Re: pyrit package
Hi all,
On 03.02.19 18:17, Marcos Fouces wrote:
> Hello Sophie
>
> I already uploaded the repo [0]. I tried to merge all the work on both
> distros (Kali and Debian).
>
> [0] https://salsa.debian.org/pkg-security-team/pyrit.git
an initial review, after having skimmed over the changes:
* I probably would have handled the merges differently, specifically
with regards to the stuff under debian/. There's a back-and-forth
between undoing/ redoing changes that could have been avoided. eg:
commits 4612353b, 9705b0be
Tip: for big changes such as these, it often pays off to explore and
share these on a non-master branch first ;-)
See my proposed strategy at the bottom.
* Other changes, such as the move from PAPT to pkg-security, and the
changes of Vcs-* from PAPT to security, get somewhat lost on the way
by this approach (it looks like a switch from Kali to pkg-security)
* My changes to debian/copyright in 52e9035d got lost
* 05_Fix-minor-spelling-errors.patch could use some more DEP3 headers,
for example Forwarded: yes -- right after having forwarded it, which
is a good practice to do right away ;-)
* In debian/changelog, there's no need for the last line "Restore
changes [resulting from this merge]": d/changelog only documents
changes between package releases, sort of as Release Notes
The change & restore you are referring to only happened within git,
but that's not relevant (or even visible) to someone installing
the package, so they shouldn't be listed
Seeing as master is only a few hours old, and hasn't been tagged yet
(and probably not even seen yet), I'd even consider rebasing master back
to 0.4.0-8 and starting the merge over, on a separate branch, and
(1) Carrying out the upstream switch
(2) Updating upstream to 0.5.1+gitxxx
(3) Merging in parts of Sophie's changes (but eg: keeping out Vcs-*)
(4) Merging in Marcos changes
And when everything is OK, merging the result from this branch into master.
However, I'm not familiar how strict pkg-security is with their repos,
and whether rebasing (even a rather harmless one, as in this case), is
strictly forbidden.
Regards,
Christian
PS: 0.4.0-8 was built successfully everywhere, so it appears that at the
minimum, that version will be in buster.
Reply to: