Re: RFS: smarty

[Raphael Hertzog <hertzog@debian.org>]

Hi,

thanks for your interest in smarty.

On Mon, 01 Aug 2011, Wojciech Szaranski wrote:
> The package appears to be lintian clean.
> 
> The upload would fix these bugs: 514305

Have you read http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514305#10 ?

Because:
1/ you have not taken care of the case where other packages install
   files in /usr/share/php/smarty/libs/plugins (i.e. no preinst, no
   conflicts, nothing for this)

$ apt-file search /usr/share/php/smarty/libs | cut -d: -f1 | uniq
collabtive
smarty
smarty-acl-render
smarty-gettext
smarty-validate

2/ you have not informed me

3/ you have not contacted any other maintainer of a reverse-dependency
   asking them to test with your updated package (and warning them that a new
   upstream version will land shortly in Debian)
   (but before doing so, let's fix this package)

$ apt-cache showpkg smarty
Reverse Depends: 
  piwigo,smarty 2.6.26
  moodle,smarty
  smarty-acl-render,smarty
  gosa,smarty
  smbind,smarty
  smarty-validate,smarty
  smarty-gettext,smarty
  slbackup-php,smarty
  serendipity,smarty
  piwigo,smarty 2.6.26
  phpgacl,smarty 2.6.9
  ojs,smarty
  moodle,smarty
  kolab-webadmin,smarty
  gallery2,smarty 2.6.26
  collabtive,smarty

Maitaining a library requires more care than the usual package, please
pay attention to everything.

> My motivation for maintaining this package is: I would like to share
> packages that I'm using :)

Great, but you should make it work for everybody and not only you. :-)

A few remarks:
- you should not package it as a Debian native package but as "3.0 (quilt)"
  mkdir debian/source
  echo "3.0 (quilt)" > debian/source/format
- you should indicate in the changelog which security issues are fixed by
  this upload by incorporating all the corresponding CVE numbers
  http://security-tracker.debian.org/tracker/source-package/smarty
- you should update it to the latest Standards-Version (verify that it
  follows the latest policy with
  /usr/share/doc/debian-policy/upgrading-checklist.txt.gz)
- the package does not even build currently because "make" invokes "make
  install" as that's the only target and "debian/rules build" does not
  have the required root rights

There's lots of work left as you can see.

You should really also check your package with lintian on Debian unstable,
there are lots of issues:

W: smarty source: native-package-with-dash-version
I: smarty source: missing-debian-source-format
W: smarty source: out-of-date-standards-version 3.8.4 (current is 3.9.2)
W: smarty: wrong-name-for-upstream-changelog usr/share/doc/smarty/change_log.txt.gz
W: smarty: debian-changelog-line-too-long line 2
E: smarty: helper-templates-in-copyright
W: smarty: symlink-is-self-recursive usr/share/php/smarty/libs .
I: smarty: package-contains-empty-directory usr/share/doc/smarty/demo/cache/
I: smarty: package-contains-empty-directory usr/share/doc/smarty/demo/templates_c/

Obviously "W: smarty: symlink-is-self-recursive usr/share/php/smarty/libs ."
can't be fixed, you have to override it and document the reason for this
override.

Please CC me for a secound review once you have fixed everything reported here.
Feel free to ask questions as well if you don't understand something.

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Follow my Debian News ▶ http://RaphaelHertzog.com (English)
                      ▶ http://RaphaelHertzog.fr (Français)