[lintian] annotated tag 2.5.66 created (now 0666866)
This is an automated email from the git hooks/post-receive script.
lamby pushed a change to annotated tag 2.5.66
in repository lintian.
at 0666866 (tag)
tagging 82768c8e3ea42cb83bc8916ae20b5e771601376c (commit)
replaces 2.5.65
tagged by Chris Lamb
on Tue Dec 26 15:33:57 2017 +0000
- Log -----------------------------------------------------------------
Format: 1.8
Date: Tue, 26 Dec 2017 14:59:29 +0000
Source: lintian
Binary: lintian
Architecture: source all
Version: 2.5.66
Distribution: unstable
Urgency: medium
Maintainer: Debian Lintian Maintainers <lintian-maint@debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Description:
lintian - Debian package checker
Closes: 637473 741071 782277 806237 833613 837548 864999 884503 884676 884678 884683 884699 884785 884798 884817 884848 885042 885096 885106 885327
Changes:
lintian (2.5.66) unstable; urgency=medium
.
Merry Christmas!
.
* Summary of tag changes:
+ Added:
- autotools-pkg-config-macro-not-cross-compilation-safe
- bugs-field-does-not-refer-to-debian-infrastructure
- mismatched-python-substvar
- missing-notice-file-for-apache-license
- override_dh_clean-does-not-call-dh_clean
- package-contains-python-doctree-file
- pkg-config-unavailable-for-cross-compilation
- portable-executable-missing-security-features
- python-package-depends-on-package-from-other-python-variant
- vcs-fields-use-more-than-one-vcs
.
* checks/*.desc:
+ [CL] Standardise on capital-L "Lintian" in package descriptions.
Thanks to Adam D. Barratt for the suggestion.
* checks/cruft.{pm,desc}:
+ [CL] Check for packages that invoke AC_PATH_PROG without considering
cross-compilation. Thanks to Helmut Grohne for the idea and
proof-of-concept implementation. (Closes: #884798)
* checks/fields.{pm,desc}:
+ [CL] Emit a wishlist warning for packages that mix-and-match more
than one version control system in Vcs-* headers. (Closes: #884503)
+ [CL] Warn when packages specify a "Bugs" field in debian/control that
does not refer to official Debian infrastructure as this can make
reportbug unable to report bugs. (Closes: #741071)
* checks/files.{pm,desc}:
+ [CL] Warn maintainers about packages that ship pkg-config files under
/usr/lib/pkgconfig as they are unavailable under cross-compilation.
Thanks to Helmut Grohne for the idea. (Closes: #885096)
+ [CL] Warn about packages that ship non-reproducible Python .doctree
files. (Closes: #885327)
+ [CL] Factor out simple filename checks into a Lintian::Data variable.
* checks/init.d.{pm,desc}:
+ [CL] Don't emit init.d-script-needs-depends-on-lsb-base if the
package ships a Systemd service file. (Closes: #864999)
* checks/lintian.desc:
+ [CL] Also note that unused-override can be triggered if Lintian
adds/modifies supplementary tag metadata.
* checks/obsolete-sites.pm:
+ [CL] Ignore commented-out lines to avoid false-positives where the
maintainer references the old location. (Closes: #806237)
* checks/pe.{pm,desc}:
+ [CL] Check for Microsoft Windows Portable Executable (PE) files that
are missing security hardening features. Thanks to Petter
Reinholdtsen for the report. (Closes: #837548)
* checks/python.{pm,desc}:
+ [CL] Warn about Python 2.x packages using ${python3:Depends} and
Python 3.x packages using ${python:Depends}. Thanks to Mattia
Rizzolo for the idea. (Closes: #884676)
+ [CL] Factor out definition of dependency fields.
+ [CL] Warn about Python 3 packages that depend on Python 2 packages
and vice versa. (Closes: #782277)
* checks/rules.{desc,pm}:
+ [CL] Check for override_dh_clean targets that are missing calls to
dh_clean. Thanks to Andreas Beckmann for the idea. (Closes: #884817)
* checks/standards-version.pm:
+ [CL] Avoid misleading tag descriptions when emitting valid
timewarp-standards-version warnings if the date parts are identical
(ie. "2017-11-30 < 2017-11-30"). Thanks to Andrea Bolognani
eof@kiyuko.org> for the report. (Closes: #884785)
* checks/source-copyright.{desc,pm}:
+ [CL] Check for Apache 2.0 packages that do not distribute their
accompanying "NOTICE" files. (Closes: #885042)
+ [CL] Use the list of files in the orig tarball (rather than in the
regular index) to prevent false positives when checking for the
source-includes-file-in-files-excluded tag when a patch system
re-adds files that were removed. (Closes: #884848)
.
* collection/src-orig-index:
+ [CL] Correct references to generated filename.
+ [CL] Update bitrotted calls to Lintian::Command:spawn.
.
* data/debhelper/compat-level:
+ [MR] Bump the experimental debhelper compat level to 12.
(Closes: #884678)
+ [CL] Bump the recommended debehlper compat level to 11, emitting a
pedantic warning when using lower level. (Closes: #884699)
* data/debhelper/dh_commands:
+ [CL] dh_scour is now provided by python3-scour, not python-scour.
Thanks to Jeremy Bicha. (Closes: #885106)
* data/files/js-libraries:
+ [CL] Detect embedded jQuery libraries with version number in their
filenames (eg. jquery-1.10.2.min.js). (Closes: #833613)
+ [CL] Also emit embedded-javascript-library for Twitter Bootstrap and
"mustache".
* data/files/php-libraries:
+ [CL] Avoid a embedded-php-library false positive for streams.php.
(Closes: #637473)
* data/spelling/corrections:
+ [PW] Add a number of corrections.
.
* debian/compat:
+ [NT] Bump debhelper compat level to 11.
* debian/control:
+ [CL] Tag relevant build-dependencies with <!nocheck>.
+ [NT] Bump versioned Build-Dependency on debhelper to 11~.
.
* lib/Lintian/Collect/{Package,Source}.pm:
+ [CL] Don't require that src-orig-index.gz actually contains any files
rather than faking an entry.
.
* reporting/templates/maintainer.tmpl:
+ [CL] Correct invalid "else if" syntax with "elsif". Thanks to Uwe
Kleine-König for the report.
.
* t/tests/fields-malformed-vcs-fields-unrel:
+ [CL] Add a regression test for a potential false positive in the
"vcs-field-has-unexpected-spaces" tag. (Ref: #884870)
* t/tests/files-multiarch-foreign-files:
+ [CL] Don't hardcode architecture triplet to fix FTBFS on non-amd64
architectures. (Closes: #884683)
* t/scripts/implemented-tags.t:
+ [CL] Exclude some tests in this coverage check now that they are
specified in a data file rather than in the code itself.
Checksums-Sha1:
779542285bd5a675d621952c68c63bfcf424597d 2633 lintian_2.5.66.dsc
ffd268765754c7f90afafdae6da7a2b5186a910a 2610532 lintian_2.5.66.tar.xz
0fe51b31ff9ba9e52d4b15b09d4a828a1a5636ee 1080132 lintian_2.5.66_all.deb
1ee2c1e57c4ca6e6290e67f94c48fe41aecad7e5 14978 lintian_2.5.66_amd64.buildinfo
Checksums-Sha256:
962e940fba33b201e18e54169f6aea2f6a8fffc982f35985f4c4ee98f7fec318 2633 lintian_2.5.66.dsc
742d44a8657cdca0fd26210ec582242c497dd6efd25cdd9293ee16ebc107c57a 2610532 lintian_2.5.66.tar.xz
c9ed8c1a2df9bcb909a526c59fb8d4abfee9a37ce39272a94c287194a804484c 1080132 lintian_2.5.66_all.deb
b6e2a4b86a6a26e9e9a575e7ac1e10c1f07258eeaa848109ae1ac62d366f223d 14978 lintian_2.5.66_amd64.buildinfo
Files:
13f83583aefa9694b60b28c313990ec0 2633 devel optional lintian_2.5.66.dsc
7b5c7c8de421288eb548957f8e7c11b8 2610532 devel optional lintian_2.5.66.tar.xz
28765798a9bde37a3d38de40b9e8b16b 1080132 devel optional lintian_2.5.66_all.deb
1cf90fecdc9c12a07bd4396f6e3a4408 14978 devel optional lintian_2.5.66_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlpCa+UACgkQHpU+J9Qx
Hlij5BAAjr4BWoCWdJC2IARfvAgS5USbAM+Tx8dcO9dJUr66gwurpEPFWOwj+32n
YPuolvVStdj+xf023uRkQKJkw3oAQ3qkEnlvkjcuU/aAIreybK0sam7/oOlX99Ol
FUkPvKlVr7qEf2KK/uYlWuIJa28U88RhzVrR+uV/Y5Bh3/nQqXK3p/cqTFTfHcXn
IqRVYmvC8zKaGzPmRktPeiYdhlgeUU40KKOQ2SzBPGGUO2DLR798Yl9c+VKfn6af
QSYIgXHyd0sFDLdQ5C7fF+pr3HDELC4bwNSabJ3feweIGNPOQFt2vlErzWjTQuX5
qfz8hg8Nh46kG0oPLNo7kt1Vs4sowmvMteigd+X3zm6RBNiZ6d9Mo+LyHfOFNptA
RK+pBpSTyuxecipD9t8X1TlkJyUIlnpJZhqjUlPrwr8WtvYu3GHt9G8SxiaG+iky
GH1nh7ohLDVmw/uU3pDZJ7aGE+Ruejh84/4HIsjLY+CdGQjwKvq5msDM2T5cQgZP
OD/0c8uPd0JnADk9UjIxJH+sZg1Sh9ZU50srzerKEmA7gsWqrQD6+Z/NNHgWOzBq
rogsdE7K8Ngmsv7QmMW9bKWgAiaYeVJ+PyRUUbzBKDuIjS/SlrIHdJ6XJ2BwOlbH
30kWNAEFQvhOuESkiiuQJXX1fjtkSSE+eRagi18TTL2ILugrSqE=
=yP92
-----END PGP SIGNATURE-----
Adam D. Barratt (2):
shared-libs.desc: fix subject number agreement
triggers.desc: English review
Chris Lamb (55):
Open new changelog entry for 2.5.66.
Don't hardcode architecture triplet to fix FTBFS on non-amd64 architectures. (Closes: #884683)
Check for Microsoft Windows Portable Executable (PE) files that are missing security hardening features. Thanks to Petter Reinholdtsen for the report. (Closes: #837548)
Warn about Python 2.x packages using ${python3:Depends} and Python 3.x packages using ${python:Depends}. Thanks to Mattia Rizzolo for the idea. (Closes: #884676)
Don't emit init.d-script-needs-depends-on-lsb-base if the package ships a native Systemd service file. (Closes: #864999)
Detect embedded jQuery libraries with version number in their filenames (eg. jquery-1.10.2.min.js) and also emit embedded-javascript-library for Twitter Bootstrap and "mustache". (Closes: #833613)
Update tests to match changes in c32b9949d.
Bump the recommended debehlper compat level to 11, emitting a pedantic warning when using lower level. (Closes: #884699)
Avoid misleading tag descriptions when emitting valid timewarp-standards-version warnings if the date parts are identical (ie. "2017-11-30 < 2017-11-30"). Thanks to Andrea Bolognani eof@kiyuko.org> for the report. (Closes: #884785)
Correct invalid "else if" syntax with "elsif". Thanks to Uwe Kleine-Koenig for the report.
debian/changelog: Use diacritic for Uwe Kleine-König. Thanks again!
Check for override_dh_clean targets that are missing calls to dh_clean. Thanks to Andreas Beckmann for the idea. (Closes: #884817)
Add a regression test for a potential false positive in the "vcs-field-has-unexpected-spaces" tag. (Ref: #884870)
Emit a wishlist warning for packages that mix-and-match more than one version control system in Vcs-* headers. (Closes: #884503)
t/tests/fields-uncanonical-vcs-fields/*: Update test output and Test-Against fields for vcs-fields-use-more-than-one-vcs.
checks/pe.pm: Check PE binary with is_open_okay before opening.
Factor out definition of depdendency fields.
[CL] Warn about Python 3.x packages that depend on the Python 2.x variants of themselves (and vice versa). (Closes: #884692)
debian/changelog: Correct bug number.
Check for packages that invoke AC_PATH_PROG without considering cross-compilation. Thanks to Helmut Grohne for the idea and proof-of-concept implementation. (Closes: #884798)
Warn when packages specify a "Bugs:" field in debian/control as this can make reportbug unable to report bugs. (Closes: #741071)
Rename autotools-pkg-config-invocation-missing-arch-prefix -> autotools-pkg-config-macro-not-cross-compilation-safe to better reflect the solution.
checks/cruft.desc: Remove paragraph on Helmut's advice.
Warn when packages specify a "Bugs" field in debian/control that does not refer to official Debian infrastructure as this can make reportbug unable to report bugs. (Closes: #741071)
Disable bugs-field-in-debian-control when vendor is not Debian.
Rename bugs-field-in-debian-control to bugs-field-does-not-refer-to-debian-infrastructure.
Move bugs-field-does-not-refer-to-debian-infrastructure to fields.pm and split tests, only checking the source paragraph.
Check for Apache 2.0 packages that do not distribute their accompanying "NOTICE" files. (Closes: #885042)
checks/source-copyright.desc: Correct reference to debian/package.docs.
checks/source-copyright.{pm,desc}: Also check for NOTICE.txt files (eg. commons-email).
debian/control: Tag relevant build-dependencies with <!nocheck>.
Warn maintainers about packages that ship pkg-config files under /usr/lib/pkgconfig as they are unavailable under cross-compilation. Thanks to Helmut Grohne for the idea. (Closes: #885096)
debian/control: Correct zi -> zip typo.
dh_scour is now provided by python3-scour, not python-scour. Thanks to Jeremy Bicha. (Closes: #885106)
collection/src-orig-index: Correct references to generated filename.
collection/src-orig-index: Update bitrotted calls to Lintian::Command:spawn.
Use the list of files in the orig tarball (rather than in the regular index) to prevent false positives when checking for the source-includes-file-in-files-excluded tag when a patch system re-adds files that were removed. (Closes: #884848)
lib/Lintian/Collect/{Package,Source}.pm: Don't require that src-orig-index.gz actually contains any files rather than faking an entry.
collection/src-orig-index: perltidy
checks/source-copyright.desc: Require "unpacked", not "file-info".
lib/Lintian/Collect/Package: Don't mix precedence.
Ignore commented-out lines to avoid false-positives where the maintainer references the old location. (Closes: #806237)
Warn about Python 3 packages that depend on Python 2 packages and vice versa. (Closes: #782277)
collection/src-orig-index: Set blocking on the STDIN pipe to avoid trying to close it too early.
checks/fields.desc: Correct grammar in bugs-field-does-not-refer-to-debian-infrastructure tag description.
Standardise on capital-L "Lintian" in package descriptions. Thanks to Adam D. Barratt for the suggestion.
Warn about packages that ship non-reproducible Python .doctree files. (Closes: #885327)
Factor out simple filename checks into a Lintian::Data variable.
Avoid a embedded-php-library false positive for streams.php. (Closes: #637473)
Exclude some tests in this coverage check now that they are specified in a data file rather than in the code itself.
Also note that unused-override can be triggered if Lintian adds/modifies supplementary tag metadata.
Add missing testcase for/from 3c5ee5b2b146c6ff39dea
t/tests/legacy-maintainer-scripts/tags: Move all tests down one line for next commit. (no-op)
Prevent a false positive in the possibly-insecure-handling-of-tmp-files-in-maintainer-script tag by detecting XXX-like mktemp(1) templates. (Closes: #601323)
Release lintian/2.5.66 into unstable.
Mattia Rizzolo (1):
Bump the experimental debhelper compat level to 12. (Closes: #884678)
Niels Thykier (4):
t/source: Avoid some hard coded B-D on debhelper/9
t/source: Less hard-coding of debhelper/7
t/source: Remove remaining hard-coding of debhelper build-dependencies
Bump debhelper compat level to 11
Paul Wise (1):
spelling: Add several corrections
-----------------------------------------------------------------------
No new revisions were added by this update.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Reply to: