devscripts - Debian Package Tracker

general

source: devscripts (main)
version: 2.26.5
maintainer: Devscripts Maintainers (DMD)
uploaders: Holger Levsen [DMD] – Benjamin Drung [DMD] – Mattia Rizzolo [DMD]
arch: all
std-ver: 4.7.3
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.21.3+deb11u1
oldstable: 2.23.4+deb12u2
old-bpo: 2.25.15~bpo12+1
stable: 2.25.15+deb13u1
stable-bpo: 2.25.22~bpo13+1
testing: 2.26.5
unstable: 2.26.5

versioned links

2.21.3+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.23.4+deb12u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.25.15~bpo12+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.25.15+deb13u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.25.22~bpo13+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.26.5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

devscripts (543 bugs: 0, 223, 320, 0)

action needed

Debci reports failed tests high

unstable: pass (log)
The tests ran in 0:10:14
Last run: 2026-01-08T18:36:37.000Z
Previous status: unknown

testing: fail (log)
The tests ran in 0:09:48
Last run: 2026-02-16T02:29:21.000Z
Previous status: unknown

stable: pass (log)
The tests ran in 0:09:17
Last run: 2026-01-28T07:07:06.000Z
Previous status: unknown

Created: 2026-01-31 Last update: 2026-02-17 15:30

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2025-8454: It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then.

Created: 2025-07-14 Last update: 2026-01-20 05:32

1 security issue in forky high

There is 1 open security issue in forky.

1 important issue:

CVE-2025-8454: It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then.

Created: 2025-08-09 Last update: 2026-01-20 05:32

4 bugs tagged help in the BTS normal

The BTS contains 4 bugs tagged help, please consider helping the maintainer in dealing with them.

Created: 2025-08-23 Last update: 2026-02-17 16:30

44 bugs tagged patch in the BTS normal

The BTS contains patches fixing 44 bugs (47 if counting merged bugs), consider including or untagging them.

Created: 2025-01-06 Last update: 2026-02-17 16:30

Depends on packages which need a new maintainer normal

The packages that devscripts depends on which need a new maintainer are:

docbook-xsl (#802370)
- Build-Depends: docbook-xsl
svn-buildpackage (#726770)
- Suggests: svn-buildpackage

Created: 2019-11-22 Last update: 2026-02-17 14:31

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2.26.6, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 34e2797ea143a5226d7e6c873400862fcd7db904
Author: Charles Plessy <plessy@debian.org>
Date:   Mon Feb 16 22:36:45 2026 +0900

    Document the CRAN and Bioconductor templates.

commit 3e51db9bb0a56e272a84790fec41e2e18985fe95
Author: Yadd <yadd@debian.org>
Date:   Mon Feb 16 06:34:48 2026 +0100

    WIP, update French translation
    
    Gbp-Dch: ignore

commit 9ed95c405929feae3a67a3f5ee7012486100e7ce
Author: Charles Plessy <plessy@debian.org>
Date:   Mon Feb 16 08:32:22 2026 +0900

    perltidy II, the return

commit b56bfa33fadebc3f8839a74117270257960e7de1
Merge: 908977397 49d2ba353
Author: Charles Plessy <plessy@debian.org>
Date:   Mon Feb 16 08:29:59 2026 +0900

    Merge branch 'main' into cran-bioc

commit 9089773973ca250c569534daac03e898e80bb4af
Author: Charles Plessy <plessy@debian.org>
Date:   Sun Feb 15 19:19:43 2026 +0900

    Perltidy

commit 9ccfb214d3a0ebb546119bf4ce55293acf0a7509
Author: Charles Plessy <plessy@debian.org>
Date:   Sun Feb 15 18:40:10 2026 +0900

    Add mention that zip and tgz files are binary packages

commit 2a428d3175e6d3d8e3061ea2c725f53b31619d0e
Author: Charles Plessy <plessy@debian.org>
Date:   Sun Feb 15 18:38:50 2026 +0900

    Add tests for Bioconductor.

commit 49d2ba353adfd83999c636b0c1db35ab9138deb7
Author: Daniel Gröber <dxld@darkboxed.org>
Date:   Sat Feb 14 21:13:33 2026 +0100

    bts retitle: Fix implicit bug 'it' showing up in title (Closes: #1127806)
    
    Fixes: b1d675fa "bts retitle: Allow omitting bug number"
    
    Thanks for the report Simon!

commit 526ecfc2ace16d6cd73328aed956a2b8f4992d61
Author: Yadd <yadd@debian.org>
Date:   Sat Feb 14 11:13:20 2026 +0100

    [cran template]: fix test
    
    Gbp-Dch: ignore

commit 04ee3e607f4a6d1b5b6c106971ba062dbd7bc491
Author: Charles Plessy <plessy@debian.org>
Date:   Sat Feb 14 18:41:13 2026 +0900

    Trying to add tests

commit f6ab153959b1b79bc333e7c0cf51fedda497806f
Author: Charles Plessy <plessy@debian.org>
Date:   Mon Feb 9 09:40:31 2026 +0900

    Do not repack if no files are excluded

commit 5de15d318881e7b0a92e85ca2c3332ac8a331702
Author: Charles Plessy <plessy@debian.org>
Date:   Mon Feb 9 09:17:50 2026 +0900

    perltidy

commit ca399f497f8d2e4088b6916218526d3a247c154e
Author: Charles Plessy <plessy@debian.org>
Date:   Mon Feb 9 09:15:03 2026 +0900

    Fix matchingpattern and downloadurlmangle

commit fb07618f5c46dba1bd9d8ea0b47c6908b80d08ed
Author: Charles Plessy <plessy@debian.org>
Date:   Sun Feb 8 22:34:30 2026 +0900

    Draft templates for CRAN and Bioconductor

commit b77c726a0e371193c02ebcb1648e142c507f8646
Author: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date:   Wed Feb 11 20:09:57 2026 +0000

    debian-watch.pod: Improve git mode docs, narrow discouragement
    
    It is only the branch- rather than tag-based modes that
    (must): git clone even with --no-download.  The refs/tags/ form of git
    mode uses git-ls-remote with --no-download.

commit ae206bfc7c0f1830f2a45107b47d4b0a0706c542
Author: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date:   Wed Feb 11 20:07:08 2026 +0000

    debian-watch.pod: Speak of a git "repository" not an "archive"

commit 81dc135e5231cbbdfc7deb55e603a33e5acd43a5
Author: Yadd <yadd@debian.org>
Date:   Wed Feb 11 07:57:00 2026 +0100

    Add SINGLE_USCAN_TEST env var to be able to test only one test/t/uscan/* test

commit 9804fdcb7b7fd47430d0d88d622b5a67b979bac0
Author: Yadd <yadd@debian.org>
Date:   Wed Feb 11 07:47:58 2026 +0100

    autopkgtest: skip metacpan test if test version mismatch upstream version

commit f8d9297cc313c4a15bab432287f1f52433e68a7f
Author: Yadd <yadd@debian.org>
Date:   Wed Feb 11 07:03:41 2026 +0100

    Udpate metacpan version to fix autopkgtest

commit 990794d68d3979da194bdb2f6a6dc692d2327c55
Author: Daniel Gröber <dxld@darkboxed.org>
Date:   Mon Feb 2 15:54:48 2026 +0100

    bts: Fix Message-ID header missing "@" (Closes: #1126848)
    
    See https://datatracker.ietf.org/doc/html/rfc2822#section-3.6.4

commit b15e7e96ea9fa71ac42736edfcde86207367ae3d
Author: Yadd <yadd@debian.org>
Date:   Tue Feb 3 21:32:00 2026 +0100

    Update French translation

commit 804a6339d4c404267520ba5f338a28c87ead4d1b
Author: Holger Levsen <holger@layer-acht.org>
Date:   Thu Jan 29 13:00:22 2026 +0100

    Update Portuguese translation, thanks to Américo Monteiro. Closes: #1126583

commit 121faff28d3919b73b885cdc2e9034bf7de847af
Merge: dda4f69a2 6f7296856
Author: Yadd <yadd@debian.org>
Date:   Tue Jan 27 08:05:46 2026 +0100

    Merge remote-tracking branch 'tmp1/salsa-token-dot'

commit dda4f69a29ca91565d3fcad49f479ceacd73c47d
Author: Yadd <yadd@debian.org>
Date:   Tue Jan 27 08:05:09 2026 +0100

    Partial Fr translation
    
    Gbp-Dch: ignore

commit 167a2f96d8634c724d86c031c874b6e044677a27
Merge: 8f2685c85 83f0bff88
Author: Yadd <yadd@debian.org>
Date:   Tue Jan 27 07:45:28 2026 +0100

    Merge remote-tracking branch 'origin/salsaforksalsafork'

commit 83f0bff887ee14ea9ac4df6759c821a256bf87c7
Author: Jérémy Lal <kapouer@melix.org>
Date:   Mon Dec 8 00:00:13 2025 +0100

    Update devscripts.pot

commit 8446c22a5d4f970151980937ce14d61fcdfcf1e8
Author: Jérémy Lal <kapouer@melix.org>
Date:   Sun Dec 7 23:59:50 2025 +0100

    Fix stuttering in salsa fork doc

commit 6f7296856e04e6e6456320883477c50807d54298
Author: Nicolas Schodet <nico@ni.fr.eu.org>
Date:   Sat Dec 27 00:38:06 2025 +0100

    salsa: accept dots in token when using a token file

commit 8f2685c8566f6c78193520b4fda87c831f33565c
Author: Dmitry Shachnev <mitya57@debian.org>
Date:   Sun Jan 4 21:52:42 2026 +0300

    uscan: Add ~ to the version for PyPI pre-releases

commit 89871ab623b4c8cc33ee471c7a59599b89fb57e6
Author: Dmitry Shachnev <mitya57@debian.org>
Date:   Sun Jan 4 21:50:49 2026 +0300

    uscan: Remove unused test file
    
    Gbp-Dch: ignore

commit 892e72b27db0056c6a9bc6046039489c7ff32625
Author: Arnaud Rebillout <arnaudr@debian.org>
Date:   Tue Dec 30 11:16:40 2025 +0700

    uscan: Prefer Dist keyword when updating d/watch to v5 (GitHub template)
    
    Before this commit, a watch file for a GitHub project was updated to:
    
        Version: 5
        Template: GitHub
        Owner: foo
        Project: bar
    
    After this commit:
    
        Version: 5
        Template: GitHub
        Dist: https://github.com/foo/bar
    
    It's surely a matter of taste, so let me argue in favor of the second
    form:
    
    * it is more concise
    * it shows the URL of the repo: one can just copy/paste it, grep for it,
      click on it, etc... It is more useful than having Owner and Project
      listed on two separate fields.

commit 4bd0c7f008640030cd2b231146585d542fff591e
Author: Arnaud Rebillout <arnaudr@debian.org>
Date:   Wed Dec 17 14:32:07 2025 +0700

    uscan: Formatting nitpicks in Version4.pm
    
    It seems more readable to have one assignment per line, and it's how
    it's done for other templates.

commit 525012025750beb8be74b5cf35dd32776352baae
Author: Holger Levsen <holger@layer-acht.org>
Date:   Sun Jan 18 12:54:35 2026 +0100

    Start 2.26.6 development.
    
    d/changelog entries will be written on release
    using the git commit messages.
    
    Use 'gbp dch --since v2.26.5 --multimaint-merge'
    to write d/changelog entries since that last release.
    
    Gbp-Dch: ignore
    Signed-off-by: Holger Levsen <holger@layer-acht.org>

Created: 2026-01-08 Last update: 2026-02-16 15:20

20 open merge requests in Salsa normal

There are 20 open merge requests for this package on Salsa. You should consider reviewing and/or merging these merge requests.

Created: 2025-09-17 Last update: 2026-02-11 06:30

1 low-priority security issue in trixie low

There is 1 open security issue in trixie.

1 issue left for the package maintainer to handle:

CVE-2025-8454: (needs triaging) It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-08-09 Last update: 2026-01-20 05:32

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2025-8454: (needs triaging) It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-07-14 Last update: 2026-01-20 05:32

Issues found with some translations low

Automatic checks made by the Debian l10n team found some issues with the translations contained in this package. You should check the l10n status report for more information.

Issues can be things such as missing translations, problematic translated strings, outdated PO files, unknown languages, etc.

Created: 2026-01-08 Last update: 2026-01-08 12:30

news

[rss feed]

[2026-01-20] devscripts 2.26.5 MIGRATED to testing (Debian testing watch)
[2026-01-18] Accepted devscripts 2.26.5 (source) into unstable (Holger Levsen)
[2026-01-18] devscripts 2.26.4 MIGRATED to testing (Debian testing watch)
[2026-01-12] Accepted devscripts 2.26.4 (source) into unstable (Holger Levsen)
[2026-01-10] devscripts 2.26.3 MIGRATED to testing (Debian testing watch)
[2026-01-08] Accepted devscripts 2.26.3 (source) into unstable (Holger Levsen)
[2026-01-07] Accepted devscripts 2.26.2 (source) into unstable (Holger Levsen)
[2026-01-07] devscripts 2.26.1 MIGRATED to testing (Debian testing watch)
[2026-01-04] Accepted devscripts 2.26.1 (source) into unstable (Holger Levsen)
[2026-01-01] devscripts 2.25.33 MIGRATED to testing (Debian testing watch)
[2025-12-29] Accepted devscripts 2.25.33 (source) into unstable (Daniel Gröber)
[2025-12-22] Accepted devscripts 2.25.32 (source) into unstable (Daniel Gröber)
[2025-12-16] Accepted devscripts 2.25.31 (source) into unstable (Holger Levsen)
[2025-12-12] devscripts 2.25.30 MIGRATED to testing (Debian testing watch)
[2025-12-09] Accepted devscripts 2.25.30 (source) into unstable (Holger Levsen)
[2025-12-09] devscripts 2.25.29 MIGRATED to testing (Debian testing watch)
[2025-12-04] Accepted devscripts 2.25.29 (source) into unstable (Holger Levsen)
[2025-12-04] devscripts 2.25.28 MIGRATED to testing (Debian testing watch)
[2025-11-30] Accepted devscripts 2.25.28 (source) into unstable (Holger Levsen)
[2025-11-25] devscripts 2.25.27 MIGRATED to testing (Debian testing watch)
[2025-11-22] Accepted devscripts 2.25.27 (source) into unstable (Holger Levsen)
[2025-11-22] devscripts 2.25.26 MIGRATED to testing (Debian testing watch)
[2025-11-19] Accepted devscripts 2.25.26 (source) into unstable (Jochen Sprickerhof)
[2025-11-08] devscripts 2.25.25 MIGRATED to testing (Debian testing watch)
[2025-11-06] Accepted devscripts 2.25.25 (source) into unstable (Holger Levsen)
[2025-11-05] Accepted devscripts 2.25.24 (source) into unstable (Holger Levsen)
[2025-11-04] devscripts 2.25.23 MIGRATED to testing (Debian testing watch)
[2025-11-02] Accepted devscripts 2.25.23 (source) into unstable (Holger Levsen)
[2025-10-30] devscripts 2.25.22 MIGRATED to testing (Debian testing watch)
[2025-10-29] Accepted devscripts 2.25.22~bpo13+1 (source) into stable-backports (Jochen Sprickerhof)

bugs [bug history graph]

all: 535 552
RC: 0
I&N: 218 226
M&W: 314 323
F&P: 3
patch: 44 47
help: 4
NC: 3

links

lintian
buildd: logs, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (83, -)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.26.5
43 bugs (1 patch)