Re: Debian Policy 4.1.4.0 released

To: debian-devel@lists.debian.org
Subject: Re: Debian Policy 4.1.4.0 released
From: Russ Allbery <rra@debian.org>
Date: Wed, 11 Apr 2018 19:27:44 -0700
Message-id: <[🔎] 873701tazj.fsf@hope.eyrie.org>
In-reply-to: <[🔎] CAKTje6Gx=Uw30eQ3-TpGRLpRKYKn3B2KKc4mwMeQxqT8QFj+6g@mail.gmail.com> (Paul Wise's message of "Thu, 12 Apr 2018 10:15:25 +0800")
References: <[🔎] 85lgdzx39l.fsf@benfinney.id.au> <[🔎] 87a7ufe7ed.fsf@debian.org> <[🔎] 20180407112349.eoz7rbwtcu3ee3rq@angband.pl> <[🔎] 871sfrdzay.fsf@debian.org> <[🔎] 87po3b2ehh.fsf@iris.silentflame.com> <[🔎] 87muyeuage.fsf@debian.org> <[🔎] 14nope-e91.ln1@argenau.bebt.de> <[🔎] 87efjqt6pe.fsf@debian.org> <[🔎] 20180411131832.bs2f5obra7e42pyk@an3as.eu> <[🔎] 23246.3509.395512.990067@chiark.greenend.org.uk> <[🔎] 20180411141419.2zcsb3c7eslv3pmw@an3as.eu> <[🔎] 87woxdtq1m.fsf@hope.eyrie.org> <[🔎] CAKTje6Gx=Uw30eQ3-TpGRLpRKYKn3B2KKc4mwMeQxqT8QFj+6g@mail.gmail.com>

Paul Wise <pabs@debian.org> writes:
> On Thu, Apr 12, 2018 at 5:02 AM, Russ Allbery wrote:

>> Rather than documenting this fallback in Policy, why not add that
>> fallback directly to uscan?

> uscan is used in situations where one does not want arbitrary code from
> source packages automatically run by uscan. As long as `uscan --safe`
> ignores that fallback, that should be fine I guess though.

Personally, I'd probably add an interactive prompt warning about the
dangers and stressing that the source package needs to be trusted if stdin
and stdout are connected to a tty, and otherwise fail and require some
flag to use the fallback from the source package.  But happy to let
whoever implements this pick their strategy.  :)

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

Follow-Ups:
- Re: Debian Policy 4.1.4.0 released
  - From: Paul Wise <pabs@debian.org>

References:
- Re: Debian Policy 4.1.4.0 released
  - From: Ben Finney <bignose@debian.org>
- Re: Debian Policy 4.1.4.0 released
  - From: Ole Streicher <olebole@debian.org>
- Re: Debian Policy 4.1.4.0 released
  - From: Adam Borowski <kilobyte@angband.pl>
- Re: Debian Policy 4.1.4.0 released
  - From: Ole Streicher <olebole@debian.org>
- Re: Debian Policy 4.1.4.0 released
  - From: Sean Whitton <spwhitton@spwhitton.name>
- Re: Debian Policy 4.1.4.0 released
  - From: Ole Streicher <olebole@debian.org>
- Re: Debian Policy 4.1.4.0 released
  - From: Andreas Metzler <ametzler@bebt.de>
- Re: Debian Policy 4.1.4.0 released
  - From: Ole Streicher <olebole@debian.org>
- Re: Debian Policy 4.1.4.0 released
  - From: Andreas Tille <andreas@an3as.eu>
- Re: Debian Policy 4.1.4.0 released
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: Debian Policy 4.1.4.0 released
  - From: Andreas Tille <andreas@an3as.eu>
- Re: Debian Policy 4.1.4.0 released
  - From: Russ Allbery <rra@debian.org>
- Re: Debian Policy 4.1.4.0 released
  - From: Paul Wise <pabs@debian.org>

Prev by Date: Re: Music player & privacy (was: ITP: elisa)
Next by Date: Re: Debian Policy 4.1.4.0 released
Previous by thread: Re: Debian Policy 4.1.4.0 released
Next by thread: Re: Debian Policy 4.1.4.0 released
Index(es):
- Date
- Thread