Bug#905469: lintian: warn against direct access to the dpkg database

[Guillem Jover <guillem@debian.org>]

Hi!

On Wed, 2018-08-22 at 11:54:26 +0100, Chris Lamb wrote:
> > lintian: warn against direct access to the dpkg database
> 
> This is now on lintian.debian.org:
> 
>   https://lintian.debian.org/tags/maintainer-script-should-not-use-dpkg-database-directly.html
> 
> Do you plan to file bugs for these, out of interest?

I had already started filing bug reports based on my query from
codesearch.d.n and local inspection and false-positive filtering:

  <https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=dpkg-db-access-blocker;users=debian-dpkg@lists.debian.org>
  <https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=dpkg-db-access-inert;users=debian-dpkg@lists.debian.org>

This is tracked as part of:

  <https://wiki.debian.org/Teams/Dpkg/Spec/MetadataTracking#Installed_database>

Also, as I already mentioned in my previous reply where I tried to
categorize the different problematic cases, this affects both
maintainer scripts and upstream code. After inspecting the affected
packages, I'd say the majority is in the upstream code.

I've also avoided filing reports for things for which there are no
current satisfactory interfaces provided by dpkg, as that would be
unfair. I'm in the process of adding them though. And analyzing and
reporting this turned to be a bit boring, TBH. :)

Another category of packages that might need exclusion would be
system bootstrappers and similar tools, that operate on filesystems
not reigned (yet) by Debian policy where dpkg has not run properly
yet either.

Thanks,
Guillem