devscripts - Debian Package Tracker

general

source: devscripts (main)
version: 2.26.7
maintainer: Devscripts Maintainers (DMD)
uploaders: Holger Levsen [DMD] – Benjamin Drung [DMD] – Mattia Rizzolo [DMD]
arch: all
std-ver: 4.7.3
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.21.3+deb11u1
oldstable: 2.23.4+deb12u2
old-bpo: 2.25.15~bpo12+1
stable: 2.25.15+deb13u1
stable-bpo: 2.26.7~bpo13+1
testing: 2.26.7
unstable: 2.26.7

versioned links

2.21.3+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.23.4+deb12u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.25.15~bpo12+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.25.15+deb13u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.26.7~bpo13+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.26.7: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

devscripts (539 bugs: 0, 216, 323, 0)

action needed

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2025-8454: It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then.

Created: 2025-07-14 Last update: 2026-04-28 19:02

1 security issue in forky high

There is 1 open security issue in forky.

1 important issue:

CVE-2025-8454: It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then.

Created: 2025-08-09 Last update: 2026-04-28 19:02

4 bugs tagged help in the BTS normal

The BTS contains 4 bugs tagged help, please consider helping the maintainer in dealing with them.

Created: 2025-08-23 Last update: 2026-05-09 20:00

42 bugs tagged patch in the BTS normal

The BTS contains patches fixing 42 bugs (45 if counting merged bugs), consider including or untagging them.

Created: 2026-04-06 Last update: 2026-05-09 20:00

Depends on packages which need a new maintainer normal

The packages that devscripts depends on which need a new maintainer are:

docbook-xsl (#802370)
- Build-Depends: docbook-xsl

Created: 2019-11-22 Last update: 2026-05-09 18:34

26 open merge requests in Salsa normal

There are 26 open merge requests for this package on Salsa. You should consider reviewing and/or merging these merge requests.

Created: 2025-09-17 Last update: 2026-05-09 17:03

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2.26.8, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 711e8344467bdeaf6f6f25b8ac580a039f611828
Author: Yadd <yadd@debian.org>
Date:   Fri Apr 24 18:51:41 2026 +0200

    uscan: Fix USCAN_HTTP_HEADER failure when value contains a space

commit c4bc33794ca44a8d48f56badc91e6b8d10cfa5f2
Author: Agustin Martin <agmartin@debian.org>
Date:   Wed Apr 29 17:31:45 2026 +0200

    Gitlab.pm: Allow customized version regexps with new 'Custom-Version' parameter.

commit e6e0d9f30589502f5d97a249c79beec977670d2f
Author: cen <cen.is.imba@gmail.com>
Date:   Wed Apr 29 18:47:00 2026 +0200

    document --cache flag usage on debrebuild
    
    (cherry picked from commit c758ff0e5bb957cb55fdf21d25debddba8864838)
    Signed-off-by: Holger Levsen <holger@layer-acht.org>

commit 7a7016d5455dc498c5f9b8839e08b95ef135e57f
Author: Agustin Martin Domingo <agmartin@debian.org>
Date:   Wed Apr 1 11:37:32 2026 +0200

    Github.pm: Allow customized version regexps with new 'Custom-Version' parameter.
    
      Note: $custom_version is expected as in usual version regexps
      in matching pattern, so is not \Q\E quoted on purpose.
    
    Closes: #1115546, #1120369

commit 5c560857484a681d71f333a0212e346dbf4defe7
Author: Charles Plessy <plessy@debian.org>
Date:   Sat Apr 11 19:03:39 2026 +0900

    d/changelog: replace 10 distracting lines with a one-line summary.
    
    Gbp-Dch: ignore

commit 818ce77cefdc29a3bacf2f45a901f0eeeafd78ce
Author: Charles Plessy <plessy@debian.org>
Date:   Thu Apr 23 15:22:37 2026 +0900

    uscan: remove stray print statement in CRAN template.

commit 7118d472ba952c7cd3bf36f1c81209abcbfca2a9
Author: Yadd <yadd@debian.org>
Date:   Fri Apr 24 14:35:58 2026 +0200

    uscan: update STABLE_VERSION to accept 0.x.y versions

commit 47b6738664a7bf8656f28c2dec0ed614e8ec6c22
Author: Chow Loong Jin <hyperair@debian.org>
Date:   Wed Apr 15 16:53:50 2026 +0800

    uscan: Fix misparsed version from filenamemangling result in vcs
    
    For packages that end with numbers, e.g. `udis86`, the `86` can end up being
    prefixed into the detected version after a filename-mangling result. Fix that by
    tightening up the regex matching the package name portion.
    
    Closes: #1133886

commit 6ab65da19e2081cf5d9e7e2401183a8cec19e40c
Author: Chow Loong Jin <hyperair@debian.org>
Date:   Wed Apr 15 16:39:28 2026 +0800

    uscan: Support `$pkg_$ver.tar.gz` filenames in mode:git

commit 5e00947dfda01fc5c1ab52ad19103e9015dbbe84
Author: Chow Loong Jin <hyperair@debian.org>
Date:   Wed Apr 22 16:29:14 2026 +0800

    salsa-ci: Disable test-uscan job
    
    This repo doesn't have a top-level debian/watch, and the various uscan test
    files for our own test suite trips up the salsa-ci job.

commit 2d3339f5384f47e4d356dcbbd9ac059988c4d18a
Author: Agustin Martin Domingo <agmartin@debian.org>
Date:   Sat Apr 11 01:09:23 2026 +0200

    Uscan/Config.pm: Also support --nodownload as specified in docstrings.
    
    Closes: #933555
    
    Signed-off-by: Agustin Martin Domingo <agmartin@debian.org>

commit 5f4e1aec1b9f925af3e0dec015258e303c14c28e
Author: Agustin Martin Domingo <agmartin@debian.org>
Date:   Wed Apr 8 23:59:19 2026 +0200

    Uscan/WatchSource.pm: Deal with "0" package version.
    
    Packages may have version "0" in some corner cases. This
    makes if($version) test result "false" in that case,
    causing package not downloaded even if expliticly told
    to do so. Use "defined" to care of these corner cases.
    
    Closes: #1059734
    
    Signed-off-by: Agustin Martin Domingo <agmartin@debian.org>

commit 27c20499c5f5384c01f42fbd01c47b1ada5f7df3
Author: Charles Plessy <plessy@debian.org>
Date:   Wed Feb 18 22:44:48 2026 +0900

    Get template from metadata and package name from d/copyright

commit ec372b5dcbea63f792030f865dd064b0a5828e4d
Author: Jochen Sprickerhof <jspricke@debian.org>
Date:   Thu Mar 12 20:59:50 2026 +0100

    Fix test with git version in trixie
    
    Otherwise git log upstream/HEAD does not work.

commit d26d75b5f9ce85de55b3605637560d2816b15033
Author: Jochen Sprickerhof <jspricke@debian.org>
Date:   Thu Mar 12 08:47:51 2026 +0100

    Bump minimal black version

commit addaafcd02bbbd606785d7053c15c467af21b577
Author: Benjamin Drung <bdrung@debian.org>
Date:   Tue Mar 31 17:41:23 2026 +0200

    Start 2.26.8 development
    
    d/changelog entries will be written on release
    using the git commit messages.
    
    Use 'gbp dch --since v2.26.7 --multimaint-merge'
    to write d/changelog entries since that last release.
    
    Gbp-Dch: ignore

Created: 2026-01-08 Last update: 2026-05-09 17:03

1 low-priority security issue in trixie low

There is 1 open security issue in trixie.

1 issue left for the package maintainer to handle:

CVE-2025-8454: (needs triaging) It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-08-09 Last update: 2026-04-28 19:02

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2025-8454: (needs triaging) It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-07-14 Last update: 2026-04-28 19:02

Issues found with some translations low

Automatic checks made by the Debian l10n team found some issues with the translations contained in this package. You should check the l10n status report for more information.

Issues can be things such as missing translations, problematic translated strings, outdated PO files, unknown languages, etc.

Created: 2026-01-08 Last update: 2026-03-10 09:00

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.4 instead of 4.7.3).

Created: 2026-03-31 Last update: 2026-04-01 00:00

news

[rss feed]

[2026-04-03] Accepted devscripts 2.26.7~bpo13+1 (source) into stable-backports (Jochen Sprickerhof)
[2026-04-03] devscripts 2.26.7 MIGRATED to testing (Debian testing watch)
[2026-03-31] Accepted devscripts 2.26.7 (source) into unstable (Benjamin Drung)
[2026-03-12] Accepted devscripts 2.26.6~bpo13+1 (source) into stable-backports (Jochen Sprickerhof)
[2026-03-12] devscripts 2.26.6 MIGRATED to testing (Debian testing watch)
[2026-03-09] Accepted devscripts 2.26.6 (source) into unstable (Jochen Sprickerhof)
[2026-01-20] devscripts 2.26.5 MIGRATED to testing (Debian testing watch)
[2026-01-18] Accepted devscripts 2.26.5 (source) into unstable (Holger Levsen)
[2026-01-18] devscripts 2.26.4 MIGRATED to testing (Debian testing watch)
[2026-01-12] Accepted devscripts 2.26.4 (source) into unstable (Holger Levsen)
[2026-01-10] devscripts 2.26.3 MIGRATED to testing (Debian testing watch)
[2026-01-08] Accepted devscripts 2.26.3 (source) into unstable (Holger Levsen)
[2026-01-07] Accepted devscripts 2.26.2 (source) into unstable (Holger Levsen)
[2026-01-07] devscripts 2.26.1 MIGRATED to testing (Debian testing watch)
[2026-01-04] Accepted devscripts 2.26.1 (source) into unstable (Holger Levsen)
[2026-01-01] devscripts 2.25.33 MIGRATED to testing (Debian testing watch)
[2025-12-29] Accepted devscripts 2.25.33 (source) into unstable (Daniel Gröber)
[2025-12-22] Accepted devscripts 2.25.32 (source) into unstable (Daniel Gröber)
[2025-12-16] Accepted devscripts 2.25.31 (source) into unstable (Holger Levsen)
[2025-12-12] devscripts 2.25.30 MIGRATED to testing (Debian testing watch)
[2025-12-09] Accepted devscripts 2.25.30 (source) into unstable (Holger Levsen)
[2025-12-09] devscripts 2.25.29 MIGRATED to testing (Debian testing watch)
[2025-12-04] Accepted devscripts 2.25.29 (source) into unstable (Holger Levsen)
[2025-12-04] devscripts 2.25.28 MIGRATED to testing (Debian testing watch)
[2025-11-30] Accepted devscripts 2.25.28 (source) into unstable (Holger Levsen)
[2025-11-25] devscripts 2.25.27 MIGRATED to testing (Debian testing watch)
[2025-11-22] Accepted devscripts 2.25.27 (source) into unstable (Holger Levsen)
[2025-11-22] devscripts 2.25.26 MIGRATED to testing (Debian testing watch)
[2025-11-19] Accepted devscripts 2.25.26 (source) into unstable (Jochen Sprickerhof)
[2025-11-08] devscripts 2.25.25 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 531 548
RC: 0
I&N: 211 218
M&W: 316 326
F&P: 4
patch: 42 45
help: 4
NC: 3

links

lintian
buildd: logs, reproducibility
popcon
browse source code
other distros
security tracker
l10n (88, -)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.26.7
43 bugs (1 patch)