Bug#515690: embedded-javascript-library: not so certain

["Adam D. Barratt" <adam@adam-barratt.org.uk>]

On Tue, 2009-02-17 at 00:28 +0100, Thijs Kinkhorst wrote:
> In my package 'serendipity' I get the following warning:
> 
> W: serendipity: embedded-javascript-library 
> usr/share/serendipity/www/templates/default/YahooUI/treeview/YAHOO.js
> [...]
> N:    Severity: normal, Certainty: certain
> 
> This YAHOO.js is a completely different file from the yahoo.js shipped in the 
> libjs-yui package; the Lintian code does matching only based on filenames. In 
> this case I think the "certainty: certain" is not that appropriate, as 
> filenames are hardly unique.

We currently have two different certainty levels for the embedded-*
checks.  embedded-{feedparser,javascript,php}-library are all Certain,
whereas embedded-pear-module is Possible.

In general, that's because the tests for the first three tags are
significantly less likely than the PEAR check to generate false
positives; they're obviously not foolproof though.

Lowering the severity to Possible still includes the tag in the default
output and continues to equate to a warning tag so I'm likely to do so
shortly unless anyone has any objections, at least for the Javascript
and PHP checks.

The feedparser check is a little more rigorous as it also checks the
content of the file.  Raphael mentioned that he'd seen a couple of
packages overriding it recently, but it's a little hard to check right
now with gluck being unreachable.

Regards,

Adam