[Pkg-giraffe-discuss] zarafa-webaccess, rework of the packaging for Debian

Carsten Schoenert c.schoenert at t-online.de
Fri May 1 19:33:42 UTC 2015 

Hi Jelle,
Am 01.05.2015 um 20:47 schrieb Jelle van der Waa:
> The PEAR XML library is required for parsing the plugins manifest
> files and the JSON library for PHP versions which didn't have
> json_encode/json_decode.
> I hope to be able to drop the JSON lib in WebApp 2.1.0 and also to 
> get rid of the XML wrapper lib but I can't make any promises here.
> (it's on my personal wishlist!)

sound's o.k. for now, thanks.

>>> E: zarafa-webapp source: source-is-missing client/jquery/jquery-1.6.2.min.js
> 
> I guess this will be fixed by symlinking to the libjs-jquery
> package? Should we also ship the non-minified jquery version to
> follow the debian guidelines? (Easy fix for us to make)

No, don't needed, don't care about this issue. I filter this out while
importing the upstream code and make some symlinking into package that
providing this. Debian sid is using version 1.7.2 for libjs-jquery, I
think it's no problem to use a higher version here.

> 
>>> E: zarafa-webapp source: source-is-missing plugins/files/resources/flash/player.swf
> 
> Yeah, I'd rather see this removed, if I recall correctly it's used 
> for the files plugin to play files. But since it's also a security
> risk I rather see it removed I think removing it is harmless. (I will
> create a ticket in our internal tracker)

Right, the security point is a main point from the side of Debian, but
also the non-free source of course. So if you get rid of them and use
HTML5 for playing any content that would be great.

>>> E: zarafa-webapp source: source-is-missing client/tinymce/plugins/media/moxieplayer.swf
> 
>>> E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/ext/resources/ext-base.js
>>> E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/ext/resources/ext-all.js
>>> E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/dot/resources/ext-base.js
>>> E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/dot/resources/ext-all.js
>>> E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/ext/resources/prettify/prettify.js
>>> E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/dot/resources/prettify/prettify.js
> 
> Yup these tools are not required to run the webapp, can be removed.
>  
>>> X: zarafa-webapp-files: privacy-breach-generic usr/share/zarafa-webapp/plugins/files/js/external/uxmediapak.js (http://go2.microsoft.com/fwlink/?linkid=108181)
> 
> I think this is related to movieplayer.swf.

The 'X' marks this lintian tag as experimental so we can ignore this for
now. The M$ link points to a Grafik for SilverLight which is useless on
Linux systems, so somewhere in the minified JS are functions for getting
SilverLight I think. This whole JS package should be dropped for the
Linux packages in my eyes.

>>> E: zarafa-webapp-facebook: privacy-breach-facebook usr/share/zarafa-webapp/plugins/facebook/js/facebook.js
[snip]
> 
> I don't think this plugin still works, so I would suggest to not
> package it, same for twidget.

Ack, as also Guido asked why not drop simply I will do this.

> I hope I've answered some of your open questions!

Yes. :-) Thanks!
Enough to work further.

---
Regards
Carsten Schoenert

More information about the Pkg-giraffe-discuss mailing list