I believe that the way an NMU upload is determined is error-prone. For example: Maintainer: Wesley W. Terpstra <terpstra@debian.org> Changed-By: Wesley W. Terpstra (Debian) <terpstra@debian.org> will result in a NMU upload. I understand that the strings do not compare to equality and that the gpg key encodes the personal name. I also agree that I should have noticed this before dupload. However, this error is (at least for me) a common one since I build my .debs from either work/home in various chroots. Sometimes, dch slips it past me since I am only editting the '* ...' lines. This results in my bugs not getting closed properly. I believe there are at least a couple of solutions. 1. lintian Add a lintian warning like: W: Non-maintainer uploaded package I believe this would help developers notice their mistake. I also think that this SHOULD be a warning. An NMU'd package is quite possibly not as high quality since the non-maintainer is likely not conversant with all the issues of the package. Users should be warned if they check it with lintian. Add a lintian error like: E: Non-maintainer uploaded package with identical email address I believe this would help developers notice their mistake. I can not think of any case where this is NOT an error. Add a lintian error like: E: Non-maintainer uploaded package with similar personal name Catch the case where wrong email address got in there. Ignore anything in ()s, so "foo (bar) <foo@baz.com>" "foo <foo@taz.de>" will trigger this. Hence, my above example would trigger both errors and the warning. W: Non-maintainer uploaded package E: Non-maintainer uploaded package with identical email address E: Non-maintainer uploaded package with similar personal name 2. the upload system Simply compare only the email address fields. gpg can still find keys with only the email address... --- I believe the lintian errors should definitely be added. I am not so sure about the lintian warning. Would a warning on every NMU wreck any of the automated tools? I believe that at least the philosophy is correct. I know that this would make uploads for other architectures give a warning, but a special case should be added there since the source package DID come from the maintainer, and the ported upload did come from the port maintainer. As for the change to what defines an NMU to only compare email addresses, I expect that this might break automated tools. However, if not, I think it is a good idea to change this and still have the lintian errors. This way even if the maintainer missed the E: / W: warning, at least the bugs get closed properly. --- There aren't two maintainers with the same maildrop right? :-) Are there two "John Smith"s or some such? Even if there are, the odds that they work on the same package... justifies an error. --- Wes
Attachment:
pgpQQ6OxeM1Bl.pgp
Description: PGP signature