[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SCM] Debian package checker branch, master, updated. 2.2.15-15-ged45e34

The following commit has been merged in the master branch:
commit ed45e34fc2128bed6dbdaff1857c1d1d92d73a85
Author: Russ Allbery <rra@debian.org>
Date:   Tue Sep 15 23:11:13 2009 -0700

    Check for tight dependencies of -dev packages on library packages
    
    * checks/control-file{,.desc}:
      + [RA] Check that -dev packages depend on exactly the same version of
        the shared library package.  (Closes: #537768)

diff --git a/checks/control-file b/checks/control-file
index e04a086..a95f8bb 100644
--- a/checks/control-file
+++ b/checks/control-file
@@ -145,9 +145,14 @@ for my $control ($header, @binary_controls) {
 # another problem, and check that the package doesn't hard-code a dependency
 # on libc.  We have to do the latter check here rather than in checks/fields
 # to distinguish from dependencies created by ${shlibs:Depends}.
+#
+# Use this traversal to build a list of package names built from this source
+# package, which we'll use later to check for dependencies in -dev packages.
 my @dep_fields = qw(pre-depends depends recommends suggests);
 my $libcs = Lintian::Relation->new(join(' | ', @LIBCS));
+my @package_names;
 for my $control (@binary_controls) {
+	push (@package_names, $control->{package});
 	for my $strong (0 .. $#dep_fields) {
 		next unless $control->{$dep_fields[$strong]};
 		my $relation = Lintian::Relation->new($control->{$dep_fields[$strong]});
@@ -173,6 +178,10 @@ for my $control (@binary_controls) {
 # undefined until parsing the first binary section.  Missing sections will be
 # caught by other checks.
 #
+# Check any package that looks like a library -dev package for a dependency on
+# a shared library package built from the same source.  If found, such a
+# dependency should have a tight version dependency on that package.
+#
 # Also accumulate short and long descriptions for each package so that we can
 # check for duplication, but skip udeb packages.  Ideally, we should check the
 # udeb package descriptions separately for duplication, but udeb packages
@@ -191,13 +200,28 @@ if ($header->{'section'}) {
 }
 my @descriptions;
 for my $binary_control (@binary_controls) {
-	if ($binary_control->{'description'}
-	    and (not $binary_control->{'xc-package-type'}
-		 or $binary_control->{'xc-package-type'} ne 'udeb')) {
-		push(@descriptions,
-		     [ $binary_control->{'package'},
-		       split("\n", $binary_control->{'description'}, 2) ]);
+	my $package = $binary_control->{'package'};
+
+	# Accumulate the description.
+	my $desc = $binary_control->{'description'};
+	if ($desc and (not $binary_control->{'xc-package-type'}
+		       or $binary_control->{'xc-package-type'} ne 'udeb')) {
+		push(@descriptions, [ $package, split("\n", $desc, 2) ]);
+	}
+
+	# If this looks like a -dev package, check its dependencies.
+	if ($package =~ /-dev$/) {
+		for my $depend (split /\s*,\s*/, $binary_control->{'depends'}) {
+			my ($target, $version) = ($depend =~ /^([\w.+-]+)(?:\s*\(([^\)]+)\))?/);
+			next unless $target;
+			if ($target =~ /^lib[\w.+-]+\d/ and grep { $target eq $_ } @package_names) {
+				tag 'weak-library-dev-dependency', "$package on $depend"
+				    unless ($version and $version =~ /^\s*=\s*\$\{(?:binary:Version|Source-Version)\}/);
+			}
+		}
 	}
+
+	# Check mismatches in archive area.
 	next unless $binary_control->{'section'};
 	if (!defined ($area)) {
 		if ($binary_control->{'section'} =~ m%^([^/]+)/%) {
@@ -207,9 +231,9 @@ for my $binary_control (@binary_controls) {
 		}
 		next;
 	}
-	tag "section-area-mismatch", "Package " . $binary_control->{'package'}
+	tag "section-area-mismatch", "Package " . $package
 		if ($area && $binary_control->{'section'} !~ m%^$area/%);
-	tag "section-area-mismatch", "Package " . $binary_control->{'package'}
+	tag "section-area-mismatch", "Package " . $package
 		if (!$area && $binary_control->{'section'} =~ m%^([^/]+)/% && $1 ne 'contrib');
 }
 
diff --git a/checks/control-file.desc b/checks/control-file.desc
index e52ab90..17e92ac 100644
--- a/checks/control-file.desc
+++ b/checks/control-file.desc
@@ -144,3 +144,14 @@ Severity: normal
 Certainty: certain
 Info: The given package declares a dependency on libc directly instead
  of using ${shlibs:Depends} in its <tt>debian/control</tt> stanza.
+
+Tag: weak-library-dev-dependency
+Severity: important
+Certainty: possible
+Ref: policy 8.5
+Info: The given package appears to be a shared library -dev package, but
+ the dependency on what seems to be a corresponding shared library package
+ does not force the same package version.  To ensure that compiling and
+ linking works properly, and that the symlinks in the -dev package point
+ to the correct files in the shared library package, a -dev package should
+ normally depend on the exact same version of the shared library package.
diff --git a/debian/changelog b/debian/changelog
index 730b5d1..bfde814 100755
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,7 +4,11 @@ lintian (2.2.16) UNRELEASED; urgency=low
     + Added:
       - dh_undocumented-is-obsolete
       - lib-recommends-documentation
+      - weak-library-dev-dependency
 
+  * checks/control-file{,.desc}:
+    + [RA] Check that -dev packages depend on exactly the same version of
+      the shared library package.  (Closes: #537768)
   * checks/debhelper{,.desc}:
     + [RA] Check for use of the obsolete dh_undocumented debhelper
       program.  Patch from Raphael Geissert.  (Closes: #541977)
diff --git a/t/tests/scripts-control-interpreters/debian/debian/control.in b/t/tests/control-file-library-dev/debian/debian/control.in
similarity index 66%
copy from t/tests/scripts-control-interpreters/debian/debian/control.in
copy to t/tests/control-file-library-dev/debian/debian/control.in
index 97af50d..8ff5b50 100644
--- a/t/tests/scripts-control-interpreters/debian/debian/control.in
+++ b/t/tests/control-file-library-dev/debian/debian/control.in
@@ -3,54 +3,58 @@ Priority: extra
 Section: {$section}
 Maintainer: {$author}
 Standards-Version: {$standards_version}
-Build-Depends: debhelper (>= 7)
+Build-Depends: debhelper (>= 7.0.50~)
 
-Package: {$srcpkg}-paths
+Package: libcontrol-file-foo1
 Architecture: {$architecture}
 Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
-Description: {$description} (paths)
- Interpreters with bad paths.
+Description: {$description} (shared lib 1)
+ First shared library.
  .
  This is a test package designed to exercise some feature or tag of
  Lintian.  It is part of the Lintian test suite and may do very odd
  things.  It should not be installed like a regular package.
 
-Package: {$srcpkg}-forbidden
+Package: libcontrol-file-bar7ldbl
 Architecture: {$architecture}
 Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
-Description: {$description} (forbidden)
- Forbidden control interpreters.
+Description: {$description} (shared lib 2)
+ Second shared library.
  .
  This is a test package designed to exercise some feature or tag of
  Lintian.  It is part of the Lintian test suite and may do very odd
  things.  It should not be installed like a regular package.
 
-Package: {$srcpkg}-unknown
+Package: libcontrol-file-dev
+Section: libdevel
 Architecture: {$architecture}
-Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
-Description: {$description} (unknown)
- Unknown control interpreters.
+Depends: $\{shlibs:Depends\}, $\{misc:Depends\},
+ libcontrol-file-foo1 (= $\{binary:Version\}),
+ libcontrol-file-bar7ldbl, libcontrol-file-baz9-4 (>= $\{binary:Version\}),
+ libfoo4, libcontrol-file-doc
+Description: {$description} (dev package)
+ Dev package.
  .
  This is a test package designed to exercise some feature or tag of
  Lintian.  It is part of the Lintian test suite and may do very odd
  things.  It should not be installed like a regular package.
 
-Package: {$srcpkg}-python
+Package: libcontrol-file-baz9-4
 Architecture: {$architecture}
-Depends: python, $\{shlibs:Depends\}, $\{misc:Depends\}
-Description: {$description} (python)
- Python control interpreters with depends.
+Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
+Description: {$description} (shared lib 3)
+ Third shared library.
  .
  This is a test package designed to exercise some feature or tag of
  Lintian.  It is part of the Lintian test suite and may do very odd
  things.  It should not be installed like a regular package.
 
-Package: {$srcpkg}-prepython
+Package: libcontrol-file-doc
+Section: doc
 Architecture: {$architecture}
-Pre-Depends: python
 Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
-Description: {$description} (python preinst)
- Python control interpreters with pre-depends.
+Description: {$description} (doc package)
+ Doc package.
  .
  This is a test package designed to exercise some feature or tag of
  Lintian.  It is part of the Lintian test suite and may do very odd
diff --git a/t/tests/control-file-library-dev/desc b/t/tests/control-file-library-dev/desc
new file mode 100644
index 0000000..c5df11c
--- /dev/null
+++ b/t/tests/control-file-library-dev/desc
@@ -0,0 +1,5 @@
+Testname: control-file-library-dev
+Sequence: 6000
+Version: 1.0
+Description: Check control file handling of library dev packages
+Test-For: weak-library-dev-dependency
diff --git a/t/tests/control-file-library-dev/tags b/t/tests/control-file-library-dev/tags
new file mode 100644
index 0000000..c95b28b
--- /dev/null
+++ b/t/tests/control-file-library-dev/tags
@@ -0,0 +1,2 @@
+E: control-file-library-dev source: weak-library-dev-dependency libcontrol-file-dev on libcontrol-file-bar7ldbl
+E: control-file-library-dev source: weak-library-dev-dependency libcontrol-file-dev on libcontrol-file-baz9-4 (>= ${binary:Version})

-- 
Debian package checker
Reply to: