Re: shc -- #335278 broken packaging -- non-DD NMU prepared
On Friday 14 July 2006 14:49, Bas Wijnen wrote:
> On Fri, Jul 14, 2006 at 01:31:22PM +0200, Ricardo Mones wrote:
> > > That also should be catched and warned, since an NMU done by a
> > > maintaner makes no sense.
> > It's not very common, but it does: the NMU is prepared by another
> > non-DD and the package maintainer sponsors it.
> I remember a thread here not so long ago where it was pointed out that this
> isn't actually an NMU. The person doing an NMU fixes a bug in a package he
> doesn't own. For this, he must check if everything is ok, and do the
> upload. If this person is not a DD, then of course he cannot do the upload.
> So he needs a sponsor. This sponsor will need to check if everything is
> ok. That's exactly what he would do if he'd be doing the NMU himself.
> So a sponsored NMU is really a normal NMU (by the sponsor), with the
> specific situation that a patch for the fix was provided by someone else.
> If the sponsor is a maintainer, then it's just a normal fix provided by
> someone else.
> Also, the person sponsoring an upload doesn't need to be mentioned in
> either the changelog, or in the control file (it's usual that he is
> mentioned there, but there's no need for it). So it is very well possible
> (but probably not a good idea) to perform real NMU as a maintainer.
Right, it is a bad idea since if you claim NMUish debian-revision and /(nmu|
Non-maintainer upload)/i in the changelog, then you confuse dak and BTS which
consider that upload as an NMU if the maintainer address in the .changes file
is not binary the same as the address in the Maintainer field, or any of the
addresses the Uploaders field, of the dsc file, and also if the maintainer
address is not special (i.e. it is not set to the QA Group address).
> lintian/linda check wouldn't give a false positive there.
I wonder why the lintian's nmu check is not performed on deb packages, even
though it is listed in Selected checks:, but no Collecting info and Running
nmu check appears to be performed later. Seems like that check is
intentionaly disabled somewhere, I failed to look at :-/ I'm still gathering
information, before filing any bug report.
AFAICS linda doesn't even bother to check nmu related flaws ;-)
pub 4096R/0E4BD0AB 2003-03-18 <people.fccf.net/danchev/key pgp.mit.edu>
fingerprint 1AE7 7C66 0A26 5BFF DF22 5D55 1C57 0C89 0E4B D0AB