-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 04 Mar 2018 13:29:37 +0100 Source: lintian Binary: lintian Architecture: source Version: 2.5.77~bpo9+1 Distribution: stretch-backports Urgency: medium Maintainer: Debian Lintian Maintainers <lintian-maint@debian.org> Changed-By: Luca Falavigna <dktrkranz@debian.org> Description: lintian - Debian package checker Closes: 539326 648755 658542 664520 677870 679124 687141 700953 702671 712394 726589 735040 738442 740118 745743 749202 756130 762113 762261 762753 773562 778427 782990 787469 791552 810780 817170 829100 831729 832027 832099 833007 836771 853274 858588 863384 869547 878609 879235 883719 883772 884142 884497 884500 885974 886057 886101 886163 886210 886219 886259 886271 886297 886303 886343 886426 886479 886555 886566 886574 886586 886930 886961 887083 887120 887124 887428 887715 887817 887899 888074 888304 888413 888456 888559 888809 888972 889016 889066 889102 889154 889486 889489 889535 889591 889592 889628 889638 889639 889746 889760 889814 889856 889964 889991 890100 890298 890358 890361 890530 890537 890660 890667 890916 890920 890943 890959 891027 891072 891184 891301 891387 Changes: lintian (2.5.77~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. . lintian (2.5.77) unstable; urgency=medium . * Summary of tag changes: + Added: - built-using-field-on-arch-all-package - missing-built-using-field-for-golang-package - missing-xs-go-import-path-for-golang-package . * checks/control-file.{desc,pm}: + [CL] Apply a patch from Michael Stapelberg to detect Golang packages with invalid or missing Built-Using headers. (Closes: #891072) + [CL] Apply patch from Michael Stapelberg to warn when packages do not specify a XS-Go-Import-Path. (Closes: #891184) * checks/rules.pm: + [CL] Allow rel="generator" and others; they do not cause internet access by default. Thanks to Raphaël Hertzog for the report. (Closes: #891301) * checks/version-substvars.pm: + [CL] Fix a bug in version-substvar-for-external-package parsing to prevent false-positives when the LHS of the binary relation contains a substvar. Thanks to Andreas Beckmann. (Closes: #726589) . * data/common/architectures, etc.: + [CL] Update architecture lists to ensure the inclusion of riscv64. This will change everything. (Closes: #891387) * data/spelling/corrections: + [PW] Add a number of corrections. . lintian (2.5.76) unstable; urgency=medium . * Summary of tag changes: + Added: - debhelper-compat-file-contains-multiple-levels - debian-changelog-line-too-short - unnecessary-source-date-epoch-assignment - upstream-metadata-file-is-missing + Renamed: - co-maintained-package-with-no-vcs-headers -> co-maintained-package-with-no-vcs-fields. - desktop-contains-deprecated-header -> desktop-contains-deprecated-key. - xs-testsuite-header-in-debian-control -> xs-testsuite-field-in-debian-control. - unnecessary-testsuite-autopkgtest-header -> unnecessary-testsuite-autopkgtest-field. - xs-vcs-header-in-debian-control -> xs-vcs-field-in-debian-control. . * General: + [CL] Apply a patch series from Ben Finney to correct inconsistent use of "header" terminology (versus "field", etc.) in descriptions and tag names. Thanks! (Closes: #890959) . * checks/changelog-file.{desc,pm}: + [CL] Warn about changelog files that are too short. Thanks to Adrian Bunk for the suggestion. (Closes: #890920) * checks/cruft.pm: + [CL] Avoid false-positives in Jush's syntax highlighting definition files. + [CL] Avoid a false-positive when matching the fake Lena Söderberg image in libplacebo. Thanks to Thorsten Alteholz for the report. (Closes: #890943) * checks/debhelper.{desc,pm}: + [CL] Warn if packages define multiple compatibility levels in the "compat" file, typically via "echo 11 >> debian/compat" (instead of ">"). * checks/fields.desc: + [CL] Correct a grammatical error and tighten up the language of the "binary-package-depends-on-toolchain-package" tag's description. Thanks to Gregor Herrmann for the report. (Closes: #890530) * checks/init.d.pm: + [CL] Also check for "RUN=" and "DAEMONRUN=" when evalating lines in /etc/default for "init.d-script-should-always-start-service" violations. Thanks to Laurent Bigonville. (Closes: #890916) * checks/rules.{desc,pm}: + [CL] Update override_dh_auto_test-does-not-check-DEB_BUILD_OPTIONS to fix a number of false positives. Thanks to Gregor Herrmann for the report. (Closes: #890537) + [CL] Also check, for example, "override_dh_fixperms-indep" and "override_dh_fixperms-arch" targets for "override_dh_fixperms-does-not-call-dh_fixperms", etc. + [CL] Prevent a large number of false-positives when checking the debian-rules-is-dh_make-template tag. Thanks to Evgeni Golov for the report. (Closes: #890660) + [CL] Check for unnecessary SOURCE_DATE_EPOCH assignments; it is either exported by dpkg >= 1.18.8 or one can include pkg-info.pk, etc. (Closes: #832099) * checks/scripts.pm: + [CL] Prevent some false-positives in udevadm-called-without-guard. * checks/upstream-metadata.{desc,pm}: + [CL] Apply patch from Dylan Aïssi to suggest maintainers add a debian/upstream/metadata file, although downgrade the check to "experimental" level for the time being. (Closes: #833007) * checks/watch-file.pm: + [CL] Use our new $PKGREPACK_REGEX to match and capture the suffix when looking at potential debian/watch mangling issues. . * commands/reporting-html-reports.pm: + [NT] Stop including the uncompressed lintian log in the website as it consumes considerable space for no reason. Consumers should migrate to the compressed variant, which has been around for years and only consumes ~1/20th of the space. . * data/files/python-generic-modules: + [CL] Detect "core" as an overly-generic module name. Thanks to Andreas Beckmann for the report. (Closes: #891027) * data/scripts/interpreters: + [CL] Add cwl-runner (to cwltool) as an interpreter for CWL scripts. Thanks to Michael Crusoe for the report. (Closes: #890667) * data/spelling/corrections: + [PW] Add a number of corrections. . * debian/source/lintian-overrides: + [CL] Drop all the overrides for Lintian itself now that we use the <!nocheck> build profile for the previously-spurious warnings. . * lib/Lintian/Util.pm: + [CL] Factor out the regex that matches "repacked" tarballs based on their filename. * lib/Lintian/Collect/{Changes,Sources}.pm: + [CL] Add repacked subroutines to check whether a package has been repacked or not. . * reporting/templates/maintainer.tmpl: + [CL] Link package entries directly to sources.debian.org. . * t/scripts/changelog-format.t: + [CL] Provide some possibly-helpful advice when violating the "entry header" changelog test. * t/tests/cruft-upstream-binaries: + [CL] Add a testcase to check that symlinked missing-sources do the right thing (re. #890468). . lintian (2.5.75) unstable; urgency=medium . * Summary of tag changes: + Added: - debian-rules-uses-unnecessary-dh-argument - missing-explanation-for-repacked-upstream-tarball - udevadm-called-without-guard . * checks/changelog-file.desc: + [CL] When checking latest-debian-changelog-entry-without-new-version ignore any change of epoch. (Closes: #889991) * checks/debhelper.{desc,pm}: + [CL] Warn when specifying --parallel to dh(1) in compat levels >= 10. Thanks to Nicolas Braud-Santoni for the idea. (Closes: #890358) + [CL] Add a missing verb to the long description of the dh-quilt-addon-but-quilt-source-format tag. * checks/files.pm: + [CL] Tidy logic for detecting allowed rel="" values in <link/> HTML tags. + [CL] Allow rel="canonical" in <link/> HTML tags; they are used by search engines (etc.) and do not cause internet access. (Closes: #762753) * checks/init.desc: + [CL] Improve various parts of the long description for init.d-script-should-always-start-service. * checks/patch-systems.{desc,pm}: + [CL] Avoid false positives when checking for typos by ignoring files or patch descriptions that contain the words "typo" or "spelling". Thanks to Bas Couwenberg for the report. (Closes: #889964) + [CL] Check the first line of the description separately for spelling errors to avoid false-positive duplicate checks across a patch description's synopsis and its body. (Closes: #890100) * checks/python.desc: + [CL] Underline that maintainers do not need to override the new-package-should-not-package-python2-module tag but rather leave a comment in debian/changelog. * checks/scripts.{desc,pm}: + [CL] Check for maintainer scripts that call udevadm without a guard as it can fail within a chroot. (Closes: #890298) * checks/source-copyright.{desc,pm}: + [CL] Emit a pendatic warning for packages with repacked upstream tarballs that lack a Files-Excluded or Comment header in debian/copyright. . * collection/override-file: + [CL] Actually pick the first out of debian/source/lintian-overrides and debian/source.lintian-overrides. Thanks to Thorsten Glaser for the report. (Closes: #890361) . * commands/reporting-html-reports.html: + [NT] Minimize generated SVG files if scour is installed and available in PATH. . * data/spelling/corrections: + [PW] Add a number of corrections. . lintian (2.5.74) unstable; urgency=medium . * Summary of tag changes: + Added: - control-tarball-compression-format - data-tarball-compression-format - debian-rules-is-dh_make-template - init.d-script-should-always-start-service - jar-contains-source - missing-systemd-service-for-init.d-script - source-contains-prebuilt-wasm-binary - spelling-error-in-patch-description - systemd-service-file-refers-to-unusual-wantedby-target + Renamed: - systemd-no-service-for-init-script -> omitted-systemd-service-for-init.d-script - systemd-no-service-for-init-rcS-script -> missing-systemd-service-for-init.d-rcS-script - override_dh_auto_test-does-not-check-DEB_BUILD_PROFILES -> override_dh_auto_test-does-not-check-DEB_BUILD_OPTIONS . * checks/changelog-file.desc: + [CL] Improve the long description of epoch-change-without-comment. Based on suggestions by Raphael Hertzog and Ian Jackson - thanks! (Closes: #889814) * checks/cruft.desc: + [BR] Check for wasm files. (Closes: #889102) + [CL] Factor out call to _ships_examples to avoid excessive looping over $sorted_index. + [CL] Do not emit package-does-not-install-examples if we don't have any binary packages in our laboratory. (Closes: #889591) + [CL] Improve the description of package-does-not-install-examples to give more debhelper advice. + [CL] Assume that if a source package generates a binary ending in "-examples" then it does ship examples. * checks/deb-format.{desc,pm}: + [CL] Add a classification tag for the .deb data tarball compression format. (Closes: #738442) + [CL] Add a classification tag for the control tarball compression format. (Closes: #889856) * checks/fields.pm: + [CL] Avoid false positives when checking binary packages depending on toolchain packages by ignoring packages starting with "dh-" or ending with "-source". Thanks to Josh Triplett for the report. (Closes: #889486) * checks/files.pm: + [BR] Add context for privacy breach in order to improve debugging. * checks/fields.desc: + [CL] Downgrade severity of build-depends-on-obsolete-package from error to warning. (Closes: #889638) * checks/java.{desc,pm}: + [CL] Only warn about bad-jar-name for "public" .jar files. (Closes: #889628) + [CL] Check for .jar files that embed Foo.java alongside a Foo.class file. (Closes: #762113) * checks/init.d.{desc,pm}: + [CL] Warn about packages that use ENABLED="true" (etc.) in /etc/default files. * checks/patch-systems.{desc,pm}: + [CL] Avoid emitting "Can't use an undefined value as an ARRAY reference" warnings when debian/patches is a file, not a directory. (Closes: #889535) + [CL] Check spelling of patch headers. (Closes: #756130) * checks/rules.{desc,pm}: + [CL] Fix a number of false-positives when checking the "override_dh_auto_test-does-not-check-DEB_BUILD_PROFILES" tag (Closes: #889592) + [CL] Make a large number of changes suggested by Mattia Rizzolo to the override_dh_auto_test-does-not-check-DEB_BUILD_PROFILES tag, renaming it to reference DEB_BUILD_OPTIONS throughout, add Debian Policy 4.9.1 to the tag's Ref, lower "Certanty" to "wild-guess" and mark the tag as experimental, updating the tests to match. (Closes: #889746) + [CL] Check for debian/rules files that are dh_make templates. (Closes: #679124) * checks/scripts.desc: + [CL] Improve, elaborate and tidy the long description of the maintainer-script-should-not-use-recursive-chown-or-chmod tag. Heavily based on a patch by Daniel Kahn Gillmor - thanks! (Closes: #889489) * checks/source-copyright.pm: + [CL] Prevent false positives when checking for missing NOTICE.txt files by looking inside .jar archives. (Closes: #889760) * checks/systemd.{desc,pm}: + [CL] Warn about unit files that install to usual WantedBy= targets. Thanks to Sam Morris for the initial patch. (Closes: #817170) + [CL] Rework the no service detection, improving the (rarely overridden) tag names to better match what they detect as well as adding a new "missing-systemd-service-for-init.d-script" pedantic tag where we do not have an equivalent unit as this implies missing bespoke security hardening support, etc. Thanks to Lucas Nussbaum for his input. (Closes: #858588) * checks/udev.pm: + [CL] Add simple GOTO parsing to avoid false positives when checking for udev rules for SUBSYSTEM specifiers. (Closes: #869547, #889639) . * commands/reporting-{html-reports,lintian-harness}.pm: + [NT] Register packages that fail during archive wide processing. . * data/files/privacy-breaker-fragments: + [BR] Detect new fragments for Google CSE. * data/spelling/corrections: + [PW] Add a number of corrections. . * lib/Lintian/Util.pm: + [NT] Give lower processing priority to packages that repeatedly trigger errors during archive-wide processing. . * reporting/templates/index.tmpl: + [NT] Display summary of how many groups had errors during their last processing. * reporting/templates/{lintian.css,maintainer}.tmpl: + [NT] Use a distinct error status instead of "Outdated" for packages with errors during their last processing. . lintian (2.5.73) unstable; urgency=medium . * Summary of tag changes: + Added: - bad-jar-name - binary-package-depends-on-toolchain-package - checksum-count-mismatch-in-changes-file - co-maintained-package-with-no-vcs-headers - description-mentions-planned-features - files-excluded-without-copyright-format-1.0 - global-files-wildcard-not-first-paragraph-in-dep5-copyright - maintainer-script-should-not-use-recursive-chown-or-chmod - missing-explanation-for-contrib-or-non-free-package - multi-arch-same-package-has-arch-specific-overrides - override_dh_auto_test-does-not-check-DEB_BUILD_PROFILES - package-does-not-install-examples - package-uses-deprecated-dpatch-patch-system - package-uses-deprecated-source-override-location - unusual-documentation-package-name . * checks/cruft.{desc,pm}: + [CL] When looking for the source of "build/foo/bar.min.js", also check "src/foo/bar.js". (Closes: #832027) + [CL] Check for upstream tarballs that ship examples but none is installed in any binary package. (Closes: #539326) * checks/debian-source-dir.desc: + [CL] Upgrade severity of missing-debian-source-format from wishlist ("I") to normal ("W"). (Closes: #702671) * checks/description.{desc.pm}: + [CL] Check for packages that mention planned/upcoming features in their long description. (Closes: #782990) + [CL] Improve the description-synopsis-might-not-be-phrased-properly tag also detect multiple sentences and improve the tag description. (Closes: #778427) * checks/changes-file.{desc.pm}: + [CL] Fix an issue where the bad-section-in-changes-file, file-size-mismatch-in-changes-file and checksum-mismatch-in-changes-file tags were not being checked if a package contained an upstream signature. + [CL] Check for inconsistencies between "Files" and Checksums-* sections in .changes files. (Closes: #658542) * checks/cruft.{desc.pm}: + [CL] Add pedantic warning for packages using source.lintian-overrides instead of debian/source/lintian-overrides. * checks/fields.{desc,pm}: + [CL] Add a pedantic warning for co-maintained packages that are not managed in a revision control system. (Closes: #884497) + [CL] Warn about Multi-Arch: same packages that ship architecture-specific Lintian overrides. Thanks to Sebastian Ramacher for the report. (Closes: #787469) + [CL] Check for packages that specify binary dependencies on toolchain packages such as cdbs or debhelper. (Closes: #700953) + [CL] Emit a warning about documentation packages that end with -docs. (Closes: #664520) + [CL] Ensure salsa.debian.org Vcs-Git and Vcs-Browser URIs are canonical and do not redirect. (Closes: #888809) * checks/files.pm: + [CL] Support scanning contents of (eg.) data/files/js-libraries. * checks/java.{desc,pm}: + [CL] Check for .jar files that do not match the Debian Java policy. (Closes: #791552) * checks/patch-systems.{desc,pm}: + [CL] Emit a pedantic warning for packages that are using the dpatch patch system. (Closes: #884500) * checks/rules.pm: + [CL] Check for override_dh_auto_test targets that do not check DEB_BUILD_OPTIONS for "nocheck". (Closes: #712394) * checks/scripts.desc: + [CL] Update the maintainer-script-should-not-use-service tag to include advice and Debian Policy reference. (Closes: #889154) * checks/source-copyright.{desc,pm}: + [CL] Warn about packages that specify a Files-Excluded header without a valid Format header as the former will be ignored by uscan(1). Thanks to Gunnar Wolf for the initial patch. (Closes: #745743) + [CL] Warn when a "Files: *" DEP-5 paragraph exists but it is not the first paragraph. Thank to Christoph Biedl for the report and idea. (Closes: #879235) + [CL] Ask maintainers to add a comment header to debian/copyright if their package is in contrib or non-free. (Closes: #773562) . * commands/reporting-html-reports.pm: + [NT] Add a limit to how many instances of a tag is deplayed on a tag page as 151 000 instances of unstripped-static-library is hardly human readable. . * data/spelling/corrections: + [PW] Add a number of corrections. * data/common/dh_addons: + [CL] Move/create from data/debhelper/dh_addons as we plan to use it elsewhere. * data/debhelper/dh_commands: + [CL] Update requirement for dh_scour (again!) from python3-scour to scour. (Closes: #889016) * data/debhelper/dh_commands-manual: + [NT] Remove dh_systemd* entries. Debian stable have a recent enough version of debhelper that this entry no longer matters. * data/files/fnames: + [CL] Ensure package-contains-python-doctree-file also warns about compressed .doctree files. * data/files/js-libraries: + [CL] Avoid false-positives when detecting Twitter's bootstrap library. (Closes: #888972) * data/files/python-generic-modules: + [CL] Detect "backports" (and "backport") as overly generic Python module names. (Closes: #888559) * data/scripts/maintainer-script-bad-command: + [CL] Warn if the maintainer scripts include "chown -R" or "chmod -R" to prevent hardlink attacks on kernels that do not have fs.protected_hardlinks=1. (Closes: #889066) . * doc/lintian.xml: + [CL] Use the debian/source/lintian-overrides location in override example. . * lib/Lintian/*: + [CL] Add support for passing .buildinfo files to Lintian. (Closes: #853274) . * reporting/templates/tag.tmpl: + [NT] Update template to mention tag limit when not all instances are shown. . lintian (2.5.72) unstable; urgency=medium . * Summary of tag changes: + Added: - debian-rules-uses-deprecated-systemd-override - debian-watch-does-not-check-gpg-signature + Removed: - debian-watch-may-check-gpg-signature . * checks/binaries.pm: + [CL] Avoid a false positive for spelling-error-in-binary that was causing a FTBFS on armhf. (Closes: #888074) + [CL] Drop a duplicate line in spelling-error-in-binary exceptions. + [CL] Move spelling-error-in-binary exceptions to a data file. + [CL] Support binutils 2.29.90.20180122 (vs. 2.29.1) when parsing ELF files for errors as the newer version modified the readelf output. This was causing a testsuite failure when checking the apparently-corrupted-elf-binary tag. (Closes: #888456) * checks/cruft.{desc,pm}: + [CL] Do not emit "license-problem-php-license" when the source comes from pecl.php.net: "The last agreement with FTP Masters was that PHP license is OK when the sources some from PECL repository." (Closes: #810780) + [CL] Allow, for example, debian/missing-sources/foo.js directories to represent the source for foo.js. This is useful when foo.js is the result of concatenating multiple files. (Closes: #836771) * checks/debhelper.{desc,pm}: + [CL] Warn about packages that use about dh_systemd_enable or dh_systemd_start overrides whilst using debhelper compat level 11 as they are no longer being called. (Closes: #887899) + [CL] Include the offending context and line when emitting the brace-expansion-in-debhelper-config-file tag. + [CL] Avoid false positives and remove an existing (incorrect) test for apparent brace expansions in config files that do not include a comma. (Closes: #888304) * checks/fields.pm: + [CL] Also check xfonts-foo for font-package-not-multi-arch-foreign. * checks/files.desc: + [CL] Downgrade extra-license-file from "W" to "I". (Closes: #740118) * checks/patch-systems.{desc,pm}: + [CL] Ignore files called "README" or "README.patches" when checking packages for patch-file-present-but-not-mentioned-in-series. (Closes: #888413) + [CL] Ignore commented-out patches in series files when checking the patch-file-present-but-not-mentioned-in-series tag. + [CL] Check "$vendor.series" (not "series.$vendor") when checking for the patch-file-present-but-not-mentioned-in-series tag. * checks/source-copyright.desc: + [CL] Clarify that paragraph ordering matters in the description of the unused-file-paragraph-in-dep5-copyright tag. (Closes: #762261) * checks/watch-file.{desc,pm}: + [CL] Rename the debian-watch-may-check-gpg-signature tag to debian-watch-does-not-check-gpg-signature to avoid confusion around the "may check" implying that the package in question does such checking and we disapprove of it. Thanks to Andreas Beckmann for the suggestion. (Closes: #735040) . * data/fields/name_section_mappings: + [CL] Ensure xfonts-foo are recognised as part of the "x11" section to match the definition on https://packages.debian.org/en/sid/. (Closes: #878609) * data/spelling/corrections: + [PW] Add a number of corrections. . * debian/control: + [CL] docbook-xml is required to build the documentation, so drop "<!nocheck>" build restriction. * debian/copyright: + [CL] Add missing initials for Gergely Nagy, Sylvestre Ledru and Steve Langasek. (Closes: #831729) . * lib/Lintian/Check.pm: + [CL] Avoid false positives in the spelling-error-in-description (etc.) tags where the repetition is part of an acronym expansion such as "ORA (ORA Recursive Acronym)". (Closes: #883719) . lintian (2.5.71) unstable; urgency=medium . * Summary of tag changes: + Added: - patch-file-present-but-not-mentioned-in-series . * checks/files.pm: + [CL] Ignore Rust .rs files in extra-license-file. (Closes: #887715) * checks/patch-systems.{desc,pm}: + [CL] Check for patch files under the debian/patches that are not mentioned in any series file. Thanks to Paul Wise for the idea. (Closes: #887817) * checks/python.{desc,pm}: + [CL] Don't emit "python-package-missing-depends-on-python" for debug packages + [CL] Include possibility that the file should not even be installed in the description of python-package-missing-depends-on-python. . * data/spelling/corrections: + [PW] Add a number of corrections. * data/rules/rules-should-not-use: + [CL] Add more context to xz-compression-level-too-high tag output. . * lib/Lintian/Collect/Package.pm: + [CL] Fix "Use of uninitialized value in string ne" warnings that would have appeared as part of the src-orig-index handling in 2.5.66. (Closes: #887428) . * t/tests/files-multiarch-foreign-files: + [CL] Only run on amd64. (Closes: #886163) . lintian (2.5.70) unstable; urgency=medium . * checks/python.pm: + [CL] Fix false positives in python-package-missing-depends-on-python for Python 3 packages; we were not checking python3:any or python3-minimal:any. . * data/spelling/corrections: + [PW] Add bumpded -> bumped correction. . lintian (2.5.69) unstable; urgency=medium . * Summary of tag changes: + Added: - insecure-copyright-format-uri - package-contains-file-in-etc-skel - package-contains-python-tests-in-global-namespace - python-package-missing-depends-on-python - xz-compression-level-too-high . * checks/cruft.pm: + [CL] Ignore TeX \section (etc.) titles when checking for GFDL license. Thanks, Norbert Preining for the report. (Closes: #863384) * checks/fields.{pm,desc}: + [CL] Downgrade severity of wrong-section-according-to-package-name from "W:" to "I:". (Closes: #883772) + [CL] Thanks to Niels Thykier, update the description of the orphaned-package-not-maintained-in-debian-infrastructure tag. + [CL] Include the offending uri in the output of the vcs-deprecated-in-debian-infrastructure tag. * checks/python.{pm,desc}: + [CL] Don't emit new-package-should-not-package-python2-module if the maintainer justifies its inclusion in the changelog entry. + [CL] Improve the description and reasoning for the new-package-should-not-package-python2-module tag. + [CL] Include the offending package name when warning about new-package-should-not-package-python2-module. + [CL] Warn about packages that ship Python modules but are missing dependencies on any Python interpreter. (Closes: #887083) + [CL] Remark that new-package-should-not-package-python2-module's appearance on https://lintian.debian.org/ can be ignored. (Closes: #887124) * checks/rules.pm: + [CL] Allow rules-not-should-not-use data-based tags to capture variables and include them in the emitted tag. * checks/source-copyright.{desc,pm}: + [CL] Warn about insecure "Format:" URIs that reference debian.org. Based on a patch by Nicolas Braud-Santoni. (Closes: #886930) * checks/standards-version.pm: + [CL] Include the date the Standards-Version was actually released in the output of the ancient-standards-version and the out-of-date-standards-version tags. . * data/debhelper/*: + [ADB] Refresh. * data/files/fnames: + [CL] Warn about packages that ship (eg.) test_foo.py files in the global Python module namespace. + [CL] Emit an error if packages ship files in /etc/skel. Thanks to Paul Wise for the suggestion. (Closes: #887120) * data/files/fonts: + [ADB] Refresh. * data/fields/name_section_mappings: + [CL] Ensure that NSS (Name Services Switch) modules are placed in the "admin" section. Thanks to Mathieu Parent (sathieu) for the patch. (Closes: #886961) * data/rules/rules-should-not-use: + [CL] Include the assigned value in the Lintian output for the debian-rules-should-not-use-DH_EXTRA_ADDONS tag. + [CL] Detect overly-compressed xz packages. (Closes: #829100) * data/spelling/corrections: + [PW] Add a number of corrections. . lintian (2.5.68) unstable; urgency=medium . * Summary of tag changes: + Added: - dh-quilt-addon-but-quilt-source-format - orphaned-package-not-maintained-in-debian-infrastructure - package-contains-python-hypothesis-example - should-specify-rules-requires-root - vcs-deprecated-in-debian-infrastructure . * checks/changelog-file.pm: + [FL] Fix version parsing for hyphen in upstream versions. * checks/cruft.pm: + [CL] Avoid a false-positive reported by Theppitak Karoonboonyanan when matching autotools-pkg-config-macro-not-cross-compilation-safe by skipping comment lines. (Closes: #886297) + [FL] Fix version parsing for native packages. * checks/control-file.{desc.pm}: + [CL] Check for packages that should specify Rules-Require-Root. (Closes: #886479) * checks/debconf.pm: + [CL] Don't warn about unknown template type "entropy" when a package depends on cdebconf. (Closes: #677870) * checks/debhelper.{desc,pm}: + [CL] Add a check for packages that specify "dh --with quilt" but use the "3.0 (quilt)" source format. Thanks to Mattia Rizzolo for the idea. (Closes: #886566) * checks/fields.pm: + [CL] Warn about orphaned packages that are not maintained in the Debian infrastucture. (Closes: #886057) + [CL] Emit pedantic warnings for packages that refer to a non-Git version control systems hosted in the Debian infrastructure for the upcoming salsa.debian.org migration. (Closes: #885974) + [CL] Include the offending "Bugs" field value in the output of the bugs-field-does-not-refer-to-debian-infrastructure tag. + [CL] Ensure that bugs-field-does-not-refer-to-debian-infrastructure can be overridden by not emitting them for -dbgsym packages. Thanks to Thorsten Glaser for the report. (Closes: #886426) * checks/huge-usr-share.pm: + [CL] Bump arch-dep-package-has-big-usr-share thresholds; they were last set in 2004. (Closes: #648755) * checks/pe.pm: + [CL] Apply a patch from Stephen Kitt to avoid false-positives when checking PE32+ Windows Portable Executable files, additionally dropping the now-unnecessary magic number parsing. (Closes: #886555) * checks/python.{pm,desc}: + [CL] Don't warn about django-package-does-not-depend-on-django for -doc packages, etc. + [CL] Lower the severity of the "dependency-on-python-version-marked-for-end-of-life" tag from normal ("W:") to wishlist ("I:") as it is not necessarily actionable by the maintainer. This reverts bug #883581. (Closes: #886259) + [CL] When checking for a Python 3 variant of a Python 2.x package also consider any package that declares a binary dependency on the ${python3:Depends} substvar to catch packages that have been renamed. Thanks to Scott Kitterman for the report. (Closes: #886303) * checks/rules.pm: + [CL] Also allow $(overridden_command) when checking for the override_dh_fixperms-does-not-call-dh_fixperms etc. tags. * checks/scripts.desc: + [CL] Also mention Recommends and Suggests in the opening paragraph of python-script-but-no-python-dep. (Closes: #687141) * checks/shared-libs.pm: + [CL] Skip Objective-C libraries for the no-symbols-control-file tag as instance/class methods do not appear in the symbol table. Thanks to Yavor Doganov for the report and help. (Closes: #749202) * checks/source-copyright.desc: + [CL] Avoid false positives for missing-notice-file-for-apache-license by also looking for files with a .txt extension in binary packages. Thanks to Ferenc Wágner for the report. (Closes: #886343) * checks/standards-version.desc: + [CL] Downgrade severity of out-of-date-standards-version from normal ("W:") to wishlist ("I:"). (Closes: #886210) * checks/watch-file.pm: + [CL] Apply patch from Carlos Maddela <e7appew@gmail.com> to prevent false-positives when options contain escaped quotation marks. (Closes: #886574) . * collection/src-orig-index: + [CL] Return the replaced string after injecting any tarball prefix (ie. "foo/bar\n"), not Perl's result of the replacement (ie. "1"). (Closes: #886586) . * data/common/dbg-pkg: + [CL] Identify both python-foo-dbg and python3-foo-dbg as known debug packages to avoid a false-positive for the former when checking for debian-control-has-obsolete-dbg-package. (Closes: #886271) * data/files/fnames: + [CL] Warn about packages that ship (non-reproducible) Python Hypothesis examples. (Closes: #886101) + [CL] Only test for packages shipping gschemas.compiled files in usr/share/glib-*/schemas as it is valid for packages to generate schemas at build time. Thanks to Jonathan Carter (highvoltage) for the followup. (Closes: #884142) * data/spelling/corrections: + [PW] Add a number of corrections. * data/standards-version/ancient-date: + [CL] Change the policy of "ancient-standards-version" to "a release of Policy from the previous stable release cycle" and update the value to match. (Closes: #886219) . * reporting/templates/maintainer.tmpl: + [CL] Make the previously-hidden package anchor links visible so that one can right-click and copy the URL instead of constructing it manually. . * t/tests/files-multiarch-foreign-files: + [CL] Ensure that we install to a multiarch directory on all architectures to prevent a FTBFS on, for example, i386. (Closes: #886163) Checksums-Sha1: 34446b28fa1e756f87d99c444cd24bff6df76273 3533 lintian_2.5.77~bpo9+1.dsc f2f2a9d636b51c7967aab3c36b20bd9882af8f45 1541736 lintian_2.5.77~bpo9+1.tar.xz 8157aa0df985b7ec067dda47053ef1ae3b819469 16753 lintian_2.5.77~bpo9+1_amd64.buildinfo Checksums-Sha256: dec2970fdbeef5d51794f4a108f2651ec77ab4afc374ec303cd847612a45ca40 3533 lintian_2.5.77~bpo9+1.dsc 0c6355905f99c5fd6f147de0483ceb08600922f6f419f0cb0150a0f174d037a8 1541736 lintian_2.5.77~bpo9+1.tar.xz 1245950e0b7eeed389ab925fbd25e37887be9eb8d80fa50f327a70b4f39f296a 16753 lintian_2.5.77~bpo9+1_amd64.buildinfo Files: 5e3182cb7d8289eb7649bda64b8fe750 3533 devel optional lintian_2.5.77~bpo9+1.dsc c5ab143f0dc1e412f22ad4f5c092676d 1541736 devel optional lintian_2.5.77~bpo9+1.tar.xz f5707cd645566f943ddc8e99a0e87d60 16753 devel optional lintian_2.5.77~bpo9+1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE3cU+UTD9CCI/mJRWSQhq0+vi8x8FAlqb66IACgkQSQhq0+vi 8x8Khw/+OfF5m1NYxqSTDiEhw9q2TqoLO8xD7PQ/V5yg6p/C4ckuEUH4dPlj5Fyr mQ+RVaZM9wBB5A5/YQIjEU9aY11jO27sdq7bs3Phe4EoyNT6gt3BDexPeeTu2G+G vH4zbdVGjdM9qs+uSnxQjRRdgBHEDD7gqDW2hvXYImo1IUMqhcyftRqqlFHAXjaA 4iAdaYqG8i0hd9Yb83/k6yCOWn4PXBmPUJvrwWSJe6/7VU1nwcdp8vfREb4RECEW 9NT364mJLWmXpS4TqqY1/+Sx6Ioy2aFYiQDMgZdWbFB7fV3WufaRgLY3K9Q4bkrM 92cP3n/rlgozqq/8VL7Pc27Ry++v+Ee8MZXtSnu0AcgifWy84JtLq7H0WB94omiX qz5LI9Sa5zkDQOKq5KaoGmX375bx1YePAxflg1xsyJDuxTniKIyjxYIIRWcl0H29 KM8BmFajKwQXToc2HbUA+vd85pNcS+EkXECK8Guh+PxLAwOSSLk623Md04xXMlxo uQ1n3d2RG8rl6bGOLpjHMtdHRk4erPX2wQTKYHYJaBXGEeCGIYKp7FX9ysd2KJxK VSJjmAPoSjBT6LnYHsp6FPKFdxYlF4sr0dhLry2rU6Wm9f3K6PNVX2kpf+9IQIvL ygAdWJXwevPFZIupRnID3mx4dr7gLayKJGk0h6dnU0DC01dNq7s= =3XFU -----END PGP SIGNATURE-----
