Hi Charles,
On Fri, Nov 22, 2013 at 02:23:33PM +0900, Charles Plessy wrote:
> Le Thu, Nov 21, 2013 at 11:26:24AM +0100, Andreas Tille a écrit :
> > On Thu, Nov 21, 2013 at 05:29:26PM +0900, Charles Plessy wrote:
> > >
> > > gbp clone git.debian.org:/git/debian-med/htslib.git
> >
> > When doing `git-buildpackage` (which for sure includes the .git dir) I
> > can not see the effect you are describing. The only thing lintian (and
> > I) are more concerned about is:
> >
> > E: libhts0: symbols-file-contains-current-version-with-debian-revision on symbol cram_index_build@Base
> > W: libhts0: symbols-file-contains-debian-revision on symbol bam_mplp_init_overlaps@Base and 1 others
> >
> > I personally would simply drop the symbols file since it seems to
> > introduce more harm than good.
>
> Hi Andreas,
>
> this is strange, in my case, from a fresh clone, and when building with "git
> buildpackage -us -uc", I see the hardening-no-relro tag.
>
> $ lintian -I --pedantic ../htslib_0.2.0~rc4-1_amd64.changes
> I: htslib source: quilt-patch-using-template-description debian-changes
> W: htslib source: newer-standards-version 3.9.5 (current is 3.9.4)
> W: libhts0: hardening-no-relro usr/lib/x86_64-linux-gnu/libhts.so.0.2.0~rc4-1
> P: libhts0: no-upstream-changelog
> E: libhts0: symbols-file-contains-current-version-with-debian-revision on symbol cram_index_build@Base
> W: libhts0: symbols-file-contains-debian-revision on symbol bam_mplp_init_overlaps@Base and 1 others
> P: libhts-dev: no-upstream-changelog
> W: libhts-dev: manpage-has-errors-from-man usr/share/man/man5/vcf.5.gz file `<standard input>', around line 15:
> P: htslib-test: no-upstream-changelog
$ gbp-clone ssh://git.debian.org/git/debian-med/htslib.git
$ cd htslib
(debian/unstable) $ git branch
* debian/unstable
develop
pristine-tar
(debian/unstable) $ git-buildpackage
(debian/unstable) $ lintian -I --pedantic ../build-area/htslib_0.2.0~rc4-1_amd64.changes
I: htslib source: quilt-patch-using-template-description debian-changes
W: htslib source: newer-standards-version 3.9.5 (current is 3.9.4)
P: libhts0: no-upstream-changelog
E: libhts0: symbols-file-contains-current-version-with-debian-revision on symbol cram_index_build@Base
W: libhts0: symbols-file-contains-debian-revision on symbol bam_mplp_init_overlaps@Base and 1 others
P: htslib-test: no-upstream-changelog
P: libhts-dev: no-upstream-changelog
W: libhts-dev: manpage-has-errors-from-man usr/share/man/man5/vcf.5.gz file `<standard input>', around line 15:
The attached build log clearly contains '-Wl,-z,relro' where it needs to
be.
> For the tags related to the symbols file, this is because the package is work
> in progress. I pull upsteam commits as they go and only update the version
> number when upstream makes new tags, therefore Debian revisions contain changes
> to the library's symbols.
>
> Given that the API is not yet stable, I understand that the symbols file is not
> yet useful, but I prefer having it in the package now so that I do not forget
> to add it when I start to upload packages built on the htslib-dev package.
I personally would choose some kinf of changelog entry:
"TODO: create symbols file"
to get rid of this noise ... but I now understand your motivation.
Kind regards
Andreas.
--
http://fam-tille.de
Attachment:
htslib_0.2.0~rc4-1_amd64.build.bz2
Description: Binary data