On Tue, 22 Mar 2016 12:29:58 +0000 Roderick MacKenzie wrote: > I am looking for a sponsor for my package gpvdm. To download the > package please visit: http://gpvdm.com/debian.php > > Gpvdm is a tool to design and optimize solar cells. I don't intend to sponsor this, but here are some thoughts: The package fails to build under pbuilder due to the Build-Depends issue I mentioned below, see below for the logs. I would suggest joining the Debian Science team, they might sponsor it: https://wiki.debian.org/Teams/DebianScience Since you are upstream I would suggest reading Debian's upstream guide: https://wiki.debian.org/UpstreamGuide I would suggest publishing the upstream source code in a distributed version control system like git. https://git-scm.com/ Please add some upstream metadata: https://wiki.debian.org/UpstreamMetadata Please add a debian/watch file: https://wiki.debian.org/debian/watch You might want to publish tarballs upstream and publish OpenPGP signatures for them and look at the OpenPGP best practices. https://help.riseup.net/en/security/message-security/openpgp/best-practices *.mo are generated files and should not be present in the source. You may want to fuzz test C based programs using zzuf and afl. You may want to fuzz test Python based programs using python-afl. Unless your build system doesn't work with `make -j4`, I would suggest using --parallel in the arguments to dh in debian/rules. The manual pages should not be compressed in the source tree since they can't easily be modified/patched. Also one has a typo: "Releced" The manual pages should be installed by the upstream build system rather than having dh_install install them. You have overridden possible-gpl-code-linked-with-openssl (which usually indicates a serious issue) without any explanation. I would suggest Section: science instead of Section: misc. -dev packages usually go in Build-Depends instead of Depends, since they are needed at build time instead of runtime. You are also missing a Build-Depends on pkg-config, see the build errors below. The debian/changelog should have unstable as the suite instead of UNRELEASED, which implies it isn't ready for upload. Some parts of the code are GPLv2-only and some are GPLv2+, is that intentional or should all the code be under the same terms? Please publish the SVG/XCF files for your PNG images if they still exist and render the PNG files at build time with rsvg/inkscape. Personally I would put all the .c/.h files into a src subdir. Personally I would wrap the README files at 80 columns. The README references opvdm, is that the old name for gpvdm? I would suggest running this command to make diffs of the Debian packaging more readable. wrap-and-sort --short-indent --wrap-always --sort-binary-packages --trailing-comma --verbose Please read the upgrading checklist and update Standards-Version when you have made the requisite changes. https://www.debian.org/doc/debian-policy/upgrading-checklist Automatic checks: build ... make[1]: Entering directory '/build/gpvdm-4.40' gcc -c -D full_time_domain -D enable_fx -D LONGDOUBLE -D dos_bin -D linux `pkg-config --cflags dbus-1` -I/usr/include/suitesparse/ -Werror -Wall -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wl,-z,relro -D dbus solver_interface.c -o solver_interface.o /bin/sh: 1: pkg-config: not found gcc -c -D full_time_domain -D enable_fx -D LONGDOUBLE -D dos_bin -D linux `pkg-config --cflags dbus-1` -I/usr/include/suitesparse/ -Werror -Wall -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wl,-z,relro -D dbus light_utils.c -o light_utils.o /bin/sh: 1: pkg-config: not found gcc -c -D full_time_domain -D enable_fx -D LONGDOUBLE -D dos_bin -D linux `pkg-config --cflags dbus-1` -I/usr/include/suitesparse/ -Werror -Wall -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wl,-z,relro -D dbus gui_hooks.c -o gui_hooks.o /bin/sh: 1: pkg-config: not found gui_hooks.c:31:23: fatal error: dbus/dbus.h: No such file or directory compilation terminated. makefile:67: recipe for target 'gui_hooks.o' failed make[1]: *** [gui_hooks.o] Error 1 make[1]: Leaving directory '/build/gpvdm-4.40' dh_auto_build: make -j1 returned exit code 2 lintian I: gpvdm source: missing-debian-source-format P: gpvdm source: no-homepage-field P: gpvdm source: no-dep5-copyright W: gpvdm source: out-of-date-standards-version 3.9.6 (current is 3.9.7) I: gpvdm source: debian-watch-file-is-missing check-all-the-things: $ find -type f \( -iname '*.sh' -o -iname '*.bash' \) -exec bashate --ignore E002,E003 {} + E010: Do not on same line as for: 'for i in `find -type f` ; do md5sum $i; done >list.dat' - ./update.sh : L23 E001: Trailing Whitespace: 'mkdir ${rpmdir} ' - ./make_rpm.sh : L33 E001: Trailing Whitespace: 'cd ${rpmdir} ' - ./make_rpm.sh : L34 E010: Do not on same line as for: 'for i in `find|grep -v .git|grep -v .o$|grep -v ~$|grep -v materials|grep -v dll$|grep -v .so$`' - ./to_github.sh : L123 4 bashate error(s) found # Check with upstream where the GIMP XCF source files are. $ find -type f \( -iname '*.png' -o -iname '*.gif' -o -iname '*.jpg' -o -iname '*.jpeg' \) -exec grep -iF gimp {} + Binary file ./images/image.jpg matches Binary file ./images/icon.png matches Binary file ./images/splash.png matches # Check with upstream where the Inkscape SVG source files are. $ find -type f \( -iname '*.png' -o -iname '*.gif' -o -iname '*.jpg' -o -iname '*.jpeg' \) -exec grep -iF inkscape {} + Binary file ./images/dir_file.png matches Binary file ./images/book.png matches Binary file ./images/play.png matches ... $ find -type f -iname '*.sh' -exec checkbashisms {} + could not find any possible bashisms in bash script ./clean_all.sh could not find any possible bashisms in bash script ./update.sh could not find any possible bashisms in bash script ./winpub.sh could not find any possible bashisms in bash script ./buildplugins.sh could not find any possible bashisms in bash script ./make_rpm.sh could not find any possible bashisms in bash script ./get_elec_plugins.sh $ cme check dpkg ... Warning in 'control source Standards-Version' value '3.9.6': Current standards version is 3.9.7 File debian/copyright line 1 has a syntax error: DpkgSyntax error: Invalid line (missing ':' ?) : Copyright 2015 Roderick Charles Ian MacKenzie <r.c.i.mackenzie@googlemail.com> $ codespell --quiet-level=3 ./inp.c:577: compatability ==> compatibility ./dump_dynamic.c:399: efficency ==> efficiency ./makefile:17: inital ==> initial ./LICENSE:169: publically ==> publicly ./make_rpm.sh:159: automaticly ==> automatically ./make_rpm.sh:205: intergration ==> integration ./gui/update.py:101: forbiden ==> forbidden ./gui/update.py:145: avaliable ==> available ./gui/copying.py:48: nTo ==> not | disable due to \n ./gui/listen_for_files_on_network.py:70: recived ==> received ./gui/cmp_class.py:234: extention ==> extension ./gui/qe.py:234: Efficency ==> Efficiency ./solvers/newton_norm/newton.c:1470: propper ==> proper ./solvers/newton/newton.c:1572: propper ==> proper $ find -type f -iname '*.c' -exec complexity {} + <lots> $ cppcheck -j1 --quiet -f . [complex_solver.c:131]: (error) Common realloc mistake: 'x' nulled but not freed upon failure [complex_solver.c:132]: (error) Common realloc mistake: 'xz' nulled but not freed upon failure [complex_solver.c:133]: (error) Common realloc mistake: 'Ap' nulled but not freed upon failure [complex_solver.c:134]: (error) Common realloc mistake: 'Ai' nulled but not freed upon failure <lots> $ find -type f -iname '*.desktop' -exec desktop-file-validate {} \; ./gui/gpvdm.desktop: error: line " Name=gpvdm" starts with a space. Comment, group and key-value lines should not start with a space. The validation will continue, with the leading spaces ignored. ./gui/gpvdm.desktop: error: line " Icon=/usr/share/gpvdm/gui/image.jpg" starts with a space. Comment, group and key-value lines should not start with a space. The validation will continue, with the leading spaces ignored. ./gui/gpvdm.desktop: error: line " Type=Application" starts with a space. Comment, group and key-value lines should not start with a space. The validation will continue, with the leading spaces ignored. ./gui/gpvdm.desktop: error: line " MimeType=application/gpvdm" starts with a space. Comment, group and key-value lines should not start with a space. The validation will continue, with the leading spaces ignored. ./gui/gpvdm.desktop: error: line " Exec=gpvdm %F" starts with a space. Comment, group and key-value lines should not start with a space. The validation will continue, with the leading spaces ignored. ./gui/gpvdm.desktop: error: line " Terminal=true" starts with a space. Comment, group and key-value lines should not start with a space. The validation will continue, with the leading spaces ignored. ./gui/gpvdm.desktop: error: line " Categories=GTK;GNOME;Education;Science;" starts with a space. Comment, group and key-value lines should not start with a space. The validation will continue, with the leading spaces ignored. ./gui/gpvdm.desktop: error: value "application/gpvdm" for string list key "MimeType" in group "Desktop Entry" does not have a semicolon (';') as trailing character ./gui/gpvdm.desktop: hint: value "GTK;GNOME;Education;Science;" for key "Categories" in group "Desktop Entry" contains more than one main category; application might appear more than once in the application menu $ find \( -name .git -o -name .svn -o -name .bzr -o -name CVS -o -name .hg -o -name _darcs -o -name _FOSSIL_ -o -name .sgdrawer \) -prune -o -empty -print ./plugins/pulse/build.inp ./plugins/jv/build.inp ./plugins/fxdomain/build.inp ./solvers/umfpack/build.inp ./solvers/newton_norm/build.inp ./solvers/newton/build.inp ./exp ./build_fit_plugins.sh ./main_args.c $ fdupes -q -r . | grep -vE '/(\.(git|svn|bzr|hg|sgdrawer)|_(darcs|FOSSIL_)|CVS)(/|$)' | cat -s <lots> $ grep -Er '/(home|srv|opt)(\W|$)' . <lots> $ flawfinder -Q -c . <lots> $ find -type f \( -iname '*.po' -o -iname '*.pot' \) -exec POFileChecker {} + <po-file-checker> <file name="./po/de.po" allow="0"> <error line="638" message="118">missing .</error> <error line="1210" message="249">missing : </error> <error line="1347" message="276">extra \n</error> </file> </po-file-checker> $ find -type f \( -iname '*.po' -o -iname '*.pot' \) -exec POFileSpell {} + <lots> # check if these can be switched to https:// $ grep -rF http: . <lots> $ find -type f \( -iname '*.po' -o -iname '*.pot' -o -iname '*.mo' -o -iname '*.gmo' \) -exec i18nspector {} + W: ./lang/de_DE/LC_MESSAGES/gpvdm.mo: language-disparity de_DE (pathname) != de (Language header field) I: ./lang/de_DE/LC_MESSAGES/gpvdm.mo: no-package-name-in-project-id-version (empty string) P: ./lang/de_DE/LC_MESSAGES/gpvdm.mo: no-version-in-project-id-version (empty string) W: ./lang/de_DE/LC_MESSAGES/gpvdm.mo: no-report-msgid-bugs-to-header-field W: ./lang/de_DE/LC_MESSAGES/gpvdm.mo: invalid-last-translator (empty string) I: ./po/gpvdm.pot: boilerplate-in-initial-comments "Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER" I: ./po/gpvdm.pot: boilerplate-in-initial-comments 'This file is distributed under the same license as the PACKAGE package.' W: ./po/gpvdm.pot: boilerplate-in-project-id-version 'PACKAGE VERSION' W: ./po/gpvdm.pot: no-report-msgid-bugs-to-header-field I: ./po/de.mo: no-package-name-in-project-id-version (empty string) P: ./po/de.mo: no-version-in-project-id-version (empty string) W: ./po/de.mo: no-report-msgid-bugs-to-header-field W: ./po/de.mo: invalid-last-translator (empty string) I: ./po/de.po: boilerplate-in-initial-comments "Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER" I: ./po/de.po: boilerplate-in-initial-comments 'This file is distributed under the same license as the PACKAGE package.' I: ./po/de.po: boilerplate-in-initial-comments 'FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.' I: ./po/de.po: no-package-name-in-project-id-version (empty string) P: ./po/de.po: no-version-in-project-id-version (empty string) W: ./po/de.po: no-report-msgid-bugs-to-header-field W: ./po/de.po: invalid-last-translator (empty string) $ find -type f \( -iname '*.c' -o -iname '*.cc' -o -iname '*.cxx' -o -iname '*.cpp' -o -iname '*.h' -o -iname '*.hh' -o -iname '*.hxx' -o -iname '*.hpp' \) -exec include-what-you-use {} \; <lots> $ license-reconcile FormatSpec: Cannot recognize format: Copyright 2015 Roderick Charles Ian MacKenzie <r.c.i.mackenzie@googlemail.com> at /usr/share/perl5/Debian/LicenseReconcile/App.pm line 222. CopyrightParsing: Parse error: invalid key/value stansa at line 1 of data ("Copyright 2015 Roderick Charles Ian MacKenzie <r.c.i.mackenzie@googlemail.com>"). $ find -type f \( -iname '*.po' -o -iname '*.pot' \) -exec msgfmt --check --check-compatibility --check-accelerators --output-file=/dev/null {} \; <lots> $ find -type f -iname '*.py' -exec pep8 --ignore W191 {} + <lots> $ find -type f -iname '*.py' -exec pyflakes {} + <lots> $ find -type f -iname '*.py' -exec pyflakes3 {} + <lots> $ find -type f -iname '*.py' -exec pylint --msg-template='{path}:{line}:{column}: [{category}:{symbol}] {obj}: {msg}' --reports=n {} + <lots> $ find -type f \( -iname '*.sh' -o -iname '*.bash' -o -iname '*.zsh' \) -exec shellcheck {} + <lots> $ find -type d \( -iname .bzr -o -iname .git -o -iname .hg -o -iname .svn -o -iname CVS -o -iname RCS -o -iname SCCS -o -iname _MTN -o -iname _darcs -o -iname .pc -o -iname .cabal-sandbox -o -iname .cdv -o -iname .metadata -o -iname CMakeFiles -o -iname _build -o -iname _sgbak -o -iname autom4te.cache -o -iname blib -o -iname cover_db -o -iname node_modules -o -iname '~.dep' -o -iname '~.dot' -o -iname '~.nib' -o -iname '~.plst' \) -prune -o -type f ! \( -iname '*.bak' -o -iname '*.swp' -o -iname '#.*' -o -iname '#*#' -o -iname 'core.*' -o -iname '*~' -o -iname '*.gif' -o -iname '*.jpg' -o -iname '*.jpeg' -o -iname '*.png' -o -iname '*.min.js' -o -iname '*.js.map' -o -iname '*.js.min' -o -iname '*.min.css' -o -iname '*.css.map' -o -iname '*.css.min' \) -exec spellintian --picky {} + ... ./gui/qe.py: Efficency -> Efficiency ./inp.c: compatability -> compatibility ./LICENSE: GNU Public Licence -> GNU General Public License ./lang/de_DE/LC_MESSAGES/gpvdm.mo: python -> Python ./make_rpm.sh: automaticly -> automatically ./make_rpm.sh: python -> Python ./po/gpvdm.pot: python -> Python ./po/de.mo: python -> Python ./po/de.po: python -> Python $ suspicious-source ./sim.gpvdm ./lang/de_DE/LC_MESSAGES/gpvdm.mo ./man_pages/gpvdm_core.1.gz ./man_pages/gpvdm.1.gz ./device_lib/silicon.gpvdm ./device_lib/a-silicon.gpvdm ./device_lib/p3htpcbm.gpvdm ./device_lib/cigs.gpvdm ./device_lib/default.gpvdm ./device_lib/oled.gpvdm ./po/de.mo -- bye, pabs https://wiki.debian.org/PaulWise
Attachment:
signature.asc
Description: This is a digitally signed message part