[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[lintian] 01/01: Warn for Homepage files using insecure URIs such as HTTP or FTP, similar to vcs-field-uses-insecure-uri. (Closes: #849514)

This is an automated email from the git hooks/post-receive script.

lamby pushed a commit to branch master
in repository lintian.

commit c7582911e45b38ca5013ff3fcf4229a43c1c8c8b
Author: Chris Lamb <lamby@debian.org>
Date:   Thu Nov 16 20:11:19 2017 +0900

    Warn for Homepage files using insecure URIs such as HTTP or FTP, similar to vcs-field-uses-insecure-uri. (Closes: #849514)
---
 checks/fields.desc                                                | 6 ++++++
 checks/fields.pm                                                  | 3 +++
 debian/changelog                                                  | 3 +++
 t/tests/control-file-pedantic-space/debian/debian/control.in      | 2 +-
 t/tests/control-file-pedantic/debian/debian/control.in            | 2 +-
 t/tests/copyright-file-license-symlink/debian/debian/control.in   | 2 +-
 .../debian/debian/control.in                                      | 8 +++-----
 t/tests/fields-homepage-field-uses-insecure-uri/desc              | 7 +++++++
 t/tests/fields-homepage-field-uses-insecure-uri/tags              | 2 ++
 t/tests/fields-no-homepage/desc                                   | 1 +
 t/tests/generic-dh-make-2008/desc                                 | 2 ++
 11 files changed, 30 insertions(+), 8 deletions(-)

diff --git a/checks/fields.desc b/checks/fields.desc
index ad22211..b834393 100644
--- a/checks/fields.desc
+++ b/checks/fields.desc
@@ -1337,3 +1337,9 @@ Severity: normal
 Certainty: certain
 Info: The "Section:" field in this package's control file is empty.
 Ref: policy 2.4
+
+Tag: homepage-field-uses-insecure-uri
+Severity: pedantic
+Certainty: certain
+Info: The Homepage field uses an unencrypted transport protocol for the
+ URI.
diff --git a/checks/fields.pm b/checks/fields.pm
index b90e205..6ff4dc4 100644
--- a/checks/fields.pm
+++ b/checks/fields.pm
@@ -629,6 +629,9 @@ sub run {
         if ($homepage=~ m,bioconductor\.org/packages/.*/bioc/html/.*\.html*$,){
             tag 'homepage-for-bioconductor-package-not-canonical', $orig;
         }
+        if ($homepage=~ m,^http:,){
+            tag 'homepage-field-uses-insecure-uri', $orig;
+        }
     } elsif (not $info->native) {
         if ($type eq 'source') {
             my $binary_has_homepage_field = 0;
diff --git a/debian/changelog b/debian/changelog
index 0eba013..a4d1e3f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -10,6 +10,9 @@ lintian (2.5.60) UNRELEASED; urgency=medium
       (Closes: #881389)
     + [AB] Also mention Emacs' "M-x wh-cl" (whitespace-cleanup) for
       file-contains-trailing-whitespace.
+  * checks/fields.desc:
+    + [CL] Warn for Homepage files using insecure URIs such as HTTP or
+      FTP, similar to vcs-field-uses-insecure-uri.  (Closes: #849514)
   * checks/version-substvars.desc:
     + [CL] Don't recommend "Source-Version" in tag descriptions.
 
diff --git a/t/tests/control-file-pedantic-space/debian/debian/control.in b/t/tests/control-file-pedantic-space/debian/debian/control.in
index edd37be..6ee527f 100644
--- a/t/tests/control-file-pedantic-space/debian/debian/control.in
+++ b/t/tests/control-file-pedantic-space/debian/debian/control.in
@@ -5,7 +5,7 @@ Maintainer: {$author}
 Standards-Version: {$standards_version}
 Build-Depends: {$build_depends}
 Rules-Requires-Root: no
-Homepage: http://lintian.debian.org/
+Homepage: https://lintian.debian.org/
 
 Package: {$source}
 Architecture: {$architecture}
diff --git a/t/tests/control-file-pedantic/debian/debian/control.in b/t/tests/control-file-pedantic/debian/debian/control.in
index 43c2c71..d5c5a1b 100644
--- a/t/tests/control-file-pedantic/debian/debian/control.in
+++ b/t/tests/control-file-pedantic/debian/debian/control.in
@@ -5,7 +5,7 @@ Maintainer: {$author}
 Standards-Version: {$standards_version}
 Build-Depends: {$build_depends}
 Rules-Requires-Root: no
-Homepage: http://lintian.debian.org/
+Homepage: https://lintian.debian.org/
 
 Package: {$source}-udeb
 Section: debian-installer
diff --git a/t/tests/copyright-file-license-symlink/debian/debian/control.in b/t/tests/copyright-file-license-symlink/debian/debian/control.in
index 5ae2c2b..1e999cb 100644
--- a/t/tests/copyright-file-license-symlink/debian/debian/control.in
+++ b/t/tests/copyright-file-license-symlink/debian/debian/control.in
@@ -5,7 +5,7 @@ Maintainer: {$author}
 Standards-Version: {$standards_version}
 Build-Depends: {$build_depends}
 Rules-Requires-Root: no
-Homepage: http://lintian.debian.org/
+Homepage: https://lintian.debian.org/
 
 Package: {$source}-bad
 Architecture: {$architecture}
diff --git a/t/tests/control-file-pedantic/debian/debian/control.in b/t/tests/fields-homepage-field-uses-insecure-uri/debian/debian/control.in
similarity index 77%
copy from t/tests/control-file-pedantic/debian/debian/control.in
copy to t/tests/fields-homepage-field-uses-insecure-uri/debian/debian/control.in
index 43c2c71..769dc3b 100644
--- a/t/tests/control-file-pedantic/debian/debian/control.in
+++ b/t/tests/fields-homepage-field-uses-insecure-uri/debian/debian/control.in
@@ -5,13 +5,11 @@ Maintainer: {$author}
 Standards-Version: {$standards_version}
 Build-Depends: {$build_depends}
 Rules-Requires-Root: no
-Homepage: http://lintian.debian.org/
+Homepage: http://insecure.example.com/
 
-Package: {$source}-udeb
-Section: debian-installer
+Package: {$source}
 Architecture: {$architecture}
-Depends: $\{misc:Depends\}
-XC-Package-Type: udeb
+Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
 Description: {$description}
  This is a test package designed to exercise some feature or tag of
  Lintian.  It is part of the Lintian test suite and may do very odd
diff --git a/t/tests/fields-homepage-field-uses-insecure-uri/desc b/t/tests/fields-homepage-field-uses-insecure-uri/desc
new file mode 100644
index 0000000..bcedd2f
--- /dev/null
+++ b/t/tests/fields-homepage-field-uses-insecure-uri/desc
@@ -0,0 +1,7 @@
+Testname: fields-homepage-field-uses-insecure-uri
+Description: Test for Homepage fields using insecure URIs
+Version: 1.0
+Options: -I -E --pedantic
+Skeleton: pedantic
+Test-For:
+ homepage-field-uses-insecure-uri
diff --git a/t/tests/fields-homepage-field-uses-insecure-uri/tags b/t/tests/fields-homepage-field-uses-insecure-uri/tags
new file mode 100644
index 0000000..7425c77
--- /dev/null
+++ b/t/tests/fields-homepage-field-uses-insecure-uri/tags
@@ -0,0 +1,2 @@
+P: fields-homepage-field-uses-insecure-uri source: homepage-field-uses-insecure-uri http://insecure.example.com/
+P: fields-homepage-field-uses-insecure-uri: homepage-field-uses-insecure-uri http://insecure.example.com/
diff --git a/t/tests/fields-no-homepage/desc b/t/tests/fields-no-homepage/desc
index 773cc95..2940d01 100644
--- a/t/tests/fields-no-homepage/desc
+++ b/t/tests/fields-no-homepage/desc
@@ -5,3 +5,4 @@ Version: 1.0-1
 Options: -I -E --pedantic
 Skeleton: pedantic
 Test-For: no-homepage-field
+Test-Against: homepage-field-uses-insecure-uri
diff --git a/t/tests/generic-dh-make-2008/desc b/t/tests/generic-dh-make-2008/desc
index 8cb780c..c0e5b55 100644
--- a/t/tests/generic-dh-make-2008/desc
+++ b/t/tests/generic-dh-make-2008/desc
@@ -23,4 +23,6 @@ Test-For:
  section-is-dh_make-template
  superfluous-clutter-in-homepage
  wrong-bug-number-in-closes
+Test-Against:
+ homepage-field-uses-insecure-uri
 References: Debian Bug#497347

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Reply to: