[Pkg-javascript-devel] Components quality plan

[Xavier]

Hi all,

To increase embedding quality and security, I plan to do this:
 * tools for easier embedding (~done in pkg-js-tools >= 0.9.5)
   + add-node-component
   + del-node-component
   + auto_configure: creates component links in node_modules and
                     links between component if needed
   + auto_test     : component are tested if
                     debian/nodejs/<component>/test exists
   + auto_install  : component are installed by default in
                     <module-path>/node_modules/<name>
                     but it is configurable easily
 * fix uscan compression [2]
 * modify uscan DEHS report to display component state [1]
 * fix component display during ucan download [3]
 * create a report page somewhere in debian.org website to display
   which components are embedded, in which version and in which package
 * create a "checksum" addon in version to avoid having too long
   versions (see acorn rejection by dak):
    - target "group": no change (1.2.3+~0.0.1+~2.3.1...)
    - target "ignore": no change
    - new target "checksum": last part of version contains the checksum
                             separate sum of version part:
                             if comp1 is 3.4.2 and comp2 is 11.0.3, then
                             version is 1.2.3+~ck14.4.5

Some other improvements:
 * pkg-js-tools installs automatically in the good place
   (/usr/share/nodejs or /usr/lib/<arch>>/nodejs
 * lintian will warn for each module that installs something in
   /usr/lib/nodejs [4]

[1]: https://salsa.debian.org/debian/devscripts/merge_requests/147
[2]: https://salsa.debian.org/debian/devscripts/merge_requests/149
[3]: https://salsa.debian.org/debian/devscripts/merge_requests/146
[4]: https://salsa.debian.org/lintian/lintian/merge_requests/214
     (merged)