Bug#736360: lintian: do not warn about doxygen embedding jquery

To: Jakub Wilk <jwilk@debian.org>
Cc: 736360@bugs.debian.org
Subject: Bug#736360: lintian: do not warn about doxygen embedding jquery
From: Helmut Grohne <helmut@subdivi.de>
Date: Mon, 3 Feb 2014 13:33:15 +0100
Message-id: <[🔎] 20140203123315.GA2640@localhost>
Mail-followup-to: Helmut Grohne <helmut@subdivi.de>, Jakub Wilk <jwilk@debian.org>, 736360@bugs.debian.org
Reply-to: Helmut Grohne <helmut@subdivi.de>, 736360@bugs.debian.org
In-reply-to: <[🔎] 20140203113910.GA17952@jwilk.net>
References: <20140122183218.GA10818@alf.mars> <[🔎] 20140203113910.GA17952@jwilk.net>

On Mon, Feb 03, 2014 at 12:39:10PM +0100, Jakub Wilk wrote:
> Security is not the only issue here. jquery.js created by Doxygen is
> minified, so there's a risk that we ship it without source.

Thanks for highlighting the issue. Fortunately we already have a tool to
work around this issue. It is called Built-Using. Last time I checked
whether (dh_)doxygen should be simplifying the process of adding the
Built-Using headers, I achieved no consensus on the value of such a
change and discussion on what Built-Using is supposed to mean was still
ongoing. If there is consensus now, we can use that tool to address this
particular issue.

Do you think that this would adequately address the availability of
source? Do you happen to have an alternative proposal in mind?

Helmut

Reply to:

Follow-Ups:
- Bug#736360: lintian: do not warn about doxygen embedding jquery
  - From: Jakub Wilk <jwilk@debian.org>

References:
- Bug#736360: lintian: do not warn about doxygen embedding jquery
  - From: Jakub Wilk <jwilk@debian.org>

Prev by Date: Bug#736360: lintian: do not warn about doxygen embedding jquery
Next by Date: Bug#702349: lintian should not complain about hardening for package written in pure Ocaml
Previous by thread: Bug#736360: lintian: do not warn about doxygen embedding jquery
Next by thread: Bug#736360: lintian: do not warn about doxygen embedding jquery
Index(es):
- Date
- Thread