[pkg] New package: wcc
Raphael Hertzog
hertzog at debian.org
Fri Jun 16 20:31:25 UTC 2017
On Fri, 16 Jun 2017, Philippe Thierry wrote:
> Le 16/06/2017 à 15:55, Raphael Hertzog a écrit :
> > Hello Philippe,
> Hello Raphaël, thanks for the review :)
>
> > On Thu, 25 May 2017, Philippe Thierry wrote:
> > > I've uploaded the wcc package to pkg-security repository:
> > > https://anonscm.debian.org/cgit/pkg-security/wcc.git
> > Here are my comments:
> >
> > 1/ the debian/copyright file looks strange to me, you should not put all
> > files under the same block when they have different licenses applied.
> > Createe one default block for the main code (MIT) and then supplementary
> > blocks for third-party dependencies that are embedded and that have
> > different licenses.
> Yes this project is pretty a mess in term of copyrights. I've updated the
> copyright file to separate the different blocks. There is nearly no more
> License mismatch, but i haven't finished the copyright part. As you can see,
> it's really hard to write this file, because there is nearly all the
> licenses in all the files...
Yeah, it's not really a very enjoyable work. But it's still required.
To ensure you did not do any syntax mistake you can use this command (package
cme):
$ cme check dpkg-copyright
cme: using Dpkg::Copyright model
loading data
Warning in 'Format' value 'http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/': Format uses insecure http protocol instead of https
Warning in 'Files:"*" License short_name' value 'MIT': There are many versions of the MIT license. Please use Expat instead, when it matches. See L<Debian copyright format|https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/#license-specification> and L<wikipedia|https://en.wikipedia.org/wiki/MIT_License#Various_versions>for details.
Warning in 'Files:"src/wsh/luajit-2.0/*" License short_name' value 'MIT': There are many versions of the MIT license. Please use Expat instead, when it matches. See L<Debian copyright format|https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/#license-specification> and L<wikipedia|https://en.wikipedia.org/wiki/MIT_License#Various_versions>for details.
Warning in 'Files:"src/wsh/openlibm/*" License short_name' value 'MIT': There are many versions of the MIT license. Please use Expat instead, when it matches. See L<Debian copyright format|https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/#license-specification> and L<wikipedia|https://en.wikipedia.org/wiki/MIT_License#Various_versions>for details.
Configuration item 'Files:"src/wsh/openlibm/test/test-float.c
src/wsh/openlibm/test/libm-test.c
src/wsh/openlibm/test/test-double.c" Copyright' has a wrong value:
Undefined mandatory value.
> I'm using --git-submodules option from gbp. It's my first package with
> submodules, i don't know if there is a "standard" way to manage it.
Not really, every time I had something like this I usually write a custom
script to create the .orig.tar.gz that I need and I don't rely on the submodules
at all in the git repository.
> I've updated the watch file and how uscan work to clean the pdf files. Yet i
> don't know how to tell uscan how to build an orig tarball with the
> submodules checkouted in it :-/ Its content only contains the master git
> repo content without the pdf files.
You could use the same hook approach that you used in dirb and run "git
submodule update --init" in the hook script to add the missing files.
Ping me when you want me to review the last changes and upload.
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/
More information about the Pkg-security-team
mailing list