On Fri, May 11, 2007 at 10:11:23AM +0200, arno wrote: > > Hi, > my key has been signed by a debian developer now. > It is key 0x2701B2B3 available on pgp.mit.edu > > I've uploaded on new version of noscript to mentors to change my email > adress (and also to correct an error I made). OK. I got your key and verified that it is signed by a current Debian Developer. A few things about your package: - First, there has a been a new upstream release as of 5/2/2007, you should update. (Please also see the note below about your changelog.) - The md5sums of the contents of the .orig.tar.gz don't match the md5sums of the contents of the .xpi. (I understand that you had to tar up the .xpi, which is why I did not just check the sums of the .xpi and the .orig.tar.gz. However, the chrome/noscript.jar and install.rdf files differ. The difference in the install.rdf is a single character in a version string. The noscript.jar files differ, but all of their contents are the same. This is just something of which you need to be aware since you must always repackage your upstream release.) - Your changelog needs fixing. You have many entries, when in fact this would be the first one to make it to the archive. Unless you have widely released the package already, you should just have a single changelog entry "Initial release. (Closes: #411403)". - I think you are going the long way about repackaging the upstream release. The uupdate command supports zip files. I think that if you simply download the .xpi, rename it to .zip and use uupdate, it will figure everything out for you. I would play around with that some, as it might save you time in the future. - In your debian/copyright file, the URL which it mentions from where you obtained the software gives a 404. The new URL appears to be https://addons.mozilla.org/firefox/722/ - I really like how you got rid of all the crap sites from the pre-packaged whitelist. However, this might confuse users who come from using this somewhere else. It is best if you add a README.Debian file and make note of which domains which are normally whitelisted that you have removed. - Your debian/rules file is very clean. (It looks much nicer than my first few packages :). - I like that you use dpatch and don't change the package files themselves. Personally, I think the .diff.gz should never touch anything outside of the debian/ directory. - Your watch file works. However, be aware that the site to which you direct it does not have any release listed for more than two months. If you can find a better one, that would be good. I think that since the watch file supports parsing html links, you could point it at the noscript.net download page. There is a "direct download" link on that page. - The package is lintian clean and linda clean. That is excellent. It also passes piuparts. If you do not already do so, make sure that you run these three tools on all your packages. If you fix up these issues, I would be happy to sponsor this package for you. Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
Attachment:
signature.asc
Description: Digital signature