Bug#739056: RFS: cwm/5.1-1 [ITP] -- Lightweight and efficient window manager for X11

[Jakub Wilk <jwilk@debian.org>]

* James McDonald <james@jamesmcdonald.com>, 2014-02-15, 14:46:
> http://mentors.debian.net/debian/pool/main/c/cwm/cwm_5.1-1.dsc

blhc says that at least some parts of the package were built without 
hardening:

> CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): cc -c -Wall -O2 -g -D_FORTIFY_SOURCE=2 `pkg-config --cflags fontconfig x11 xft xinerama xrandr` calmwm.c

The compiler warns about use of a deprecated function:

> menu.c:469:2: warning: 'XKeycodeToKeysym' is deprecated (declared at /usr/include/X11/Xlib.h:1699) [-Wdeprecated-declarations]

...and about implicit function declaration:

> parse.y:92:4: warning: implicit declaration of function 'asprintf' [-Wimplicit-function-declaration]

Upstream PGP-signed his tarball, so you may want to enable signature 
checking in d/watch.

Any reason add-changelog is not included in d/patches/series?

I'd rather not patch upstream makefile to change PREFIX, but override it 
in debian/rules instead.

fix-man-hyphens is not complete. There are more places where hyphen is 
used as minus sign, although likely Lintian is not smart enough to 
detect them.

Typo in the package description:
"etc" -> "etc."

The description is oddly wrapped. The line ending with "virtual desktop" 
could be two words longer.

Enumerated lists in d/copyright are not formatted correctly. Please see 
bug #700970.

Upstream embeds a few BSD-specific functions (fgetln, strlcat, strlcpy, 
strtonum). It would be nice if Debian package could link to libbsd 
instead of using these embedded copies.

Typo in client.c:
cant -> can't

--
Jakub Wilk