Leon,
I reviewed the 0.7.1-1 packaging you posted on mentors.debian.net. I
didn't see any major issues, but maybe some suggestions.
The license is MIT, and debian/copyright has it listed properly.
I think packages often will call out the debian directory in
debian/copyright, even if it matches the upstream license. I don't
know that this is required, but here's an example:
https://salsa.debian.org/xorg-team/lib/libglvnd/-/blob/debian-unstable/debian/copyright#L50
You can also move the license text to a separate section if multiple
sections list the same license. (Like the MIT license in the example
above.)
I did see that `lintian --display-info` prints some issues relating to
fonts in the doc package. From `build-rdeps python3-sphinx-rtd-theme`,
I found the dbus-python package also uses the rtd theme. I notice they
use dh_sphinxdoc, and I wonder if it could be useful for the cglm
package. (And, perhaps fix the lintian note.)
lintian --display-info also flags no-symbols-control-file
usr/lib/x86_64-linux-gnu/libcglm.so.0.0.1. (See dpkg-gensymbols)
lintian --pedantic --display-experimental flags
debian-watch-does-not-check-gpg-signature, but I see upstream doesn't
sign the releases. You could ask upstream to do this, and pointing
them at https://wiki.debian.org/Creating%20signed%20GitHub%20releases
might make it easier for them.
I don't these the info or experimental lintian items would block the
package from debian, since they aren't even at the warning level.
One easy cleanup change for the package would be to run wrap-and-sort.
Do you plan to try to maintain the package going forward? (Watch for
new upstream releases, work on bugs, etc?)
Do you have plans to manage the package files in git, perhaps on
salsa.debian.net? I'm not sure if it is allowed to start using salsa
for a project before it makes it into debian. The salsa FAQ is vague
on this point:
https://wiki.debian.org/Salsa/FAQ#What_can_be_hosted_on_salsa
But I think it is often allowed. I know of at least 2 cases where a
repo was created for a package before it got included into Debian. I
expect some basic review of the package is probably good first, and
perhaps this email can serve for that.
If not salsa.debian.net, you could still host it in a github repo and
include the links to it in the control file. (And, that could move to
salsa later too.)
-Jordan
Some more info, mainly for Thomas to know what I checked.
I looked over https://wiki.debian.org/SponsorChecklist.
I checked the provided orig tarball vs upstream.
I built the package with sbuild.
I looked over the lib, dev and doc packages in the control file and
.deb outputs.
I *did not* use the library with any code, but I did note that the
upstream package has 633 tests which all passed during the sbuild
build.
I ran piuparts, and it reported that all tests passes.
I reviewed each item on https://ftp-master.debian.org/REJECT-FAQ.html:
Serious violations checklist (REJECT-FAQ):
* OpenSSL - not linked => Ok
* CDBS - doesn't use => Ok
* PHP License - MIT license => Ok
* License - upsteam has LICENSE file => Ok
* Transition - Ok
* Experimental Library - not linked => Ok
* Hijack - no => Ok
* Package split
* FTBFSIASW - built with sbuild => Ok
* debian/control breakage #2 - Ok
* Copyright - Ok, with comment
* optionally, could add a separate debian section
* https://salsa.debian.org/xorg-team/lib/libglvnd/-/blob/debian-unstable/debian/copyright#L50
* Need to check for multiple copyright holders
* License II - upsteam has LICENSE file => Ok
* License III - Ok
* Using `licensecheck`, it appears "Recep Aslantas" is the only listed copyright holder
* Non-Main - checked Depends on .deb files, Build-Depends, Recommended manually => Ok
* Non-Main II - Ok
* Package Content - Ok
* Policy Violation -
* manually inspected - looks ok
* lintian reports some font issues at "info" level
* font-in-non-font-package usr/share/doc/libcglm-doc/html/_static/fonts/Lato-Bold.woff2.gz
* and, several more. this appears to come from debian/libcglm-doc.links
* Contents of orig.tar.gz - not being rebuilt; no *.{a,so} => Ok
* Lintian (with --display-info)
* libcglm-dev: capitalization-error-in-description api API
* libcglm-doc: font-in-non-font-package usr/share/doc/**/*.woff2.gz
* libcglm-doc: font-outside-font-dir usr/share/doc/**/*.woff2.gz
* libcglm0: no-symbols-control-file usr/lib/x86_64-linux-gnu/libcglm.so.0.0.1
* rpath - not used => Ok
* Package name - Ok
* Common license - MIT not under common-license => Ok
* Renaming source for DFSG-removals - not dfsg repacked => Ok
* Wrong license pointer - no common-license is used => Ok
* Symbol file wrong - no symbol file currently (but, suggested) => Ok
* Source missing - no missing source => Ok
* Generated files - none seen, or flagged by lintian => Ok
* Package uses waf as build system - autotools => Ok
* Source package missing source - no source missing => Ok
Minor issue checklist (REJECT-FAQ):
* Description - Ok
* Repackage orig.tar.gz - not repacked => Ok
* Native/Non-Native - non-native => Ok
* Multiple versions - only 1 version => Ok
* debian/rules - Ok
* .ex files - Ok
* Standards-Version - Ok
* Manpages - no manpages, but not a requirement
* Useless Settings - Ok
Attachment:
signature.asc
Description: signature