[Pkg-giraffe-discuss] zarafa-webaccess, rework of the packaging for Debian

Guido Günther agx at sigxcpu.org
Sat May 2 07:21:28 UTC 2015


On Fri, May 01, 2015 at 08:47:30PM +0200, Jelle van der Waa wrote:
> Hi,
> 
> Just a quick reply.
> 
> > > $ lintian -E ../zarafa-webapp_2.0.2-2_amd64.changes
> > > E: zarafa-webapp source: license-problem-bad-php-license debian/copyright
> > 
> > That's a ugly problem, the source is shipping PHP PEAR code and is using
> > them. The respective PHP license 2.02 is the thing that lintian is
> > warning about. As far as I could see the PEAR thing is used to check the
> > quality of the code from Zarafa. If we could skip this all we would drop
> > out this issue.
> 
> The PEAR XML library is required for parsing the plugins manifest files and the JSON library for PHP versions which didn't have json_encode/json_decode.
> I hope to be able to drop the JSON lib in WebApp 2.1.0 and also to get rid of the XML wrapper lib but I can't make any promises here. (it's on my personal wishlist!)

So we don't need this code in php5 > 5.2 [1] ?

Can we could simply drop it or don't you detect PHP versions
having json_encode/json_decode yet?

Cheers,
 -- Guido

> 
> > 
> > > E: zarafa-webapp source: source-is-missing client/jquery/jquery-1.6.2.min.js
> 
> I guess this will be fixed by symlinking to the libjs-jquery package? Should we also ship the non-minified jquery version to follow the debian guidelines? (Easy fix for us to make)
> 
> > > E: zarafa-webapp source: source-is-missing plugins/files/resources/flash/player.swf
> 
> Yeah, I'd rather see this removed, if I recall correctly it's used for the files plugin to play files. But since it's also a security risk I rather see it removed I think removing it is harmless. (I will create a ticket in our internal tracker)
> 
> > > E: zarafa-webapp source: source-is-missing client/tinymce/plugins/media/moxieplayer.swf
> 
> > > E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/ext/resources/ext-base.js
> > > E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/ext/resources/ext-all.js
> > > E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/dot/resources/ext-base.js
> > > E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/dot/resources/ext-all.js
> > > E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/ext/resources/prettify/prettify.js
> > > E: zarafa-webapp source: source-is-missing tools/resources/ext-doc/template/dot/resources/prettify/prettify.js
> 
> Yup these tools are not required to run the webapp, can be removed.
>  
> > > X: zarafa-webapp-files: privacy-breach-generic usr/share/zarafa-webapp/plugins/files/js/external/uxmediapak.js (http://go2.microsoft.com/fwlink/?linkid=108181)
> 
> I think this is related to movieplayer.swf.
> 
> > > E: zarafa-webapp-facebook: privacy-breach-facebook usr/share/zarafa-webapp/plugins/facebook/js/facebook.js
> > 
> > Currently I don't know exactly how to handle this error. Lintian is
> > suggesting to remove all external calls to Facebook. But then the plug
> > in will be useless. ;)
> > Should this package go to non-free (don't know if this is simply
> > possible) or completely dropping this package?
> 
> I don't think this plugin still works, so I would suggest to not package it, same for twidget.
> 
> I hope I've answered some of your open questions!
> 
> Jelle
> 
> _______________________________________________
> Pkg-giraffe-discuss mailing list
> Pkg-giraffe-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-giraffe-discuss
> 

[1] http://php.net/manual/en/function.json-decode.php



More information about the Pkg-giraffe-discuss mailing list