[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1079474: RFS: openscap/1.4.0+dfsg-1 -- libraries enabling integration of the SCAP line of standards - Documentation



Control: tags -1 +confirmed

Havard,

Preamble...

Thank you for taking the time to prepare this package and your contribution
to the Debian project.

The review below is for assistance. This review is offered to help package
submitters to Debian mentors inorder to improve their packages prior to
possible sponsorship into Debian. There is no obligation on behalf of the
submitter to make any alterations based upon information provided in the
review.

Review...

1. Build:

  * pbuilder [1]: Good
  * sbuild [2]: Good

2. Lintian [3]: Good

3. Licenses [4]: Good with learning opportunities for Debian

* Spaces or lack of should be detected.

  Example: License:GPL-3+ (Lack of space should be detected)

* W3C licenses not being handled correctly.

  In openscap the file and edits pre date 2002, so license should be
  'W3C-19980720'.

  https://spdx.org/licenses/W3C-19980720.html

  For all licenses:

  https://spdx.org/licenses/

* 'openscap.spec' license needs fixing upstream.

and so on.

Peter, I think this is a good package to test licenserecon on.

https://tracker.debian.org/pkg/openscap

4. Watch file [uscan --force-download]: Good

5. Build Twice [sudo pbuilder build --twice <package>.dsc]: Good

6. Reproducible builds [5]: Good

7. Install [No previous installs]: Good

8. Upgrade [Over previous installs if any]: Good

Summary...

Package is in good shape.

'debian/copyright' offers some learning opportunities for Debian, thus I am
copying in some people. Any issues are in the archive, thus I feel we should
not block upload of this package currently.

I believe openscap is ready for review/ possible sponsorship. Could a Debian
Developer (DD) with available free time, please review this package and
upload if you feel it is ready.

Regards

Phil

[1] pbuilder:

  * Command: sudo pbuilder build <PACKAGE>.dsc
  * Document: https://wiki.ubuntu.com/PbuilderHowto.
  * Document: https://wiki.debian.org/PbuilderTricks

[2] sbuild:

  * Command: sbuild <PACKAGE>.dsc
  * Document: https://wiki.kathenas.org/pmwiki.php/Kathenas/Article00000002
  * Document: https://wiki.debian.org/sbuild

[3] lintian:

  * Command: lintian -v -i -I -E --pedantic --profile debian (*.dsc,
*.changes, *.buildinfo). Each can throw up different results, so be thorough.
  * Document: https://wiki.debian.org/Lintian

[4] lrc:

  * Command: lrc -t
  * Document: https://wiki.debian.org/CopyrightReviewTools#licenserecon

[5] reprotest

  * Command: sudo reprotest --vary=-build_path,domain_host.use_sudo=1 --auto-
build <PACKAGE>.dsc -- schroot unstable-amd64-sbuild
  * Document: https://wiki.kathenas.org/pmwiki.php/Kathenas/Article00000004
  * Document: https://wiki.debian.org/ReproducibleBuilds/
  * Document: https://wiki.debian.org/ReproducibleBuilds/Howto#Newer_method

-- 

"I play the game for the game’s own sake"

Arthur Conan Doyle - The Adventure of the Bruce-Partington Plans

--

Buy Me A Coffee: https://buymeacoffee.com/kathenasorg

Internet Relay Chat (IRC): kathenas

Matrix: #kathenas:matrix.org

Website: https://kathenas.org

Instagram: https://instagram.com/kathenasorg/

Threads: https://www.threads.net/@kathenasorg

--






Attachment: signature.asc
Description: This is a digitally signed message part


Reply to: