devscripts - Debian Package Tracker

general

source: devscripts (main)
version: 2.25.15
maintainer: Devscripts Maintainers (DMD)
uploaders: Mattia Rizzolo [DMD] – Holger Levsen [DMD] – Benjamin Drung [DMD]
arch: all
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.21.3+deb11u1
oldstable: 2.23.4+deb12u2
old-bpo: 2.25.15~bpo12+1
stable: 2.25.15
testing: 2.25.15
unstable: 2.25.15
exp: 2.25.17

versioned links

2.21.3+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.23.4+deb12u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.25.15~bpo12+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.25.15: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.25.17: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

devscripts (510 bugs: 0, 197, 313, 0)

action needed

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2025-8454: It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then.

Created: 2025-07-14 Last update: 2025-08-10 06:32

1 security issue in forky high

There is 1 open security issue in forky.

1 important issue:

CVE-2025-8454: It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then.

Created: 2025-08-09 Last update: 2025-08-10 06:32

45 bugs tagged patch in the BTS normal

The BTS contains patches fixing 45 bugs (47 if counting merged bugs), consider including or untagging them.

Created: 2025-01-06 Last update: 2025-08-15 02:30

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2025-05-10 Last update: 2025-08-15 02:01

Depends on packages which need a new maintainer normal

The packages that devscripts depends on which need a new maintainer are:

docbook-xsl (#802370)
- Build-Depends: docbook-xsl
svn-buildpackage (#726770)
- Suggests: svn-buildpackage

Created: 2019-11-22 Last update: 2025-08-15 00:33

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2.25.18, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit afee286166eae83112895ec7e786d5b3cd8daf96
Author: Yadd <yadd@debian.org>
Date:   Thu Aug 14 14:29:46 2025 +0200

    Update d/ch

commit 430835331fbdd96ee7640f51a983869e1cbcb34e
Author: Yadd <yadd@debian.org>
Date:   Thu Aug 14 14:27:15 2025 +0200

    Fix debian-watch doc

commit bfbf01b16b77c7c7504f563a8112f6f22a4fc871
Author: Yadd <yadd@debian.org>
Date:   Wed Aug 13 20:48:26 2025 +0200

    Update Fr translation
    
    Gbp-Dch: ignore

commit 49b98aa3ffa8820c3f7d429d0068712354454201
Author: Yadd <yadd@debian.org>
Date:   Wed Aug 13 19:33:17 2025 +0200

    Update Fr translation
    
    Gbp-Dch: ignore

commit 29844fe5dc796ae2cd885fbd1fe134ca7ad87665
Author: Yadd <yadd@debian.org>
Date:   Wed Aug 13 18:59:01 2025 +0200

    Update Fr translation
    
    Gbp-Dch: ignore

commit d487843b6e3145cb34d182fd2250febf5eb8c8fb
Author: Yadd <yadd@debian.org>
Date:   Wed Aug 13 18:20:26 2025 +0200

    Update Fr translation
    
    Gbp-Dch: ignore

commit 49f038cb92aa8ae95cd43e289c8f452b7db43224
Author: Yadd <yadd@debian.org>
Date:   Wed Aug 13 17:48:33 2025 +0200

    Update French translation

commit 96863b357688a9db466d2f4e983e90a739a17cf8
Author: Julien Plissonneau Duquène <sre4ever@free.fr>
Date:   Mon Aug 11 16:36:35 2025 +0000

    Add new debian-watch manpages to po4a configuration
    
    Gbp-Dch: Ignore
    Signed-off-by: Julien Plissonneau Duquène <sre4ever@free.fr>

commit 60f5e3eb7488964698f6150e19e09e637ab99187
Author: Julien Plissonneau Duquène <sre4ever@free.fr>
Date:   Wed Aug 13 13:58:00 2025 +0000

    Add NEWS entry about d/watch breaking changes
    
    Signed-off-by: Julien Plissonneau Duquène <sre4ever@free.fr>

commit 628a3507a8d278f55e4a5991f9de8b14c687a4f1
Author: Julien Plissonneau Duquène <sre4ever@free.fr>
Date:   Tue Aug 12 16:42:43 2025 +0000

    uscan: match unmangled versions against --download-version
    
    This renames the `newversion` key of $self->search_result populated by
    Devscripts::Uscan::WatchLine::search() to `mangled_newversion` and adds
    a `newversion` entry passing along the unmangled upstream version
    string.
    
    Compare the upstream version provided with --download-version to the
    unmangled version string instead of the mangled string.
    
    Implement usage of filenamemangle in _vcs.pm to replace the previous use
    of uversionmangle to set an arbitrary version in vcs HEAD mode.
    
    Update the manpages PODs.
    
    Closes: #1100020
    Gbp-Dch: Full
    Signed-off-by: Julien Plissonneau Duquène <sre4ever@free.fr>

commit cca2186f9eec7cdeb85a45162ea04c22c9fcc88e
Author: Julien Plissonneau Duquène <sre4ever@free.fr>
Date:   Mon Apr 28 11:02:04 2025 +0000

    uscan: remove duplicate command option in tests
    
    Gbp-Dch: Ignore
    Signed-off-by: Julien Plissonneau Duquène <sre4ever@free.fr>

commit 80fd0a7fcc47087326eed8d9be62f91ad38b6147
Author: Julien Plissonneau Duquène <sre4ever@free.fr>
Date:   Mon Apr 28 11:02:04 2025 +0000

    uscan: fix assertion messages in tests
    
    Gbp-Dch: Ignore
    Signed-off-by: Julien Plissonneau Duquène <sre4ever@free.fr>

commit 4ee3fe7a5bf765733a7a8d3986e4bddd778458b9
Author: Julien Plissonneau Duquène <sre4ever@free.fr>
Date:   Mon Apr 28 11:02:04 2025 +0000

    uscan: remove dirversionmangle from test case
    
    Remove dirversionmangle from the --download-version with uversionmangle
    test case.
    
    Gbp-Dch: Full
    Signed-off-by: Julien Plissonneau Duquène <sre4ever@free.fr>

commit 562af005e96be9270cc3ccf435f31a45013d33fb
Author: Julien Plissonneau Duquène <sre4ever@free.fr>
Date:   Mon Aug 11 11:30:08 2025 +0000

    uscan: add test case for git mode
    
    Add a test case for using --download-version with version mangling in
    git mode.
    
    Gbp-Dch: Full
    Signed-off-by: Julien Plissonneau Duquène <sre4ever@free.fr>

commit 8f93ab93a17d4d21fd44390e84a128ea0da325ed
Author: Bas Couwenberg <sebastic@debian.org>
Date:   Tue Aug 12 08:29:57 2025 +0200

    Update changelog.

commit b9bc25e3f04dcd141c90a2379ad68629076f8e2b
Author: Bas Couwenberg <sebastic@debian.org>
Date:   Tue Aug 12 07:56:15 2025 +0200

    debchange: trixie is now stable, forky is testing.

commit 3d19d14750d9046f2473d832990575d34ed6f3c1
Author: Sean Whitton <spwhitton@spwhitton.name>
Date:   Mon Aug 11 09:52:36 2025 +0100

    Delete git-deborig
    
    Script is moving to the git-debpush package; see #1105759.
    
    I've filed #1110822 to track copying the translated manpages.

commit dadb9289016b7a6d1c3cc7d7a289858b0fd772d8
Author: Hugh McMaster <hmc@debian.org>
Date:   Mon Aug 4 22:06:19 2025 +1000

    uscan/WatchSource.pm: Avoid leading whitespace in raw watch file output

commit cf8da4e03adccdd653b2d664e776b25e750176ca
Author: Hugh McMaster <hmc@debian.org>
Date:   Sun Aug 3 20:46:54 2025 +1000

    uscan/git.pm: Pass '--quiet' to git if not in verbose or debug mode

commit 69c4c6998cb54f32ce1fc2696a2a6071df28e580
Author: Alexandre Detiste <tchet@debian.org>
Date:   Sun Aug 3 13:28:01 2025 +0200

    remove dead code testing for former removed patch systems
    
    this 'what-patch' tool should be removed altogether
    but is still referenced in ubuntu-packaging-guide

commit 6477be741e46197985066673b88cc8eea27bc1aa
Author: Hugh McMaster <hmc@debian.org>
Date:   Sun Aug 3 19:38:00 2025 +1000

    uscan/Downloader.pm: Pass '--quiet' to git if not in verbose or debug mode

commit 2022b138679038baa8b35068ebebcfa515f746e8
Author: Otto Kekäläinen <otto@debian.org>
Date:   Tue Jul 29 10:30:54 2025 -0700

    dep-14-convert: Use 'upstream' as fallback if no merges found (Closes: #1110088)
    
    If the Debian packaging branch had never merged with any other branch,
    no candidates for an upstream branch were found. Modify script to assume
    the upstream branch can be the 'upstream' if one with that name is found
    as kind of a fall-back instead of just failing.
    
    Also extend the output produced when running with `--debug`.

commit 1b3083caf65aa457b7ec5212d7f148d18c9e5c47
Author: Hugh McMaster <hmc@debian.org>
Date:   Fri Aug 1 21:59:44 2025 +1000

    test/test_uscan*: Move containsName() to lib_test_uscan

commit 69782eb9d8695155bc3385bc61216e6230ce4597
Author: Hugh McMaster <hmc@debian.org>
Date:   Fri Aug 1 19:32:48 2025 +1000

    uscan: Better handle Git-Modules: 'yes' and 'all' values
    
    In a v4 watch file, the variable 'gitmodules' can be a boolean.
    When converting to v5 syntax, uscan declares "Git-Modules: yes".

commit 8d98ccb73ce344fb95fd48ccd0e2cab781aa3bf7
Author: Hugh McMaster <hmc@debian.org>
Date:   Fri Aug 1 18:53:29 2025 +1000

    uscan/WatchSource.pm: Remove boolean 'gitmodules' option
    
    This option is no longer supported in watch file Version 5.

commit e57fa18200e2d7cd53bf8d59f0debc575fe5f753
Author: Hugh McMaster <hmc@debian.org>
Date:   Fri Aug 1 18:47:45 2025 +1000

    test/test_uscan_git: Convert tests to watch file Version 5

commit fbf6fe49a7b4ce727385888586f1da7fffb15351
Author: Hugh McMaster <hmc@debian.org>
Date:   Wed Jul 30 23:03:31 2025 +1000

    test/test_uscan_git: Separate git submodule creation

commit dceeb5ab8d4326b6ebdcb11d0e5d873e671e54bb
Author: Hugh McMaster <hmc@debian.org>
Date:   Wed Jul 30 19:14:13 2025 +1000

    test/test_uscan_git: Separate makeDebianDirWithUpstream() functions

commit 861c9690bc35bb2238b52c3a671162cea8eb0927
Author: Hugh McMaster <hmc@debian.org>
Date:   Tue Jul 29 16:56:01 2025 +1000

    test/test_uscan_git: Remove duplicate cleanup() function

commit a68e4d7137c30d7c0f792d652b440b9e5a333bb6
Author: Yadd <yadd@debian.org>
Date:   Fri Aug 1 06:30:20 2025 +0200

    Open d/changelog for 2.25.18

commit 546f61865b2e8c20d7b5164b73b1581257d32e07
Author: Yadd <yadd@debian.org>
Date:   Wed Jul 30 19:02:55 2025 +0200

    uscan: update templates doc

commit 2e0cee31ddf4d391cba2e15815b43060aa925c9d
Author: Yadd <yadd@debian.org>
Date:   Wed Jul 30 11:54:21 2025 +0200

    uscan: update metacpan detection for --update-watchfile

commit c9dbf0c2a90a7bc2f2b5e22bf987b7446f63e975
Author: Yadd <yadd@debian.org>
Date:   Wed Jul 30 07:42:04 2025 +0200

    typo

commit 6547f58605f8dd7c9989904d5a4cdb0c855a7743
Author: Yadd <yadd@debian.org>
Date:   Tue Jul 29 21:47:09 2025 +0200

    Add libmetacpan-client-perl into suggested packages

commit c12306b4aa1f182c09a4a7dabb340c7baeb588ea
Author: Yadd <yadd@debian.org>
Date:   Tue Jul 29 21:41:24 2025 +0200

    uscan: when --update-watchfile, try to use templates

commit 8dc68bb38b2b3a02508ad04d9887f683dc1e97ad
Author: Yadd <yadd@debian.org>
Date:   Tue Jul 29 07:43:28 2025 +0200

    uscan: use @COMPONENT@ in doc
    
    Gbp-Dch: ignore

Created: 2025-07-29 Last update: 2025-08-14 14:02

lintian reports 5 warnings normal

Lintian reports 5 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2025-06-16 Last update: 2025-06-16 21:30

1 low-priority security issue in trixie low

There is 1 open security issue in trixie.

1 issue left for the package maintainer to handle:

CVE-2025-8454: (needs triaging) It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-08-09 Last update: 2025-08-10 06:32

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2025-8454: (needs triaging) It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-07-14 Last update: 2025-08-10 06:32

news

[rss feed]

[2025-07-28] Accepted devscripts 2.25.17 (source) into experimental (Yadd) (signed by: Xavier Guimard)
[2025-07-20] Accepted devscripts 2.25.16 (source all) into experimental (Yadd) (signed by: Xavier Guimard)
[2025-07-11] Accepted devscripts 2.25.15~bpo12+1 (source) into stable-backports (Roger Shimizu)
[2025-06-21] devscripts 2.25.15 MIGRATED to testing (Debian testing watch)
[2025-06-16] Accepted devscripts 2.25.15 (source) into unstable (Holger Levsen)
[2025-06-01] devscripts 2.25.14 MIGRATED to testing (Debian testing watch)
[2025-05-26] Accepted devscripts 2.25.14 (source) into unstable (Holger Levsen)
[2025-05-22] Accepted devscripts 2.25.13 (source) into unstable (Holger Levsen)
[2025-05-20] devscripts 2.25.12 MIGRATED to testing (Debian testing watch)
[2025-05-11] Accepted devscripts 2.25.12 (source) into unstable (Holger Levsen)
[2025-05-10] devscripts 2.25.11 MIGRATED to testing (Debian testing watch)
[2025-04-29] Accepted devscripts 2.25.11 (source) into unstable (Holger Levsen)
[2025-04-29] Accepted devscripts 2.25.10~bpo12+1 (source) into stable-backports (Roger Shimizu)
[2025-04-27] devscripts 2.25.10 MIGRATED to testing (Debian testing watch)
[2025-04-17] Accepted devscripts 2.25.10 (source) into unstable (Holger Levsen)
[2025-04-16] devscripts 2.25.9 MIGRATED to testing (Debian testing watch)
[2025-04-12] Accepted devscripts 2.25.8~bpo12+1 (source all) into stable-backports (Debian FTP Masters) (signed by: Roger Shimizu)
[2025-04-12] Accepted devscripts 2.25.9 (source) into unstable (Holger Levsen)
[2025-04-09] devscripts 2.25.8 MIGRATED to testing (Debian testing watch)
[2025-04-05] Accepted devscripts 2.25.8 (source) into unstable (Holger Levsen)
[2025-04-04] devscripts 2.25.7 MIGRATED to testing (Debian testing watch)
[2025-04-01] Accepted devscripts 2.25.7 (source) into unstable (Holger Levsen)
[2025-04-01] devscripts 2.25.6 MIGRATED to testing (Debian testing watch)
[2025-03-27] Accepted devscripts 2.25.6 (source) into unstable (Holger Levsen)
[2025-02-28] devscripts 2.25.5 MIGRATED to testing (Debian testing watch)
[2025-02-25] Accepted devscripts 2.25.5 (source) into unstable (Holger Levsen)
[2025-02-23] Accepted devscripts 2.25.4 (source) into unstable (Holger Levsen)
[2025-02-21] Accepted devscripts 2.25.3 (source) into unstable (Holger Levsen)
[2025-02-08] devscripts 2.25.2 MIGRATED to testing (Debian testing watch)
[2025-02-05] Accepted devscripts 2.25.2 (source) into unstable (Holger Levsen)

bugs [bug history graph]

all: 502 515
RC: 0
I&N: 192 197
M&W: 308 316
F&P: 2
patch: 45 47

links

lintian (0, 5)
buildd: logs, exp, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (93, -)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.25.15
44 bugs (2 patches)