[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#878268: RFS: streamlink/0.9.0-1 [ITP]



On Thu, Nov 23, 2017 at 5:41 AM, Alexis Murzeau wrote:

> https://mentors.debian.net/debian/pool/main/s/streamlink/streamlink_0.9.0-1.dsc

Here is a review:

These issues need to be resolved before upload:

I think docs/_static/flattr-badge.png is probably non-free. Upstream
stopped using a while ago so it should just get removed from their
repository and the Debian tarball.

These issues would be nice to fix at some point:

There has been a new Debian Policy version since your upload.

Please add some upstream metadata:

https://wiki.debian.org/UpstreamMetadata

Personally, I would drop the last paragraph of the description, or
possibly just the first sentence of the last paragraph of the
description.

It would be nice to have a transitional package that also contains a
symlink to the new name for the binary (assuming that they are
command-line compatible), so that external wrappers for livestreamer
still work with streamlink.

For use_debian_fonts, please note that Roboto Slab is now available in Debian.

Please note that python3-iso3166 is now available in Debian, so you
can switch back to the default.

Please note that python3-pycryptodome is now available in Debian, so
you can switch back to the default.

I'd suggest dropping the override_dh_builddeb for Debian.

It would be nice if the upstream build system would also install the
manual pages and binary in /usr/bin, you might want to send them a
patch.

Automatic checks:

check-all-the-things:

$ codespell --quiet-level=3 .
<lots>

$ env PERL5OPT=-m-lib=. duck
...
I: debian/copyright:90: URL:
http://www.apache.org/licenses/LICENSE-2.0: INFORMATION
(Certainty:possible)
   The web page at http://www.apache.org/licenses/LICENSE-2.0 works,
but is also available via https://www.apache.org/licenses/LICENSE-2.0,
please consider switching to HTTPS urls.

I: debian/copyright:102: URL: http://scripts.sil.org/OFL: INFORMATION
(Certainty:possible)
   The web page at http://scripts.sil.org/OFL works, but is also
available via https://scripts.sil.org/OFL, please consider switching
to HTTPS urls.

$ find . -type f \( -iname '*.ttf' -o -iname '*.otf' -o -iname '*.sfd'
-o -iname '*.pfa' -o -iname '*.pfb' -o -iname '*.bdf' -o -iname '*.pk'
-o -iname '*.ttc' -o -iname '*.pcf' \) -exec
check-font-embedding-restrictions {} +
These fonts in Debian main/contrib have embedding
restrictions, which are not DFSG compatible:

./docs/_themes/sphinx_rtd_theme_violet/static/fonts/FontAwesome.otf: 0x0004
./docs/_themes/sphinx_rtd_theme_violet/static/fonts/fontawesome-webfont.ttf:
0x0004

https://www.microsoft.com/typography/otspec/os2.htm#fst

$ find . -type f \( -iname '*.ttf' -o -iname '*.otf' -o -iname
'*.woff' -o -iname '*.sfd' -o -iname '*.pfa' -o -iname '*.pfb' -o
-iname '*.bdf' -o -iname '*.pk' -o -iname '*.ttc' -o -iname '*.pcf' \)
-exec fontlint {} \;
<lots>

# If you contact the owners of these keys, please point out OpenPGP
best practices:
# https://help.riseup.net/en/security/message-security/openpgp/best-practices
$ find . -type f -iname '*.asc' -exec cat {} + | hot dearmor | hokey lint
...
Checking user-ID- and user-attribute-related items:
  Charlie Drage <charlie@charliedrage.com>:
    Self-sig hash algorithms: [SHA-1]
...
Checking subkeys:
...
  fpr: CDEE D514 4E91 E633 6D0B  59CC 2523 80C9 D3E8 71F7
...
    binding sig hash algorithms: [SHA-1]
...
    cross-cert hash algorithms: [SHA-1]

# check if these can be switched to https://
$ grep -nHrF http: .
<lots>

$ find . -type f -iname '*.py' -exec mypy {} +
<lots>

# This command checks style. While a consistent style
# is a good idea, people who have different style
# preferences will want to ignore some of the output.
# Do not bother adding non-upstreamable patches for this.
$ proselint .
<lots>

# This command checks style. While a consistent style
# is a good idea, people who have different style
# preferences will want to ignore some of the output.
# Do not bother adding non-upstreamable patches for this.
$ find . -type f -iname '*.py' -exec pycodestyle --ignore W191 {} +
<lots>

# This command checks style. While a consistent style
# is a good idea, people who have different style
# preferences will want to ignore some of the output.
# Do not bother adding non-upstreamable patches for this.
$ pydocstyle .
<lots>

$ find . -type f -iname '*.py' -exec pyflakes {} +
$ find . -type f -iname '*.py' -exec pyflakes3 {} +
<lots>

$ find . -type f -iname '*.py' -exec pylint --rcfile=/dev/null
--msg-template='{path}:{line}:{column}: [{category}:{symbol}] {obj}:
{msg}' --reports=n {} +
$ find . -type f -iname '*.py' -exec pylint3 --rcfile=/dev/null
--msg-template='{path}:{line}:{column}: [{category}:{symbol}] {obj}:
{msg}' --reports=n {} +
<lots>

$ python2-bandit -r .
$ python3-bandit -r .
<lots>

$ vulture .
<lots>

$ find . -type d \( -iname .bzr -o -iname .git -o -iname .hg -o -iname
.svn -o -iname CVS -o -iname RCS -o -iname SCCS -o -iname _MTN -o
-iname _darcs -o -iname .pc -o -iname .cabal-sandbox -o -iname .cdv -o
-iname .metadata -o -iname CMakeFiles -o -iname _build -o -iname
_sgbak -o -iname autom4te.cache -o -iname blib -o -iname cover_db -o
-iname node_modules -o -iname '~.dep' -o -iname '~.dot' -o -iname
'~.nib' -o -iname '~.plst' \) -prune -o -type f ! \( -iname '*.bak' -o
-iname '*.swp' -o -iname '#.*' -o -iname '#*#' -o -iname 'core.*' -o
-iname '*~' -o -iname '*.gif' -o -iname '*.jpg' -o -iname '*.jpeg' -o
-iname '*.png' -o -iname '*.min.js' -o -iname '*.js.map' -o -iname
'*.js.min' -o -iname '*.min.css' -o -iname '*.css.map' -o -iname
'*.css.min' -o -iname '*.wav' \) -exec env PERL5OPT=-m-lib=.
spellintian --picky {} +
<lots>

$ grep -nHriE 'fixme|todo|hack|xxx+|broken' .
<lots>

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


Reply to: