On Tue, 05 Aug 2025 07:37:24 +0100
Phil Wyett <philip.wyett@kathenas.org> wrote:
> Control: tags -1 +moreinfo
>
> I have no decision making athority within the Debian Project. You may
> reject this review if you wish.
>
> Robert,
>
> Review of upload: 2025-08-04 20:57
>
> Test 1 (reproducibility): Information only, not a blocker
>
> * Good
>
> Test 2 (pbuilder build): Information only
>
> * Good
>
> Test 3 (pbuilder build --twice): Information only
>
> * Good
>
> Test 4 (sbuild): Information only
>
> Lintian:
>
> W: editorconfig-geany source: odd-historical-debian-changelog-version
> 1 (for non-native) [debian/changelog:8]
> N:
> N: The version string in a historical changelog entry was not parsed
> N: correctly. Usually, that means it does not conform to policy.
> N:
> N: It can also happen when a package changes from native to
> non-native (or N: the other way around). Historical entries are
> then in a nonconforming N: format.
> N:
> N: As a side note, Lintian cannot tell whether a package changed
> from naive N: to non-native, or the other way around. It can only
> say whether the N: historical changelog entries comply with the
> current nativeness of a N: package.
> N:
> N: Please refer to Version (Section 5.6.12) in the Debian Policy
> Manual for N: details.
> N:
> N: Visibility: warning
> N: Show-Always: no
> N: Check: debian/changelog
> N:
> N:
> I: editorconfig-geany source: debian-watch-file-is-missing
> N:
> N: This source package is not Debian-native but it does not have a
> N: debian/watch file. This file is used for automatic detection of
> new N: upstream versions by the Debian External Health Status
> project and other N: project infrastructure. If this package is
> maintained upstream, please N: consider adding a debian/watch file
> to detect new releases. N:
> N: If the package is not maintained upstream or if upstream uses a
> N: distribution mechanism that cannot be meaningfully monitored by
> uscan and N: the Debian External Health Status project, please
> consider adding a N: debian/watch file containing only comments
> documenting the situation. N:
> N: Please refer to Upstream source location: debian/watch (Section
> 4.11) in N: the Debian Policy Manual and the uscan(1) manual page
> for details. N:
> N: Visibility: info
> N: Show-Always: no
> N: Check: debian/watch
> N:
> N:
> I: editorconfig-geany: hardening-no-bindnow [usr/lib/x86_64-linux-
> gnu/geany/editorconfig-geany.so]
> N:
> N: This package provides an ELF binary that lacks the "bindnow"
> linker flag. N:
> N: This is needed (together with "relro") to make the "Global
> Offset Table" N: (GOT) fully read-only. The bindnow feature trades
> startup time for N: improved security. Please consider enabling
> this feature or consider N: overriding the tag (possibly with a
> comment about why). N:
> N: If you use dpkg-buildflags, you may have to add
> hardening=+bindnow or N: hardening=+all to DEB_BUILD_MAINT_OPTIONS.
> N:
> N: The relevant compiler flags are set in LDFLAGS.
> N:
> N: Please refer to https://wiki.debian.org/Hardening for details.
> N:
> N: Visibility: info
> N: Show-Always: no
> N: Check: binaries/hardening
> N:
> N:
> I: editorconfig-geany: synopsis-is-a-sentence "EditorConfig support
> for Geany." N:
> N: The package synopsis (also known as the "short" description, ie.
> the first N: line in the package's "Description:" field) either
> ends with a full stop N: "." character or starts another sentence.
> N:
> N: This is not necessary as the synopsis does not need to be a full
> sentence. N: It is recommended that a single descriptive phrase is
> used instead. N:
> N: Note also that the synopsis is not part of the rest of the "long"
> N: Description: field.
> N:
> N: Please refer to The package synopsis, or short description
> (Section 6.2.2) N: in the Debian Developer's Reference for details.
> N:
> N: Visibility: info
> N: Show-Always: no
> N: Check: fields/description
> N: Renamed from: description-synopsis-might-not-be-phrased-properly
> N:
> N:
> P: editorconfig-geany source: trailing-whitespace [debian/rules:23]
> N:
> N: This file contains lines with trailing whitespace characters.
> N:
> N: Whilst often harmless and unsightly, such extra whitespaces can
> also cause N: tools to interpret the whitespace characters
> literally. The tool diff(1) N: does not like them, either. They are
> best avoided. N:
> N: Some of these problems can be hard to track down.
> N:
> N: Whitespace at the end of lines may be removed with the following:
> N:
> N: $ sed -i -e 's@[[:space:]]*$@@g' debian/control debian/changelog
> N:
> N: If you use Emacs, you can also use "M-x wh-cl"
> (whitespace-cleanup). N:
> N: However, if you wish to only remove trailing spaces and leave
> trailing N: tabs (eg. for Makefiles), you can use the following
> code snippet: N:
> N: $ sed -i -e 's@[ ]*$@@g' debian/rules
> N:
> N: To remove empty lines from the end of a file, you can use:
> N:
> N: $ sed -i -e :a -e '/^\n*$/{$d;N;};/\n$/ba' debian/rules
> N:
> N: Visibility: pedantic
> N: Show-Always: no
> N: Check: debian/trailing-whitespace
> N: Renamed from: file-contains-trailing-whitespace
>
> Test 5 (ratt): Information only, not a blocker
>
> Note: Possible false positives.
>
> * Good
>
> Test 6 (debian/watch): Information only
>
> No watch file.
>
> Test 7 (licenserecon): Information only
>
> Summary
> =======
>
> Packag is looking promising.
>
> * Some lintian issues to look at and address.
> * Need a 'debian/watch' file.
> * Need upstream metadata.
> * In 'Files: *' section of 'debian/copyright' we have below.
>
> Copyright: 2011-2019 EditorConfig Team
>
> Is it the above team currently working on the project? If yes, the
> date should be updated. If it is others, we would need additional
> entries.
>
> Tags
> ====
>
> If a 'moreinfo' tag has been added to your RFS bug. You can remove
> the tag using the line below at the top of a reply that is supplying
> information and/or indicating a new upload.
>
> Control: tags -1 -moreinfo
>
> Regards
>
> Phil
>
Control: tags -1 -moreinfo
X-Debbugs-CC: pkg-geany-team@lists.alioth.debian.org
New upload available with these changes:
d/control:
- Removed unnecessary `Rules-Requires-Root' as per
recent mailing list discussion
- Removed punctuation from short desc
d/copyright:
- Listed all contributors from git history except members of the
editorconfig GH org -- the aforementioned "EditorConfig Team"
d/watch:
- Added
d/upstream/metadata:
- Added
Lints addressed:
binaries/hardening:
- First upload was (mistakenly) a binary package; latest upload
contains only source
New / Unresolved Lints:
d/control:
- silent-on-rules-requiring-root
Consequence of the change mentioned above; assuming that
'Rules-Requires-Root' really is not needed. Perhaps a lintian override
can be added ...?
d/copyright:
- odd-historical-debian-changelog-version
Since it doesn't refer to a real package version and just confuses
lintian, I would edit the change history to only mention the first
real package version as "Initial"; not sure however if that requires
a source patch, as it would overwrite upstream's original history
d/rules:
- trailing-whitespace
Thought this was fixed, but now see there are still 2 EOLS at end of
the file :(
d/watch:
- debian-watch-contains-dh_make-template
Not sure how to fix (if needed, as warning is informational)
- debian-watch-does-not-check-openpgp-signature
Not sure how to fix
- prefer-uscan-symlink
Ditto
Thanks.
Attachment:
pgpwKA4YArP5B.pgp
Description: OpenPGP digital signature