docarray Debian package review

To: Chin Ah Toh <tohc88@outlook.com>
Cc: debian-python <debian-python@lists.debian.org>
Subject: docarray Debian package review
From: Louis-Philippe Véronneau <pollo@debian.org>
Date: Fri, 21 Oct 2022 22:46:29 -0400
Message-id: <[🔎] 4395a9b6-32fc-4d5a-7b3e-e476dc476f9f@debian.org>

Hello,

This is my review of the docarray package you asked the Debian PythonTeam to sponsor in the Debian archive.

1. In d/control, you've specified version restrictions forbuild-dependencies, I guess based on setup.py. Most of those are notneeded, as those versions aren't even in Debian anymore.

For example, you specified python3-setuptools (>= 18.0). The currentversion in Sid is 65.5.0 and even Stretch has 33.1.1.

Version restrictions can be useful for backporting packages, but it'salways a good idea to check if they actually make sense.

2. As explained in d/rules, you are not currently running any testsuite,since it requires packages not currently in the archive.

It is my personal policy not to sponsor packages that do not runupstream tests. Tests are very important, otherwise, how do you know ifyour package hasn't been broken by some change in the archive?

Some other people might not be as rigid as I am on this, but I thoughtyou should know.

3. To me, d/source/local-options, d/source/options andd/source/patch-header look like superfluous files you could remove.

4. docarray/resources/embedding-projector/index.html.gz seems to be anembedded copy of https://projector.tensorflow.org/. This is notsomething that can be done in Debian.

Sadly, it looks like this file is needed to run docarray? I haven't dugvery deep, but that raises a lot of questions with regards to thepossibility of actually packaging this in Debian.

I might be wrong, as I'm not familiar with docarray, but I would beinterested in your reflections on this.


5. d/copyright is incomplete.

A lot of files in docarray/docs/datatypes are not documented ind/copyright properly. I see some non-free images(docs/datatypes/image/complicated-image.jpeg) and some free ones,(docs/datatypes/video/chunk-1.png), but this again raises a red flag for me.

I'd recommend running decopy as a tool to inspect copyright in files.It's not perfect, but it helps.


---------------------

That's it for now! I have not tried building this package, as there weretoo many large flaws I think you should try to address first.


Thanks for your contribution to Debian.

--
  ⢀⣴⠾⠻⢶⣦⠀
  ⣾⠁⢠⠒⠀⣿⡁  Louis-Philippe Véronneau
  ⢿⡄⠘⠷⠚⠋   pollo@debian.org / veronneau.org
  ⠈⠳⣄

Attachment: OpenPGP_0xE1E5457C8BAD4113.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply to:

Prev by Date: numpydoc 1.5.0 available on salsa
Next by Date: Review of Debian package pystray
Previous by thread: numpydoc 1.5.0 available on salsa
Next by thread: Review of Debian package pystray
Index(es):
- Date
- Thread