Bug#782180: unblock pre-approval: apt-zip/0.18+nmu1

To: Axel Beckert <abe@debian.org>, 782180@bugs.debian.org
Cc: Eddy Petrișor <eddy.petrisor@gmail.com>, Giacomo Catenazzi <cate@debian.org>
Subject: Bug#782180: unblock pre-approval: apt-zip/0.18+nmu1
From: Niels Thykier <niels@thykier.net>
Date: Fri, 10 Apr 2015 08:36:18 +0200
Message-id: <[🔎] 55276F62.3050109@thykier.net>
Reply-to: Niels Thykier <niels@thykier.net>, 782180@bugs.debian.org
In-reply-to: <[🔎] 20150410002248.GE3779@sym.noone.org>
References: <[🔎] 20150409022409.3038.94576.reportbug@c-crosser.deuxchevaux.org> <[🔎] 55261E6E.8010905@thykier.net> <[🔎] 20150410002248.GE3779@sym.noone.org>

On 2015-04-10 02:22, Axel Beckert wrote:
> Hi,
> 
> Niels Thykier wrote:
>> If you are interested in keeping apt-zip in Jessie, then please include
>> a fix for #718376 (I promoted it to grave) and also (have the
>> maintainers) commit to maintaining it for Jessie as well.
> 
> JFTR: I've had a closer look at #718376 and now that I understand the
> control flow, I must say that this bug report doesn't look RC to me
> anymore. "This package contains some code to verify .deb files
> in the wget method, but it only handles data.tar.gz deb members, it's
> at least missing support" sounds scary, yes, but isn't:
> 
> [...]
> 
> So IMHO this neither compromises integrity (if that code is run,
> hashsum based integrity checks already have been skipped) nor does it
> abort the script (archive format consistency checks are just skipped
> in case of unknown formats). I'd say either "normal", or "important"
> at most, as it doesn't really cause a "_major_ effect on the usability
> of a package, without rendering it completely unusable to everyone".
> 

Ok, thanks for the analysis.  I have downgraded the bug again.  Though,
my request for commitment still stands.

> I can also say that Guillem's untested patch looks good except that it
> misses the ";;" inside the case statement.
> 

Ack, please follow up to the bug in case you have not already.

> But I've found another issue while faking a missing md5sum command:
> 
> I've tried to fake that by using '[ "`type xmd5sum`" ]' instead of '[
> "`type md5sum`" ]', but unfortunately that test still returns true and
> goes down the md5sum road -- at least in dash (and zsh, but not in
> bash).
> 
> I'm though not yet sure where exactly the bashism is hidden nor what
> impact it has when not trying to fake a missing md5sum while md5sum
> actually is still there.
> 

$ bash -c 'type la 2>/dev/null'
$ dash -c 'type la 2>/dev/null'
la: not found
$

> Will write a separate bug report for the latter issue, probably when
> I've got a proper fix for it.
> 
> 		Regards, Axel
> 

Thanks,
~Niels

Reply to:

References:
- Bug#782180: unblock pre-approval: apt-zip/0.18+nmu1
  - From: Axel Beckert <abe@debian.org>
- Bug#782180: unblock pre-approval: apt-zip/0.18+nmu1
  - From: Niels Thykier <niels@thykier.net>
- Bug#782180: unblock pre-approval: apt-zip/0.18+nmu1
  - From: Axel Beckert <abe@debian.org>

Prev by Date: Bug#782298: unblock: lzlib/1.6-3
Next by Date: Bug#782308: unblock: wesnoth-1.10/1:1.10.7-2
Previous by thread: Bug#782180: unblock pre-approval: apt-zip/0.18+nmu1
Next by thread: Processed: Re: Bug#782180: unblock pre-approval: apt-zip/0.18+nmu1
Index(es):
- Date
- Thread