 2 +-
.../debian/debian/copyright-mentions-gpl.copyright| 2 +-
.../debian/debian/copyright-mentions-lgpl.copyright | 2 +-
.../debian/debian/copyright-mentions-lgpl2.copyright | 2 +-
.../debian/debian/copyright-mentions-perl.copyright | 2 +-
t/tests/obsolete-sites/debian/debian/copyright| 2 +-
.../source-copyright-bad-short-name/debian/debian/copyright | 2 +-
t/tests/source-copyright-dep5-general/debian/debian/copyright | 2 +-
.../debian/debian/copyright | 2 +-
t/tests/source-copyright-empty-field/debian/debian/copyright | 2 +-
.../debian/debian/copyright | 0
t/tests/source-copyright-insecure-uri/desc| 6 ++
t/tests/source-copyright-insecure-uri/tags| 1 +
.../source-copyright-license-header/debian/debian/copyright | 2 +-
.../debian/debian/copyright | 2 +-
.../debian/debian/copyright | 2 +-
t/tests/source-copyright-pipe-as-or/debian/debian/copyright | 2 +-
.../debian/debian/copyright | 2 +-
t/tests/source-copyright-typo-field/debian/debian/copyright | 2 +-
t/tests/source-copyright-undefined/debian/debian/copyright| 2 +-
t/tests/source-copyright-unique/debian/debian/copyright | 2 +-
.../debian/debian/copyright | 2 +-
t/tests/standards-version-timewarp/debian/debian/copyright| 2 +-
35 files changed, 54 insertions(+), 34 deletions(-)
copy t/tests/{source-copyright-missing-notice-file-for-apache-license-unrel =>
source-copyright-insecure-uri}/debian/debian/copyright (100%)
create mode 100644 t/tests/source-copyright-insecure-uri/desc
create mode 100644 t/tests/source-copyright-insecure-uri/tags
--
Alioth's /usr/local/bin/git-commit-notice on
/srv/git.debian.org/git/lintian/lintian.git
[lintian] 01/01: checks/source-copyright: Warn about insecure "Format:" URIs that reference debian.org. Based on a patch by Nicolas Braud-Santoni. (Closes: #886930)
This is an automated email from the git hooks/post-receive script.
lamby pushed a commit to branch master
in repository lintian.
commit d36a0f117659aa945fc004e1757bc65525b6f8e7
Author: Chris Lamb
Date: Thu Jan 11 20:19:09 2018 +0530
checks/source-copyright: Warn about insecure "Format:" URIs that reference
debian.org. Based on a patch by Nicolas Braud-Santoni. (Closes: #886930)
---
checks/source-copyright.desc | 11 +++
checks/source-copyright.pm| 9 -
debian/changelog | 3 +++
debian/copyright | 2 +-
t/templates/debs/skel/copyright | 2 +-
t/templates/source/skel/copyright | 2 +-
t/templates/tests/pedantic/debian/copyright | 2 +-
t/templates/tests/skel/debian/copyright | 2 +-
.../copyright-missing-apache2-license-pointer.copyright | 2 +-
.../debian/debian/copyright-mentions-apache.copyright | 2 +-
.../debian/debian/copyright-mentions-apache2.copyright| 2 +-
.../debian/debian/copyright-mentions-apache3.copyright| 2 +-
.../debian/debian/copyright-mentions-gfdl.copyright | 2 +-
.../debian/debian/copyright-mentions-gpl.copyright| 2 +-
.../debian/debian/copyright-mentions-lgpl.copyright | 2 +-
.../debian/debian/copyright-mentions-lgpl2.copyright | 2 +-
.../debian/debian/copyright-mentions-perl.copyright | 2 +-
t/tests/obsolete-sites/debian/debian/copyright| 2 +-
.../source-copyright-bad-short-name/debian/debian/copyright | 2 +-
t/tests/source-copyright-dep5-general/debian/debian/copyright | 2 +-
.../debian/debian/copyright | 2 +-
t/tests/source-copyright-empty-field/debian/debian/copyright | 2 +-
.../debian/debian/copyright | 0
t/tests/source-copyright-insecure-uri/desc| 6 ++
t/tests/source-copyright-insecure-uri/tags| 1 +
.../source-copyright-license-header/debian/debian/copyright | 2 +-
.../debian/debian/copyright | 2 +-
.../debian/debian/copyright | 2 +-
t/tests/source-copyright-pipe-as-or/debian/debian/copyright | 2 +-
.../debian/debian/copyright | 2 +-
t/tests/source-copyright-typo-field/debian/debian/copyright | 2 +-
t/tests/source-copyright-undefined/debian/debian/copyright| 2 +-
t/tests/source-copyright-unique/debian/debian/copyright | 2 +-
.../debian/debian/copyright | 2 +-
t/tests/standards-version-timewarp/debian/debian/copyright| 2 +-
35 files changed, 54 insertions(+), 34 deletions(-)
diff --git a/checks/source-copyright.desc b/checks/source-copyright.desc
index 718be30..65acc21 100644
--- a/checks/source-copyright.desc
+++ b/checks/source-copyright.desc
@@ -48,6 +48,17 @@ Info: Format URI of the machine-readable copyright file
contains
VERSIONED_FORMAT_URL or REVISION string. Please replace it
with an actual URI or an actual revision number respectively.
+Tag: insecure-copyright-format-uri
+Severity: pedantic
+Certainty: certain
+Ref: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Info: Format URI of the machine-readable copyright file uses the plain HTTP
+ unencrypted transport protocol. Using HTTPS is prefered since policy 4.0.0.
+ .
+ Please use
+
https://www.debian.org/doc/packaging-manuals/copyright-format/version/
+ as the format URI instead.
+
Tag: wiki-copyright-format-uri
Severity: pedantic
Certainty: possible
diff --git a/checks/source-copyright.pm b/checks/source-copyright.pm
index c04e82a..52ca8a8 100644
--- a/checks/source-copyright.pm
+++ b/checks/source-copyright.pm
@@ -86,11 +86,8 @@ sub run {
return;
}
-# Note that we allow people to use "https://"; even the
-# policy says it must be "http://";. It might be
-# pedantically wrong, but it is not worth arguing over On
-# the plus side, it gives security to people blindly
-# copy-wasting the URLs using "https://";.
+# The policy states, since 4.0.0, that people should use "https://"; for the
+# format URI. This is checked later in check_dep5_copyright.
# return undef is not dep5 and '' if unknown version
sub _find_dep5_version {
my ($original_uri) = @_;
@@ -220,6 +217,8 @@ sub _check_dep5_copyright {
tag 'unversioned-copyright-format-uri', $uri;
}elsif (versions_compare $version, '<<', $dep5_last_normative_change) {
tag 'out-of-date-copyright-format-uri', $uri;
+}elsif ($uri =~ m,^http://www\.debian\.org/,) {
+tag 'insecure-copyright-format-uri', $uri;
}
if (versions_compare $version, '<<', $dep5_last_overhaul) {
diff --git a/debian/
Bug#886930: lintian: Check that debian/copyright uses HTTPS in its format URI
Package: lintian
Version: 2.5.67
Severity: wishlist
Tags: patch
X-Debbugs-CC: j...@debian.org
Dear lintian maintainers,
Since policy 4.0.0, it is prefered to use HTTPS for the DEP5 copyright files'
format URI; I added a check to this effect to lintian.
I have not, however, added a test, as I am pretty unfamiliar with lintian
internals (and Perl, for that matter). I did however test the change manually.
Best,
nicoo
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (900, 'testing'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.14.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set
to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages lintian depends on:
ii binutils 2.29.1-12
ii bzip2 1.0.6-8.1
ii diffstat 1.61-1+b1
ii dpkg 1.19.0.4
ii file 1:5.32-1
ii gettext 0.19.8.1-4
ii intltool-debian 0.35.0+20060710.4
ii libapt-pkg-perl 0.1.33
ii libarchive-zip-perl 1.60-1
ii libclass-accessor-perl0.51-1
ii libclone-perl 0.39-1
ii libdpkg-perl 1.19.0.4
ii libemail-valid-perl 1.202-1
ii libfile-basedir-perl 0.07-1
ii libipc-run-perl 0.96-1
ii liblist-moreutils-perl0.416-1+b3
ii libparse-debianchangelog-perl 1.2.0-12
ii libperl5.26 [libdigest-sha-perl] 5.26.1-3
ii libtext-levenshtein-perl 0.13-1
ii libtimedate-perl 2.3000-2
ii liburi-perl 1.72-2
ii libxml-simple-perl2.24-1
ii libyaml-libyaml-perl 0.63-2+b2
ii man-db2.7.6.1-4
ii patchutils0.3.4-2
ii perl 5.26.1-3
ii t1utils 1.41-2
ii xz-utils 5.2.2-1.3
Versions of packages lintian recommends:
pn libperlio-gzip-perl
Versions of packages lintian suggests:
pn binutils-multiarch
ii dpkg-dev 1.19.0.4
ii libhtml-parser-perl3.72-3+b2
ii libtext-template-perl 1.47-1
-- no debconf information
From 471593b7df4a4a42bc0d935c714d16d664e830d9 Mon Sep 17 00:00:00 2001
From: Nicolas Braud-Santoni
Date: Thu, 11 Jan 2018 13:30:10 +0100
Subject: [PATCH] checks/source-copyright: Warn on insecure format URIs
---
checks/source-copyright.desc | 10 ++
checks/source-copyright.pm | 12 +++-
2 files changed, 17 insertions(+), 5 deletions(-)
diff --git a/checks/source-copyright.desc b/checks/source-copyright.desc
index 718be3030..7ce6fa019 100644
--- a/checks/source-copyright.desc
+++ b/checks/source-copyright.desc
@@ -48,6 +48,16 @@ Info: Format URI of the machine-readable copyright file contains
VERSIONED_FORMAT_URL or REVISION string. Please replace it
with an actual URI or an actual revision number respectively.
+Tag: insecure-copyright-format-uri
+Severity: pedantic
+Certainty: possible
+Ref: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Info: Format URI of the machine-readable copyright file uses plain HTTP
+ .
+ Using HTTPS is prefered since policy 4.0.0. Please use
+ https://www.debian.org/doc/packaging-manuals/copyright-format/version/
+ as the format URI instead.
+
Tag: wiki-copyright-format-uri
Severity: pedantic
Certainty: possible
diff --git a/checks/source-copyright.pm b/checks/source-copyright.pm
index c04e82a5f..703f3d597 100644
--- a/checks/source-copyright.pm
+++ b/checks/source-copyright.pm
@@ -86,11 +86,9 @@ sub run {
return;
}
-# Note that we allow people to use "https://"; even the
-# policy says it must be "http://";. It might be
-# pedantically wrong, but it is not worth arguing over On
-# the plus side, it gives security to people blindly
-# copy-wasting the URLs using "https://";.
+# The policy states, since 4.0.0, that people should
+# use "https://"; for the format URI. This is checked
+# later in check_dep5_copyright.
# return undef is not dep5 and '' if unknown version
sub _find_dep5_version {
my ($original_uri) = @_;
@@ -213,6 +211,10 @@ sub _check_dep5_copyright {
my $version = _find_dep5_version($uri);
+if ($uri =~ m,^http:, ) {
+tag 'insecure-copyright-format-uri', $uri
+}
+
return if !defined($version);
if ($version =~ m,wiki,) {
tag 'wiki-copyright-format-uri', $uri;
--
2.15.1
signature.asc
Description: PGP signature
