Re: RFS: ruby-rails-asset-jqueryui

[Balasankar C <balasankarc@autistici.org>]

On ശനി 09 ജനുവരി 2016 10:02 വൈകു, Balasankar C wrote:
> Cool. I'll review and reply. :)

Ok, here is a basic review.

0. You are building the binary libjs-jqueryui also. But there already
exists a package called libjs-jquery-ui . I think that satisfies your need.
1. README.md in the repo contains the patched version which results
quilt push to fail.
2. You mentioned +dfsg in the version. But, what was removed? I can
still see js files in vendor/assets/javascripts. Did you repackage the
source? If yes, how?
3. I can't find any evidence that the package is GPL-2+ licensed. In
fact, the upstream hasn't mentioned any license. Raise an issue
upstream. (If I missed the license info, please share me the link)
4. Once a license has been fixed, you need to redo the d/copyright file.
You need to specify the text of each unique license only once.
5. Also, confirm the licenses (ask upstream) of the images and
stylesheets of vendor/assets directory and mention them in copyright.
6. The synopsis (one line description in d/control) ends with a period.
Remove that. Refer Debian Policy Section 3.4
7. Make the extended description a little more long. Refer Debian Policy
Section 3.4
8. Use latest debhelper compat version - 9. Change debhelper version in
d/control and value 7 to 9 in d/compat
9. Port the tests to latest RSpec3 format. Use the gem transpec for this.
10. Attaching the lintian output I got. Check that and fix the issues
mentioned there (I have mentioned some of those above)

If you need help in any of these (or if I you didn't get me clearly), do
reply. Happy to help. :)

Happy Hacking.
-- 
Regards
Balasankar C
http://balasankarc.in

N: Using profile debian/main.
N: Setting up lab in /tmp/temp-lintian-lab-XX2Hewn2B7 ...
N: Unpacking packages in group ruby-rails-asset-jqueryui/0.0.3+dfsg-1
N: ----
N: Processing changes file ruby-rails-asset-jqueryui (version 0.0.3+dfsg-1, arch source all) ...
N: ----
N: Processing source package ruby-rails-asset-jqueryui (version 0.0.3+dfsg-1, arch source) ...
P: ruby-rails-asset-jqueryui source: source-contains-prebuilt-javascript-object vendor/assets/javascripts/jquery-ui-1.8.16.custom.min.js
N: 
N:    The source tarball contains a prebuilt (minified) JavaScript object.
N:    They are usually left by mistake when generating the tarball by not
N:    cleaning the source directory first. You may want to report this as an
N:    upstream bug, in case there is no sign that this was intended.
N:    
N:    Severity: pedantic, Certainty: possible
N:    
N:    Check: cruft, Type: source
N: 
E: ruby-rails-asset-jqueryui source: source-is-missing vendor/assets/javascripts/jquery-ui-1.8.16.custom.min.js
N: 
N:    The source of the following file is missing. Lintian checked a few
N:    possible paths to find the source, and do not find it.
N:    
N:    Please repack your package to include the source or add it to
N:    "debian/missing-sources" directory.
N:    
N:    If this is a false-positive, please report a bug against Lintian.
N:    
N:    Severity: serious, Certainty: possible
N:    
N:    Check: cruft, Type: source
N: 
P: ruby-rails-asset-jqueryui source: package-uses-old-debhelper-compat-version 7
N: 
N:    The debhelper compatibility version used by this package is marked as
N:    not recommended by the debhelper developer. You may consider using a
N:    recommended compatibility version.
N:    
N:    The compatibility version can be set in (preferred) debian/compat or by
N:    setting and exporting DH_COMPAT in debian/rules. If it is not set in
N:    either place, debhelper defaults to the deprecated compatibility version
N:    1.
N:    
N:    Refer to the debhelper(7) manual page for details.
N:    
N:    Severity: pedantic, Certainty: certain
N:    
N:    Check: debhelper, Type: source
N: 
W: ruby-rails-asset-jqueryui source: dep5-copyright-license-name-not-unique (paragraph at line 19)
N: 
N:    This paragraph defines an already defined license.
N:    
N:    According to the specification, short license names are required to be
N:    unique within a single copyright file.
N:    
N:    Refer to
N:    https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ for
N:    details.
N:    
N:    Severity: normal, Certainty: possible
N:    
N:    Check: source-copyright, Type: source
N: 
W: ruby-rails-asset-jqueryui source: missing-license-paragraph-in-dep5-copyright gpl-2+ (paragraph at line 14)
N: 
N:    The files paragraph in the machine readable copyright file references a
N:    license, for which no standalone license paragraph exists.
N:    
N:    Refer to
N:    https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ for
N:    details.
N:    
N:    Severity: normal, Certainty: possible
N:    
N:    Check: source-copyright, Type: source
N: 
P: ruby-rails-asset-jqueryui source: debian-watch-may-check-gpg-signature
N: 
N:    This watch file does not include a means to verify the upstream tarball
N:    using cryptographic signature.
N:    
N:    If upstream distributions provide such signatures, please use the
N:    pgpsigurlmangle options in this watch file's opts= to generate the URL
N:    of an upstream GPG signature. This signature is automatically downloaded
N:    and verified against a keyring stored in
N:    debian/upstream/signing-key.asc.
N:    
N:    Of course, not all upstreams provide such signatures, but you could
N:    request them as a way of verifying that no third party has modified the
N:    code against their wishes after the release. Projects such as
N:    phpmyadmin, unrealircd, and proftpd have suffered from this kind of
N:    attack.
N:    
N:    Refer to the uscan(1) manual page for details.
N:    
N:    Severity: pedantic, Certainty: certain
N:    
N:    Check: watch-file, Type: source
N: 
N: ----
N: Processing binary package ruby-rails-asset-jqueryui (version 0.0.3+dfsg-1, arch all) ...
P: ruby-rails-asset-jqueryui: no-upstream-changelog
N: 
N:    The package does not install an upstream changelog file. If upstream
N:    provides a changelog, it should be accessible as
N:    /usr/share/doc/<pkg>/changelog.gz.
N:    
N:    It's currently unclear how best to handle multiple binary packages from
N:    the same source. Some maintainers put a copy of the upstream changelog
N:    in each package, but it can be quite long. Some include it in one
N:    package and add symlinks to the other packages, but this requires there
N:    be dependencies between the packages. Some only include it in a
N:    "central" binary package and omit it from more ancillary packages.
N:    
N:    Refer to Debian Policy Manual section 12.7 (Changelog files) for
N:    details.
N:    
N:    Severity: pedantic, Certainty: wild-guess
N:    
N:    Check: changelog-file, Type: binary
N: 
I: ruby-rails-asset-jqueryui: description-synopsis-might-not-be-phrased-properly
N: 
N:    The synopsis (first line in the package "Description:" field, the short
N:    description) ends with a full stop "." character. This is not necessary,
N:    as the synopsis doesn't need to be a full sentence. It is recommended
N:    that a descriptive phrase is used instead.
N:    
N:    Note also that the synopsis is not part of the rest of the
N:    "Description:" field.
N:    
N:    Refer to Debian Developer's Reference section 6.2.2 (The package
N:    synopsis, or short description) for details.
N:    
N:    Severity: minor, Certainty: possible
N:    
N:    Check: description, Type: binary, udeb
N: 
I: ruby-rails-asset-jqueryui: extended-description-is-probably-too-short
N: 
N:    The extended description (the lines after the first line of the
N:    "Description:" field) is only one or two lines long. The extended
N:    description should provide a user with enough information to decide
N:    whether they want to install this package, what it contains, and how it
N:    compares to similar packages. One or two lines is normally not enough to
N:    do this.
N:    
N:    Refer to Debian Developer's Reference section 6.2.1 (General guidelines
N:    for package descriptions) and Debian Developer's Reference section 6.2.3
N:    (The long description) for details.
N:    
N:    Severity: minor, Certainty: possible
N:    
N:    Check: description, Type: binary, udeb
N: 
X: ruby-rails-asset-jqueryui: package-contains-broken-symlink usr/share/ruby-rails-asset-jqueryui/vendor/assets/javascripts/jquery-ui-1.8.16.custom.min.js ../../../../javascript/jquery-ui-1.8.16.custom.min.js
N: 
N:    The package contains a symlink but the destination for the link does not
N:    exist in the package nor in its direct dependencies built from the same
N:    source package.
N:    
N:    Severity: normal, Certainty: wild-guess
N:    
N:    Check: symlinks, Type: binary, udeb
N:    
N:    This tag is marked experimental, which means that the code that
N:    generates it is not as well-tested as the rest of Lintian and might
N:    still give surprising results. Feel free to ignore experimental tags
N:    that do not seem to make sense, though of course bug reports are always
N:    welcome.
N: 
X: ruby-rails-asset-jqueryui: package-contains-broken-symlink usr/share/ruby-rails-asset-jqueryui/vendor/assets/javascripts/jqueryui.js ../../../../javascript/jqueryui.js
N: ----
N: Processing binary package libjs-jqueryui.js (version 0.0.3+dfsg-1, arch all) ...
P: libjs-jqueryui.js: no-upstream-changelog
I: libjs-jqueryui.js: extended-description-is-probably-too-short