Bug#895953: lintian: check that shlibs-version >= higher-version-symbols-file
On 20/04/18 11:44, Chris Lamb wrote:
> tags 895953 + patch
> thanks
>
> Hi Emilio,
>
>
>> lintian: check that shlibs-version >= higher-version-symbols-file
> Patch attached - how does it look for you?
>
> commit 62861f944168e42374609afcfc8eca3dab58e7fa
> Author: Chris Lamb <lamby@debian.org>
> Date: Fri Apr 20 11:38:06 2018 +0200
>
> Warn about packages with a "shlibs" version higher than the maximum version in the "symbol" control file. (Closes: #895953)
We are warning against the opposite, i.e. we warn about packages whose shlibs
version is smaller then the one in the symbols file. Having a higher shlibs
version is fine, e.g. as the result of dh_makeshlibs -V.
>
> checks/shared-libs.desc | 21 +++++++++++++++++++++
> checks/shared-libs.pm | 13 +++++++++++++
> debian/changelog | 4 ++++
> t/tests/shared-libs-control-file/desc | 2 ++
> 4 files changed, 40 insertions(+)
>
>
> Regards,
>
> -- ,''`. : :' : Chris Lamb `. `'` lamby@debian.org / chris-lamb.co.uk `-
>
>
> 0001-Warn-about-packages-with-a-shlibs-version-higher-tha.patch
>
>
>>From 62861f944168e42374609afcfc8eca3dab58e7fa Mon Sep 17 00:00:00 2001
> From: Chris Lamb <lamby@debian.org>
> Date: Fri, 20 Apr 2018 11:38:06 +0200
> Subject: [PATCH] Warn about packages with a "shlibs" version higher than the
> maximum version in the "symbol" control file. (Closes: #895953)
>
> ---
> checks/shared-libs.desc | 21 +++++++++++++++++++++
> checks/shared-libs.pm | 13 +++++++++++++
> debian/changelog | 4 ++++
> t/tests/shared-libs-control-file/desc | 2 ++
> 4 files changed, 40 insertions(+)
>
> diff --git a/checks/shared-libs.desc b/checks/shared-libs.desc
> index 775a6199e..466a77737 100644
> --- a/checks/shared-libs.desc
> +++ b/checks/shared-libs.desc
> @@ -447,3 +447,24 @@ Info: The forms "<" and ">" mean "<=" and ">=", not "<<"
> and ">>" as one might expect. For that reason these forms are
> obsolete, and should not be used in new packages. Use the longer forms
> instead.
> +
> +Tag: shlibs-version-behind-symbols-file
> +Severity: normal
> +Certainty: certain
> +Ref: deb-symbols(5)
> +Info: The <tt>shlibs</tt> control file in this package contains
Here you mean symbols control file.
> + a versioned symbol that is higher than the maximum version in
> + the <tt>symbols</tt> control file. This can result in incorrect
And here you mean shlibs control file.
> + dependency generation.
> + .
> + This is specially important for udebs, as they use the
> + <tt>shlibs</tt> even when <tt>*.symbols</tt> files exist. This
> + typically happens when a package contains a call to:
> + .
> + dh_makeshlibs -plibfoo1 -V"1.0" -- -c4
> + .
> + which was not updated to, for example, <tt>-V"1.1"</tt> when
> + new symbols are introduced.
That's right. But there's another possible problem: the package may specify no
version for the shlibs, e.g.:
dh_makeshlibs -plibfoo1 -- -c4
That will generate a shlibs file with no version. That's a problem for the same
reason, but may need special treatment in the code (see below) and could be
mentioned here.
Looks good otherwise! Many thanks for implementing this.
Emilio
> + .
> + Please update your <tt>.symbols</tt> file or your call to
> + <tt>dh_makeshlibs</tt>.
> diff --git a/checks/shared-libs.pm b/checks/shared-libs.pm
> index 21902ea97..406ccea3b 100644
> --- a/checks/shared-libs.pm
> +++ b/checks/shared-libs.pm
> @@ -30,6 +30,7 @@ use Lintian::Data;
> use Lintian::Relation;
> use Lintian::Tags qw(tag);
> use Lintian::Util qw(internal_error strip);
> +use Lintian::Relation::Version qw(versions_gt);
>
> # Libraries that should only be used in the presence of certain capabilities
> # may be located in subdirectories of the standard ldconfig search path with
> @@ -460,6 +461,7 @@ sub run {
> my $meta_info_seen = 0;
> my $warned = 0;
> my $symbol_count = 0;
> + my ($max_symbol, $max_symbol_version);
>
> my $fd = $symbolsf->open;
> while (<$fd>) {
> @@ -544,6 +546,11 @@ sub run {
> my ($sym, $v, $dep_order) = ($1, $2, $3);
> $dep_order ||= '';
>
> + if (versions_gt($v, $max_symbol_version // '0-1')) {
> + $max_symbol = $sym;
> + $max_symbol_version = $v;
> + }
> +
> if (($v eq $version) and ($version =~ /-/)) {
> $full_version_sym ||= $sym;
> $full_version_count++;
> @@ -584,6 +591,12 @@ sub run {
> tag 'symbols-file-contains-debian-revision',
> "on symbol $debian_revision_sym$others";
> }
> +
> + tag 'shlibs-version-behind-symbols-file-entry',
> + $max_symbol, "$max_symbol_version > $version"
> + if defined $max_symbol_version
> + and versions_gt($max_symbol_version, $version);
> +
> for my $shlib (@shlibs, keys %unversioned_shlibs) {
> my $shlib_name = $SONAME{$shlib};
> $shlib_name = format_soname($shlib_name);
> diff --git a/debian/changelog b/debian/changelog
> index 2caa1c236..6ed77fdff 100644
> --- a/debian/changelog
> +++ b/debian/changelog
> @@ -12,6 +12,10 @@ lintian (2.5.84) UNRELEASED; urgency=medium
> refers to upstream's policy followed by a suggestion that it may be
> dropped after the release of Debian "buster". Thanks to Adrian Bunk
> for the suggestion. (Closes: #896079)
> + * checks/shared-libs.{desc,pm}:
> + + [CL] Warn about packages with "shlibs" version that is higher than
> + the version in the "symbol" control file. Thanks to Emilio Pozuelo
> + Monfort for the suggestion. (Closes: #895953)
>
> * checks/{files.desc,menu-format.*}, data/menu-format/known-desktop-keys:
> + [PW] Link to the latest version for all FreeDesktop standards
> diff --git a/t/tests/shared-libs-control-file/desc b/t/tests/shared-libs-control-file/desc
> index 7350c9902..8d18ea082 100644
> --- a/t/tests/shared-libs-control-file/desc
> +++ b/t/tests/shared-libs-control-file/desc
> @@ -9,3 +9,5 @@ Test-For:
> shlibs-declares-dependency-on-other-package
> shlibs-uses-obsolete-relation
> unused-shlib-entry-in-control-file
> +Test-Against:
> + shlibs-version-behind-symbols-file
> -- 2.17.0
>
Reply to: