Re: More patches
Russ Allbery wrote:
> Raphael Geissert <atomo64+debian@gmail.com>
> writes:
>
>> Attached is a git-am-friendly mbox file containing the patches making
>> lintian check for embedded copies of jsjac and jsMath, and adds another
>> tag checking for embedded copies of PHP PEAR modules (there are lots of
>> those in the wild).
>
>> + # ---------------- embedded PEAR modules
>> + # A list of known packaged PEAR modules
>> + # and the packages providing them
>> + my @pearmodules = (
>> + [ qr,(?<!Auth/)HTTP\.php$, => 'php-http' ],
>> + [ qr,Auth\.php$, => 'php-auth' ],
>> + [ qr,Auth/HTTP\.php$, => 'php-auth-http' ],
>> + [ qr,Benchmark/(Timer|Profiler|Iterate)\.php$, => 'php-benchmark'
>> ],
>> + [ qr,Cache\.php$, => 'php-cache' ],
>> + [ qr,Cache/Lite\.php$, => 'php-cache-lite' ],
>> + [ qr,Compat\.php$, => 'php-compat' ],
>> + [ qr,Config\.php$, => 'php-config' ],
>
> [...]
>
>> + foreach my $pearmodule (@pearmodules) {
>> + if ($file =~ m,$pearmodule->[0], and $pkg ne $pearmodule->[1]) {
>> + open (PEAR, "unpacked/$file") or fail("cannot open PHP file: $!");
>> + while (<PEAR>) {
>> + if (m,pear,i) {
>> + tag "embedded-pear-module", "$file";
>> + last;
>> + }
>> + }
>> + close(PEAR);
>> + }
>> + }
>
> Have you run this test across the entire archive or at least a large chunk
> of it and confirmed the results? This looks very likely to cause a pile
I'm afraid I only checked the php-* packages.
> of false positives to me. The only real check against false positives is
> the search through the file for "pear" case-insensitively, since the file
Given the fact that not even all PEAR modules have a reference to neither
their cvs repo nor to their pear.php.net page it is hard to use some other
pattern.
> name patterns would be very common in all sorts of PHP code, and since
> PEAR appears in function name patterns in non-PEAR code, that's not much
> of a help.
Indeed. I just tested with a check for m,/pear/, instead of m,pear,i and at
least there are zero FP's for horde3. Might be a good start which will for
sure have many false negatives, but at some point I will rewrite it to try
to reduce the number of FN's as much as possible.
>
> For example, the very first thing I checked, horde3, is a false positive.
>
What about the js part? and what about including the pear part with the
above mentioned change?
Cheers,
--
Atomo64 - Raphael
Please avoid sending me Word, PowerPoint or Excel attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html
Reply to: