Am 03.07.2018 um 23:31 schrieb Gerardo Ballabio:
> Hello Markus and all,
> I've built the Galois package and would like to post it for review
> (it's my first attempt at packaging so feel free to use the
> cluestick).
Hello,
Phil has already answered some of your questions. Here is some
additional input from me.
> May I ask a few questions:
> - Where can I post it?
https://mentors.debian.net/intro-maintainers
Point 4.
> - What do I need to post? Only the debian directory (.debian.tar.xz
> file)? The full source package (.debian.tar.xz, .dsc, .orig.tar.gz)?
> The binary package too?
The full source package. If you follow point 4, you can upload your
package to mentors with dput.
> - I listed myself as Maintainer. If you wish, I am willing to give it
> to Debian Games Team instead. In that case I guess I should list
> myself as Uploader?
Both is fine. If you want to put your package into a team, then you must
list yourself as uploader and the team as the maintainer.
> - The package isn't signed; I haven't yet generated a GPG key and had
> it signed by Debian Developers. Is that something that I should do
> before posting the package, or can I do it later (of course before the
> actual upload to Debian)?
You need a GPG key for uploading to mentors but it doesn't have to be
signed. Your sponsor (Debian developer) will sign the package later and
upload it to the archive.
> - Not having a machine running unstable, how can I test the binary
> package? I downloaded a live image of testing from
> https://cdimage.debian.org/cdimage/weekly-live-builds/amd64/iso-hybrid/
> (there seems to be no live image of unstable) and tested inside it
> (works good as far as I can see), but maybe there's a better way?
You could use schroot to install an unstable chroot environment or
install some kind of virtual machine. A live cd also works. I assume
that galois doesn't have that many build-dependencies and if there is
not much difference between the libraries in unstable and your Debian
version, you can also compile and test it on your local machine. I
recommend to use schroot though because it is easy to set up and keeps
the rest of your system tidy.
> Please also advise what I should do with these lintian warnings (all
> at wishlist severity):
> - testsuite-autopkgtest-missing
I suggest to ignore that for now unless you want to implement and
maintain a testsuite for your game. I think this is rather a topic for
more experienced maintainers who want to improve the test coverage of
their packages. It's probably overkill for a simple game.
> - hardening-no-bindnow usr/games/galois
> I couldn't find how to add the required flags. I tried adding
> "export DEB_BUILD_MAINT_OPTIONS = hardening=+all" to debian/rules
> (copied from another package) but the warning didn't disappear.
I will have to look at your package first to solve this one. It also
depends on the build system.
> - extra-license-file usr/share/gnome/help/galois/C/gpl.dbk
> - extra-license-file usr/share/gnome/help/galois/it/gpl.dbk
> Lintian says that all license information should be collected in
> debian/copyright, but these copies of the GPL are contained in the
> upstream source tarball (they're part of the documentation). I'm not
> sure whether I should add a Lintian override or just leave this as it
> is.
Lintian can be annoying at times. The reason behind this warning is that
we want to avoid distributing multiple license information in binary
packages because that can be confusing. debian/copyright is the central
place to collect all copyright information. Of course you should keep
those licenses in your source package but they could be removed from the
binary package because we have debian/copyright. I believe in this case
you can ignore the warning. Another option would be to symlink
debian/copyright to gpl.dbk or you can symlink
/usr/share/common-licenses/GPL-{2,3}.
Regards,
Markus
Attachment:
signature.asc
Description: OpenPGP digital signature