[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#811140: RFS: y-u-no-validate/2013052401-5 [ITA] -- browser extension to make security exceptions temporary by default

On Sun, Jan 17, 2016 at 02:16:45PM +0100, Jakub Wilk wrote:
> I see this package has been already uploaded. But will this stop me from
> sending the review? Nope. :-P

I appreciate you taking the time.

> >* Drop support for Iceape (fixes debcheck errors).
> Wouldn't it be better to fix this in dh_xul-ext?

Good point.  I've submitted a bug & a patch.

> Also, the patch description fails to explain its purpose...


> >* Change homepage URI displayed in about:addons to point to upstream's
> >page about y-u-no-validate.
> Good catch. Please forward the patch upstream.

Good catch yourself, I hadn't thought to forward it.  Done.

> >* Replace get-orig-source.sh script with xpi-repack invoked by uscan.
> uscan doesn't call xpi-repack, unless you ask it for it explicitly, and you
> didn't. But uscan does seem to repack jar files to tar.gz automatically.
> Perhaps that's what you meant?

Are you sure?  This output suggested to me that it is doing everything
your script was doing (especially the last line):

| uscan: Unpacking ../y_u_no_validate-2013052401-sm+fx.xpi
| Unpacking ./chrome/y-u-no-validate.jar
| Unpacked xpi file.
| Successfully repacked ../y_u_no_validate-2013052401-sm+fx.xpi as ../y-u-no-validate_2013052401.orig.tar.gz.

On Sun, Jan 17, 2016 at 03:54:02PM +0100, Jakub Wilk wrote:
> Addition of the debian-watch-may-check-gpg-signature Lintian override is not
> documented in the changelog. Also, why? Did you talk to upstream about
> signing releases and they said "No, go away"? :-P

I've included a suggestion that upstream sign releases in my submission
of the homepage URI patch.  However, I'm not hopeful it will be
fulfilled so consider my Lintian override to be in the name of


Attachment: signature.asc
Description: PGP signature

Reply to: