Accepted lintian 2.5.67~bpo9+1 (source all) into stretch-backports
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 07 Jan 2018 11:26:38 +0100
Source: lintian
Binary: lintian
Architecture: source all
Version: 2.5.67~bpo9+1
Distribution: stretch-backports
Urgency: medium
Maintainer: Debian Lintian Maintainers <lintian-maint@debian.org>
Changed-By: Luca Falavigna <dktrkranz@debian.org>
Description:
lintian - Debian package checker
Closes: 601323 637473 660718 673734 710656 741071 750537 769365 782277 788991 793406 794295 806237 810204 812756 813525 833613 834290 837548 864999 882684 884142 884165 884296 884408 884503 884559 884572 884655 884676 884678 884683 884699 884785 884798 884817 884848 885042 885096 885106 885327 885621 885693 885790 885899 885910 885968
Changes:
lintian (2.5.67~bpo9+1) stretch-backports; urgency=medium
.
* Rebuild for stretch-backports.
.
lintian (2.5.67) unstable; urgency=medium
.
* Summary of tag changes:
+ Added:
- debian-rules-should-not-use-DH_EXTRA_ADDONS
- debian-watch-could-verify-download
- invalid-date-in-debian-changelog
- override_dh_fixperms-does-not-call-dh_fixperms
.
* checks/apache2.{desc,pm}:
+ [CL] Include the offending filename and line number in the output of
apache2-deprecated-auth-config and apache2-unparsable-dependency.
+ [CL] Avoid false positives in apache2-deprecated-auth-config where
the offending lines are wrapped in suitable "IfModule" or "IfVersion"
directives. (Closes: #788991, #710656)
* checks/changelog-file.{desc,pm}:
+ [CL] Warn about changelog entries that have incorrectly formatted
dates. (Closes: #793406)
* checks/files.pm:
+ [CL] Split out python-module-has-overly-generic-name regular
expression into a data file.
+ [CL] Don't warn about extra license files installed via Sphinx.
Thanks, Stuart Prescott! (Closes: #885968)
* checks/python.pm:
+ [CL] Prevent false positives when checking for Python {2,3} packages
that depend on Python {3,2} packages when the package being depended
on ends with -doc. We were previously only catching the case for
dependencies *from* packages with such names. (Closes: #885693)
+ [CL] Also ignore -doc, -docs, -dev, -common and -tools packages for
intra-Python variant dependency checking, python-but-no-python3, etc.
+ [CL] Drop parens in depends-on-package-from-other-python-variant
output.
+ [CL] Refactor django-package-does-not-depend-on-django check to
correctly check Django packages called python2-django-foo.
* checks/rules.{desc.pm}:
+ [CL] Suggest using /usr/share/dpkg/architecture.mk as a solution to
debian-rules-sets-dpkg-architecture-variable rather than simply
replacing assignments with ?=. Thanks to Helmut Grohne for the
suggestion.
+ [CL] Include the line number when warning about instances of
override_dh_clean targets that are missing calls to dh_clean.
+ [CL] Apply patch from Paul Tagliamonte to check for files
that use DH_EXTRA_ADDONS. Thanks! (Closes: #885790)
+ [CL] Update $PYTHON3X_DEPEND to prevent false positives in
missing-python-build-dependency. (Closes: #750537)
+ [CL] Refactor check for override_dh_clean-does-not-call-dh_clean
tag into a loop.
+ [CL] Check for override_dh_fixperms targets that are missing calls
to dh_fixperms. (Closes: #885910)
* checks/scripts.pm:
+ [CL] Include the offending/unknown shebang in the output of various
interpreter-related tags. (Closes: #673734)
* checks/source-copyright.desc:
+ [CL] Also mention that we check for NOTICE.gz files when looking for
Apache 2.0 packages that do not distribute their accompanying NOTICE
file.
* checks/watch-file.{desc,pm}:
+ [CL] Apply patch from Felix Lechner <felix.lechner@lease-up.com> to
check for packages where an upstream signature exists but is not
being used. (Closes: #885621)
.
* data/fields/name_section_mappings:
+ [CL] Ensure that PAM modules are placed in the "admin" section,
additionally preventing a false positive for libpam-krb5 which was
being caught by a "libfoo1" => "libs" entry. (Closes: #885899)
* data/files/python-generic-modules:
+ [CL] Add "examples".
* data/spelling/corrections:
+ [PW] Add a number of corrections.
* data/standards-version/release-dates:
+ [CL] Correct date(1) invocation example in comment.
+ [CL] Add 4.1.3 as a known standards version.
.
* debian/control:
+ [CL] Declare compliance with Debian Policy 4.1.3.
+ [CL] Mention Debian Policy 4.1.3 in long package description.
.
lintian (2.5.66) unstable; urgency=medium
.
Merry Christmas!
.
* Summary of tag changes:
+ Added:
- autotools-pkg-config-macro-not-cross-compilation-safe
- bugs-field-does-not-refer-to-debian-infrastructure
- mismatched-python-substvar
- missing-notice-file-for-apache-license
- override_dh_clean-does-not-call-dh_clean
- package-contains-python-doctree-file
- pkg-config-unavailable-for-cross-compilation
- portable-executable-missing-security-features
- python-package-depends-on-package-from-other-python-variant
- vcs-fields-use-more-than-one-vcs
.
* checks/*.desc:
+ [CL] Standardise on capital-L "Lintian" in tag descriptions.
Thanks to Adam D. Barratt for the suggestion.
* checks/cruft.{pm,desc}:
+ [CL] Check for packages that invoke AC_PATH_PROG without considering
cross-compilation. Thanks to Helmut Grohne for the idea and
proof-of-concept implementation. (Closes: #884798)
* checks/fields.{pm,desc}:
+ [CL] Emit a wishlist warning for packages that mix-and-match more
than one version control system in Vcs-* headers. (Closes: #884503)
+ [CL] Warn when packages specify a "Bugs" field in debian/control that
does not refer to official Debian infrastructure as this can make
reportbug unable to report bugs. (Closes: #741071)
* checks/files.{pm,desc}:
+ [CL] Warn maintainers about packages that ship pkg-config files under
/usr/lib/pkgconfig as they are unavailable under cross-compilation.
Thanks to Helmut Grohne for the idea. (Closes: #885096)
+ [CL] Warn about packages that ship non-reproducible Python .doctree
files. (Closes: #885327)
+ [CL] Factor out simple filename checks into a Lintian::Data variable.
* checks/init.d.{pm,desc}:
+ [CL] Don't emit init.d-script-needs-depends-on-lsb-base if the
package ships a Systemd service file. (Closes: #864999)
* checks/lintian.desc:
+ [CL] Also note that unused-override can be triggered if Lintian
adds/modifies supplementary tag metadata.
* checks/obsolete-sites.pm:
+ [CL] Ignore commented-out lines to avoid false-positives where the
maintainer references the old location. (Closes: #806237)
* checks/pe.{pm,desc}:
+ [CL] Check for Microsoft Windows Portable Executable (PE) files that
are missing security hardening features. Thanks to Petter
Reinholdtsen for the report. (Closes: #837548)
* checks/python.{pm,desc}:
+ [CL] Warn about Python 2.x packages using ${python3:Depends} and
Python 3.x packages using ${python:Depends}. Thanks to Mattia
Rizzolo for the idea. (Closes: #884676)
+ [CL] Factor out definition of dependency fields.
+ [CL] Warn about Python 3 packages that depend on Python 2 packages
and vice versa. (Closes: #782277)
* checks/rules.{desc,pm}:
+ [CL] Check for override_dh_clean targets that are missing calls to
dh_clean. Thanks to Andreas Beckmann for the idea. (Closes: #884817)
* checks/standards-version.pm:
+ [CL] Avoid misleading tag descriptions when emitting valid
timewarp-standards-version warnings if the date parts are identical
(ie. "2017-11-30 < 2017-11-30"). Thanks to Andrea Bolognani
eof@kiyuko.org> for the report. (Closes: #884785)
* checks/scripts.pm:
+ [CL] Prevent a false positive in the
possibly-insecure-handling-of-tmp-files-in-maintainer-script tag by
detecting XXX-like mktemp(1) templates. (Closes: #601323)
* checks/source-copyright.{desc,pm}:
+ [CL] Check for Apache 2.0 packages that do not distribute their
accompanying "NOTICE" files. (Closes: #885042)
+ [CL] Use the list of files in the orig tarball (rather than in the
regular index) to prevent false positives when checking for the
source-includes-file-in-files-excluded tag when a patch system
re-adds files that were removed. (Closes: #884848)
.
* collection/src-orig-index:
+ [CL] Correct references to generated filename.
+ [CL] Update bitrotted calls to Lintian::Command:spawn.
.
* data/debhelper/compat-level:
+ [MR] Bump the experimental debhelper compat level to 12.
(Closes: #884678)
+ [CL] Bump the recommended debhelper compat level to 11, emitting a
pedantic warning when using lower level. (Closes: #884699)
* data/debhelper/dh_commands:
+ [CL] dh_scour is now provided by python3-scour, not python-scour.
Thanks to Jeremy Bicha. (Closes: #885106)
* data/files/js-libraries:
+ [CL] Detect embedded jQuery libraries with version number in their
filenames (eg. jquery-1.10.2.min.js). (Closes: #833613)
+ [CL] Also emit embedded-javascript-library for Twitter Bootstrap and
"mustache".
* data/files/php-libraries:
+ [CL] Avoid a embedded-php-library false positive for streams.php.
(Closes: #637473)
* data/spelling/corrections:
+ [PW] Add a number of corrections.
.
* debian/compat:
+ [NT] Bump debhelper compat level to 11.
* debian/control:
+ [CL] Tag relevant build-dependencies with <!nocheck>.
+ [NT] Bump versioned Build-Dependency on debhelper to 11~.
.
* lib/Lintian/Collect/{Package,Source}.pm:
+ [CL] Don't require that src-orig-index.gz actually contains any files
rather than faking an entry.
.
* reporting/templates/maintainer.tmpl:
+ [CL] Correct invalid "else if" syntax with "elsif". Thanks to Uwe
Kleine-König for the report.
.
* t/tests/fields-malformed-vcs-fields-unrel:
+ [CL] Add a regression test for a potential false positive in the
"vcs-field-has-unexpected-spaces" tag. (Ref: #884870)
* t/tests/files-multiarch-foreign-files:
+ [CL] Don't hardcode architecture triplet to fix FTBFS on non-amd64
architectures. (Closes: #884683)
* t/scripts/implemented-tags.t:
+ [CL] Exclude some tests in this coverage check now that they are
specified in a data file rather than in the code itself.
.
lintian (2.5.65) unstable; urgency=medium
.
* t/tests/files-pkgconfig:
+ [CL] Update tests to reflect change in Multi-Arch foreign detection.
.
lintian (2.5.64) unstable; urgency=medium
.
* checks/files.pm:
+ [CL] Apply patch from Sven Joachim to prevent false-positives
multiarch-foreign-static-library for non-multiarch packages.
(Closes: #884655)
.
* reporting/templates/maintainer.tmpl:
+ [CL] Don't link full report entries to themselves. (Closes: #884572)
+ [CL] Link to the package's short report entry from the "full" version
if it isn't empty.
.
lintian (2.5.63) unstable; urgency=medium
.
* Summary of tag changes:
+ Added:
- development-package-ships-elf-binary-in-path
- excessive-priority-for-library-package
- multiarch-foreign-cmake-file
- multiarch-foreign-pkgconfig
- multiarch-foreign-static-library
- package-contains-compiled-font-file
- package-contains-compiled-glib-schema
.
* checks/binaries.{pm,desc}:
+ [CL] Add an experimental check for development packages that ship
ELF binaries in $PATH. Host architecture binaries are generally not
executable so such files are useless for cross builds.
(Closes: #794295)
* checks/cruft.desc:
+ [CL] Add debian/changelog to the file-contains-trailing-whitespace
example to make it even easier to copy-paste.
* checks/fields.{pm,desc}:
+ [CL] Warn about library packages with excessive priority. Thanks to
Josh Triplett for the report. (Closes: #834290)
* checks/files.{pm,desc}:
+ [CL] Warn about Multi-Arch: foreign packages that ship CMake,
pkg-config or static libraries in public, architecture-dependent
search paths. Thanks to Helmut Grohne for the initial patch and
report. (Closes: #882684)
+ [CL] Raise the certainty of multiarch-foreign-shared-library from
"wild guess" to "possible" on the suggestion of Helmut Grohne.
+ [CL] Test for packages shipping "gschemas.compiled" files. Thanks
to Andreas Beckmann for the idea. (Closes: #884142)
+ [CL] Warn if a package ships compiled font files. Thank you to
Andreas Beckmann for the report. (Closes: #884165)
* checks/python.pm:
+ [CL] Also check for packages installing modules called "site" or
"docs" into the global namespace. (Closes: #769365)
* checks/scripts.desc:
+ [CL] Update description of python-script-but-no-python-dep to refer
to ${python3:Depends}. Thanks to Mattia Rizzolo. (Closes: #660718)
+ [CL] Prevent a false-positive in missing-dep-for-interpreter by
matching ABI-versioned virtual packages for Erlang. Thanks to
Jean Parpaillon for the report. (Closes: #810204)
* checks/source-copyright.desc:
+ [CL] Update description of source-includes-file-in-files-excluded
to clarify the potential problem and to reference the relevant
wishlist bug against git-buildpackage.
* checks/python.pm:
+ [CL] Clarify that new-package-should-not-package-python2-module
triggers when there is a single changelog entry as well as providing
general guidance where upstreams have not ported to Python 3 yet.
.
* commands/lintian.pm:
+ [CL] Correct parsing of "jobs=42" in lintianrc. If specified, it
would be coerced to a boolean resulting in a value of 1.
+ [CL] Allow the tag display limit to be configured via the
"--tag-display-limit" command-line argument or "tag-display-limit"
in lintianrc. (Closes: #813525)
+ [CL] Make -v imply --no-tag-display-limit. (Closes: #812756)
.
* data/files/privacy-breaker-fragments:
+ [CL] Don't match, for example, "FB.login()" when used as a
documentation example. (Closes: #884296)
* data/spelling/corrections:
+ [PW] Add a number of corrections.
.
* doc/lintianrc.example:
+ [CL] Add missing "jobs" entry.
.
* profiles/pureos/main.profile:
+ [CL] Add a profile for Purism's PureOS. (Closes: #884408)
.
* reporting/images/*.png:
+ [CL] Apply patch from Ville Skyttä that runs the .PNG files through
the "zopflipng" minimiser tool to save space. (Closes: #884559)
.
* reporting/templates/maintainer.tmpl:
+ [CL] Add links from each maintainer page (which does not include
pedantic tags, etc.) to the corresponding package on the full report.
Thanks to Paul Wise for the idea and report. (Closes: #884572)
.
* vendors/pureos/main/data/changes-file/known-dists:
+ [CL] Add data file for PureOS.
Checksums-Sha1:
f1f2a736486353b69948717caa9a8f97fae8e1fb 3544 lintian_2.5.67~bpo9+1.dsc
1c13d9ab9aa2edc9159a13f508ffe63656af7975 2615464 lintian_2.5.67~bpo9+1.tar.xz
05fcba7500c7fe7a98676e195133cf0469effef6 1085012 lintian_2.5.67~bpo9+1_all.deb
4a7f30858efc47733a6f1ce89a7e73d494a18e11 16557 lintian_2.5.67~bpo9+1_amd64.buildinfo
Checksums-Sha256:
30796519a22e8605ad22c58df6303037f2ad9378c8622054b432dcfe029fcd13 3544 lintian_2.5.67~bpo9+1.dsc
74f1a107c14b32fb5e351add3750d6ece2ef50f5cc1563ec16e336bb7405846d 2615464 lintian_2.5.67~bpo9+1.tar.xz
c1f35bd6dabc4d9aace01c8ae2e0e10a79a042d321e997b107d85ba70733b833 1085012 lintian_2.5.67~bpo9+1_all.deb
d7c0d12ef7b4f547c716ef93ce44a81faa3404b6c7d402318ac70e3a7746e12f 16557 lintian_2.5.67~bpo9+1_amd64.buildinfo
Files:
6222a63e7d97b4454b1fdeeb7e0175de 3544 devel optional lintian_2.5.67~bpo9+1.dsc
88104ef40331611aeb59b5b3e3256041 2615464 devel optional lintian_2.5.67~bpo9+1.tar.xz
b59d5aff9cbf2d87816877b21d6550d5 1085012 devel optional lintian_2.5.67~bpo9+1_all.deb
0818405ac8a117494bbf0ab72864c727 16557 devel optional lintian_2.5.67~bpo9+1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE3cU+UTD9CCI/mJRWSQhq0+vi8x8FAlpR+W8ACgkQSQhq0+vi
8x9Eow/8DC2URGepl8HdwzpRewzFuV4u6WkyHp5coiNpHTxEywTuCQU5V3DSo0CS
VGnhncmxqOrtvRFR5zk/Lng62DL/3I/MFJQNK/8f3V0Q9ASCJyApYfDfO0k0dGEp
AC8mbFRbcD4yQlnBOWGrXTydv8eXp8nkrm1VfywDOWblnkhf2EZu/VcCJLKNO7FP
ls+Irs6z7GTv+h0OSa0Dunyn/GkavW3snm4t4dVBR7IxscQUg/xvduy/8J+xWJIe
G9N6zjhaOJak2wgZFfjeMN8yYeK0UUPLB9XIMYyaB1+DyUywQ4WYiNrHtTaH0mt8
qmDoaX+ITfptdM0+GLfVQRMZWeOAelBqo9bUIFGJDuNAVM/kldPkCfV72uAzN6SZ
TEFKTbxs8JWEckOIV1jZ5jy5yxQj2uSWqUAAx8SPm5kOK7wpE8P79a1Iur8VXKOD
TET2tCJkriQaZXvjFaY5jxNg+86seaMwGK0UHnXggzkQ/sIDr6WfD+P4bf476E2V
KnOuxu4hGLK4/M4GrXmrBhr6ekM62+ZjWUmRREezcvQFluNphw8sS7hdkB5jmtA+
1d8saUJMGSrAT3qJFuCpAek1nsfr9zqgnBvt+4b8AIEuesuZ0+f5s4jr/IO7xrZn
Cg6V4Bk5LwZXc4M7ruai5B1IaT0Zzycu1qsIgnUQMl3gknpdkV0=
=a34o
-----END PGP SIGNATURE-----
Reply to: