[Pkg-giraffe-discuss] zarafa-webaccess, rework of the packaging for Debian
Jelle van der Waa
j.vanderwaa at zarafa.com
Fri May 1 18:47:30 UTC 2015
Hi,
Just a quick reply.
> > $ lintian -E ../zarafa-webapp_2.0.2-2_amd64.changes
> > E: zarafa-webapp source: license-problem-bad-php-license debian/copyright
>
> That's a ugly problem, the source is shipping PHP PEAR code and is using
> them. The respective PHP license 2.02 is the thing that lintian is
> warning about. As far as I could see the PEAR thing is used to check the
> quality of the code from Zarafa. If we could skip this all we would drop
> out this issue.
The PEAR XML library is required for parsing the plugins manifest files and the JSON library for PHP versions which didn't have json_encode/json_decode.
I hope to be able to drop the JSON lib in WebApp 2.1.0 and also to get rid of the XML wrapper lib but I can't make any promises here. (it's on my personal wishlist!)
>
> > E: zarafa-webapp source: source-is-missing client/jquery/jquery-1.6.2.min.js
I guess this will be fixed by symlinking to the libjs-jquery package? Should we also ship the non-minified jquery version to follow the debian guidelines? (Easy fix for us to make)
> > E: zarafa-webapp source: source-is-missing plugins/files/resources/flash/player.swf
Yeah, I'd rather see this removed, if I recall correctly it's used for the files plugin to play files. But since it's also a security risk I rather see it removed I think removing it is harmless. (I will create a ticket in our internal tracker)
> > E: zarafa-webapp source: source-is-missing client/tinymce/plugins/media/moxieplayer.swf
> > E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/ext/resources/ext-base.js
> > E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/ext/resources/ext-all.js
> > E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/dot/resources/ext-base.js
> > E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/dot/resources/ext-all.js
> > E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/ext/resources/prettify/prettify.js
> > E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/dot/resources/prettify/prettify.js
Yup these tools are not required to run the webapp, can be removed.
> > X: zarafa-webapp-files: privacy-breach-generic usr/share/zarafa-webapp/plugins/files/js/external/uxmediapak.js (http://go2.microsoft.com/fwlink/?linkid=108181)
I think this is related to movieplayer.swf.
> > E: zarafa-webapp-facebook: privacy-breach-facebook usr/share/zarafa-webapp/plugins/facebook/js/facebook.js
>
> Currently I don't know exactly how to handle this error. Lintian is
> suggesting to remove all external calls to Facebook. But then the plug
> in will be useless. ;)
> Should this package go to non-free (don't know if this is simply
> possible) or completely dropping this package?
I don't think this plugin still works, so I would suggest to not package it, same for twidget.
I hope I've answered some of your open questions!
Jelle
More information about the Pkg-giraffe-discuss
mailing list