Bug#879123: glee: source for configure is missing
Markus Koschany
apo at debian.org
Fri Oct 20 14:22:38 UTC 2017
Am 20.10.2017 um 15:26 schrieb Simon McVittie:
> On Fri, 20 Oct 2017 at 14:36:06 +0200, Markus Koschany wrote:
>> If you insist on severity
>> serious for such a problem, then bug reports with the same severity
>> should be filed against packages
>>
>> a) that do not recreate their build system at build time
>> b) all packages that contain a prebuilt object without corresponding
>> source, even when they are not used to build the package, or used at
>> runtime (like .dll and .exe files)
>
> I don't think those are the same thing at all, and I think trying to
> equate them clouds the issue.
Thanks for your reply. I think we are on the same page. My two points
were exaggerated on purpose meaning I also believe that this topic
deserves a more differentiated point of view which you delivered.
So you are basically saying that the situation for configure scripts is
less clear-cut and you tend to acknowledge that this is a bug but
usually not a release critical one and it also depends on how the
copyright holder is treating the generated file.
What do you make of this specific case now, a modifiable but unused
configure file in a source package? Would you remove this file from one
of your packages given the same circumstances? Is this release-critical
for you?
[...]
>> b) all packages that contain a prebuilt object without corresponding
>> source, even when they are not used to build the package, or used at
>> runtime (like .dll and .exe files)
>
> That's my (3.) above, and I think there is consensus that it is a
> release-critical bug. We remove these objects when we find them.
>
> (If I am wrong about that, then I can stop repacking the Quake series of
> game engines to exclude prebuilt Windows DLLs... but I would not want
> to do that without approval from the ftp team, and the ftp team seem
> highly unlikely to give that approval.)
[...]
Just for clarification: I completely agree that we should remove those
files whenever we can. I have done the same in all of my packages and I
am even more picky when it comes to prebuilt jar files in my Java
packages because there is a real possibility that they are used by
accident during the build process. However I do not think the same
severity is appropriate for Windows files because they are platform
specific and usually are only there for the convenience of upstream's
windows users. They waste disk space but do not impair my freedom.
Looking at
https://lintian.debian.org/tags/source-contains-prebuilt-windows-binary.html
I can still see that we have more than 1000 source packages in the
archive that ship those files. So I think you are not correct if you
claim that we treat them as release-critical bugs at the moment
otherwise I would expect this Lintian tag to be an error not a pedantic
issue.
And this is why it is frustrating for me to read bug reports like this
one, where we have just a modifiable text file but there are arguably
more severe issues right before our eyes. Therefore my plea to use
appropriate severity levels.
Markus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-games-devel/attachments/20171020/a2db2a5a/attachment.sig>
More information about the Pkg-games-devel
mailing list