[SCM] Debian package checker branch, master, updated. 2.2.18-89-g2109377
The following commit has been merged in the master branch:
commit 2109377cfd2475875ebf7d3407e3ee239838f3ce
Author: Russ Allbery <rra@debian.org>
Date: Fri Dec 25 22:52:31 2009 -0800
Improve weak-library-dev-dependency
* checks/control-file{,.desc}:
+ [RA] Rework weak-library-dev-dependency to allow more approaches to
bounding the shared library version. Skip complex cases with or'd
dependencies and assume the maintainer knows what they're doing.
Add more explanation to the long tag description. Thanks, Reinhard
Tartler and Mike Hommey. (Closes: #557449)
diff --git a/checks/control-file b/checks/control-file
index bc0e530..ac2caa8 100644
--- a/checks/control-file
+++ b/checks/control-file
@@ -227,19 +227,8 @@ for my $binary_control (@binary_controls) {
# If this looks like a -dev package, check its dependencies.
if ($package =~ /-dev$/ and $binary_control->{'depends'}) {
- for my $depend (split /\s*,\s*/, $binary_control->{'depends'}) {
- my ($target, $version) = ($depend =~ /^([\w.+-]+)(?:\s*\(([^\)]+)\))?/);
- next unless $target;
- if ($target =~ /^lib[\w.+-]+\d/ and $target !~ /-(?:dev|docs?)$/ and grep { $target eq $_ } @package_names) {
- if ($binary_control->{'architecture'} eq 'all') {
- tag 'weak-library-dev-dependency', "$package on $depend"
- unless ($version and $version =~ /^\s*[<>]?=\s*\$\{source:(?:Upstream-)?Version\}/);
- } else {
- tag 'weak-library-dev-dependency', "$package on $depend"
- unless ($version and $version =~ /^\s*=\s*\$\{(?:binary:Version|Source-Version)\}/);
- }
- }
- }
+ check_dev_depends($package, $binary_control->{depends},
+ @package_names);
}
# Check mismatches in archive area.
@@ -285,6 +274,50 @@ for my $i (0 .. $#descriptions) {
}
+
+# Check the dependencies of a -dev package. Any dependency on one of the
+# packages in @package_names that looks like the underlying library needs to
+# have a version restriction that's at least as strict as the same upstream
+# version.
+sub check_dev_depends {
+ my ($package, $depends, @packages) = @_;
+ for my $target (@packages) {
+ next unless ($target =~ /^lib[\w.+-]+\d/
+ and $target !~ /-(?:dev|docs?)$/);
+ my @depends = grep { /(?:^|[\s|])\Q$target\E(?:[\s|\(]|\z)/ }
+ split (/\s*,\s*/, $depends);
+
+ # If there are any alternatives here, something special is
+ # going on. Assume that the maintainer knows what they're
+ # doing. Otherwise, separate out just the versions.
+ next if grep { /\|/ } @depends;
+ my @versions = sort map {
+ if (/^[\w.+-]+(?:\s*\(([^\)]+)\))/) {
+ $1;
+ } else {
+ '';
+ }
+ } @depends;
+
+ # If there's only one mention of this package, the dependency
+ # should be tight. Otherwise, there should be both >>/>= and
+ # <</<= dependencies that mention the source, binary, or
+ # upstream version. If there are more than three mentions of
+ # the package, again something is weird going on, so we assume
+ # they know what they're doing.
+ if (@depends == 1) {
+ unless ($versions[0] =~ /^\s*=\s*\$\{(?:binary:Version|Source-Version)\}/) {
+ tag 'weak-library-dev-dependency', "$package on $depends[0]";
+ }
+ } elsif (@depends == 2) {
+ unless ($versions[0] =~ /^\s*<[=<]\s*\$\{(?:(?:binary|source):(?:Upstream-)?Version|Source-Version)\}/
+ and $versions[1] =~ /^\s*>[=>]\s*\$\{(?:(?:binary|source):(?:Upstream-)?Version|Source-Version)\}/) {
+ tag 'weak-library-dev-dependency', "$package on $depends[0], $depends[1]";
+ }
+ }
+ }
+}
+
1;
# Local Variables:
diff --git a/checks/control-file.desc b/checks/control-file.desc
index 65e3e67..c4212ee 100644
--- a/checks/control-file.desc
+++ b/checks/control-file.desc
@@ -171,10 +171,15 @@ Info: The given package appears to be a shared library -dev package, but
does not force the same package version. To ensure that compiling and
linking works properly, and that the symlinks in the -dev package point
to the correct files in the shared library package, a -dev package should
- normally use <tt>(= ${binary:Version})</tt> with the dependency on the
+ normally use <tt>(= ${binary:Version})</tt> for the dependency on the
shared library package.
.
- If the -dev package is architecture-independent, it cannot use this
- dependency since it would break binary NMUs. Instead, a dependency of
- <tt>(>= ${source:Upstream-Version}), (<< ${source:Version}.1~)</tt> or
- similar is usually the correct approach.
+ Sometimes, such as for -dev packages that are architecture-independent to
+ not break binNMUs or when one doesn't want to force a tight dependency, a
+ weaker dependency is warranted. Something like <tt>(>=
+ ${source:Upstream-Version}), (<<
+ ${source:Upstream-Version}+1~)</tt>, possibly using
+ <tt>${source:Version}</tt> instead, is the right apprach. The goal is to
+ ensure that a new upstream version of the library package doesn't satisfy
+ the -dev package dependency, since the minor version of the shared
+ library may have changed, breaking the <tt>*.so</tt> links.
diff --git a/debian/changelog b/debian/changelog
index f8b9bd9..1e72b8d 100755
--- a/debian/changelog
+++ b/debian/changelog
@@ -42,6 +42,11 @@ lintian (2.3.0) UNRELEASED; urgency=low
debian/control prior to the fixes applied by dpkg-dev. Thanks,
Nelson A. de Oliveira. (Closes: #548819)
+ [RA] Fix a typo that skipped checks on the Build-Conflicts field.
+ + [RA] Rework weak-library-dev-dependency to allow more approaches to
+ bounding the shared library version. Skip complex cases with or'd
+ dependencies and assume the maintainer knows what they're doing.
+ Add more explanation to the long tag description. Thanks, Reinhard
+ Tartler and Mike Hommey. (Closes: #557449)
* checks/cruft:
+ [RA] Allow an automake or libtool dependency in Build-Depends-Indep
to also satisfy the check for outdated helper files. Thanks,
diff --git a/t/tests/control-file-library-dev/debian/debian/control.in b/t/tests/control-file-library-dev/debian/debian/control.in
index dcb7878..2d78161 100644
--- a/t/tests/control-file-library-dev/debian/debian/control.in
+++ b/t/tests/control-file-library-dev/debian/debian/control.in
@@ -63,7 +63,11 @@ Description: {$description} (doc package)
Package: libcontrol-file4-dev
Section: libdevel
Architecture: {$architecture}
-Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
+Depends: $\{shlibs:Depends\}, $\{misc:Depends\},
+ libcontrol-file-foo1 (<= $\{source:Upstream-Version\}-99)
+ | libcontrol-file-other-foo1 (<= $\{source:Upstream-Version\}-99),
+ libcontrol-file-foo1 (>= $\{binary:Version\})
+ | libcontrol-file-other-foo1 (>= $\{binary:Version\})
Description: {$description} (dev package with version)
Dev package containing a number.
.
diff --git a/t/tests/control-file-library-dev/tags b/t/tests/control-file-library-dev/tags
index c95b28b..b756b1f 100644
--- a/t/tests/control-file-library-dev/tags
+++ b/t/tests/control-file-library-dev/tags
@@ -1,2 +1,3 @@
+E: control-file-library-dev source: weak-library-dev-dependency libcontrol-file-all-dev on libcontrol-file-baz9-4 (>= ${source:Version})
E: control-file-library-dev source: weak-library-dev-dependency libcontrol-file-dev on libcontrol-file-bar7ldbl
E: control-file-library-dev source: weak-library-dev-dependency libcontrol-file-dev on libcontrol-file-baz9-4 (>= ${binary:Version})
--
Debian package checker
Reply to: