Hi!
I stumbled upon a set of packages, all with some common errors, and
I'm about to file a largish number of bugs about these. Provided that
the general opinion is that it is justified.
Below, I'll try to summarise what I found, categorised by type of the
bug.
debian/copyright problems
=========================
In the following packages, debian/copyright does not include a
verbatim copy of their copyright and distribution license, nor any
pointers to /usr/share/common-licenses/{Artistic,GPL} or
/usr/share/doc/perl/copyright.
Since including a verbatim copy of the _whole_ license (with the
exception that in case of the GPL and some other selected licenses,
for which a pointer is enough) is a must, I believe this is at least
an important bug.
So, the packages with this kind of problem: libapache-db-perl,
libbusiness-onlinepayment-perl, libcrypt-hcesha-perl,
libdate-pcalc-perl, libdbix-datasource-perl, libdbix-dbschema-perl,
libdbix-profile-perl, libdbix-searchbuilder-perl,
libdns-zonerparse-perl, libfile-rsync-perl,
libhtml-widgets-selectlayers-perl, libhttp-browserdetect-perl,
liblog-dispatch-perl, libmldbm-sync-perl, libnet-scp-perl,
libnet-ssh-perl, libstring-approx-perl, libtext-wrapper-perl,
libtie-ixhash-perl, libtime-duration-perl.
binary-arch VS Arch: all
========================
Some of the packages are fully Architecture: all, yet, they build the
.deb in the binary-arch target. Since policy states that
`binary-arch' builds the binary packages which are specific to
a particular architecture, and `binary-indep' builds those
which are not.
I consider this a policy violation, therefore a serious bug.
(Hint: one shouldn't follow the dh_make template blindly. A little
thought is always a good thing.)
The list of victims, who were caught to do this:
libbusiness-creditcard-perl, libbusiness-onlinepayment-perl,
libcrypt-hcesha-perl, libdate-pcalc-perl, libdbix-datasource-perl,
libdbix-dbschema-perl, libdbix-profile-perl,
libdbix-searchbuilder-perl, libdns-zoneparse-perl, libfile-rsync-perl,
libfreezethaw-perl, libhtml-widgets-selectlayers-perl,
libhttp-browserdetect-perl, liblog-dispatch-perl, libmldbm-sync-perl,
libnet-scp-perl, libnet-ssh-perl, libterm-query-perl,
libtext-wrapper-perl, libtie-ixhash-perl, libtime-duration-perl,
libarray-printcols-perl, libbind-confparser-perl.
README.Debian vs debian/copyright
=================================
Some of the packages have information in README.Debian that belongs to
debian/copyright. For example, the name of the maintainer who put the
package together. (Policy says that debian/copyright should mention
the Debian maintainer)
Since this is only a should in policy, I'd consider this wishlist or
normal bugs. Probably wishlist only.
The affected packages: libapache-db-perl, libbusiness-creditcard-perl,
libbusiness-onlinepayment-perl, libcrypt-hcesha-perl,
libdate-pcalc-perl, libdbix-datasource-perl, libdbix-dbschema-perl,
libdbix-searchbuilder-perl, libdns-zoneparse-perl, libfile-rsync-perl,
libfreezethaw-perl, libhtml-widgets-selectlayer-perl,
libhttp-browserdetect-perl, liblog-dispatch-perl, libmldbm-sync-perl,
libnet-scp-perl, libnet-ssh-perl, libstring-approx-perl,
libterm-query-perl, libtext-wrapper-perl, libtie-ixhash-perl,
libtime-duration-perl, libbind-confparser-perl,
libarray-printcols-perl.
libdbix-profile-perl has this problem also, and its README.Debian
includes a brief summary of changes made to the upstream
sources. According to policy, these should also go to
debian/copyright.
Spurious files
==============
The packages listed below contain files which were automatically
generated at build time, and weren't cleaned properly.
libdbix-datasource-perl (contains Makefile and Makefile.old, built
from Makefile.PL)
libdbix-profile-perl (contains Makefile and Makefile.old)
libnet-scp-perl (contains debian/substvars)
Since these are Arch: all packages, they won't get rebuilt by
autobuilders, and these files won't cause any problems. In other
cases, they might be harmless too, I didn't check. But they should be
cleaned anyway, so this warrants a normal bug in my opinion.
Other things I'd nitpick about
==============================
Among other things, many of the packages mentioned above contain
"Emacs local variables" in debian/copyright, which is discouraged, and
afaik lintian warns about it. I might file a minor bug about those
too.
Well, that is it for today. Because I'm tired and have better things
to do, I won't rant about the quality of these packages now.
Cheers,
--
Gergely Nagy
Attachment:
pgpyJg9lbiohQ.pgp
Description: PGP signature