[SCM] Debian package checker branch, master, updated. 2.1.2-3-g849d16b
The following commit has been merged in the master branch:
commit 849d16b30c2cad952ecee5858a87d90a63d870fc
Author: Russ Allbery <rra@debian.org>
Date: Fri Dec 26 10:32:37 2008 -0800
Watch file check improvements from Raphael Geissert
* checks/watch-file{,.desc}:
+ [RA] Merge a set of changes by Raphael Geissert:
- Correctly parse multiple line continuations.
- Don't attempt any detailed checks on version one watch files.
- Recognize versionmangle in addition to [du]versionmangle.
- Add line information to some of the tags.
- Detect watch files that specify SourceForge download servers
directly and suggest use of the QA sf.net redirector instead.
- Detect watch files specifying an upstream version that matches a
non-native Debian package version in debian/changelog.
- Detect watch files specifying an upstream version for an older
changelog entry when the current changelog entry has a newer
upstream version.
diff --git a/checks/watch-file b/checks/watch-file
index 0177bd9..0195841 100644
--- a/checks/watch-file
+++ b/checks/watch-file
@@ -2,6 +2,7 @@
#
# Copyright (C) 2008 Patrick Schoenfeld
# Copyright (C) 2008 Russ Allbery
+# Copyright (C) 2008 Raphael Geissert
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -51,15 +52,19 @@ if ($version =~ /(dfsg|debian|ds)/) {
# diagnose on the first time through.
open(WATCH, '<', 'debfiles/watch') or fail("cannot open watch file: $!");
local $_;
-my ($watchver, $mangle, $dmangle, $nonempty);
+my ($watchver, $mangle, $dmangle, $nonempty, %dversions);
while (<WATCH>) {
next if /^\s*\#/;
next if /^\s*$/;
s/^\s*//;
+
+ CHOMP:
+ chomp;
if (s/(?<!\\)\\$//) {
# This is caught by uscan.
last if eof(WATCH);
$_ .= <WATCH>;
+ goto CHOMP;
}
if (/^version\s*=\s*(\d+)(\s|\Z)/) {
@@ -77,24 +82,39 @@ while (<WATCH>) {
tag 'debian-watch-file-missing-version';
$watchver = 1;
}
- while (s/\\\s*$//) {
- $_ .= <WATCH>;
- }
- chomp;
+ # Version 1 watch files are too broken to try checking them.
+ next if ($watchver == 1);
+
my ($opts, @opts);
- if (s/^opt(ion)?s=\"([^\"]+)\"\s+// || s/^opt(ion)?s=(\S+)\s+//) {
- $opts = $2;
+ if (s/^opt(?:ion)?s=\"([^\"]+)\"\s+// || s/^opt(?:ion)?s=(\S+)\s+//) {
+ $opts = $1;
@opts = split(',', $opts);
if (defined $repack) {
for (@opts) {
- $mangle = 1 if /^[ud]versionmangle.*=.*($repack)/;
- $dmangle = 1 if /^dversionmangle.*=.*($repack)/;
+ $mangle = 1 if /^[ud]?versionmangle\s*=.*($repack)/;
+ $dmangle = 1 if /^dversionmangle\s*=.*($repack)/;
}
}
}
if (m%qa\.debian\.org/watch/sf\.php\?%) {
- tag 'debian-watch-file-uses-deprecated-sf-redirector-method';
+ tag 'debian-watch-file-uses-deprecated-sf-redirector-method',
+ "line $.";
+ }
+
+ if (m%(https?|ftp)://((.+\.)?dl|(pr)?downloads?|ftp\d?)\.(sourceforge|sf)\.net%) {
+ tag 'debian-watch-file-should-use-sf-redirector', "line $.";
+ }
+
+ # This bit is as-is from uscan.pl:
+ my ($base, $filepattern, $lastversion, $action) = split ' ', $_, 4;
+ if ($base =~ s%/([^/]*\([^/]*\)[^/]*)$%/%) {
+ # Last component of $base has a pair of parentheses, so no
+ # separate filepattern field; we remove the filepattern from the
+ # end of $base and rescan the rest of the line
+ $filepattern = $1;
+ (undef, $lastversion, $action) = split ' ', $_, 3;
}
+ push @{$dversions{$lastversion}}, $. if (defined($lastversion));
}
}
close WATCH;
@@ -104,10 +124,45 @@ close WATCH;
if ($nonempty and $repack and not $mangle) {
tag 'debian-watch-file-should-mangle-version';
}
+
if ($repack and $mangle and not $dmangle) {
tag 'debian-watch-file-should-dversionmangle-not-uversionmangle';
}
+my $changes = $info->changelog;
+if (defined $changes and %dversions) {
+ my $data = $changes->data;
+ my %changelog_versions;
+ my $count = 1;
+ for my $entry (@{$data}) {
+ my $uversion = $entry->Version;
+ $uversion =~ s/-[^-]+$//; # revision
+ $uversion =~ s/^\d+://; # epoch
+ $changelog_versions{'orig'}{$entry->Version} = $count;
+
+ # Preserve the first value here to correctly detect old versions.
+ $changelog_versions{'mangled'}{$uversion} = $count
+ unless (exists($changelog_versions{'mangled'}{$uversion}));
+ $count++;
+ }
+
+ while (my ($dversion, $lines) = each %dversions) {
+ next if (!defined($dversion) || $dversion eq 'debian');
+ local $" = ', ';
+ if (!$info->native && exists($changelog_versions{'orig'}{$dversion})) {
+ tag 'debian-watch-file-specifies-wrong-upstream-version',
+ "$dversion: @{$lines}";
+ next;
+ }
+ if (exists($changelog_versions{'mangled'}{$dversion})
+ && $changelog_versions{'mangled'}{$dversion} != 1) {
+ tag 'debian-watch-file-specifies-old-upstream-version',
+ "$dversion: @{$lines}";
+ next;
+ }
+ }
+}
+
}
1;
diff --git a/checks/watch-file.desc b/checks/watch-file.desc
index cb30ddd..00241aa 100644
--- a/checks/watch-file.desc
+++ b/checks/watch-file.desc
@@ -88,5 +88,42 @@ Severity: normal
Certainty: certain
Info: The watch file seems to be passing arguments to the redirector
other than a path. Calling the SourceForge redirector with parameters like
- <tt>project</tt> prevents uscan from generating working uri's to the files
+ <tt>project</tt> prevents uscan from generating working URIs to the files
and thus has been deprecated and is no longer supported by the redirector.
+
+Tag: debian-watch-file-should-use-sf-redirector
+Severity: normal
+Certainty: certain
+Ref: uscan(1)
+Info: The watch file specifies a SourceForge download server directly.
+ This is not recommended; SourceForge changes their download servers
+ periodically, requiring watch files to be modified every time. Instead,
+ use the qa.debian.org redirector by using the magic URL:
+ .
+ http://sf.net/<project>/<tar-name>-(.+)\.tar\.gz
+ .
+ replacing <tt><project></tt> with the name of the SourceForge
+ project and <tt><tar-name></tt> with the name of the tarball
+ distributed within that project.
+
+Tag: debian-watch-file-specifies-wrong-upstream-version
+Severity: normal
+Certainty: certain
+Ref: uscan(1)
+Info: The watch file specifies an upstream version which exactly matches
+ the version of a <tt>debian/changelog</tt> entry, this is not a
+ native package, and no version mangling is being done. The version
+ field in a watch file should specify the expected upstream version, not
+ the version of the Debian package. Any epochs and Debian revisions
+ should be removed first or mangled away.
+
+Tag: debian-watch-file-specifies-old-upstream-version
+Severity: normal
+Certainty: certain
+Info: The watch file specifies an upstream version number which matches
+ the upstream portion of an old <tt>debian/changelog</tt> entry, and the
+ current <tt>debian/changelog</tt> entry specifies a newer upstream
+ version. The version number in the watch file is very likely to be
+ incorrect and probably should be replaced with the current expected
+ upstream version. Otherwise, DEHS and similar projects will think the
+ package is out of date even when it may not be.
diff --git a/debian/changelog b/debian/changelog
index 67b5314..aae6738 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,25 @@
lintian (2.1.3) UNRELEASED; urgency=low
+ * Summary of tag changes:
+ + Added
+ - debian-watch-file-should-use-sf-redirector
+ - debian-watch-file-specifies-wrong-upstream-version
+ - debian-watch-file-specifies-old-upstream-version
+
+ * checks/watch-file{,.desc}:
+ + [RA] Merge a set of changes by Raphael Geissert:
+ - Correctly parse multiple line continuations.
+ - Don't attempt any detailed checks on version one watch files.
+ - Recognize versionmangle in addition to [du]versionmangle.
+ - Add line information to some of the tags.
+ - Detect watch files that specify SourceForge download servers
+ directly and suggest use of the QA sf.net redirector instead.
+ - Detect watch files specifying an upstream version that matches a
+ non-native Debian package version in debian/changelog.
+ - Detect watch files specifying an upstream version for an older
+ changelog entry when the current changelog entry has a newer
+ upstream version.
+
* reporting/templates/maintainer.tmpl:
+ [ADB] Print tags affecting udeb packages under a heading for that
package, rather than merging them in to whichever binary package
diff --git a/testset/dh7-test/debian/watch b/testset/dh7-test/debian/watch
index 0915699..d7fea6a 100644
--- a/testset/dh7-test/debian/watch
+++ b/testset/dh7-test/debian/watch
@@ -2,4 +2,4 @@
# package version number.
version=2
-http://www.example.com/dist/ dh7-test\.([\d.]+)\.tar\.gz
+http://www.example.com/dist/ dh7-test\.([\d.]+)\.tar\.gz 1.dfsg-1 uupdate
diff --git a/testset/scripts/debian/changelog b/testset/scripts/debian/changelog
index cbdb6d1..9c6bc54 100644
--- a/testset/scripts/debian/changelog
+++ b/testset/scripts/debian/changelog
@@ -7,34 +7,34 @@ scripts (6ds-1ubuntu0.5.10.1) unstable; urgency=low
-- Mark 'HE' Brokschmitt <he@debian.org> Thu, 23 Jun 2005 14:32:39 +0200
-scripts (5) unstable; urgency=low
+scripts (5-1) unstable; urgency=low
* I'm making a typo in my own name... And I want lintian to warn me about
it.
-- Jeroen van Wolffelaar <jeroen@wolffelaar.nl> Sun, 18 Apr 2004 02:26:34 +0200
-scripts (4) unstable; urgency=low
+scripts (4-1) unstable; urgency=low
* Add new example to check that not executable files with a shebang line
called *in don't trigger the script-not-executable warning.
-- Marc 'HE' Brockschmidt <he@debian.org> Wed, 14 Apr 2004 19:44:04 +0200
-scripts (3) unstable; urgency=low
+scripts (3-3) unstable; urgency=low
* Add suidperlfoo and some code in debian/rules to
check the new suidperl checks
-- Frank Lichtenheld <djpig@debian.org> Wed, 31 Mar 2004 21:06:20 +0000
-scripts (2) unstable; urgency=low
+scripts (2-1) unstable; urgency=low
* Add tkfoo script for tk checkings
-- Lintian Maintainers <lintian-maint@debian.org> Sat, 21 Feb 2004 17:13:36 +0100
-scripts (1) unstable; urgency=low
+scripts (1-0) unstable; urgency=low
* Initial version
diff --git a/testset/scripts/debian/watch b/testset/scripts/debian/watch
index 5a587ad..dba5815 100644
--- a/testset/scripts/debian/watch
+++ b/testset/scripts/debian/watch
@@ -2,5 +2,7 @@
version=2
opts="uversionmangle=s/$/ds/" \
-http://qa.debian.org/watch/sf.php?project=foo scripts\.([\d.]+)\.tar\.gz
+http://qa.debian.org/watch/sf.php?project=foo scripts\.([\d.]+)\.tar\.gz debian uupdate
+version=3
+http://ftp.sf.net/foo/foo_bar(.+)\.Z 5 uupdate
\ No newline at end of file
diff --git a/testset/tags.dh7-test b/testset/tags.dh7-test
index 15cf288..3f7ddad 100644
--- a/testset/tags.dh7-test
+++ b/testset/tags.dh7-test
@@ -1,6 +1,7 @@
W: dh7-test source: changelog-should-mention-nmu
W: dh7-test source: debhelper-script-needs-versioned-build-depends dh (>= 7)
W: dh7-test source: debian-watch-file-should-mangle-version
+W: dh7-test source: debian-watch-file-specifies-wrong-upstream-version 1.dfsg-1: 5
W: dh7-test source: no-human-maintainers
W: dh7-test source: source-nmu-has-incorrect-version-number 1.dfsg-1
W: dh7-test: new-package-should-close-itp-bug
diff --git a/testset/tags.scripts b/testset/tags.scripts
index 9f8fb33..2c129e6 100644
--- a/testset/tags.scripts
+++ b/testset/tags.scripts
@@ -27,7 +27,10 @@ I: scripts: script-in-usr-share-doc usr/share/doc/scripts/py2foo
I: scripts: script-in-usr-share-doc usr/share/doc/scripts/rubyfoo
W: scripts source: ancient-standards-version 3.2.1 (current is 3.8.0)
W: scripts source: binary-arch-rules-but-pkg-is-arch-indep
-W: scripts source: debian-watch-file-uses-deprecated-sf-redirector-method
+W: scripts source: debian-watch-file-declares-multiple-versions line 7
+W: scripts source: debian-watch-file-should-use-sf-redirector line 8
+W: scripts source: debian-watch-file-specifies-old-upstream-version 5: 8
+W: scripts source: debian-watch-file-uses-deprecated-sf-redirector-method line 5
W: scripts source: maintainer-script-lacks-debhelper-token debian/postinst
W: scripts source: maintainer-script-lacks-debhelper-token debian/postrm
W: scripts source: package-uses-deprecated-debhelper-compat-version 1
--
Debian package checker
Reply to: