Package with "wrong" homepage

To: debian-qa@lists.debian.org
Subject: Package with "wrong" homepage
From: Davide Prina <davide.prina@gmail.com>
Date: Mon, 8 Mar 2021 21:17:15 +0100
Message-id: <[🔎] 178aa688-ac35-505b-1fdc-af32693e9bf8@gmail.com>

Hi,

I will try to propose a new check to improve Debian Quality :-)

I'm using repology (https://repology.org) to report packages with homepage not work anymore and where I found a possible new home page.

But a lot of what I'm doing can be automatized.

When upstream abandon a home page, the Debian link can be used:
* by attackers to build a fake home page

* by person to register the old home page to have a lot of referralsfrom a lot of GNU/Linux distro, for something totally different

* ...

but also, if upstream change to a new one can cause:
* outdated software in repository
* software based on outdated libraries
* software that seem not be maintained upstream
* removed software from Debian repository for the previous motivations

when, probably, in the new upstream there is the solution of all theseproblems.

For example, for Debian testing, you can see what packages have homepage problems:

https://repology.org/repository/debian_testing/problems

most have point to the htpp URI that is redirect to the htpps one, but alot do not respond anymore or have other problems (for example point toa not more maintained repository, for example goolge code; there arealso some case when not all the certificate chain is validated orsimilar issues).

If you open for a package the repology detail you can see which distroare using with version (note: I see that sometime different distro usethe same package name for different upstream software):

https://repology.org/project/jansi-native/versions

and if you go to the information tab
https://repology.org/project/jansi-native/information

you can see in the "Homepage links" section what home page link all thedistro are using; where a number is in green so that URI is working andmust be checked to know if it is the new home page of that Debian package.


So, for example, in PTS (or in a bug report) can be reported to the DD:
1) that the package home page has some problem
2) a possible solution (in the repology page above)

For all packages that there isn't a possible solution can be created alist (in the wiki, for example) and ask user help to find if there is anew home page.


I wish that can be a good suggestion for the qa team.

I think that repology can also be used for other checks.

Ciao
Davide

--
What happened in 2013 couldn't have happened without free software

(He credited free software for his ability to help disclose the U.S.government's far-reaching surveillance projects).

Edward Snowden

Reply to:

Follow-Ups:
- Re: Package with "wrong" homepage
  - From: Jelmer Vernooĳ <jelmer@debian.org>
- Re: Package with "wrong" homepage
  - From: Paul Wise <pabs@debian.org>

Prev by Date: Re: status of refpolicy package
Next by Date: Re: Package with "wrong" homepage
Previous by thread: Re: status of refpolicy package
Next by thread: Re: Package with "wrong" homepage
Index(es):
- Date
- Thread