[lintian] 01/01: c/changelog-file: Add tag for using TEMP identifiers
This is an automated email from the git hooks/post-receive script.
nthykier pushed a commit to branch master
in repository lintian.
commit eb61e774d5f3deb5de76cfe082291aaa3de9c681
Author: Niels Thykier <niels@thykier.net>
Date: Sun Apr 10 07:49:48 2016 +0000
c/changelog-file: Add tag for using TEMP identifiers
Signed-off-by: Niels Thykier <niels@thykier.net>
---
checks/changelog-file.desc | 16 ++++++++++++++++
checks/changelog-file.pm | 3 +++
debian/changelog | 3 +++
.../changelog-file-general/debian/debian/changelog.in | 2 ++
t/tests/changelog-file-general/desc | 1 +
t/tests/changelog-file-general/tags | 1 +
6 files changed, 26 insertions(+)
diff --git a/checks/changelog-file.desc b/checks/changelog-file.desc
index a9ab933..024691b 100644
--- a/checks/changelog-file.desc
+++ b/checks/changelog-file.desc
@@ -400,3 +400,19 @@ Info: The date in the changelog entry is not consistent with the actual
.
$ date -R -ud '2013-11-05 23:59:59'
Tue, 05 Nov 2013 23:59:59 +0000
+
+Tag: changelog-references-temp-security-identifier
+Severity: normal
+Certainty: certain
+Info: The changelog entry references a temporary security identifier,
+ like "TEMP-0000000-2FC21E".
+ .
+ The TEMP identifier will disappear in the future once a proper CVE
+ identifier has been assigned. Therefore it is useless as an
+ external reference. Even worse, the identifier is not stable and
+ may change even before a CVE is allocated.
+ .
+ If a CVE has been allocated, please use that instead. Otherwise,
+ please replace the TEMP identifier with a short description of the
+ issue.
+Ref: #787929, #809226
diff --git a/checks/changelog-file.pm b/checks/changelog-file.pm
index a8e1deb..a5065ef 100644
--- a/checks/changelog-file.pm
+++ b/checks/changelog-file.pm
@@ -364,6 +364,9 @@ sub run {
while ($changes =~ /(closes\s*(?:bug)?\#?\s?\d{6,})[^\w]/ig) {
tag 'possible-missing-colon-in-closes', $1 if $1;
}
+ if ($changes =~ m/(TEMP-\d{7}-[0-9a-fA-F]{6})/) {
+ tag 'changelog-references-temp-security-identifier', $1
+ }
# check for bad intended distribution
if (
diff --git a/debian/changelog b/debian/changelog
index ea18d35..661019b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,9 @@ lintian (2.5.44) UNRELEASED; urgency=medium
* checks/changelog-file.{desc,pm}:
+ [JW,NT] Use "day of week" rather than "weekday".
(Closes: #796093)
+ + [JW,NT] Flag references to "TEMP" security identifiers.
+ Thanks to Paul Wise for assisting with the regex.
+ (Closes: #807892)
* checks/description.{desc,pm}:
+ [NT] Drop duplicate word tag, which is now covered by the
spelling error check.
diff --git a/t/tests/changelog-file-general/debian/debian/changelog.in b/t/tests/changelog-file-general/debian/debian/changelog.in
index 6b08699..ae3f059 100644
--- a/t/tests/changelog-file-general/debian/debian/changelog.in
+++ b/t/tests/changelog-file-general/debian/debian/changelog.in
@@ -20,6 +20,8 @@
of ~75 characters, but consists of over 200 bytes.
üüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüüü
+ * It might even fix TEMP-1234567-abcdef, though probably not.
+
-- {$author} {$date}
{$source} ({$version}) unstable; urgency=low
diff --git a/t/tests/changelog-file-general/desc b/t/tests/changelog-file-general/desc
index 6139755..d509151 100644
--- a/t/tests/changelog-file-general/desc
+++ b/t/tests/changelog-file-general/desc
@@ -6,6 +6,7 @@ Description: General tests for changelog-file tags
Test-For:
bad-intended-distribution
changelog-not-compressed-with-max-compression
+ changelog-references-temp-security-identifier
debian-changelog-file-contains-invalid-email-address
debian-changelog-file-contains-obsolete-user-emacs-settings
debian-changelog-line-too-long
diff --git a/t/tests/changelog-file-general/tags b/t/tests/changelog-file-general/tags
index cf0d7c1..a21f615 100644
--- a/t/tests/changelog-file-general/tags
+++ b/t/tests/changelog-file-general/tags
@@ -1,6 +1,7 @@
E: changelog-file-general: debian-changelog-file-contains-invalid-email-address unknown@unknown
E: changelog-file-general: possible-missing-colon-in-closes Closes #555555
W: changelog-file-general: changelog-not-compressed-with-max-compression changelog.Debian.gz
+W: changelog-file-general: changelog-references-temp-security-identifier TEMP-1234567-abcdef
W: changelog-file-general: debian-changelog-file-contains-obsolete-user-emacs-settings
W: changelog-file-general: debian-changelog-line-too-long line 15
W: changelog-file-general: debian-changelog-line-too-long line 8
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Reply to: