Control: owner -1 ! Control: tags -1 + moreinfo On Thursday, July 12 2018, Zebulon McCorkle wrote: > Dear mentors, Hello Zebulon, > I am looking for a sponsor for my package "enchive" > > * Package name : enchive > Version : 3.4-3 > Upstream Author : Christopher Wellons <wellons@nullprogram.com> > * URL : https://github.com/skeeto/enchive > * License : Unlicense > Section : utils > > It builds those binary packages: > > enchive - long-term archive encryption tool > > To access further information about this package, please visit the following URL: > > https://mentors.debian.net/package/enchive > > > Alternatively, one can download the package with dget using this command: > > dget -x https://mentors.debian.net/debian/pool/main/e/enchive/enchive_3.4-3.dsc > > Or from Salsa using this command: > > gbp clone https://salsa.debian.org/zebmccorkle-guest/enchive.git > > More information about hello can be obtained from https://github.com/skeeto/enchive > and https://nullprogram.com/blog/2017/03/12/. Thanks for the package. There are some issues with it that you need to address before we move forward. I'll enumerate them. 1) Under the debian/ directory, you're distributing 3 files that are not needed: debhelper-build-stamp enchive.debhelper.log enchive.substvars If you run dh_clean on your package, you'll see that it removes these files. So please remove them. 2) You're bumping the package version (on d/changelog) every time you make a modification, however, the package hasn't been released yet. Your initial version should always be "3.4-1", even if you have to make modifications. Then, when it's released, you should start bumping the version. 3) I like git-buildpackage and appreciate that you're using a repository to package the software: https://salsa.debian.org/zebmccorkle-guest/enchive However, I noticed that you haven't pushed the "upstream" branch, and therefore it's not possible to use "gbp buildpackage" directly because it can't reconstruct the upstream tarball. Please push this branch. 4) On d/control, Standards-Version should be 4.1.5. 5) Instead of overriding dh_installchangelogs (on d/rules), you can instead create a "debian/docs" file and list whatever files you would like to install. For example, I think it's a good idea to install README.md as well. 6) You need to provide a watch file for the package. 7) On d/copyright, the "Format:" field should use https. 8) On d/copyright, instead of listing all files of the project in the first license specification, you can just use "*" instead. The other license specifications below it will take care of specific cases. 9) While I commend you for choosing to license your work under the debian/ directory with GPLv3+, in this specific case I suggest you relicense it using the project's license (or using a license that is compatible with it). This is useful because sometimes you might want to submit Debian-specific patches to upstream, and if the licenses don't match you'll find yourself in a difficult situation. In your case, either the "Unlicense" public domain license, or the BSD-3-clause license should be fine (but IANAL). 10) Still on d/copyright, the license of the first set of files should be "public-domain", and not "UNLICENSE". The license for src/sha256.h is the same as the one for the .c file, and there's no need to put the "Copyright: Public Domain" text in the "License:" field, so you can have something like: Files: src/sha256.* Copyright: Brad Conte (brad AT bradconte.com) License: public-domain This code is presented "as is" without any guarantees. 11) Please remove the "Disclaimer:" field on d/copyright. 12) The program offers an Emacs mode, and therefore it should be installed. Take a look at how/where to install .el files. Hm, I'll stop here. There are more things I noticed, but let's start with this list first. Let me know if you have any questions. Thanks, -- Sergio GPG key ID: 237A 54B1 0287 28BF 00EF 31F4 D0EB 7628 65FC 5E36 Please send encrypted e-mail if possible http://sergiodj.net/
Attachment:
signature.asc
Description: PGP signature