Bug#831829: RFS: self-destructing-cookies/0.4.10-1 [ITP] -- delete cookies and LocalStorage after tabs using them have been closed
On Wed, Jul 20, 2016 at 7:25 AM, Sean Whitton wrote:
> I am looking for a sponsor for my package self-destructing-cookies.
I am willing to sponsor this.
> With this addon installed, Firefox will delete cookies and LocalStorage
> when there are no longer any open tabs using those cookies or
> LocalStorage entries. Sites whose cookies or LocalStorage you want to
> keep may be whitelisted.
Nice. If you are in contact with upstream, it might be interesting to
have the cookies/LocalStorage also restricted to individual tabs or
windows.
> dget -x http://mentors.debian.net/debian/pool/main/s/self-destructing-cookies/self-destructing-cookies_0.4.10-1.dsc
Some questions:
These need to be fixed or clarified before I'll upload:
mozilla-devscripts 0.47 needs to be in unstable (currently just in
buildd-unstable).
Please use Ove's full name in debian/copyright, same as in the upstream code.
There is one file that looks like it might be MPL not GPL-2+
What is JPM? I don't see it used in the build log but the upstream
changelog says it is used during build. Does this mean that you
haven't packaged the actual upstream source, just their generated XPI
file?
Some PNG files might be missing their SVG source, please clarify with
upstream and see the automatic checks section below.
These would be nice to fix/clarify:
package.json says the license is GPL 2 not GPL-2+.
I don't think you need both formats of the upstream changelog in the
binary package.
Please add some upstream metadata: https://wiki.debian.org/UpstreamMetadata
It would be nice if uscan/mk-origtargz would build its repacked
tarballs in a bit-identical/reproducible way. Could you file a bug
about that please?
What is the format of the data that amo-changelog downloads? I think
it would be better to download and store that, then do the conversion
to rst/html at package build time.
I generally don't like those first-run pages for Firefox extensions,
but I guess it is needed in this case.
Automatic checks:
build:
/usr/lib/python2.7/dist-packages/RDF.py:2014: RedlandWarning: Variable
bnodeid1 was bound but is unused in the query
results = Redland.librdf_query_execute(self._query,model._model)
/usr/lib/python2.7/dist-packages/RDF.py:2014: RedlandWarning: Variable
bnodeid2 was bound but is unused in the query
results = Redland.librdf_query_execute(self._query,model._model)
/usr/lib/python2.7/dist-packages/RDF.py:2014: RedlandWarning: Variable
bnodeid1 was bound but is unused in the query
lintian:
P: self-destructing-cookies source: debian-watch-may-check-gpg-signature
check-all-the-things:
# Check with upstream where the Inkscape SVG source files are.
$ find -type f \( -iname '*.png' -o -iname '*.gif' -o -iname '*.jpg'
-o -iname '*.jpeg' \) -exec grep -iF inkscape {} +
Binary file ./icon.png matches
Binary file ./data/toolbar-w.png matches
Binary file ./data/sdc64.png matches
Binary file ./data/toolbar-y.png matches
Binary file ./data/toolbar-ryg.png matches
Binary file ./data/toolbar-r.png matches
Binary file ./data/toolbar-g.png matches
$ codespell --quiet-level=3
./lib/gui-australis.js:315: indentifier ==> identifier
./lib/gui-android.js:169: indentifier ==> identifier
./lib/gui-desktop.js:317: indentifier ==> identifier
./debian/upstream/changelog.html:6: compatiblity ==> compatibility
./debian/upstream/changelog:4: compatiblity ==> compatibility
$ debmake -k
=== debian/copyright checked for 44 data ===
Pattern #00: *
File: bootstrap.js
- GPL-2+
+ MPL-2.0
$ find \( -name .git -o -name .svn -o -name .bzr -o -name CVS -o -name
.hg -o -name _darcs -o -name _FOSSIL_ -o -name .sgdrawer \) -prune -o
-empty -print
./doc/main.md
$ fdupes -q -r . | grep -vE
'/(\.(git|svn|bzr|hg|sgdrawer)|_(darcs|FOSSIL_)|CVS)(/|$)' | cat -s
./icon.png
./data/sdc64.png
# check if these can be switched to https://
$ grep -rF http: .
Binary file ./META-INF/mozilla.rsa matches
./lib/src-smarttab.js: this.tracker.decRefs(URL("http://"; +
active[d]), STYLE_TOP);
./lib/src-smarttab.js: this.tracker.incRefs(URL("http://"; +
active[d]), STYLE_TOP);
./lib/src-smarttab.js: this.tracker.decRefs(URL("http://"; +
expired[d]), STYLE_TOP);
./lib/main.js: var uri = ioService.newURI("http://"; +
(domain.startsWith(".") ? domain.substr(1) : domain), null, null);
./lib/main.js: var uri = ioService.newURI("http://"+domain, null, null);
./lib/main.js: var uri = ioService.newURI("http://"+domain, null, null);
./install.rdf:<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#";
xmlns:em="http://www.mozilla.org/2004/em-rdf#";>
./bootstrap.js: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
./debian/copyright: along with this program. If not, see
<http://www.gnu.org/licenses/>.
$ find -type d \( -iname .bzr -o -iname .git -o -iname .hg -o -iname
.svn -o -iname CVS -o -iname RCS -o -iname SCCS -o -iname _MTN -o
-iname _darcs -o -iname .pc -o -iname .cabal-sandbox -o -iname .cdv -o
-iname .metadata -o -iname CMakeFiles -o -iname _build -o -iname
_sgbak -o -iname autom4te.cache -o -iname blib -o -iname cover_db -o
-iname node_modules -o -iname '~.dep' -o -iname '~.dot' -o -iname
'~.nib' -o -iname '~.plst' \) -prune -o -type f ! \( -iname '*.bak' -o
-iname '*.swp' -o -iname '#.*' -o -iname '#*#' -o -iname 'core.*' -o
-iname '*~' -o -iname '*.gif' -o -iname '*.jpg' -o -iname '*.jpeg' -o
-iname '*.png' -o -iname '*.min.js' -o -iname '*.js.map' -o -iname
'*.js.min' -o -iname '*.min.css' -o -iname '*.css.map' -o -iname
'*.css.min' -o -iname '*.wav' \) -exec env PERL5OPT=-m-lib=.
spellintian --picky {} +
./lib/domstorage.js: api -> API
./debian/watch: debian -> Debian
./debian/upstream/changelog.html: compatiblity -> compatibility
./debian/upstream/changelog: compatiblity -> compatibility
$ grep -riE 'fixme|todo|hack|xxx+|broken' .
./lib/src-simpletab.js: // XXX it works, but it's kludgey. there must
be a better way?
./lib/src-smarttab.js: // XXX it works, but it's kludgey. there must
be a better way?
./lib/main.js: // XXX not while disarmed, but the tracker
will ignore us anyway in this case
./lib/main.js: // XXX domain matches, should we check path
./lib/main.js: // TODO check protocol
./lib/main.js: // XXX assuming that subdomains are automatically whitelisted
./lib/main.js: // TODO STORE_OFFLINE?
./lib/main.js: // TODO we should ignore SessionStorage, but how?
./lib/gui-australis.js: // TODO sort trackers first?
./lib/gui-australis.js: // TODO flash icon
./lib/gui-australis.js: // TODO flash icon
./lib/gui-android.js: // TODO sort trackers first?
./lib/cookietracker.js: // FIXME we really should start from
the tld instead
./lib/gui-desktop.js: // TODO sort trackers first?
./lib/src-pagemod.js: // XXX it works, but it's kludgey. there must
be a better way?
$ uscan --download-current-version --destdir .
uscan: Newest version of self-destructing-cookies on remote site is
0.4.10, specified download version is 0.4.10
uscan warn: Possible OpenPGP signature found at:
https://addons.mozilla.org/firefox/downloads/file/423258/self_destructing_cookies-0.4.10-an+fx.xpi?src=version-history.asc.
Please consider adding opts=pgpsigurlmangle=s/$/.asc/
to debian/watch. see uscan(1) for more details.
--
bye,
pabs
https://wiki.debian.org/PaulWise
Reply to: