Bug#721845: ITP: flashproxy -- ephemeral browser-based pluggable transport for Tor
Hi,
Ximin Luo wrote (07 Jan 2014 17:08:33 GMT) :
> Thanks for the review!
Thank you for packaging flashproxy!
Great that you added DEP-3 headers. I'm not sure if the "This patch
header follows DEP-3" notice is useful, though.
> On 18/12/13 21:42, intrigeri wrote:
>> 3. Please make the package Lintian -clean, if possible in pedantic
>> mode, e.g. like this:
>>
>> lintian --info --display-info --pedantic --color auto *.changes
>>
>> Lintian has good advices for you, e.g. using DEP-3 for the
>> Debian-specific patch to indicate it should not be forwarded
>> upstream :)
>>
> Fixed -
Great!
> The only two left IMO are false positives:
> - debian-watch-file-is-missing: currently N/A, upstream does not release the tarballs
> separately outside of git tags. I work closely enough with upstream that it's not so
> important anyways.
> - using-first-person-in-description: does not exactly apply, "we" used here is descriptive and neutral rather than instructive.
Fair enough. Please add overrides that explain this as
a comment, then.
>> 11. I find it a bit scary not to install the upstream LICENSE file,
>> and to rely on Debian's copyright instead. As soon at the Debian
>> packaging misses an upstream update (and they are *already* in
>> mismatch, actually), then we're violating the upstream license.
>> I recommend installing the upstream LICENSE file.
>>
> Unfortunately that results in a lintian warning: http://lintian.debian.org/tags/extra-license-file.html
> I've fixed LICENSE in a patch anyways, which has also been
> applied upstream.
OK. I've just learnt something, actually. Thanks :)
>> 5. We don't ship software in Debian that has dependencies outside
>> Debian to be useful at all. So, in the current state of things, the
>> node-flashproxy binary package (and its README.Debian) is a no-no.
>> Time to ping Mike Gabriel on #721558 (and offer your help if you
>> wish), perhaps.
>>
>> 12. I have not tested the resulting binary packages with piuparts.
>> I suggest you do it if you can afford it: discovering issues
>> before the QA team knocks at the door is nicer both for them, and
>> for you :)
>>
> I'll deal with these last two points and follow-up to this email.
Cool.
Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
Reply to: