diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-14 13:42:30 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-14 13:42:30 +0000 |
| commit | 75808db17caf8b960b351e3408e74142f4c85aac (patch) | |
| tree | 7989e9c09a4240248bf4658a22208a0a52d991c4 /tags | |
| parent | Initial commit. (diff) | |
| download | lintian-75808db17caf8b960b351e3408e74142f4c85aac.tar.xz lintian-75808db17caf8b960b351e3408e74142f4c85aac.zip | |
Adding upstream version 2.117.0.upstream/2.117.0upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'tags')
1526 files changed, 15932 insertions, 0 deletions
diff --git a/tags/a/absolute-symbolic-link-target-in-source.tag b/tags/a/absolute-symbolic-link-target-in-source.tag new file mode 100644 index 0000000..593f806 --- /dev/null +++ b/tags/a/absolute-symbolic-link-target-in-source.tag @@ -0,0 +1,11 @@ +Tag: absolute-symbolic-link-target-in-source +Severity: warning +Check: files/symbolic-links +Explanation: This symlink in a patched source tree points to an absolute target. It + happens sometimes when people point toward /dev/null, but that can and should + be done in the installation package instead. It is no problem there. The + source package is considered unanchored and should not contain any absolute + file references. + . + Please remove the symbolic link from the source package or point it to a + location inside the patched source tree. diff --git a/tags/a/absolute-symlink-in-top-level-folder.tag b/tags/a/absolute-symlink-in-top-level-folder.tag new file mode 100644 index 0000000..f4d978b --- /dev/null +++ b/tags/a/absolute-symlink-in-top-level-folder.tag @@ -0,0 +1,15 @@ +Tag: absolute-symlink-in-top-level-folder +Severity: warning +Check: files/symbolic-links +Renamed-From: symlink-should-be-relative +Explanation: Symbolic links to files in the same top-level directory should be + relative. + . + As an example, a link in <code>/usr</code> to another file in <code>/usr</code> + should be relative, while a link in <code>/usr</code> to a file in + <code>/etc</code> should be absolute. + . + With Debhelper, running dh_link after creating the package structure + will fix the issue for you. +See-Also: + debian-policy 10.5 diff --git a/tags/a/acute-accent-in-manual-page.tag b/tags/a/acute-accent-in-manual-page.tag new file mode 100644 index 0000000..a792a28 --- /dev/null +++ b/tags/a/acute-accent-in-manual-page.tag @@ -0,0 +1,18 @@ +Tag: acute-accent-in-manual-page +Severity: info +Check: documentation/manual +Renamed-From: acute-accent-in-manpage +Explanation: This manual page uses the <code>\'</code> groff + sequence. Usually, the intent is to generate an apostrophe, but that + sequence actually renders as an acute accent. + . + For an apostrophe or a single closing quote, use plain <code>'</code>. + For single opening quote, i.e. a straight downward line <code>'</code> + like the one used in shell commands, use <code>'\(aq'</code>. + . + In case this tag was emitted for the second half of a + <code>'\\'</code> sequence, this is indeed no acute accent, but still + wrong: A literal backslash should be written <code>\e</code> in the + groff format, i.e. a <code>'\\'</code> sequence needs to be changed + to <code>'\e'</code> which also won't trigger this tag. +See-Also: Bug#554897, Bug#507673, Bug#966803 diff --git a/tags/a/add-component-copyright.tag b/tags/a/add-component-copyright.tag new file mode 100644 index 0000000..a8bffc6 --- /dev/null +++ b/tags/a/add-component-copyright.tag @@ -0,0 +1,13 @@ +Tag: add-component-copyright +Severity: info +Check: debian/copyright/dep5/components +Explanation: The sources ship an extra <code>orig</code> component, but the + named <code>debian/copyright</code> file lacks a separate entry for it. + . + Tarballs usually include a COPYING or LICENSE file, or a shipping manifest + of some kind. It is good practice to list those license terms separately in + our copyright files. +See-Also: + uscan(1), + Bug#915181, + Bug#915384 diff --git a/tags/a/adduser-with-home-var-run.tag b/tags/a/adduser-with-home-var-run.tag new file mode 100644 index 0000000..4f8c9c6 --- /dev/null +++ b/tags/a/adduser-with-home-var-run.tag @@ -0,0 +1,6 @@ +Tag: adduser-with-home-var-run +Severity: warning +Check: maintainer-scripts/adduser +Explanation: {pre,post}inst script calls adduser --home /var/run, should be /run. + Examples for such packages include pesign, pulseaudio and openssh-server. +See-Also: Bug#760422 diff --git a/tags/a/adopted-extended-field.tag b/tags/a/adopted-extended-field.tag new file mode 100644 index 0000000..eed0b31 --- /dev/null +++ b/tags/a/adopted-extended-field.tag @@ -0,0 +1,17 @@ +Tag: adopted-extended-field +Severity: info +Check: debian/control/field/adopted +Renamed-From: + xc-package-type-in-debian-control + xs-testsuite-field-in-debian-control + xs-vcs-field-in-debian-control +Explanation: A field in <code>debian/control</code> has an extension prefix + but is also known without it. + . + Extension prefixes like <code>XS-*</code> or <code>XC-*</code> allow + experimental fields to propagate to the right place when packages are + built with <code>dpkg</code>. In this case, however, the field is + also known without the prefix. In all likelihood the field was permanently + adopted, and <code>dpkg</code> learned how to deal with it. + . + Please consider removing the extension prefix for the field name. diff --git a/tags/a/alien-tag.tag b/tags/a/alien-tag.tag new file mode 100644 index 0000000..731a66a --- /dev/null +++ b/tags/a/alien-tag.tag @@ -0,0 +1,7 @@ +Tag: alien-tag +Severity: error +Show-Always: yes +Check: debian/lintian-overrides/mystery +Explanation: The given override refers to an unknown tag. +See-Also: + lintian-manual 2.4.1 diff --git a/tags/a/alternates-not-allowed.tag b/tags/a/alternates-not-allowed.tag new file mode 100644 index 0000000..8482c90 --- /dev/null +++ b/tags/a/alternates-not-allowed.tag @@ -0,0 +1,6 @@ +Tag: alternates-not-allowed +Severity: error +Check: fields/package-relations +Explanation: Only the "Depends", "Recommends", "Suggests" and "Pre-Depends" + fields may specify alternate dependencies using the "|" symbol. +See-Also: debian-policy 7.1 diff --git a/tags/a/alternatively-build-depends-on-python-sphinx-and-python3-sphinx.tag b/tags/a/alternatively-build-depends-on-python-sphinx-and-python3-sphinx.tag new file mode 100644 index 0000000..7d3f775 --- /dev/null +++ b/tags/a/alternatively-build-depends-on-python-sphinx-and-python3-sphinx.tag @@ -0,0 +1,12 @@ +Tag: alternatively-build-depends-on-python-sphinx-and-python3-sphinx +Severity: warning +Check: languages/python +Explanation: This package alternatively Build-Depends on the Python 2 or Python 3 + version of the Sphinx documentation generator. + . + The 2.x series of Python is due for deprecation and will not be maintained + by upstream past 2020 and will likely be dropped after the release of + Debian "buster". + . + Please replace the alternative with a single build dependency on + <code>python3-sphinx</code>. diff --git a/tags/a/ambiguous-paragraph-in-dep5-copyright.tag b/tags/a/ambiguous-paragraph-in-dep5-copyright.tag new file mode 100644 index 0000000..0882a45 --- /dev/null +++ b/tags/a/ambiguous-paragraph-in-dep5-copyright.tag @@ -0,0 +1,17 @@ +Tag: ambiguous-paragraph-in-dep5-copyright +Severity: warning +Check: debian/copyright/dep5 +Explanation: The paragraph has both <code>License</code> and + <code>Copyright</code> fields, but no <code>Files</code> field. The paragraph + is technically valid according to the DEP 5 specification, but it is probably + a mistake. + . + If the paragraph is a "stand-alone" license paragraph, the <code>Copyright</code> + field is not needed. If it is, on the other hand, "files" paragraph, the + <code>Files</code> field is missing. + . + The <code>Files</code> field was at some point optional in some circumstances + but is now mandatory in all "files" paragraphs. +See-Also: + Bug#652380, + https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ diff --git a/tags/a/ancient-libtool.tag b/tags/a/ancient-libtool.tag new file mode 100644 index 0000000..bdcbba4 --- /dev/null +++ b/tags/a/ancient-libtool.tag @@ -0,0 +1,24 @@ +Tag: ancient-libtool +Severity: warning +Check: build-systems/autotools/libtool +Explanation: The referenced file seems to be from a libtool version older than + 1.5.2-2. This might lead to build errors on some newer architectures not + known to this libtool. + . + Please ask your upstream maintainer to re-libtoolize the package or do it + yourself if there is no active upstream. You will also need to run + Autoconf to regenerate the configure script. Usually it is best to do + this during the build by depending on autoconf, libtool, and automake if + it is used, and then running: + . + autoreconf -i --force + . + before running configure. Depending on how old the package is, this may + require additional modifications to <code>configure.ac</code> or + <code>configure.in</code> or other work. If you do this during the build, + determine which files it will add or update and be sure to remove those + files in the clean target. + . + If you have fixed architecture-specific issues with minimal patches, + rather than updating libtool, and verified that it builds correctly, + please override this tag. Lintian will not be able to verify that. diff --git a/tags/a/ancient-python-version-field.tag b/tags/a/ancient-python-version-field.tag new file mode 100644 index 0000000..69b6729 --- /dev/null +++ b/tags/a/ancient-python-version-field.tag @@ -0,0 +1,15 @@ +Tag: ancient-python-version-field +Severity: warning +Check: languages/python +See-Also: python-policy 3.4 +Explanation: The control fields <code>Python-Version</code> and + <code>Python3-Version</code> show the Python versions your package + supports, but the Python version listed here predates the current + "oldstable" distribution. There is no need to list it. + . + Please drop or update the named version. + . + When removing a version, please check <code>debian/rules</code> and + <code>debian/tests/*</code> for any use of <code>py3versions -r</code>. + Without a <code>Python3-Version</code> field, that program falls back to + all supported versions, which may not be what you want. diff --git a/tags/a/ansi-escape.tag b/tags/a/ansi-escape.tag new file mode 100644 index 0000000..23648e2 --- /dev/null +++ b/tags/a/ansi-escape.tag @@ -0,0 +1,4 @@ +Tag: ansi-escape +Severity: warning +Check: fields/terminal-control +Explanation: A control field contains an ANSI terminal escape code. diff --git a/tags/a/anticipated-repack-count.tag b/tags/a/anticipated-repack-count.tag new file mode 100644 index 0000000..00ee172 --- /dev/null +++ b/tags/a/anticipated-repack-count.tag @@ -0,0 +1,13 @@ +Tag: anticipated-repack-count +Severity: info +Check: fields/version/repack/count +Explanation: The version contains the string <code>+dfsgN</code> + where <code>N</code> is a low number as in <code>+dfsg1</code>. + . + Normally it is not necessary to repackage an upstream source package more than + once. You can omit the repack count. In most cases <code>+dfsg-1</code> is + enough. + . + If you really need to bump it, just go straight to <code>+dfsg2-1</code>. +See-Also: + https://lists.debian.org/debian-devel/2021/10/msg00026.html diff --git a/tags/a/apache2-configuration-files-need-conf-suffix.tag b/tags/a/apache2-configuration-files-need-conf-suffix.tag new file mode 100644 index 0000000..2102ad3 --- /dev/null +++ b/tags/a/apache2-configuration-files-need-conf-suffix.tag @@ -0,0 +1,6 @@ +Tag: apache2-configuration-files-need-conf-suffix +Severity: error +Check: apache2 +Explanation: The package is installing an Apache2 configuration but that file does not + end with a '<code>.conf</code>' suffix. Starting with Apache2 2.4 all configuration + files except module '<code>.load</code>' files need that suffix or are ignored otherwise. diff --git a/tags/a/apache2-deprecated-auth-config.tag b/tags/a/apache2-deprecated-auth-config.tag new file mode 100644 index 0000000..a60d581 --- /dev/null +++ b/tags/a/apache2-deprecated-auth-config.tag @@ -0,0 +1,15 @@ +Tag: apache2-deprecated-auth-config +Severity: warning +Check: apache2 +Explanation: The package is using some of the deprecated authentication configuration + directives Order, Satisfy, Allow, Deny, <Limit> or <LimitExcept> + . + These do not integrate well with the new authorization scheme of Apache + 2.4 and, in the case of <Limit> and <LimitExcept> have confusing + semantics. The configuration directives should be replaced with a suitable + combination of <RequireAll>, <RequireAny>, Require all, Require local, + Require ip, and Require method. + . + Alternatively, the offending lines can be wrapped between + <IfModule !mod_authz_core.c> ... </IfModule> or + <IfVersion < 2.3> ... </IfVersion> directives. diff --git a/tags/a/apache2-module-does-not-depend-on-apache2-api.tag b/tags/a/apache2-module-does-not-depend-on-apache2-api.tag new file mode 100644 index 0000000..50b9218 --- /dev/null +++ b/tags/a/apache2-module-does-not-depend-on-apache2-api.tag @@ -0,0 +1,7 @@ +Tag: apache2-module-does-not-depend-on-apache2-api +Severity: error +Check: apache2 +Explanation: The package is an Apache2 HTTPD server module but does not declare a + strong binary relation against the Apache2 server binary it links against. Modules + must depend on the <code>apache2-api-YYYYMMNN</code> package provided as a virtual + package by <code>apache2-bin</code>. diff --git a/tags/a/apache2-module-does-not-ship-load-file.tag b/tags/a/apache2-module-does-not-ship-load-file.tag new file mode 100644 index 0000000..7ce22cc --- /dev/null +++ b/tags/a/apache2-module-does-not-ship-load-file.tag @@ -0,0 +1,9 @@ +Tag: apache2-module-does-not-ship-load-file +Severity: error +Check: apache2 +Explanation: The package is an Apache2 HTTPD server module but does not ship a + "<code>.load</code>" file or it was installed under an unexpected name. The load + files in "<code>/etc/apache2/mods-available</code>" are required to interact with + the server package to enable and disable the module and must match the module + name without "<code>mod_</code> prefix, e.g. <code>mod_foo</code> must ship a load file + named "<code>foo.load</code>". diff --git a/tags/a/apache2-reverse-dependency-calls-invoke-rc.d.tag b/tags/a/apache2-reverse-dependency-calls-invoke-rc.d.tag new file mode 100644 index 0000000..5aa2389 --- /dev/null +++ b/tags/a/apache2-reverse-dependency-calls-invoke-rc.d.tag @@ -0,0 +1,8 @@ +Tag: apache2-reverse-dependency-calls-invoke-rc.d +Severity: warning +Check: apache2 +Explanation: The package is invoking apache2's init script in its maintainer script + albeit it shouldn't do so. Reverse dependencies installing apache2 + configuration pieces should not restart the web server unconditionally in + maintainer scripts. Instead they should be using apache2-maintscript-helper + which correctly obeys local policies. diff --git a/tags/a/apache2-reverse-dependency-calls-wrapper-script.tag b/tags/a/apache2-reverse-dependency-calls-wrapper-script.tag new file mode 100644 index 0000000..fbec349 --- /dev/null +++ b/tags/a/apache2-reverse-dependency-calls-wrapper-script.tag @@ -0,0 +1,8 @@ +Tag: apache2-reverse-dependency-calls-wrapper-script +Severity: warning +Check: apache2 +Explanation: The package is calling an Apache2 configuration wrapper script (e.g. + <code>a2enmod</code>, <code>a2enconf</code>, <code>a2enconf</code>, ...). Maintainer + scripts should not be calling these scripts directly. To achieve a uniform and + consolidated behavior these scripts should be invoked indirectly by using + apache2-maintscript-helper. diff --git a/tags/a/apache2-reverse-dependency-ships-file-in-not-allowed-directory.tag b/tags/a/apache2-reverse-dependency-ships-file-in-not-allowed-directory.tag new file mode 100644 index 0000000..b530f75 --- /dev/null +++ b/tags/a/apache2-reverse-dependency-ships-file-in-not-allowed-directory.tag @@ -0,0 +1,7 @@ +Tag: apache2-reverse-dependency-ships-file-in-not-allowed-directory +Severity: error +Check: apache2 +Explanation: The package installs a piece of Apache2 configuration to + <code>/etc/apache2/{sites,mods,conf}-enabled</code>. This is not allowed. Instead + the respective <code>/etc/apache2/{sites,mods,conf}-available</code> counterparts + must be used. diff --git a/tags/a/apache2-reverse-dependency-uses-obsolete-directory.tag b/tags/a/apache2-reverse-dependency-uses-obsolete-directory.tag new file mode 100644 index 0000000..5f62dd4 --- /dev/null +++ b/tags/a/apache2-reverse-dependency-uses-obsolete-directory.tag @@ -0,0 +1,7 @@ +Tag: apache2-reverse-dependency-uses-obsolete-directory +Severity: warning +Check: apache2 +Explanation: The package is installing a file into the obsolete + <code>/etc/apache2/conf.d/</code> directory. This file is not read by the Apache2 + 2.4 web server anymore. Instead <code>/etc/apache2/conf-available/</code> should be + used. diff --git a/tags/a/apache2-unparsable-dependency.tag b/tags/a/apache2-unparsable-dependency.tag new file mode 100644 index 0000000..d796ebd --- /dev/null +++ b/tags/a/apache2-unparsable-dependency.tag @@ -0,0 +1,7 @@ +Tag: apache2-unparsable-dependency +Severity: warning +Check: apache2 +Explanation: The package is declaring a module dependency within an Apache + configuration file which does not meet the requirements. Dependencies must be + declared without paths, leading "<code>mod_</code>" prefix and without file + extension. diff --git a/tags/a/apache2-unsupported-dependency.tag b/tags/a/apache2-unsupported-dependency.tag new file mode 100644 index 0000000..040e36c --- /dev/null +++ b/tags/a/apache2-unsupported-dependency.tag @@ -0,0 +1,7 @@ +Tag: apache2-unsupported-dependency +Severity: warning +Check: apache2 +Explanation: The package is declaring a module dependency within an Apache + configuration file which is not supported there. Dependencies are supported in + module '<code>.load</code>' files, and web application '<code>.conf</code>' files, + conflicts in '<code>.load</code> files only. diff --git a/tags/a/application-in-library-section.tag b/tags/a/application-in-library-section.tag new file mode 100644 index 0000000..144a81f --- /dev/null +++ b/tags/a/application-in-library-section.tag @@ -0,0 +1,15 @@ +Tag: application-in-library-section +Severity: info +Check: application-not-library +Experimental: yes +Explanation: This package contains a binary in $PATH but is in a section just + thought for libraries. It likely should be in another section like + e.g. utils, text, devel, misc, etc., but not in e.g. perl, ruby or + python. + . + People tend to skip these package sections when looking for + applications in the package list and hence wouldn't notice this + package. + . + In case the program in $PATH is only a helper tool and the package is + primarily a library, please add a Lintian override for this tag. diff --git a/tags/a/appstream-metadata-in-legacy-location.tag b/tags/a/appstream-metadata-in-legacy-location.tag new file mode 100644 index 0000000..86c2c17 --- /dev/null +++ b/tags/a/appstream-metadata-in-legacy-location.tag @@ -0,0 +1,6 @@ +Tag: appstream-metadata-in-legacy-location +Severity: warning +Check: appstream-metadata +See-Also: https://wiki.debian.org/AppStream/Guidelines +Explanation: AppStream metadata file was found in /usr/share/appdata/. The + AppStream XML files should be placed in /usr/share/metainfo/. diff --git a/tags/a/appstream-metadata-invalid.tag b/tags/a/appstream-metadata-invalid.tag new file mode 100644 index 0000000..cafc77b --- /dev/null +++ b/tags/a/appstream-metadata-invalid.tag @@ -0,0 +1,6 @@ +Tag: appstream-metadata-invalid +Severity: error +Check: appstream-metadata +See-Also: https://wiki.debian.org/AppStream/Guidelines +Explanation: The specified AppStream metadata file does not consist of + valid XML. diff --git a/tags/a/appstream-metadata-legacy-format.tag b/tags/a/appstream-metadata-legacy-format.tag new file mode 100644 index 0000000..ddf8173 --- /dev/null +++ b/tags/a/appstream-metadata-legacy-format.tag @@ -0,0 +1,12 @@ +Tag: appstream-metadata-legacy-format +Severity: error +Check: appstream-metadata +See-Also: + https://wiki.debian.org/AppStream/Guidelines, + https://www.freedesktop.org/software/appstream/docs/chap-Metadata.html#sect-Metadata-GenericComponent +Explanation: The AppStream metadata contains the obsolete root node + <code><application></code>. It was used in a legacy format. + The application metadata for your package should follow the new + format described on freedesktop.org. + . + You can validate draft formats with 'appstreamcli validate'. diff --git a/tags/a/appstream-metadata-malformed-modalias-provide.tag b/tags/a/appstream-metadata-malformed-modalias-provide.tag new file mode 100644 index 0000000..6a04993 --- /dev/null +++ b/tags/a/appstream-metadata-malformed-modalias-provide.tag @@ -0,0 +1,7 @@ +Tag: appstream-metadata-malformed-modalias-provide +Severity: warning +Check: appstream-metadata +See-Also: https://wiki.debian.org/AppStream/Guidelines +Explanation: The modalias matching rule in the AppStream metadata file is + malformed. Hexadecimal numbers in vendor and product IDs must be + upper case. diff --git a/tags/a/appstream-metadata-missing-modalias-provide.tag b/tags/a/appstream-metadata-missing-modalias-provide.tag new file mode 100644 index 0000000..d3d8112 --- /dev/null +++ b/tags/a/appstream-metadata-missing-modalias-provide.tag @@ -0,0 +1,8 @@ +Tag: appstream-metadata-missing-modalias-provide +Severity: warning +Check: appstream-metadata +See-Also: https://wiki.debian.org/AppStream/Guidelines +Explanation: This package contain a udev rule for providing device access to + the console user (using the uaccess udev TAG) or to members of the + plugdev file group without announcing the hardware support using + AppStream. diff --git a/tags/a/arch-dep-package-has-big-usr-share.tag b/tags/a/arch-dep-package-has-big-usr-share.tag new file mode 100644 index 0000000..4583b58 --- /dev/null +++ b/tags/a/arch-dep-package-has-big-usr-share.tag @@ -0,0 +1,13 @@ +Tag: arch-dep-package-has-big-usr-share +Severity: info +Check: huge-usr-share +Explanation: The package has a significant amount of architecture-independent + data (over 4MB, or over 2MB and more than 50% of the package) in + <code>/usr/share</code> but is an architecture-dependent package. This is + wasteful of mirror space and bandwidth since it means distributing + multiple copies of this data, one for each architecture. + . + If the data in <code>/usr/share</code> is not architecture-independent, this + is a Policy violation that should be fixed by moving the data elsewhere + (usually <code>/usr/lib</code>). +See-Also: developer-reference 6.7.5 diff --git a/tags/a/arch-dependent-file-in-usr-share.tag b/tags/a/arch-dependent-file-in-usr-share.tag new file mode 100644 index 0000000..4b24a87 --- /dev/null +++ b/tags/a/arch-dependent-file-in-usr-share.tag @@ -0,0 +1,6 @@ +Tag: arch-dependent-file-in-usr-share +Severity: error +Check: binaries/location +Explanation: This package installs an ELF binary in the <code>/usr/share</code> + hierarchy, which is reserved for architecture-independent files. +See-Also: filesystem-hierarchy usrsharearchitectureindependentdata diff --git a/tags/a/arch-dependent-file-not-in-arch-specific-directory.tag b/tags/a/arch-dependent-file-not-in-arch-specific-directory.tag new file mode 100644 index 0000000..ca0be6d --- /dev/null +++ b/tags/a/arch-dependent-file-not-in-arch-specific-directory.tag @@ -0,0 +1,6 @@ +Tag: arch-dependent-file-not-in-arch-specific-directory +Severity: error +Check: binaries/location +Explanation: This package is Multi-Arch "same", but it installs an ELF binary in the + directory that is not architecture-specific. +See-Also: https://wiki.ubuntu.com/MultiarchSpec diff --git a/tags/a/arch-independent-package-contains-binary-or-object.tag b/tags/a/arch-independent-package-contains-binary-or-object.tag new file mode 100644 index 0000000..63ffedb --- /dev/null +++ b/tags/a/arch-independent-package-contains-binary-or-object.tag @@ -0,0 +1,9 @@ +Tag: arch-independent-package-contains-binary-or-object +Severity: error +Check: binaries/architecture +Explanation: The package contains a binary or object file but is tagged + Architecture: all. + . + If this package contains binaries or objects for cross-compiling or + binary blobs for other purposes independent of the host architecture + (such as BIOS updates or firmware), please add a Lintian override. diff --git a/tags/a/arch-wildcard-in-binary-package.tag b/tags/a/arch-wildcard-in-binary-package.tag new file mode 100644 index 0000000..9e5ce0b --- /dev/null +++ b/tags/a/arch-wildcard-in-binary-package.tag @@ -0,0 +1,7 @@ +Tag: arch-wildcard-in-binary-package +Severity: error +Check: fields/architecture +Explanation: Architecture wildcards, including the special architecture value + "any", do not make sense in a binary package. A binary package must + either be architecture-independent or built for a specific architecture. +See-Also: debian-policy 5.6.8 diff --git a/tags/a/architecture-escape.tag b/tags/a/architecture-escape.tag new file mode 100644 index 0000000..d10430d --- /dev/null +++ b/tags/a/architecture-escape.tag @@ -0,0 +1,13 @@ +Tag: architecture-escape +Severity: info +Check: files/hierarchy/links +Explanation: The named link is located in an architecture-specific load + path for the dynamic linker but points to a general folder in the path. + . + Packages should install public shared libraries into an + architecture-specific load path instead of using a link. +See-Also: + Bug#243158, + Bug#964111, + Bug#971707, + Bug#968525 diff --git a/tags/a/archive-liberty-mismatch.tag b/tags/a/archive-liberty-mismatch.tag new file mode 100644 index 0000000..506c86e --- /dev/null +++ b/tags/a/archive-liberty-mismatch.tag @@ -0,0 +1,13 @@ +Tag: archive-liberty-mismatch +Severity: error +Check: archive/liberty/mismatch +Renamed-From: + section-area-mismatch +Explanation: The <code>debian/control</code> file places the named installation + package in a different archive area (<code>main</code>, <code>contrib</code>, + <code>non-free</code>) than the source or the other installation packages. + . + A source and all installation packages produced from it must be in the + same archive area, except that sources in <code>main</code> may produce + installation packages in <code>contrib</code> as long as they also produce + installation packages in <code>main</code>. diff --git a/tags/a/aspell-package-not-arch-all.tag b/tags/a/aspell-package-not-arch-all.tag new file mode 100644 index 0000000..fffdf40 --- /dev/null +++ b/tags/a/aspell-package-not-arch-all.tag @@ -0,0 +1,8 @@ +Tag: aspell-package-not-arch-all +Severity: warning +Check: fields/architecture +Explanation: This package appears to be an aspell dictionary package, but it is + not Architecture: all. The binary hashes should be built at install-time + by calling aspell-autobuildhash, so the contents of the package should be + architecture-independent. +See-Also: aspell-autobuildhash(8) diff --git a/tags/a/autotools-pkg-config-macro-not-cross-compilation-safe.tag b/tags/a/autotools-pkg-config-macro-not-cross-compilation-safe.tag new file mode 100644 index 0000000..b1b4cda --- /dev/null +++ b/tags/a/autotools-pkg-config-macro-not-cross-compilation-safe.tag @@ -0,0 +1,10 @@ +Tag: autotools-pkg-config-macro-not-cross-compilation-safe +Severity: warning +Check: build-systems/autotools +Explanation: The package appears to use <code>AC_PATH_PROG</code> to discover the + location of <code>pkg-config(1)</code>. This macro fails to select the correct + version to support cross-compilation. + . + A better way would be to use the <code>PKG_PROG_PKG_CONFIG</code> macro from + <code>pkg.m4</code> and then using the <code>$PKG_CONFIG</code> shell variable. +See-Also: Bug#884798 diff --git a/tags/b/backgrounded-test-command.tag b/tags/b/backgrounded-test-command.tag new file mode 100644 index 0000000..3e0dec1 --- /dev/null +++ b/tags/b/backgrounded-test-command.tag @@ -0,0 +1,25 @@ +Tag: backgrounded-test-command +Severity: error +Check: testsuite +Explanation: + This package declares a <code>Test-Command</code> that backgrounds + itself with an ampersand. That is not a good idea. + . + In the <code>autopkgtest</code> framework, the return value determines + whether a test was successful. It is therefore fundamental to the + testing process. Unfortunately, that value is being ignored here. + . + This test only fails when a message printed to <code>stderr</code> + wins a race with the <code>autopkgtest</code> harness. While that + may result in an accurate (but unreliable) detection of some test + failures, a review of archive-wide <code>autopkgtest</code> data + shows no failures for backgrounded test commands. + . + Many incidents of this tag are based on a faulty command that invokes + <code>xvfb-run</code> for GUI programs. It was likely adopted from an + existing package. + . + Please drop the ampersand at the end of the <code>Test-Command</code>. +See-Also: + Bug#988591, + https://ci.debian.net/doc/ diff --git a/tags/b/backports-changes-missing.tag b/tags/b/backports-changes-missing.tag new file mode 100644 index 0000000..c8a091f --- /dev/null +++ b/tags/b/backports-changes-missing.tag @@ -0,0 +1,8 @@ +Tag: backports-changes-missing +Severity: info +Check: fields/distribution +Explanation: The changes file only has changelog entries from a single version. It + is recommended for backports to include all changes since (old)stable or + the previous backport. This can be done by adding the '-v' option to the + build with the appropriate version. +See-Also: http://backports.debian.org/Contribute/, Bug#785084 diff --git a/tags/b/backports-upload-has-incorrect-version-number.tag b/tags/b/backports-upload-has-incorrect-version-number.tag new file mode 100644 index 0000000..b8e9edd --- /dev/null +++ b/tags/b/backports-upload-has-incorrect-version-number.tag @@ -0,0 +1,7 @@ +Tag: backports-upload-has-incorrect-version-number +Severity: error +Check: fields/distribution +Explanation: The version number doesn't comply with the standard backport version + rules. It should end in ~bpoX+N, where X is the release version number of + the target distribution. +See-Also: http://backports.debian.org/Contribute/ diff --git a/tags/b/backup-file-in-package.tag b/tags/b/backup-file-in-package.tag new file mode 100644 index 0000000..c30af74 --- /dev/null +++ b/tags/b/backup-file-in-package.tag @@ -0,0 +1,6 @@ +Tag: backup-file-in-package +Severity: warning +Check: files/unwanted +Explanation: There is a file in the package whose name matches the format emacs + or vim uses for backup and autosave files. It may have been installed by + accident. diff --git a/tags/b/bad-distribution-in-changes-file.tag b/tags/b/bad-distribution-in-changes-file.tag new file mode 100644 index 0000000..93b0f1c --- /dev/null +++ b/tags/b/bad-distribution-in-changes-file.tag @@ -0,0 +1,12 @@ +Tag: bad-distribution-in-changes-file +Severity: error +Check: fields/distribution +Explanation: You've specified an unknown target distribution for your upload in + the <code>debian/changelog</code> file. It is possible that you are uploading + for a different distribution than the one Lintian is checking for. In + that case, passing --profile $VENDOR may fix this warning. + . + Note that the distributions <code>non-free</code> and <code>contrib</code> are no + longer valid. You'll have to use distribution <code>unstable</code> and + <code>Section: non-free/xxx</code> or <code>Section: contrib/xxx</code> instead. +See-Also: debian-policy 5.6.14 diff --git a/tags/b/bad-exception-format-in-dep5-copyright.tag b/tags/b/bad-exception-format-in-dep5-copyright.tag new file mode 100644 index 0000000..7731110 --- /dev/null +++ b/tags/b/bad-exception-format-in-dep5-copyright.tag @@ -0,0 +1,10 @@ +Tag: bad-exception-format-in-dep5-copyright +Severity: warning +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: The โLicenseโ field contains a short name with a bad exception + format. According to specification format of exception is: + shortlicencename with exceptionname exception. + . + If more than one exception applies to a single license, + an arbitrary short name must be used instead. diff --git a/tags/b/bad-homepage.tag b/tags/b/bad-homepage.tag new file mode 100644 index 0000000..9edbbcd --- /dev/null +++ b/tags/b/bad-homepage.tag @@ -0,0 +1,8 @@ +Tag: bad-homepage +Severity: warning +Check: fields/homepage +Explanation: The "Homepage:" field in this package's control file does not + contain a valid absolute URL. Most probably you forgot to specify + the scheme (e.g. http). + . + This tag is also triggered if the scheme is not known by Lintian. diff --git a/tags/b/bad-intended-distribution.tag b/tags/b/bad-intended-distribution.tag new file mode 100644 index 0000000..d374420 --- /dev/null +++ b/tags/b/bad-intended-distribution.tag @@ -0,0 +1,6 @@ +Tag: bad-intended-distribution +Severity: info +Check: debian/changelog +Experimental: yes +Explanation: The last changelog entry implies this version is not for release. + Instead it should specify the distribution it is to be uploaded to. diff --git a/tags/b/bad-jar-name.tag b/tags/b/bad-jar-name.tag new file mode 100644 index 0000000..cc73868 --- /dev/null +++ b/tags/b/bad-jar-name.tag @@ -0,0 +1,9 @@ +Tag: bad-jar-name +Severity: warning +Check: languages/java +Explanation: The package ships the specified "public" Jar file under + <code>/usr/share/java/</code>, but the name does not correspond to Java policy + guidelines. This can cause tools in the Debian Java toolchain to fail. +See-Also: + java-policy 2.4, + Bug#976681 diff --git a/tags/b/bad-menu-file-name.tag b/tags/b/bad-menu-file-name.tag new file mode 100644 index 0000000..16c3d3f --- /dev/null +++ b/tags/b/bad-menu-file-name.tag @@ -0,0 +1,7 @@ +Tag: bad-menu-file-name +Severity: error +Check: menus +Explanation: The package installs a file as <code>/usr/lib/menu/menu</code>, but that + location is reserved for the <code>menu</code> package. + . + Menu files should be named after the package that installs them. diff --git a/tags/b/bad-menu-item.tag b/tags/b/bad-menu-item.tag new file mode 100644 index 0000000..66547b1 --- /dev/null +++ b/tags/b/bad-menu-item.tag @@ -0,0 +1,5 @@ +Tag: bad-menu-item +Severity: error +Check: fields/installer-menu-item +Explanation: The field <code>Installer-Menu-Item</code> should only contain + positive integer values. diff --git a/tags/b/bad-owner-for-doc-file.tag b/tags/b/bad-owner-for-doc-file.tag new file mode 100644 index 0000000..2e52880 --- /dev/null +++ b/tags/b/bad-owner-for-doc-file.tag @@ -0,0 +1,4 @@ +Tag: bad-owner-for-doc-file +Severity: error +Check: documentation +Explanation: Documentation files should be owned by <code>root/root</code>. diff --git a/tags/b/bad-package-name.tag b/tags/b/bad-package-name.tag new file mode 100644 index 0000000..6eaa195 --- /dev/null +++ b/tags/b/bad-package-name.tag @@ -0,0 +1,7 @@ +Tag: bad-package-name +Severity: error +Check: fields/package +Explanation: A package name should be at least two characters long, must consist + of the alphanumerics and "+" "-" and ".", and must start with an + alphanumeric character. +See-Also: debian-policy 5.6.7 diff --git a/tags/b/bad-perm-for-file-in-etc-sudoers.d.tag b/tags/b/bad-perm-for-file-in-etc-sudoers.d.tag new file mode 100644 index 0000000..a1f4d40 --- /dev/null +++ b/tags/b/bad-perm-for-file-in-etc-sudoers.d.tag @@ -0,0 +1,6 @@ +Tag: bad-perm-for-file-in-etc-sudoers.d +Severity: error +Check: files/permissions +Explanation: Files in /etc/sudoers.d/ must be 0440 or sudo will refuse to + parse them. +See-Also: Bug#588831, Bug#576527 diff --git a/tags/b/bad-permissions-for-ali-file.tag b/tags/b/bad-permissions-for-ali-file.tag new file mode 100644 index 0000000..97ca85e --- /dev/null +++ b/tags/b/bad-permissions-for-ali-file.tag @@ -0,0 +1,12 @@ +Tag: bad-permissions-for-ali-file +Severity: warning +Check: files/permissions +See-Also: debian-policy 8.4 +Explanation: Ada Library Information (*.ali) files are required to be read-only + (mode 0444) by GNAT. + . + If at least one user can write the *.ali file, GNAT considers whether + or not to recompile the corresponding source file. Such recompilation + would fail because normal users don't have write permission on the + files. Moreover, such recompilation would defeat the purpose of + library packages, which provide *.a and *.so libraries to link against). diff --git a/tags/b/bad-permissions-for-etc-cron.d-script.tag b/tags/b/bad-permissions-for-etc-cron.d-script.tag new file mode 100644 index 0000000..476aa29 --- /dev/null +++ b/tags/b/bad-permissions-for-etc-cron.d-script.tag @@ -0,0 +1,5 @@ +Tag: bad-permissions-for-etc-cron.d-script +Severity: error +Check: cron +Explanation: Files in <code>/etc/cron.d</code> are configuration files for cron and not + scripts. Thus, they should not be marked executable. diff --git a/tags/b/bad-permissions-for-etc-emacs-script.tag b/tags/b/bad-permissions-for-etc-emacs-script.tag new file mode 100644 index 0000000..b907c35 --- /dev/null +++ b/tags/b/bad-permissions-for-etc-emacs-script.tag @@ -0,0 +1,5 @@ +Tag: bad-permissions-for-etc-emacs-script +Severity: error +Check: emacs +Explanation: Files in the <code>/etc/emacs*</code> directories should not be marked + executable. diff --git a/tags/b/bad-provided-package-name.tag b/tags/b/bad-provided-package-name.tag new file mode 100644 index 0000000..71f14d7 --- /dev/null +++ b/tags/b/bad-provided-package-name.tag @@ -0,0 +1,7 @@ +Tag: bad-provided-package-name +Severity: error +Check: fields/package-relations +Explanation: A package name should be at least two characters long, must consist + of the alphanumerics (lowercase characters only) and "+" "-" and ".", and + must start with an alphanumeric character. +See-Also: debian-policy 5.6.7 diff --git a/tags/b/bad-relation.tag b/tags/b/bad-relation.tag new file mode 100644 index 0000000..66168d9 --- /dev/null +++ b/tags/b/bad-relation.tag @@ -0,0 +1,6 @@ +Tag: bad-relation +Severity: error +Check: fields/package-relations +Explanation: The package declares a relationship that could not be parsed according + to the rules given in the Policy Manual. +See-Also: debian-policy 7.1 diff --git a/tags/b/bad-section-in-changes-file.tag b/tags/b/bad-section-in-changes-file.tag new file mode 100644 index 0000000..00077c7 --- /dev/null +++ b/tags/b/bad-section-in-changes-file.tag @@ -0,0 +1,7 @@ +Tag: bad-section-in-changes-file +Severity: error +Check: changes-file +Explanation: The sections <code>non-free</code> and <code>contrib</code> are no longer + valid. Please use section <code>non-free/xxx</code> or + <code>contrib/xxx</code> instead. +See-Also: debian-policy 2.4 diff --git a/tags/b/bad-so-link-within-manual-page.tag b/tags/b/bad-so-link-within-manual-page.tag new file mode 100644 index 0000000..9781ac5 --- /dev/null +++ b/tags/b/bad-so-link-within-manual-page.tag @@ -0,0 +1,7 @@ +Tag: bad-so-link-within-manual-page +Severity: error +Check: documentation/manual +Explanation: Manual files that use the .so links to include other pages should + only point to a path relative to the top-level manual hierarchy, e.g. + . + <code>.so man3/boo.1.gz</code> diff --git a/tags/b/bad-test-in-menu-item.tag b/tags/b/bad-test-in-menu-item.tag new file mode 100644 index 0000000..c8c00f0 --- /dev/null +++ b/tags/b/bad-test-in-menu-item.tag @@ -0,0 +1,9 @@ +Tag: bad-test-in-menu-item +Severity: error +Check: menu-format +Explanation: The <code>menu</code> file contains an item that does not start + with the required text <code>?package(somepackage):</code>. + . + All menu file lines must test for the existence of a package in that way. +See-Also: + menu-manual 3.2 diff --git a/tags/b/bad-urgency-in-changes-file.tag b/tags/b/bad-urgency-in-changes-file.tag new file mode 100644 index 0000000..2dc45fb --- /dev/null +++ b/tags/b/bad-urgency-in-changes-file.tag @@ -0,0 +1,9 @@ +Tag: bad-urgency-in-changes-file +Severity: error +Check: fields/urgency +Explanation: The keyword value of the "Urgency" field in the .changes file is not + one of the allowed values of low, medium, high, critical, and emergency + (case-insensitive). This value normally taken from the first line of the + most recent entry in <code>debian/changelog</code>, which is probably where + the error is. +See-Also: debian-policy 5.6.17 diff --git a/tags/b/bad-version-in-relation.tag b/tags/b/bad-version-in-relation.tag new file mode 100644 index 0000000..8b1b43b --- /dev/null +++ b/tags/b/bad-version-in-relation.tag @@ -0,0 +1,6 @@ +Tag: bad-version-in-relation +See-Also: debian-policy 5.6.12 +Severity: error +Check: fields/package-relations +Explanation: The version number used in this relationship does not match the + defined format of a version number. diff --git a/tags/b/bad-version-number.tag b/tags/b/bad-version-number.tag new file mode 100644 index 0000000..7b94629 --- /dev/null +++ b/tags/b/bad-version-number.tag @@ -0,0 +1,5 @@ +Tag: bad-version-number +Severity: error +Check: fields/version +Explanation: The version number fails one of the syntactic requirements of dpkg. +See-Also: debian-policy 5.6.12 diff --git a/tags/b/bad-whatis-entry.tag b/tags/b/bad-whatis-entry.tag new file mode 100644 index 0000000..0c4c823 --- /dev/null +++ b/tags/b/bad-whatis-entry.tag @@ -0,0 +1,18 @@ +Tag: bad-whatis-entry +Severity: warning +Check: documentation/manual +Renamed-From: manpage-has-bad-whatis-entry +Explanation: A manual page should start with a <code>NAME</code> section, which + lists the program name and a brief description. The <code>NAME</code> + section is used to generate a database that can be queried by commands + like <code>apropos</code> and <code>whatis</code>. You are seeing this tag + because <code>lexgrog</code> was unable to parse the <code>NAME</code> section. + . + Manual pages for multiple programs, functions, or files should list each + separated by a comma and a space, followed by <code>\-</code> and a common + description. + . + Listed items may not contain any spaces. A manual page for a two-level + command such as <code>fs listacl</code> must look like <code>fs_listacl</code> + so the list is read correctly. +See-Also: lexgrog(1), groff_man(7), groff_mdoc(7) diff --git a/tags/b/bash-completion-with-hashbang.tag b/tags/b/bash-completion-with-hashbang.tag new file mode 100644 index 0000000..f36a3e5 --- /dev/null +++ b/tags/b/bash-completion-with-hashbang.tag @@ -0,0 +1,9 @@ +Tag: bash-completion-with-hashbang +Severity: warning +Check: shell/bash/completion +Explanation: This file starts with the #! sequence that marks interpreted scripts, + but it is a bash completion script that is merely intended to be sourced. + . + Please remove the line with hashbang, including any designated interpreter. +See-Also: + https://salsa.debian.org/lintian/lintian/-/merge_requests/292#note_139494 diff --git a/tags/b/bash-term-in-posix-shell.tag b/tags/b/bash-term-in-posix-shell.tag new file mode 100644 index 0000000..ea13328 --- /dev/null +++ b/tags/b/bash-term-in-posix-shell.tag @@ -0,0 +1,17 @@ +Tag: bash-term-in-posix-shell +Severity: info +Check: shell/non-posix/bash-centric +Explanation: This script is marked as running under <code>/bin/sh</code>, but it seems + to use a feature found in bash but not in the SUSv3 or POSIX shell + specification. + . + Some examples are: + . + - <code>==</code> in a test, it should use <code>=</code> instead + - <code>read</code> without a variable in the argument + - <code>function</code> to define a function + - <code>source</code> instead of <code>.</code> + - <code>. command args</code>, passing arguments to commands via <code>source</code> is not supported + - <code>{foo,bar}</code> instead of <code>foo bar</code> + - <code>[[ test ]]</code> instead of <code>[ test ]</code> (requires a Korn shell) + - <code>type</code> instead of <code>which</code> or <code>command -v</code> diff --git a/tags/b/bin-sbin-mismatch.tag b/tags/b/bin-sbin-mismatch.tag new file mode 100644 index 0000000..2dc0ea3 --- /dev/null +++ b/tags/b/bin-sbin-mismatch.tag @@ -0,0 +1,17 @@ +Tag: bin-sbin-mismatch +Severity: info +Check: files/contents +Experimental: yes +Explanation: The package installs a binary under <code>/usr/sbin</code> or + <code>/sbin</code> but the specified file or maintainer script appears to + incorrectly reference it under <code>/usr/bin</code> or <code>/bin</code>. + . + This is likely due to the maintainer identifying that the package + requires root privileges or similar and thus installing the files to + the <code>sbin</code> variant, but the package has not been comprehensively + or completely updated to match. + . + For ELF files, false positives could be related to the <code>SHF_MERGE</code> + option to <code>ld</code>. The option saves space by providing different + start indices into the same static location in object files. + Unfortunately, the sub-string information is lost in that process. diff --git a/tags/b/binaries-have-file-conflict.tag b/tags/b/binaries-have-file-conflict.tag new file mode 100644 index 0000000..a5c111c --- /dev/null +++ b/tags/b/binaries-have-file-conflict.tag @@ -0,0 +1,10 @@ +Tag: binaries-have-file-conflict +Severity: warning +Check: group-checks +Experimental: no +Explanation: The binaries appears to have overlapping files without proper + conflicts relation. + . + Note the check is completely based on the file index for the + packages. Possible known false-positives include dpkg-diverts in + maintainer scripts. diff --git a/tags/b/binary-arch-rules-but-pkg-is-arch-indep.tag b/tags/b/binary-arch-rules-but-pkg-is-arch-indep.tag new file mode 100644 index 0000000..8de0142 --- /dev/null +++ b/tags/b/binary-arch-rules-but-pkg-is-arch-indep.tag @@ -0,0 +1,6 @@ +Tag: binary-arch-rules-but-pkg-is-arch-indep +Severity: warning +Check: debian/rules +Explanation: It looks like you try to run code in the binary-arch target of + <code>debian/rules</code>, even though your package is architecture- + independent. diff --git a/tags/b/binary-compiled-with-profiling-enabled.tag b/tags/b/binary-compiled-with-profiling-enabled.tag new file mode 100644 index 0000000..8d4f537 --- /dev/null +++ b/tags/b/binary-compiled-with-profiling-enabled.tag @@ -0,0 +1,7 @@ +Tag: binary-compiled-with-profiling-enabled +Severity: warning +Check: binaries/profiling +Explanation: Profiling is useful for testing and debugging, but running + this program will leave around files named <code>gmon.out</code>. + . + You should probably disable profiling, or perhaps override the tag. diff --git a/tags/b/binary-file-built-without-LFS-support.tag b/tags/b/binary-file-built-without-LFS-support.tag new file mode 100644 index 0000000..d9e2c2a --- /dev/null +++ b/tags/b/binary-file-built-without-LFS-support.tag @@ -0,0 +1,38 @@ +Tag: binary-file-built-without-LFS-support +Severity: info +Check: binaries/large-file-support +Experimental: yes +Explanation: The listed ELF binary appears to be (partially) built without + "Large File Support" (LFS). If so, it may not be able to handle large + files or files with large metadata values, such as inode numbers, correctly. + . + To support large files, code review might be needed to make sure that + those files are not slurped into memory or mmap(2)ed, and that correct + 64-bit data types are used (ex: <code>off_t</code> instead of <code>ssize_t</code>), etc. Once + that has been done ensure <code>_FILE_OFFSET_BITS</code> is defined and + set to 64 before any system headers are included (note that on systems + were the ABI has LFS enabled by default, setting <code>_FILE_OFFSET_BITS</code> + to 64 will be a no-op, and as such optional). This can be done by using + the <code>AC_SYS_LARGEFILE</code> macro with autoconf which will set any + macro required to enable LFS when necessary, or by enabling the + <code>lfs</code> feature from the <code>future</code> dpkg-buildflags feature + area which sets the <code>CPPFLAGS</code> variable (since dpkg-dev 1.19.0). + Note though, that <code>getconf LFS_CFLAGS</code> must not be used, + as it does not support cross-building. Using + <code>_FILE_OFFSET_BITS</code> should require no system function renames (eg. + from open(2) to open64(2)), and if this tag is still emitted, the most + probable cause is because the macro is not seen by the system code being + compiled. + . + Take into account that even if this tag is not emitted, that does not + mean the binary is LFS-safe (ie. no OOM conditions, file truncation + or overwrite will happen). + . + Also note that enabling LFS on a shared library is not always safe as + it might break ABI in case some of the exported types change size, in + those cases a SOVERSION bump might be required. Or alternatively, on + systems with an ABI without LFS, defining <code>_LARGEFILE64_SOURCE</code> + and exporting both 32 and 64-bit variants of the interfaces can avoid + the SOVERSION bump, at the cost of more complex maintenance. +See-Also: http://www.unix.org/version2/whatsnew/lfs20mar.html, + https://www.gnu.org/software/libc/manual/html_node/Feature-Test-Macros.html diff --git a/tags/b/binary-from-other-architecture.tag b/tags/b/binary-from-other-architecture.tag new file mode 100644 index 0000000..780b63a --- /dev/null +++ b/tags/b/binary-from-other-architecture.tag @@ -0,0 +1,7 @@ +Tag: binary-from-other-architecture +Severity: error +Check: binaries/architecture/other +Explanation: This ELF binary appears to have been built for an architecture other + than the one of the binary package being tested. This may occur when a + pre-built binary is shipped in the package or when an attempt to + cross-compile didn't work. diff --git a/tags/b/binary-has-unneeded-section.tag b/tags/b/binary-has-unneeded-section.tag new file mode 100644 index 0000000..5ed4ead --- /dev/null +++ b/tags/b/binary-has-unneeded-section.tag @@ -0,0 +1,11 @@ +Tag: binary-has-unneeded-section +Severity: info +Check: binaries +Explanation: The binary or shared library is stripped, but still contains a + section that is not useful. You should call strip with + <code>--remove-section=.comment --remove-section=.note</code> to remove the + <code>.note</code> and <code>.comment</code> sections. + . + <code>dh_strip</code> will do this automatically for you, but + <code>install -s</code> will not because it calls strip without any + arguments. diff --git a/tags/b/binary-in-etc.tag b/tags/b/binary-in-etc.tag new file mode 100644 index 0000000..8e3f4d7 --- /dev/null +++ b/tags/b/binary-in-etc.tag @@ -0,0 +1,6 @@ +Tag: binary-in-etc +Severity: error +Check: binaries/location +Explanation: This package installs an ELF binary in <code>/etc</code>. The + Filesystem Hierarchy Standard forbids it. +See-Also: filesystem-hierarchy etchostspecificsystemconfiguration diff --git a/tags/b/binary-nmu-debian-revision-in-source.tag b/tags/b/binary-nmu-debian-revision-in-source.tag new file mode 100644 index 0000000..7f72994 --- /dev/null +++ b/tags/b/binary-nmu-debian-revision-in-source.tag @@ -0,0 +1,9 @@ +Tag: binary-nmu-debian-revision-in-source +Severity: warning +Check: fields/version +See-Also: developer-reference 5.10.2.1 +Explanation: The version number of your source package ends in +b and a number or + has a Debian revision containing three parts. These version numbers are + used by binary NMUs and should not be used as the source version. (The + +b form is the current standard; the three-part version number now + obsolete.) diff --git a/tags/b/binary-package-depends-on-toolchain-package.tag b/tags/b/binary-package-depends-on-toolchain-package.tag new file mode 100644 index 0000000..73b484d --- /dev/null +++ b/tags/b/binary-package-depends-on-toolchain-package.tag @@ -0,0 +1,9 @@ +Tag: binary-package-depends-on-toolchain-package +Severity: warning +Check: fields/package-relations +Explanation: This package specifies a binary dependency on a "toolchain" package + such as debhelper or cdbs. This is likely to be a mistake; these + packages are typically specified as build-dependencies instead. + . + If the package intentionally requires such a dependency, please add a + Lintian override with a justifying remark. diff --git a/tags/b/binary-with-bad-dynamic-table.tag b/tags/b/binary-with-bad-dynamic-table.tag new file mode 100644 index 0000000..eea6e30 --- /dev/null +++ b/tags/b/binary-with-bad-dynamic-table.tag @@ -0,0 +1,10 @@ +Tag: binary-with-bad-dynamic-table +Severity: error +Check: binaries/corrupted +Explanation: This appears to be an ELF file. According to readelf, the + program headers suggests it should have a dynamic section, but + readelf cannot find it. + . + If it is meant to be external debugging symbols for another file, + it should be installed under /usr/lib/debug. Otherwise, this + could be a corrupt ELF file. diff --git a/tags/b/bogus-mail-host-in-debian-changelog.tag b/tags/b/bogus-mail-host-in-debian-changelog.tag new file mode 100644 index 0000000..d345573 --- /dev/null +++ b/tags/b/bogus-mail-host-in-debian-changelog.tag @@ -0,0 +1,6 @@ +Tag: bogus-mail-host-in-debian-changelog +Severity: error +Check: debian/changelog +Renamed-From: debian-changelog-file-contains-invalid-email-address +Explanation: The changelog file contains an invalid email address: the domain + needs at least one dot. This looks like a mistake. diff --git a/tags/b/bogus-mail-host.tag b/tags/b/bogus-mail-host.tag new file mode 100644 index 0000000..6474bbc --- /dev/null +++ b/tags/b/bogus-mail-host.tag @@ -0,0 +1,12 @@ +Tag: bogus-mail-host +Severity: error +Check: fields/mail-address +Renamed-From: + maintainer-address-is-on-localhost + uploader-address-is-on-localhost + changed-by-address-is-on-localhost +Explanation: The host part of the named contact address is not known or not + globally routables, such as localhost(.localdomain). +See-Also: debian-policy 5.6.2, + debian-policy 5.6.3, + debian-policy 5.6.4 diff --git a/tags/b/bogus-python-prerequisite.tag b/tags/b/bogus-python-prerequisite.tag new file mode 100644 index 0000000..47ee660 --- /dev/null +++ b/tags/b/bogus-python-prerequisite.tag @@ -0,0 +1,10 @@ +Tag: bogus-python-prerequisite +Severity: error +Check: languages/python/bogus-prerequisites +Experimental: yes +Explanation: This Python package declares an invalid prerequisite. + For example, packages should not refer to any of the <code>what-is-python</code> + packages in the source field for <code>Build-Depends</code>, or in the binary + fields for <code>Depends</code> or <code>Recommends</code>. +See-Also: + Bug#973011 diff --git a/tags/b/boilerplate-copyright-format-uri.tag b/tags/b/boilerplate-copyright-format-uri.tag new file mode 100644 index 0000000..dc7a175 --- /dev/null +++ b/tags/b/boilerplate-copyright-format-uri.tag @@ -0,0 +1,6 @@ +Tag: boilerplate-copyright-format-uri +Severity: warning +Check: debian/copyright/dep5 +Explanation: Format URI of the machine-readable copyright file contains + <code>VERSIONED_FORMAT_URL</code> or <code>REVISION</code> string. Please replace it + with an actual URI or an actual revision number respectively. diff --git a/tags/b/boolean-template-has-bogus-default.tag b/tags/b/boolean-template-has-bogus-default.tag new file mode 100644 index 0000000..6eaa537 --- /dev/null +++ b/tags/b/boolean-template-has-bogus-default.tag @@ -0,0 +1,9 @@ +Tag: boolean-template-has-bogus-default +Severity: error +Check: debian/debconf +Explanation: The <code>boolean</code> type in a Debconf template can have + only one of two values: <code>true</code> or <code>false</code>. This + template tries to use something else as the default value. +See-Also: + debconf-specification 3.1, + debconf-devel(7) diff --git a/tags/b/brace-expansion-in-debhelper-config-file.tag b/tags/b/brace-expansion-in-debhelper-config-file.tag new file mode 100644 index 0000000..1e6aea7 --- /dev/null +++ b/tags/b/brace-expansion-in-debhelper-config-file.tag @@ -0,0 +1,8 @@ +Tag: brace-expansion-in-debhelper-config-file +Severity: warning +Check: debhelper +Explanation: This debhelper config file appears to use shell brace expansion + (such as <code>{foo,bar}</code>) to specify files. This happens to work due + to an accident of implementation but is not a supported feature. Only + <code>?</code>, <code>*</code>, and <code>[...]</code> are supported. +See-Also: debhelper(1) diff --git a/tags/b/breaks-without-version.tag b/tags/b/breaks-without-version.tag new file mode 100644 index 0000000..1681670 --- /dev/null +++ b/tags/b/breaks-without-version.tag @@ -0,0 +1,13 @@ +Tag: breaks-without-version +Severity: warning +Check: fields/package-relations +See-Also: debian-policy 7.3, debian-policy 7.4, Bug#605744 +Explanation: This package declares a Breaks relationship with another package + that has no version number. Normally, Breaks should be used to indicate + an incompatibility with a specific version of another package, or with + all versions predating a fix. If the two packages can never be installed + at the same time, Conflicts should normally be used instead. + . + Note this tag can also be issued if a package has been split into two + completely new ones. In this case, this package is missing a Replaces + on the old package. diff --git a/tags/b/broken-bz2.tag b/tags/b/broken-bz2.tag new file mode 100644 index 0000000..4e32d86 --- /dev/null +++ b/tags/b/broken-bz2.tag @@ -0,0 +1,6 @@ +Tag: broken-bz2 +Severity: warning +Check: files/compressed/bz2 +Explanation: The given file ends with <code>.bz2</code>, which normally indicates it + was compressed with bzip2. However, it doesn't seem to be an + bz2-compressed file. diff --git a/tags/b/broken-gz.tag b/tags/b/broken-gz.tag new file mode 100644 index 0000000..7c19445 --- /dev/null +++ b/tags/b/broken-gz.tag @@ -0,0 +1,6 @@ +Tag: broken-gz +Severity: warning +Check: files/compressed/gz +Explanation: The given file ends with <code>.gz</code>, which normally indicates it + was compressed with gzip. However, it doesn't seem to be a + gzip-compressed file. diff --git a/tags/b/broken-link-to-undocumented.tag b/tags/b/broken-link-to-undocumented.tag new file mode 100644 index 0000000..4903f3b --- /dev/null +++ b/tags/b/broken-link-to-undocumented.tag @@ -0,0 +1,7 @@ +Tag: broken-link-to-undocumented +Severity: error +Check: documentation/manual +Renamed-From: bad-link-to-undocumented-manpage +Explanation: The symbolic link should reference + "<code>../man[237]/undocumented.[237].gz</code>" for manual pages in + <code>/usr/share/man</code>. diff --git a/tags/b/broken-lz.tag b/tags/b/broken-lz.tag new file mode 100644 index 0000000..604afd3 --- /dev/null +++ b/tags/b/broken-lz.tag @@ -0,0 +1,6 @@ +Tag: broken-lz +Severity: warning +Check: files/compressed/lz +Explanation: The given file ends with <code>.lz</code>, which normally indicates it + was compressed with lz. However, it doesn't seem to be an + lz-compressed file. diff --git a/tags/b/broken-lzma.tag b/tags/b/broken-lzma.tag new file mode 100644 index 0000000..205b613 --- /dev/null +++ b/tags/b/broken-lzma.tag @@ -0,0 +1,6 @@ +Tag: broken-lzma +Severity: warning +Check: files/compressed/lzma +Explanation: The given file ends with <code>.lzma</code>, which normally indicates it + was compressed with lzma. However, it doesn't seem to be an + lzma-compressed file. diff --git a/tags/b/broken-lzo.tag b/tags/b/broken-lzo.tag new file mode 100644 index 0000000..6709bdd --- /dev/null +++ b/tags/b/broken-lzo.tag @@ -0,0 +1,6 @@ +Tag: broken-lzo +Severity: warning +Check: files/compressed/lzo +Explanation: The given file ends with <code>.lzo</code>, which normally indicates it + was compressed with lzop. However, it doesn't seem to be an + lz-compressed file. diff --git a/tags/b/broken-xz.tag b/tags/b/broken-xz.tag new file mode 100644 index 0000000..15f2ac4 --- /dev/null +++ b/tags/b/broken-xz.tag @@ -0,0 +1,6 @@ +Tag: broken-xz +Severity: warning +Check: files/compressed/xz +Explanation: The given file ends with <code>.xz</code>, which normally indicates it + is compressed with xz. However, it doesn't seem to be an + xz-compressed file. diff --git a/tags/b/broken-zip.tag b/tags/b/broken-zip.tag new file mode 100644 index 0000000..bf7161a --- /dev/null +++ b/tags/b/broken-zip.tag @@ -0,0 +1,6 @@ +Tag: broken-zip +Severity: warning +Check: files/compressed/zip +Explanation: The given file ends with <code>.zip</code>, which normally indicates it + was compressed with zip. However, it doesn't seem to be a + zip-compressed file. diff --git a/tags/b/bugs-field-does-not-refer-to-debian-infrastructure.tag b/tags/b/bugs-field-does-not-refer-to-debian-infrastructure.tag new file mode 100644 index 0000000..ea76090 --- /dev/null +++ b/tags/b/bugs-field-does-not-refer-to-debian-infrastructure.tag @@ -0,0 +1,9 @@ +Tag: bugs-field-does-not-refer-to-debian-infrastructure +Severity: warning +Check: fields/bugs +Explanation: The <code>debian/control</code> file contains a Bugs field that does + not refer to Debian infrastructure. This is recognized by the string + ".debian.org". + . + This is likely to make reportbug(1) unable to report bugs. +See-Also: Bug#740944 diff --git a/tags/b/build-conflicts-with-build-dependency.tag b/tags/b/build-conflicts-with-build-dependency.tag new file mode 100644 index 0000000..32ff6b5 --- /dev/null +++ b/tags/b/build-conflicts-with-build-dependency.tag @@ -0,0 +1,6 @@ +Tag: build-conflicts-with-build-dependency +Severity: error +Check: fields/package-relations +See-Also: debian-policy 7.7 +Explanation: The package build-conflicts with a package that it also + build-depends on. diff --git a/tags/b/build-depends-arch-without-arch-dependent-binary.tag b/tags/b/build-depends-arch-without-arch-dependent-binary.tag new file mode 100644 index 0000000..4b56db2 --- /dev/null +++ b/tags/b/build-depends-arch-without-arch-dependent-binary.tag @@ -0,0 +1,5 @@ +Tag: build-depends-arch-without-arch-dependent-binary +Severity: error +Check: fields/package-relations +Explanation: The control file specifies source relations for architecture-dependent + packages, but no architecture-dependent packages are built. diff --git a/tags/b/build-depends-indep-without-arch-indep.tag b/tags/b/build-depends-indep-without-arch-indep.tag new file mode 100644 index 0000000..6c9a0b5 --- /dev/null +++ b/tags/b/build-depends-indep-without-arch-indep.tag @@ -0,0 +1,6 @@ +Tag: build-depends-indep-without-arch-indep +Severity: error +Check: fields/package-relations +See-Also: debian-policy 7.7 +Explanation: The control file specifies source relations for architecture-independent + packages, but no architecture-independent packages are built. diff --git a/tags/b/build-depends-on-1-revision.tag b/tags/b/build-depends-on-1-revision.tag new file mode 100644 index 0000000..2673e2a --- /dev/null +++ b/tags/b/build-depends-on-1-revision.tag @@ -0,0 +1,10 @@ +Tag: build-depends-on-1-revision +Severity: warning +Check: fields/package-relations +Explanation: The package declares a build dependency on a version of a package + with a -1 Debian revision such as "libfoo (>= 1.2-1)". Such a + dependency will not be satisfied by a backport of libfoo 1.2-1 and + therefore makes backporting unnecessarily difficult. Normally, the -1 + version is unneeded and a dependency such as "libfoo (>= 1.2)" would + be sufficient. If there was an earlier -0.X version of libfoo that would + not satisfy the dependency, use "libfoo (>= 1.2-1~)" instead. diff --git a/tags/b/build-depends-on-an-obsolete-java-package.tag b/tags/b/build-depends-on-an-obsolete-java-package.tag new file mode 100644 index 0000000..91c5e5a --- /dev/null +++ b/tags/b/build-depends-on-an-obsolete-java-package.tag @@ -0,0 +1,6 @@ +Tag: build-depends-on-an-obsolete-java-package +Severity: warning +Check: fields/package-relations +See-Also: java-policy 2.2 +Explanation: The package build-depends on an obsolete Java dependency. + It should build-depend on default-jdk instead. diff --git a/tags/b/build-depends-on-build-essential-package-without-using-version.tag b/tags/b/build-depends-on-build-essential-package-without-using-version.tag new file mode 100644 index 0000000..a8a3b79 --- /dev/null +++ b/tags/b/build-depends-on-build-essential-package-without-using-version.tag @@ -0,0 +1,13 @@ +Tag: build-depends-on-build-essential-package-without-using-version +Severity: error +Check: fields/package-relations +See-Also: debian-policy 4.2 +Explanation: The package declares a build-depends on a build essential package + without using a versioned depends. Packages do not have to depend on any + package included in build-essential. It is the responsibility of anyone + building packages to have all build-essential packages installed. The + only reason for an explicit dependency on a package included in + build-essential is if a particular version of that package is required, + in which case the dependency should include the version. +Renamed-From: + depends-on-build-essential-package-without-using-version diff --git a/tags/b/build-depends-on-build-essential.tag b/tags/b/build-depends-on-build-essential.tag new file mode 100644 index 0000000..9165239 --- /dev/null +++ b/tags/b/build-depends-on-build-essential.tag @@ -0,0 +1,7 @@ +Tag: build-depends-on-build-essential +Explanation: You depend on the build-essential package, which is only a + metapackage depending on build tools that have to be installed in all + build environments. +Severity: error +Check: fields/package-relations +See-Also: debian-policy 7.7 diff --git a/tags/b/build-depends-on-essential-package-without-using-version.tag b/tags/b/build-depends-on-essential-package-without-using-version.tag new file mode 100644 index 0000000..8a91ab2 --- /dev/null +++ b/tags/b/build-depends-on-essential-package-without-using-version.tag @@ -0,0 +1,10 @@ +Tag: build-depends-on-essential-package-without-using-version +Severity: error +Check: fields/package-relations +See-Also: debian-policy 4.2 +Explanation: The package declares a build-depends on an essential package, e.g. dpkg, + without using a versioned depends. Packages do not need to build-depend on + essential packages; essential means that they will always be present. + The only reason to list an explicit dependency on an essential package + is if you need a particular version of that package, in which case the + version should be given in the dependency. diff --git a/tags/b/build-depends-on-metapackage.tag b/tags/b/build-depends-on-metapackage.tag new file mode 100644 index 0000000..7a1d8a1 --- /dev/null +++ b/tags/b/build-depends-on-metapackage.tag @@ -0,0 +1,10 @@ +Tag: build-depends-on-metapackage +Severity: error +Check: fields/package-relations +Explanation: Packages must not build-depend on metapackages. + . + Metapackages such as xorg, xorg-dev, x-window-system, + x-window-system-dev and x-window-system-core exist only for the + benefit of users and should not be used in package build + dependencies. +See-Also: https://wiki.debian.org/Lintian/Tags/depends-on-metapackage diff --git a/tags/b/build-depends-on-non-build-package.tag b/tags/b/build-depends-on-non-build-package.tag new file mode 100644 index 0000000..b13cdc3 --- /dev/null +++ b/tags/b/build-depends-on-non-build-package.tag @@ -0,0 +1,8 @@ +Tag: build-depends-on-non-build-package +Severity: error +Check: fields/package-relations +Explanation: The package declares a build dependency on a package that is not + appropriate for build dependencies, usually because it's only for + interactive use or cannot be correctly installed in a build environment. + See the description or documentation of the package for more + information. diff --git a/tags/b/build-depends-on-obsolete-package.tag b/tags/b/build-depends-on-obsolete-package.tag new file mode 100644 index 0000000..d8018a7 --- /dev/null +++ b/tags/b/build-depends-on-obsolete-package.tag @@ -0,0 +1,6 @@ +Tag: build-depends-on-obsolete-package +Severity: warning +Check: fields/package-relations +Explanation: The package build-depends on a package that has been superseded. + If the superseded package is part of an ORed group, it should not be + the first package in the group. diff --git a/tags/b/build-depends-on-python-dev-with-no-arch-any.tag b/tags/b/build-depends-on-python-dev-with-no-arch-any.tag new file mode 100644 index 0000000..bfba2aa --- /dev/null +++ b/tags/b/build-depends-on-python-dev-with-no-arch-any.tag @@ -0,0 +1,15 @@ +Tag: build-depends-on-python-dev-with-no-arch-any +Severity: info +Check: fields/package-relations +Explanation: The given package appears to have a Python development package + (<code>python3-dev</code>, <code>python3-all-dev</code> or + <code>pythonX.Y-dev</code>) listed in its <code>Build-Depends</code> or + <code>Build-Depends-Indep</code> fields, but only <code>Architecture: all</code> + packages are built by this source package. Python applications and modules + do not usually require those dev packages, so you should consider removing + them in favour of <code>python3</code>, <code>python3-all</code> + or <code>pythonX.Y</code>. + . + If you are building a Python extension instead, you should have + development packages listed in <code>Build-Depends</code>, but normally there should + be at least one <code>Architecture: any</code> package. diff --git a/tags/b/build-depends-on-python-sphinx-only.tag b/tags/b/build-depends-on-python-sphinx-only.tag new file mode 100644 index 0000000..18b7e6b --- /dev/null +++ b/tags/b/build-depends-on-python-sphinx-only.tag @@ -0,0 +1,13 @@ +Tag: build-depends-on-python-sphinx-only +Severity: warning +Check: languages/python +Explanation: This package Build-Depends on the Python 2.x version of the Sphinx + documentation generator. + . + The 2.x series of Python is due for deprecation and will not be maintained + by upstream past 2020 and will likely be dropped after the release of + Debian "buster". + . + Some Python modules may need to depend on both <code>python-sphinx</code> and + <code>python3-sphinx</code> but please consider moving to only Build-Depending on + the <code>python3-sphinx</code> package instead. diff --git a/tags/b/build-depends-on-specific-java-doc-package.tag b/tags/b/build-depends-on-specific-java-doc-package.tag new file mode 100644 index 0000000..b9e0290 --- /dev/null +++ b/tags/b/build-depends-on-specific-java-doc-package.tag @@ -0,0 +1,6 @@ +Tag: build-depends-on-specific-java-doc-package +Severity: warning +Check: fields/package-relations +Explanation: The given package declares a build dependency on either openjdk- + X-doc or classpath-doc instead of using default-jdk-doc. default-jdk-doc + provides a symlink to the API via /usr/share/default-jdk-doc/api. diff --git a/tags/b/build-depends-on-versioned-berkeley-db.tag b/tags/b/build-depends-on-versioned-berkeley-db.tag new file mode 100644 index 0000000..e1de3c4 --- /dev/null +++ b/tags/b/build-depends-on-versioned-berkeley-db.tag @@ -0,0 +1,25 @@ +Tag: build-depends-on-versioned-berkeley-db +Severity: warning +Check: fields/package-relations +Explanation: The package build-depends on a versioned development package of + Berkeley DB (libdbX.Y-dev) instead of versionless package + (libdb-dev). Unfortunately this prevents binNMUs when default + Berkeley DB version changes. + . + Unless the package absolutely have to depend on specific Berkeley DB + version, it should build-depends on libdb-dev. For more information + on the upgrade process, please see the references. + . + The package can usually be made Berkeley DB version agnostic by the + following steps: + . + 1. note the version of Berkeley DB used to compile the package on build time + 2. on first install copy the used version to active version + 3. on upgrades compare the versions and if they differ do the upgrade procedure + . + If you are unsure you can contact Berkeley DB maintainer, who would be + glad to help. + . + Should the package have a legitimate reason for using the versioned development + package, please add an override. +See-Also: http://docs.oracle.com/cd/E17076_02/html/upgrading/upgrade_process.html diff --git a/tags/b/build-path-in-manual.tag b/tags/b/build-path-in-manual.tag new file mode 100644 index 0000000..e7c2093 --- /dev/null +++ b/tags/b/build-path-in-manual.tag @@ -0,0 +1,8 @@ +Tag: build-path-in-manual +Severity: error +Check: documentation/manual +Renamed-From: manpage-named-after-build-path +Explanation: The manual page appears to be named after its build path and + not after its content. + . + Please check your debian/rules or upstream Makefile. diff --git a/tags/b/build-prerequisite-in-installable-section.tag b/tags/b/build-prerequisite-in-installable-section.tag new file mode 100644 index 0000000..b3ee66e --- /dev/null +++ b/tags/b/build-prerequisite-in-installable-section.tag @@ -0,0 +1,13 @@ +Tag: build-prerequisite-in-installable-section +Severity: error +Check: debian/control/field/misplaced +Renamed-From: + build-info-in-binary-control-file-section +Explanation: The named field appears in an installable section of the + <code>debian/control</code> file, but the field declares a relationship + between sources. + . + The field should only appear in the source section of the <code>debian/control</code> + file. +See-Also: + debian-policy 5.2 diff --git a/tags/b/built-using-field-on-arch-all-package.tag b/tags/b/built-using-field-on-arch-all-package.tag new file mode 100644 index 0000000..d8cca62 --- /dev/null +++ b/tags/b/built-using-field-on-arch-all-package.tag @@ -0,0 +1,9 @@ +Tag: built-using-field-on-arch-all-package +Severity: info +Check: debian/control/field/built-using +Explanation: The stanza for an installation package in <code>debian/control</code> + declares a <code>Built-Using</code> field even though the package is declared as + <code>Architecture: all</code>. That is incorrect. + . + The <code>Built-Using</code> field is only used architecture-specific packages. + Please remove the <code>Built-Using</code> field from the indicated location. diff --git a/tags/c/cannot-check-whether-usr-share-doc-symlink-points-to-foreign-package.tag b/tags/c/cannot-check-whether-usr-share-doc-symlink-points-to-foreign-package.tag new file mode 100644 index 0000000..259077f --- /dev/null +++ b/tags/c/cannot-check-whether-usr-share-doc-symlink-points-to-foreign-package.tag @@ -0,0 +1,10 @@ +Tag: cannot-check-whether-usr-share-doc-symlink-points-to-foreign-package +Severity: info +Check: debian/copyright +Explanation: There is a symlink /usr/share/doc/*pkg1* -> *pkg2* + in your package. This means that *pkg1* and *pkg2* must + both come from the same source package. Lintian cannot check this right now + however. + . + Please reprocess this binary together with its source package to avoid + this tag. diff --git a/tags/c/capitalization-error-in-description-synopsis.tag b/tags/c/capitalization-error-in-description-synopsis.tag new file mode 100644 index 0000000..4c48db9 --- /dev/null +++ b/tags/c/capitalization-error-in-description-synopsis.tag @@ -0,0 +1,7 @@ +Tag: capitalization-error-in-description-synopsis +Severity: info +Check: fields/description +Explanation: Lintian found a possible capitalization error in the package + synopsis. Lintian has a list of common capitalization errors, + primarily of upstream projects, that it looks for. It does not have a + dictionary like a spelling checker does. diff --git a/tags/c/capitalization-error-in-description.tag b/tags/c/capitalization-error-in-description.tag new file mode 100644 index 0000000..2253db9 --- /dev/null +++ b/tags/c/capitalization-error-in-description.tag @@ -0,0 +1,12 @@ +Tag: capitalization-error-in-description +Severity: info +Check: fields/description +Explanation: Lintian found a possible capitalization error in the package + description. Lintian has a list of common capitalization errors, + primarily of upstream projects, that it looks for. It does not have a + dictionary like a spelling checker does. + . + This is a particularly picky check of capitalization in package + descriptions, since they're very visible to end users, but it will have + false positives for project names used in a context where they should be + lowercase, such as package names or executable names. diff --git a/tags/c/capitalization-in-override-comment.tag b/tags/c/capitalization-in-override-comment.tag new file mode 100644 index 0000000..b941280 --- /dev/null +++ b/tags/c/capitalization-in-override-comment.tag @@ -0,0 +1,8 @@ +Tag: capitalization-in-override-comment +Severity: pedantic +Check: debian/lintian-overrides/comments +Explanation: The comment attached to a Lintian override probably contains + a capitalization error. + . + Lintian looks for common capitalization errors. It does not have a + dictionary. diff --git a/tags/c/carriage-return-line-feed.tag b/tags/c/carriage-return-line-feed.tag new file mode 100644 index 0000000..d4f2d8b --- /dev/null +++ b/tags/c/carriage-return-line-feed.tag @@ -0,0 +1,13 @@ +Tag: carriage-return-line-feed +Severity: error +Check: debian/line-separators +Renamed-From: control-file-with-CRLF-EOLs +Explanation: The given control file uses <code>CRLF</code> as line terminator + instead of the traditional UNIX <code>LF</code> terminator. Since some + tools were only designed with the UNIX end-of-line terminators in mind, + it is possible that they misbehave or lead to unexpected results. + . + Running the following command against the given file removes any + <code>CR</code> character in the file: + . + <code>sed -i 's/\r//g' path/to/file</code> diff --git a/tags/c/changed-by-invalid-for-derivative.tag b/tags/c/changed-by-invalid-for-derivative.tag new file mode 100644 index 0000000..718229e --- /dev/null +++ b/tags/c/changed-by-invalid-for-derivative.tag @@ -0,0 +1,8 @@ +Tag: changed-by-invalid-for-derivative +Severity: error +Check: fields/changed-by +Explanation: The Changed-By field does not match the required format for this + Debian derivative. + . + Derivative distributions of Debian may enforce additional restrictions + on such fields. diff --git a/tags/c/changelog-distribution-does-not-match-changes-file.tag b/tags/c/changelog-distribution-does-not-match-changes-file.tag new file mode 100644 index 0000000..4a02e36 --- /dev/null +++ b/tags/c/changelog-distribution-does-not-match-changes-file.tag @@ -0,0 +1,11 @@ +Tag: changelog-distribution-does-not-match-changes-file +Severity: warning +Check: debian/changelog +Explanation: The target distribution in the most recent entry in this package's + <code>debian/changelog</code> file does not match the target in the generated + <code>.changes</code> file. + . + This may indicate a mistake in setting the distribution, an accidental + upload to unstable of a package intended for experimental, or a mistake + in invoking <code>sbuild(1)</code>. +See-Also: Bug#906155, sbuild(1) diff --git a/tags/c/changelog-empty-entry.tag b/tags/c/changelog-empty-entry.tag new file mode 100644 index 0000000..7584b23 --- /dev/null +++ b/tags/c/changelog-empty-entry.tag @@ -0,0 +1,6 @@ +Tag: changelog-empty-entry +Severity: error +Check: debian/changelog +Explanation: The last changelog entry is empty. Please add a description or use + an UNRELEASED version. +See-Also: debian-policy 4.4 diff --git a/tags/c/changelog-file-missing-explicit-entry.tag b/tags/c/changelog-file-missing-explicit-entry.tag new file mode 100644 index 0000000..2d99394 --- /dev/null +++ b/tags/c/changelog-file-missing-explicit-entry.tag @@ -0,0 +1,11 @@ +Tag: changelog-file-missing-explicit-entry +Severity: warning +Check: debian/changelog +Explanation: The latest changelog file for this package specifies a version in + the form of 1.2-3+deb8u1, 1.2-3+nmu4 (or similar) but this does not + follow from a corresponding 1.2-3 changelog stanza. + . + This suggests that changes were merged into a single entry. This is + suboptimal as it makes it more difficult for users to determine which + upload fixed a particular bug. +See-Also: developer-reference 5.8.5.4, developer-reference 5.11.2, developer-reference 5.14.3, Bug#916877 diff --git a/tags/c/changelog-file-not-compressed.tag b/tags/c/changelog-file-not-compressed.tag new file mode 100644 index 0000000..9796eb9 --- /dev/null +++ b/tags/c/changelog-file-not-compressed.tag @@ -0,0 +1,6 @@ +Tag: changelog-file-not-compressed +Severity: error +Check: debian/changelog +Explanation: Changelog files should be compressed using "gzip -9". Even if they + start out small, they will become large with time. +See-Also: debian-policy 12.7 diff --git a/tags/c/changelog-is-dh_make-template.tag b/tags/c/changelog-is-dh_make-template.tag new file mode 100644 index 0000000..ec288a0 --- /dev/null +++ b/tags/c/changelog-is-dh_make-template.tag @@ -0,0 +1,10 @@ +Tag: changelog-is-dh_make-template +Severity: error +Check: debian/changelog +Explanation: The changelog file has an instruction left by dh_make, which has + not been removed. Example: + . + - Initial release (Closes: #nnnn) <nnnn is the bug number of your ITP> + . + The "<... is the bug number ...>" part has not been removed from the + changelog. diff --git a/tags/c/changelog-is-symlink.tag b/tags/c/changelog-is-symlink.tag new file mode 100644 index 0000000..ad71b2f --- /dev/null +++ b/tags/c/changelog-is-symlink.tag @@ -0,0 +1,11 @@ +Tag: changelog-is-symlink +Severity: warning +Check: nmu +Explanation: The file <code>debian/changelog</code> is a symlink instead of a regular + file. This is unnecessary and makes package checking and manipulation + more difficult. If the changelog should be available in the source + package under multiple names, make <code>debian/changelog</code> the real + file and the other names symlinks to it. + . + This problem may have prevented Lintian from performing other checks, + leading to undetected changelog errors. diff --git a/tags/c/changelog-news-debian-mismatch.tag b/tags/c/changelog-news-debian-mismatch.tag new file mode 100644 index 0000000..8659155 --- /dev/null +++ b/tags/c/changelog-news-debian-mismatch.tag @@ -0,0 +1,7 @@ +Tag: changelog-news-debian-mismatch +Severity: warning +Check: debian/changelog +Explanation: The latest entries in the Debian changelog file and NEWS.Debian file + are for the same version but the given field doesn't match. The + changelog information is canonical and the NEWS.Debian information is + ignored, but it may be confusing to users to have them be different. diff --git a/tags/c/changelog-not-compressed-with-max-compression.tag b/tags/c/changelog-not-compressed-with-max-compression.tag new file mode 100644 index 0000000..73bf23b --- /dev/null +++ b/tags/c/changelog-not-compressed-with-max-compression.tag @@ -0,0 +1,6 @@ +Tag: changelog-not-compressed-with-max-compression +Severity: warning +Check: debian/changelog +Explanation: Changelog files should be compressed using "gzip -9"; i.e., using + the maximum compression level via the -9 option to gzip. +See-Also: debian-policy 12.7 diff --git a/tags/c/changelog-references-temp-security-identifier.tag b/tags/c/changelog-references-temp-security-identifier.tag new file mode 100644 index 0000000..03b0337 --- /dev/null +++ b/tags/c/changelog-references-temp-security-identifier.tag @@ -0,0 +1,15 @@ +Tag: changelog-references-temp-security-identifier +Severity: warning +Check: debian/changelog +Explanation: The changelog entry references a temporary security identifier, + like "TEMP-0000000-2FC21E". + . + The TEMP identifier will disappear in the future once a proper CVE + identifier has been assigned. Therefore it is useless as an + external reference. Even worse, the identifier is not stable and + may change even before a CVE is allocated. + . + If a CVE has been allocated, please use that instead. Otherwise, + please replace the TEMP identifier with a short description of the + issue. +See-Also: Bug#787929, Bug#807892 diff --git a/tags/c/checksum-count-mismatch-in-changes-file.tag b/tags/c/checksum-count-mismatch-in-changes-file.tag new file mode 100644 index 0000000..60a2255 --- /dev/null +++ b/tags/c/checksum-count-mismatch-in-changes-file.tag @@ -0,0 +1,6 @@ +Tag: checksum-count-mismatch-in-changes-file +Severity: error +Check: changes-file +Explanation: The number of checksums <code>.changes</code> file for the + specified algorithm does not match the number of files. +See-Also: debian-policy 5.6.21, debian-policy 5.6.24 diff --git a/tags/c/checksum-mismatch-in-changes-file.tag b/tags/c/checksum-mismatch-in-changes-file.tag new file mode 100644 index 0000000..c4826f2 --- /dev/null +++ b/tags/c/checksum-mismatch-in-changes-file.tag @@ -0,0 +1,6 @@ +Tag: checksum-mismatch-in-changes-file +Severity: error +Check: changes-file +Explanation: The actual checksum does not match what's listed in the + <code>.changes</code> file. +See-Also: debian-policy 5.6.21, debian-policy 5.6.24 diff --git a/tags/c/chown-with-dot.tag b/tags/c/chown-with-dot.tag new file mode 100644 index 0000000..1bc7bd0 --- /dev/null +++ b/tags/c/chown-with-dot.tag @@ -0,0 +1,11 @@ +Tag: chown-with-dot +Severity: pedantic +Check: script/deprecated/chown +Explanation: The named script uses a dot to separate owner and group in + a call like <code>chown user.group</code> but that usage is deprecated. + . + Please use a colon instead, as in: + . + <code>chown user:group</code>. +See-Also: + https://lists.debian.org/debian-devel/2022/03/msg00138.html diff --git a/tags/c/circular-installation-prerequisite.tag b/tags/c/circular-installation-prerequisite.tag new file mode 100644 index 0000000..55bdfe5 --- /dev/null +++ b/tags/c/circular-installation-prerequisite.tag @@ -0,0 +1,13 @@ +Tag: circular-installation-prerequisite +Severity: warning +Check: debian/control/prerequisite/circular +Renamed-From: + package-depends-on-itself +Explanation: The installable declares itself as its own installation prerequisite + in the relevant <code>debian/control</code> stanza. + . + Current versions of <code>dpkg-gencontrol</code> will silently ignore the + prerequisite, but it may still indicate an oversight. It could be a misspelling + or having cut and pasted an incorrect package name. +See-Also: + debian-policy 7.2 diff --git a/tags/c/classpath-contains-relative-path.tag b/tags/c/classpath-contains-relative-path.tag new file mode 100644 index 0000000..6f4bbdb --- /dev/null +++ b/tags/c/classpath-contains-relative-path.tag @@ -0,0 +1,15 @@ +Tag: classpath-contains-relative-path +Severity: warning +Check: languages/java +Explanation: The classpath listed in the jar file refers to a potential + missing jar file. This could be the remnants of a build-time + classpath that are not relevant for a JAR bundled in a Debian + package. + . + Alternatively, the classpath may be correct, but the package is + lacking a jar file or a symlink to it. + . + Note, Lintian assumes that all (relative) classpaths pointing to + /usr/share/java/ (but not subdirs thereof) are satisfied by + dependencies as long as there is at least one strong libX-java + dependency. diff --git a/tags/c/co-maintained-package-with-no-vcs-fields.tag b/tags/c/co-maintained-package-with-no-vcs-fields.tag new file mode 100644 index 0000000..fe4296b --- /dev/null +++ b/tags/c/co-maintained-package-with-no-vcs-fields.tag @@ -0,0 +1,10 @@ +Tag: co-maintained-package-with-no-vcs-fields +Severity: pedantic +Check: fields/vcs +Explanation: Based on the content of the maintainer and uploader fields this + package is co-maintained but there are no Vcs-* fields. + . + It is recommended that shared maintenance of packages are co-ordinated + via a revision control system. +Renamed-From: + co-maintained-package-with-no-vcs-headers diff --git a/tags/c/codeless-jar.tag b/tags/c/codeless-jar.tag new file mode 100644 index 0000000..743e7c5 --- /dev/null +++ b/tags/c/codeless-jar.tag @@ -0,0 +1,5 @@ +Tag: codeless-jar +Severity: warning +Check: languages/java +Explanation: The jar file contains a manifest but no code. This probably indicates + that something went wrong at build-time. diff --git a/tags/c/comma-separated-files-in-dep5-copyright.tag b/tags/c/comma-separated-files-in-dep5-copyright.tag new file mode 100644 index 0000000..d72dd55 --- /dev/null +++ b/tags/c/comma-separated-files-in-dep5-copyright.tag @@ -0,0 +1,8 @@ +Tag: comma-separated-files-in-dep5-copyright +Severity: warning +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: A list of files in the machine-readable copyright format appears to be + separated by commas. The file list should be whitespace separated instead. + . + Please note this tag is only emitted once per checked copyright file. diff --git a/tags/c/command-in-menu-file-and-desktop-file.tag b/tags/c/command-in-menu-file-and-desktop-file.tag new file mode 100644 index 0000000..fba0aa2 --- /dev/null +++ b/tags/c/command-in-menu-file-and-desktop-file.tag @@ -0,0 +1,13 @@ +Tag: command-in-menu-file-and-desktop-file +Severity: warning +Check: menu-format +Explanation: The command is listed both in a <code>menu</code> file and a + <code>desktop</code> file + . + Per decision by the Technical Committee, it is no longer allowed. + . + Please remove the <code>menu</code> file from the package. +See-Also: + debian-policy 9.6, + https://lists.debian.org/debian-devel-announce/2015/09/msg00000.html, + Bug#741573 diff --git a/tags/c/command-with-path-in-maintainer-script.tag b/tags/c/command-with-path-in-maintainer-script.tag new file mode 100644 index 0000000..d7602dc --- /dev/null +++ b/tags/c/command-with-path-in-maintainer-script.tag @@ -0,0 +1,18 @@ +Tag: command-with-path-in-maintainer-script +Severity: warning +Check: scripts +Explanation: The indicated program run in a maintainer script has a prepended + path. Programs called from maintainer scripts normally should not have a + path prepended. dpkg ensures that the PATH is set to a reasonable value, + and prepending a path may prevent the local administrator from using a + replacement version of a command for some local reason. + . + If the path is used to test a program for existence, please use <code>if + which $program > /dev/null; then โฆ</code>. + . + If you intend to override this tag, please make sure that you are in + control of the installation path of the according program and that + you won't forget to change this maintainer script, too, if you ever + move that program around. +See-Also: debian-policy 6.1, developer-reference 6.4, Bug#769845, Bug#807695, + https://lists.debian.org/debian-devel/2014/11/msg00044.html diff --git a/tags/c/composer-package-without-pkg-php-tools-builddep.tag b/tags/c/composer-package-without-pkg-php-tools-builddep.tag new file mode 100644 index 0000000..2251ff6 --- /dev/null +++ b/tags/c/composer-package-without-pkg-php-tools-builddep.tag @@ -0,0 +1,8 @@ +Tag: composer-package-without-pkg-php-tools-builddep +Severity: info +Check: languages/php/pear +Explanation: The package contains a composer.json file but doesn't build-depend on + pkg-php-tools. + . + pkg-php-tools is the recommended tool for building PHP Composer packages. For + more information, install it and read the included README.Composer. diff --git a/tags/c/composer-prerequisite.tag b/tags/c/composer-prerequisite.tag new file mode 100644 index 0000000..62cad34 --- /dev/null +++ b/tags/c/composer-prerequisite.tag @@ -0,0 +1,22 @@ +Tag: composer-prerequisite +Severity: warning +Check: languages/php/composer +Explanation: A packaging relationship refers to the PHP composer. + . + The PHP <code>Composer</code> is a tool to install PHP packages similar to + <code>pip</code> for Python and <code>npm</code> for Node.js. It should not + be pulled in as a packaging relationship. + . + In Debian, the <code>composer</code> is dealt with in other ways, such as + <code>dh_phpcomposer</code> from <code>pkg-php-tools</code> and + <code>phpab</code>, which generates a static autoloader. + . + Maintainers of PHP-related packages may not be aware of all of the conventions + since many such packages are maintained by individuals who are not associated + with the PHP PEAR Maintainers team. +See-Also: + dh_phpcomposer(1), + phpab(1), + https://getcomposer.org, + https://en.wikipedia.org/wiki/Composer_(software), + Bug#977150 diff --git a/tags/c/compressed-documentation.tag b/tags/c/compressed-documentation.tag new file mode 100644 index 0000000..1a0526b --- /dev/null +++ b/tags/c/compressed-documentation.tag @@ -0,0 +1,10 @@ +Tag: compressed-documentation +Severity: warning +Check: documentation +Renamed-From: file-should-not-be-compressed +Explanation: The following file should not be compressed. + . + This file should be excluded from compression during build time. + If using debhelper (<< 9.20140227), you may need to use the -X + option to dh_compress. Newer versions of debhelper handle this + correctly by default. diff --git a/tags/c/compressed-duplicate.tag b/tags/c/compressed-duplicate.tag new file mode 100644 index 0000000..a6e9a9a --- /dev/null +++ b/tags/c/compressed-duplicate.tag @@ -0,0 +1,8 @@ +Tag: compressed-duplicate +Severity: info +Check: files/compressed +Renamed-From: duplicated-compressed-file +Explanation: The given, apparently compressed, file is shipped in the package + in addition to another file with the same name without the + compression-method extension. Normally this indicates a mistake in the + installation process of the package. diff --git a/tags/c/compressed-symlink-with-wrong-ext.tag b/tags/c/compressed-symlink-with-wrong-ext.tag new file mode 100644 index 0000000..d98d837 --- /dev/null +++ b/tags/c/compressed-symlink-with-wrong-ext.tag @@ -0,0 +1,8 @@ +Tag: compressed-symlink-with-wrong-ext +Severity: error +Check: files/symbolic-links +Explanation: The package installs a symbolic link pointing to a compressed file, + but the symbolic link does not use the same file extension than the + referenced file. In most cases, this can produce troubles when the + user or a program tries to access the file through the link. +See-Also: debian-policy 10.5 diff --git a/tags/c/concatenated-upstream-signatures.tag b/tags/c/concatenated-upstream-signatures.tag new file mode 100644 index 0000000..4de909e --- /dev/null +++ b/tags/c/concatenated-upstream-signatures.tag @@ -0,0 +1,7 @@ +Tag: concatenated-upstream-signatures +Severity: warning +Check: upstream-signature +Explanation: The packaging includes a detached upstream signature file that contains + multiple concatenated signature blocks. That is likely an error. + . + Please include only one signature block in the indicated signature file. diff --git a/tags/c/conffile-has-bad-file-type.tag b/tags/c/conffile-has-bad-file-type.tag new file mode 100644 index 0000000..7b9076f --- /dev/null +++ b/tags/c/conffile-has-bad-file-type.tag @@ -0,0 +1,8 @@ +Tag: conffile-has-bad-file-type +Severity: error +Check: conffiles +See-Also: Bug#690051, Bug#690910 +Explanation: The conffiles lists this path, which is not a file. This will + almost certainly not work. + . + Note that dpkg does not support symlinks being conffiles. diff --git a/tags/c/config-does-not-load-confmodule.tag b/tags/c/config-does-not-load-confmodule.tag new file mode 100644 index 0000000..c566c82 --- /dev/null +++ b/tags/c/config-does-not-load-confmodule.tag @@ -0,0 +1,4 @@ +Tag: config-does-not-load-confmodule +Severity: warning +Check: debian/debconf +Explanation: The config script must load one of the debconf libraries. diff --git a/tags/c/config-file-reserved.tag b/tags/c/config-file-reserved.tag new file mode 100644 index 0000000..78e9768 --- /dev/null +++ b/tags/c/config-file-reserved.tag @@ -0,0 +1,5 @@ +Tag: config-file-reserved +Severity: error +Check: files/pam +Explanation: This file is reserved by a specific package. Please email the + maintainer of the package in question if you have questions. diff --git a/tags/c/configure-generated-file-in-source.tag b/tags/c/configure-generated-file-in-source.tag new file mode 100644 index 0000000..702a3af --- /dev/null +++ b/tags/c/configure-generated-file-in-source.tag @@ -0,0 +1,17 @@ +Tag: configure-generated-file-in-source +Severity: warning +Check: build-systems/autotools +Explanation: Leaving config.cache/status causes autobuilders problems. + config.cache and config.status are produced by GNU autoconf's configure + scripts. If they are left in the source package, autobuilders may pick + up settings for the wrong architecture. + . + The clean rule in <code>debian/rules</code> should remove this file. This + should ideally be done by fixing the upstream build system to do it when + you run the appropriate cleaning command (and don't forget to forward the + fix to the upstream authors so it doesn't happen in the next release). If + that is already implemented, then make sure you are indeed cleaning it in + the clean rule. If all else fails, a simple rm -f should work. + . + Note that Lintian cannot reliably detect the removal in the clean rule, + so once you fix this, please ignore or override this warning. diff --git a/tags/c/conflicting-negation-in-source-relation.tag b/tags/c/conflicting-negation-in-source-relation.tag new file mode 100644 index 0000000..4d99e52 --- /dev/null +++ b/tags/c/conflicting-negation-in-source-relation.tag @@ -0,0 +1,8 @@ +Tag: conflicting-negation-in-source-relation +Severity: error +Check: fields/package-relations +See-Also: debian-policy 7.1 +Explanation: The architecture string in this source relation has some + negated architectures (prepended by <code>!</code>) and others that are not + negated. This is not permitted by Policy. Either all architectures must + be negated or none of them may be. diff --git a/tags/c/conflicting-test-fields.tag b/tags/c/conflicting-test-fields.tag new file mode 100644 index 0000000..7136cf8 --- /dev/null +++ b/tags/c/conflicting-test-fields.tag @@ -0,0 +1,11 @@ +Tag: conflicting-test-fields +Severity: warning +Check: testsuite +Renamed-from: + exclusive-runtime-tests-field +Explanation: The given section in the <code>debian/tests/control</code> file specifies + two conflicting fields. + . + Please pick one. +See-Also: + https://salsa.debian.org/ci-team/autopkgtest/tree/master/doc/README.package-tests.rst diff --git a/tags/c/conflicts-with-dependency.tag b/tags/c/conflicts-with-dependency.tag new file mode 100644 index 0000000..d6c37db --- /dev/null +++ b/tags/c/conflicts-with-dependency.tag @@ -0,0 +1,6 @@ +Tag: conflicts-with-dependency +Severity: error +Check: fields/package-relations +See-Also: debian-policy 7.4 +Explanation: The package seems to conflict with one of its dependencies, + recommendations, or suggestions by listing it in Conflicts or Breaks. diff --git a/tags/c/conflicts-with-version.tag b/tags/c/conflicts-with-version.tag new file mode 100644 index 0000000..0692972 --- /dev/null +++ b/tags/c/conflicts-with-version.tag @@ -0,0 +1,11 @@ +Tag: conflicts-with-version +Severity: info +Check: fields/package-relations +See-Also: debian-policy 7.4 +Explanation: An earlier-than version clause is normally an indication that Breaks + should be used instead of Conflicts. Breaks is a weaker requirement that + provides the package manager more leeway to find a valid upgrade path. + Conflicts should only be used if two packages can never be unpacked at + the same time, or for some situations involving virtual packages (where a + version clause is not appropriate). In particular, when moving files + between packages, use Breaks plus Replaces, not Conflicts plus Replaces. diff --git a/tags/c/control-file-contains-dh-make-vcs-comment.tag b/tags/c/control-file-contains-dh-make-vcs-comment.tag new file mode 100644 index 0000000..744b311 --- /dev/null +++ b/tags/c/control-file-contains-dh-make-vcs-comment.tag @@ -0,0 +1,10 @@ +Tag: control-file-contains-dh-make-vcs-comment +Severity: warning +Check: template/dh-make/control/vcs +Renamed-From: + control-file-contains-dh_make-vcs-comment +Explanation: The control file contains <code>VCS-*</code> lines that are + commented out. They were most likely placed there by <code>dh_make</code>. + . + If the URLs are valid, they should be uncommented. Otherwise, they should be + removed. diff --git a/tags/c/control-file-has-bad-owner.tag b/tags/c/control-file-has-bad-owner.tag new file mode 100644 index 0000000..eb713e2 --- /dev/null +++ b/tags/c/control-file-has-bad-owner.tag @@ -0,0 +1,5 @@ +Tag: control-file-has-bad-owner +Severity: error +Check: control-files +See-Also: debian-policy 10.9 +Explanation: All control files should be owned by root/root. diff --git a/tags/c/control-file-has-bad-permissions.tag b/tags/c/control-file-has-bad-permissions.tag new file mode 100644 index 0000000..336a9f5 --- /dev/null +++ b/tags/c/control-file-has-bad-permissions.tag @@ -0,0 +1,7 @@ +Tag: control-file-has-bad-permissions +Severity: error +Check: control-files +See-Also: debian-policy 10.9 +Explanation: The <code>config</code>, <code>postinst</code>, <code>postrm</code>, + <code>preinst</code>, and <code>prerm</code> control files should use mode 0755; + all other control files should use 0644. diff --git a/tags/c/control-file-is-empty.tag b/tags/c/control-file-is-empty.tag new file mode 100644 index 0000000..c1cdb11 --- /dev/null +++ b/tags/c/control-file-is-empty.tag @@ -0,0 +1,5 @@ +Tag: control-file-is-empty +Severity: warning +Check: control-files +Explanation: The package contains an empty control file, which is most probably + an error. diff --git a/tags/c/control-file-is-not-a-file.tag b/tags/c/control-file-is-not-a-file.tag new file mode 100644 index 0000000..67f6887 --- /dev/null +++ b/tags/c/control-file-is-not-a-file.tag @@ -0,0 +1,4 @@ +Tag: control-file-is-not-a-file +Severity: error +Check: control-files +Explanation: The package contains a control file that is not a regular file. diff --git a/tags/c/control-interpreter-in-usr-local.tag b/tags/c/control-interpreter-in-usr-local.tag new file mode 100644 index 0000000..c914db4 --- /dev/null +++ b/tags/c/control-interpreter-in-usr-local.tag @@ -0,0 +1,7 @@ +Tag: control-interpreter-in-usr-local +Severity: error +Check: scripts +Explanation: A control script for this package references an interpreter in a + directory in <code>/usr/local</code>. Control scripts must use interpreters + provided by Debian packages, and Debian packages do not install anything + in <code>/usr/local</code>. diff --git a/tags/c/control-interpreter-without-depends.tag b/tags/c/control-interpreter-without-depends.tag new file mode 100644 index 0000000..8b376be --- /dev/null +++ b/tags/c/control-interpreter-without-depends.tag @@ -0,0 +1,7 @@ +Tag: control-interpreter-without-depends +Severity: error +Check: scripts +Explanation: The package contains a maintainer script that uses an unusual and + non-essential interpreter but does not declare a <code>Depends</code> on the + package that provides this interpreter. +See-Also: debian-policy 7.2 diff --git a/tags/c/control-interpreter-without-predepends.tag b/tags/c/control-interpreter-without-predepends.tag new file mode 100644 index 0000000..70bf616 --- /dev/null +++ b/tags/c/control-interpreter-without-predepends.tag @@ -0,0 +1,15 @@ +Tag: control-interpreter-without-predepends +Severity: error +Check: scripts +Renamed-From: + preinst-interpreter-without-predepends +Explanation: The package contains a <code>preinst</code> maintainer script that uses + an unusual and non-essential interpreter but does not declare a + <code>Pre-Depends</code> on the package that provides this interpreter. + . + <code>preinst</code> scripts should be written using only essential + interpreters to avoid additional dependency complexity. Please do not + add a <code>Pre-Depends</code> without following the policy section 3.5. +See-Also: + debian-policy 7.2, + debian-policy 3.5 diff --git a/tags/c/control-tarball-compression-format.tag b/tags/c/control-tarball-compression-format.tag new file mode 100644 index 0000000..154decf --- /dev/null +++ b/tags/c/control-tarball-compression-format.tag @@ -0,0 +1,4 @@ +Tag: control-tarball-compression-format +Severity: classification +Check: deb-format +Explanation: This is the compressor format used for the <code>control.tar</code> tarball. diff --git a/tags/c/copyright-contains-automatically-extracted-boilerplate.tag b/tags/c/copyright-contains-automatically-extracted-boilerplate.tag new file mode 100644 index 0000000..5c0b147 --- /dev/null +++ b/tags/c/copyright-contains-automatically-extracted-boilerplate.tag @@ -0,0 +1,8 @@ +Tag: copyright-contains-automatically-extracted-boilerplate +Severity: warning +Check: debian/copyright +See-Also: debian-policy 12.5 +Explanation: The string "This copyright info was automatically extracted" + appears in the copyright file, which indicates that you either didn't + check the whole source to find additional copyright/license, or that + you didn't remove that paragraph after having done so. diff --git a/tags/c/copyright-contains-dh_make-todo-boilerplate.tag b/tags/c/copyright-contains-dh_make-todo-boilerplate.tag new file mode 100644 index 0000000..b9e8590 --- /dev/null +++ b/tags/c/copyright-contains-dh_make-todo-boilerplate.tag @@ -0,0 +1,8 @@ +Tag: copyright-contains-dh_make-todo-boilerplate +Severity: error +Check: debian/copyright +See-Also: debian-policy 12.5 +Explanation: The string "Please also look if..." appears in the copyright + file, which indicates that you either didn't check the whole source + to find additional copyright/license, or that you didn't remove that + paragraph after having done so. diff --git a/tags/c/copyright-does-not-refer-to-common-license-file.tag b/tags/c/copyright-does-not-refer-to-common-license-file.tag new file mode 100644 index 0000000..483bd87 --- /dev/null +++ b/tags/c/copyright-does-not-refer-to-common-license-file.tag @@ -0,0 +1,7 @@ +Tag: copyright-does-not-refer-to-common-license-file +Severity: warning +Check: debian/copyright +Explanation: If your package uses any one of the licenses in + <code>/usr/share/common-licenses</code>, the copyright file should refer to + files therein. +See-Also: debian-policy 12.5 diff --git a/tags/c/copyright-file-compressed.tag b/tags/c/copyright-file-compressed.tag new file mode 100644 index 0000000..258a712 --- /dev/null +++ b/tags/c/copyright-file-compressed.tag @@ -0,0 +1,6 @@ +Tag: copyright-file-compressed +Severity: error +Check: debian/copyright +Explanation: The copyright file /usr/share/doc/*pkg*/copyright must not be + compressed. +See-Also: debian-policy 12.5 diff --git a/tags/c/copyright-file-contains-full-apache-2-license.tag b/tags/c/copyright-file-contains-full-apache-2-license.tag new file mode 100644 index 0000000..54301a8 --- /dev/null +++ b/tags/c/copyright-file-contains-full-apache-2-license.tag @@ -0,0 +1,7 @@ +Tag: copyright-file-contains-full-apache-2-license +Severity: error +Check: debian/copyright +Explanation: The copyright file /usr/share/doc/*pkg*/copyright contains the + complete text of the Apache 2.0 license. It should refer to the file + <code>/usr/share/common-licenses/Apache-2.0</code> instead. +See-Also: debian-policy 12.5 diff --git a/tags/c/copyright-file-contains-full-gfdl-license.tag b/tags/c/copyright-file-contains-full-gfdl-license.tag new file mode 100644 index 0000000..09b2dfe --- /dev/null +++ b/tags/c/copyright-file-contains-full-gfdl-license.tag @@ -0,0 +1,7 @@ +Tag: copyright-file-contains-full-gfdl-license +Severity: error +Check: debian/copyright +Explanation: The copyright file /usr/share/doc/*pkg*/copyright contains the + complete text of the GFDL v1.2. It should refer to the file + <code>/usr/share/common-licenses/GFDL-1.2</code> instead. +See-Also: debian-policy 12.5 diff --git a/tags/c/copyright-file-contains-full-gpl-license.tag b/tags/c/copyright-file-contains-full-gpl-license.tag new file mode 100644 index 0000000..ed63564 --- /dev/null +++ b/tags/c/copyright-file-contains-full-gpl-license.tag @@ -0,0 +1,8 @@ +Tag: copyright-file-contains-full-gpl-license +Severity: error +Check: debian/copyright +Explanation: The copyright file /usr/share/doc/*pkg*/copyright contains the + complete text of the GPL v1, v2, or v3. It should refer to the file + <code>/usr/share/common-licenses/GPL-1</code>, <code>GPL-2</code>, or + <code>GPL-3</code> instead. +See-Also: debian-policy 12.5 diff --git a/tags/c/copyright-file-is-symlink.tag b/tags/c/copyright-file-is-symlink.tag new file mode 100644 index 0000000..c8cab54 --- /dev/null +++ b/tags/c/copyright-file-is-symlink.tag @@ -0,0 +1,6 @@ +Tag: copyright-file-is-symlink +Severity: error +Check: debian/copyright +Explanation: The copyright file /usr/share/doc/*pkg*/copyright must not be a + symbolic link. +See-Also: debian-policy 12.5 diff --git a/tags/c/copyright-file-lacks-pointer-to-perl-license.tag b/tags/c/copyright-file-lacks-pointer-to-perl-license.tag new file mode 100644 index 0000000..9533e6d --- /dev/null +++ b/tags/c/copyright-file-lacks-pointer-to-perl-license.tag @@ -0,0 +1,7 @@ +Tag: copyright-file-lacks-pointer-to-perl-license +Severity: error +Check: debian/copyright +See-Also: debian-policy 12.5 +Explanation: If your package is released under the same terms as Perl itself, + it should refer to the Artistic and GPL license files in the + <code>/usr/share/common-licenses</code> directory. diff --git a/tags/c/copyright-has-crs.tag b/tags/c/copyright-has-crs.tag new file mode 100644 index 0000000..ec8bf1e --- /dev/null +++ b/tags/c/copyright-has-crs.tag @@ -0,0 +1,9 @@ +Tag: copyright-has-crs +Severity: pedantic +Check: debian/copyright +Explanation: The copyright file has lines ending in CRLF instead of just LF. + . + Running the following command against the given file removes any + <code>CR</code> character in the file: + . + <code>sed -i 's/\r//g' path/to/file</code> diff --git a/tags/c/copyright-has-url-from-dh_make-boilerplate.tag b/tags/c/copyright-has-url-from-dh_make-boilerplate.tag new file mode 100644 index 0000000..20732bd --- /dev/null +++ b/tags/c/copyright-has-url-from-dh_make-boilerplate.tag @@ -0,0 +1,9 @@ +Tag: copyright-has-url-from-dh_make-boilerplate +Severity: warning +Check: debian/copyright +See-Also: debian-policy 12.5 +Explanation: There is "url://example.com" in your copyright file. This was most + likely a remnant from the dh_make template. + . + Make sure you include the real location where you obtained the + upstream sources (if any). diff --git a/tags/c/copyright-not-using-common-license-for-apache2.tag b/tags/c/copyright-not-using-common-license-for-apache2.tag new file mode 100644 index 0000000..671121e --- /dev/null +++ b/tags/c/copyright-not-using-common-license-for-apache2.tag @@ -0,0 +1,12 @@ +Tag: copyright-not-using-common-license-for-apache2 +Severity: error +Check: debian/copyright +Renamed-From: copyright-should-refer-to-common-license-file-for-apache-2 +See-Also: debian-policy 12.5 +Explanation: The strings "Apache License, Version" or "Apache-2" appear in the + copyright file for this package, but the copyright file does not + reference <code>/usr/share/common-licenses</code> as the location of the + Apache-2 on Debian systems. + . + If the copyright file must mention the Apache-2 for reasons other than + stating the license of the package, please add a Lintian override. diff --git a/tags/c/copyright-not-using-common-license-for-gfdl.tag b/tags/c/copyright-not-using-common-license-for-gfdl.tag new file mode 100644 index 0000000..6af2d5d --- /dev/null +++ b/tags/c/copyright-not-using-common-license-for-gfdl.tag @@ -0,0 +1,12 @@ +Tag: copyright-not-using-common-license-for-gfdl +Severity: error +Check: debian/copyright +Renamed-From: copyright-should-refer-to-common-license-file-for-gfdl +See-Also: debian-policy 12.5 +Explanation: The strings "GNU Free Documentation License" or "GFDL" appear in the + copyright file for this package, but the copyright file does not + reference <code>/usr/share/common-licenses</code> as the location of the GFDL + on Debian systems. + . + If the copyright file must mention the GFDL for reasons other than stating + the license of the package, please add a Lintian override. diff --git a/tags/c/copyright-not-using-common-license-for-gpl.tag b/tags/c/copyright-not-using-common-license-for-gpl.tag new file mode 100644 index 0000000..1488849 --- /dev/null +++ b/tags/c/copyright-not-using-common-license-for-gpl.tag @@ -0,0 +1,12 @@ +Tag: copyright-not-using-common-license-for-gpl +Severity: error +Check: debian/copyright +Renamed-From: copyright-should-refer-to-common-license-file-for-gpl +See-Also: debian-policy 12.5 +Explanation: The strings "GNU General Public License" or "GPL" appear in the + copyright file for this package, but the copyright file does not + reference <code>/usr/share/common-licenses</code> as the location of the GPL + on Debian systems. + . + If the copyright file must mention the GPL for reasons other than stating + the license of the package, please add a Lintian override. diff --git a/tags/c/copyright-not-using-common-license-for-lgpl.tag b/tags/c/copyright-not-using-common-license-for-lgpl.tag new file mode 100644 index 0000000..7ffd345 --- /dev/null +++ b/tags/c/copyright-not-using-common-license-for-lgpl.tag @@ -0,0 +1,13 @@ +Tag: copyright-not-using-common-license-for-lgpl +Severity: error +Check: debian/copyright +Renamed-From: copyright-should-refer-to-common-license-file-for-lgpl +See-Also: debian-policy 12.5 +Explanation: The strings "GNU Lesser General Public License", "GNU Library + General Public License", or "LGPL" appear in the copyright file for this + package, but the copyright file does not reference + <code>/usr/share/common-licenses</code> as the location of the LGPL on Debian + systems. + . + If the copyright file must mention the LGPL for reasons other than stating + the license of the package, please add a Lintian override. diff --git a/tags/c/copyright-refers-to-compressed-license.tag b/tags/c/copyright-refers-to-compressed-license.tag new file mode 100644 index 0000000..65ce0e3 --- /dev/null +++ b/tags/c/copyright-refers-to-compressed-license.tag @@ -0,0 +1,7 @@ +Tag: copyright-refers-to-compressed-license +Severity: error +Check: debian/copyright +Explanation: The /usr/share/doc/*pkg*/copyright file refers to a standard license + /usr/share/common-licenses/{GPL,LGPL,Artistic,BSD}.gz as a compressed + file. Please update the reference (the licenses are installed + uncompressed). diff --git a/tags/c/copyright-refers-to-deprecated-bsd-license-file.tag b/tags/c/copyright-refers-to-deprecated-bsd-license-file.tag new file mode 100644 index 0000000..d81099a --- /dev/null +++ b/tags/c/copyright-refers-to-deprecated-bsd-license-file.tag @@ -0,0 +1,13 @@ +Tag: copyright-refers-to-deprecated-bsd-license-file +Severity: warning +Check: debian/copyright +See-Also: debian-policy 12.5 +Explanation: The copyright file refers to + <code>/usr/share/common-licenses/BSD</code>. Due to the brevity of this + license, the specificity of this copy to code whose copyright is held by + the Regents of the University of California, and the frequency of minor + wording changes in the license, its text should be included in the + copyright file directly rather than referencing this file. + . + This file may be removed from a future version of base-files if + references to it drop sufficiently. diff --git a/tags/c/copyright-refers-to-incorrect-directory.tag b/tags/c/copyright-refers-to-incorrect-directory.tag new file mode 100644 index 0000000..63c4cb6 --- /dev/null +++ b/tags/c/copyright-refers-to-incorrect-directory.tag @@ -0,0 +1,6 @@ +Tag: copyright-refers-to-incorrect-directory +Severity: error +Check: debian/copyright +See-Also: debian-policy 12.5 +Explanation: In the directory name /usr/share/common-licenses, licenses is spelled + with an "s", not as licences with a "c". diff --git a/tags/c/copyright-refers-to-nonexistent-license-file.tag b/tags/c/copyright-refers-to-nonexistent-license-file.tag new file mode 100644 index 0000000..0be8691 --- /dev/null +++ b/tags/c/copyright-refers-to-nonexistent-license-file.tag @@ -0,0 +1,7 @@ +Tag: copyright-refers-to-nonexistent-license-file +Severity: warning +Check: debian/copyright +Explanation: The copyright file refers to a license in + <code>/usr/share/common-licenses</code> that doesn't exist. Usually this is + a typo, such as accidentally omitting the <code>-</code> between the license + name and the version number. diff --git a/tags/c/copyright-refers-to-old-directory.tag b/tags/c/copyright-refers-to-old-directory.tag new file mode 100644 index 0000000..bb62b58 --- /dev/null +++ b/tags/c/copyright-refers-to-old-directory.tag @@ -0,0 +1,7 @@ +Tag: copyright-refers-to-old-directory +Severity: error +Check: debian/copyright +Explanation: The common licenses (GPL, BSD, Artistic, etc) have been moved from + /usr/doc/copyright to /usr/share/common-licenses. + Copyright files should be updated. +See-Also: debian-policy 12.5 diff --git a/tags/c/copyright-refers-to-symlink-license.tag b/tags/c/copyright-refers-to-symlink-license.tag new file mode 100644 index 0000000..5f25220 --- /dev/null +++ b/tags/c/copyright-refers-to-symlink-license.tag @@ -0,0 +1,21 @@ +Tag: copyright-refers-to-symlink-license +Severity: pedantic +Check: debian/copyright +Explanation: The copyright file refers to the versionless symlink in + <code>/usr/share/common-licenses</code> for the full text of the GPL, LGPL, + or GFDL license. This symlink is updated to point to the latest version + of the license when a new one is released. The package appears to allow + relicensing under later versions of its license, so this is legally + consistent, but it implies that Debian will relicense the package under + later versions of those licenses as they're released. It is normally + better to point to the version of the license the package references in + its license statement. + . + For example, if the package says something like "you may redistribute it + and/or modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2, or (at your + option) any later version", the <code>debian/copyright</code> file should + refer to <code>/usr/share/common-licenses/GPL-2</code>, not <code>/GPL</code>. + . + For packages released under the same terms as Perl, Perl references the + GPL version 1, so point to <code>/usr/share/common-licenses/GPL-1</code>. diff --git a/tags/c/copyright-refers-to-versionless-license-file.tag b/tags/c/copyright-refers-to-versionless-license-file.tag new file mode 100644 index 0000000..bf06f4e --- /dev/null +++ b/tags/c/copyright-refers-to-versionless-license-file.tag @@ -0,0 +1,17 @@ +Tag: copyright-refers-to-versionless-license-file +Severity: warning +Check: debian/copyright +Explanation: The copyright file refers to the versionless symlink in + <code>/usr/share/common-licenses</code> for the full text of the GPL, LGPL, + or GFDL license, but the package does not appear to allow distribution + under later versions of the license. This symlink will change with each + release of a new version of the license and may therefore point to a + different version than the package is released under. + <code>debian/copyright</code> should instead refers to the specific version + of the license that the package references. + . + For example, if the package says something like "you can redistribute it + and/or modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; version 2 dated June, 1991," + the <code>debian/copyright</code> file should refer to + <code>/usr/share/common-licenses/GPL-2</code>, not <code>/GPL</code>. diff --git a/tags/c/copyright-with-old-dh-make-debian-copyright.tag b/tags/c/copyright-with-old-dh-make-debian-copyright.tag new file mode 100644 index 0000000..5944afc --- /dev/null +++ b/tags/c/copyright-with-old-dh-make-debian-copyright.tag @@ -0,0 +1,14 @@ +Tag: copyright-with-old-dh-make-debian-copyright +Severity: pedantic +Check: debian/copyright +Explanation: The copyright file contains the incomplete Debian packaging + copyright boilerplate from older versions of <code>dh_make</code>. + <code>(C)</code> alone is not considered a valid copyright notice in some + countries. The word <code>Copyright</code> or the ยฉ symbol should be used + instead or in addition to <code>(C)</code>. + . + Copyright notices like this are, in any country that's a signatory to the + Berne Convention, not required to claim copyright on a work, but their + presence may allow claiming additional damages should a copyright case go + to court. If you provide a notice, you may as well provide one that's + legally recognized in a broader range of countries. diff --git a/tags/c/copyright-without-copyright-notice.tag b/tags/c/copyright-without-copyright-notice.tag new file mode 100644 index 0000000..3ceee44 --- /dev/null +++ b/tags/c/copyright-without-copyright-notice.tag @@ -0,0 +1,22 @@ +Tag: copyright-without-copyright-notice +Severity: warning +Check: debian/copyright +See-Also: https://ftp-master.debian.org/REJECT-FAQ.html +Explanation: The copyright file for this package does not appear to contain a + copyright notice. You should copy the copyright notice from the upstream + source (or add one of your own for a native package). A copyright notice + must consist of Copyright, Copr., or the Unicode symbol of C in a circle + followed by the years and the copyright holder. A copyright notice is + not required for a work to be copyrighted, but Debian requires the + copyright file include the authors and years of copyright, and including + a valid copyright notice is the best way to do that. Examples: + . + Copyright YYYY Firstname Lastname <address@example.com> + Copr. YYYY-YYYY Firstname Lastname <address@example.com> + ยฉ YYYY,YYYY Firstname Lastname <address@example.com> + . + If the package is in the public domain rather than copyrighted, be sure + to mention "public domain" in the copyright file. Please be aware that + this is very rare and not the same as a DFSG-free license. True public + domain software is generally limited to such special cases as a work + product of a United States government agency. diff --git a/tags/c/country-in-manual.tag b/tags/c/country-in-manual.tag new file mode 100644 index 0000000..229f958 --- /dev/null +++ b/tags/c/country-in-manual.tag @@ -0,0 +1,10 @@ +Tag: country-in-manual +Severity: warning +Check: documentation/manual +Renamed-From: manpage-locale-dir-country-specific +Explanation: This package installs a manual page in a locale directory that + includes the country name. A country name should not be included in the + directory name unless it indicates a significant difference in the + language. The known cases where country names are appropriate are pt_BR + and zh_*. +See-Also: debian-policy 12.1 diff --git a/tags/c/csh-considered-harmful.tag b/tags/c/csh-considered-harmful.tag new file mode 100644 index 0000000..e2ebe7e --- /dev/null +++ b/tags/c/csh-considered-harmful.tag @@ -0,0 +1,7 @@ +Tag: csh-considered-harmful +Severity: warning +Check: shell/csh +Explanation: The Debian policy for scripts explicitly warns against using + <code>csh</code> and <code>tcsh</code> as scripting languages. +See-Also: + debian-policy 10.4 diff --git a/tags/c/ctrl-script.tag b/tags/c/ctrl-script.tag new file mode 100644 index 0000000..d3304ec --- /dev/null +++ b/tags/c/ctrl-script.tag @@ -0,0 +1,7 @@ +Tag: ctrl-script +Severity: classification +Check: control-files +Explanation: This package has one or more maintainer scripts (or other + executable control files). + . + This flags any control file with the executable bit set. diff --git a/tags/c/custom-compression-in-debian-rules.tag b/tags/c/custom-compression-in-debian-rules.tag new file mode 100644 index 0000000..135b0f7 --- /dev/null +++ b/tags/c/custom-compression-in-debian-rules.tag @@ -0,0 +1,23 @@ +Tag: custom-compression-in-debian-rules +Severity: warning +Check: debian/rules +Renamed-From: debian-rules-should-not-use-custom-compression-settings +Explanation: This package calls <code>dh_builddeb(1)</code> to select a custom + compression level or algorithm in <code>debian/rules</code>. Please remove + the call and let dpkg-deb(1) select suitable defaults. + . + Custom compression settings are usually chosen for one of two + reasons: + . + Higher compression levels or more advanced algorithms shrink the + sizes of large files, but they can cause problems in the resource + constrained environments used in Debian's buildd infrastructure. + For example, higher than expected memory consumption may trigger + an FTBFS or a failure to install. + . + Lower compression levels or less advanced algorithms are sometimes + needed to support older Debian version. Unfortunately, they also + make it harder to change the defaults on an archive-wide basis. + . + Some legitimate use cases trigger this tag. Please override it. +See-Also: Bug#829100, Bug#906614, Bug#909696, dpkg-deb(1) diff --git a/tags/c/custom-compression-in-debian-source-options.tag b/tags/c/custom-compression-in-debian-source-options.tag new file mode 100644 index 0000000..a253354 --- /dev/null +++ b/tags/c/custom-compression-in-debian-source-options.tag @@ -0,0 +1,23 @@ +Tag: custom-compression-in-debian-source-options +Severity: warning +Check: debian/source-dir +Renamed-From: debian-source-options-has-custom-compression-settings +Explanation: This package selects a custom compression level or algorithm + in <code>debian/source/options</code>. Please remove the call and let + dpkg-deb(1) select suitable defaults. + . + Custom compression settings are usually chosen for one of two + reasons: + . + Higher compression levels or more advanced algorithms shrink the + sizes of large files, but they can cause problems in the resource + constrained environments used in Debian's buildd infrastructure. + For example, higher than expected memory consumption may trigger + an FTBFS or a failure to install. + . + Lower compression levels or less advanced algorithms are sometimes + needed to support older Debian version. Unfortunately, they also + make it harder to change the defaults on an archive-wide basis. + . + Some legitimate use cases trigger this tag. Please override it. +See-Also: Bug#829100, Bug#906614, Bug#909696, dpkg-deb(1) diff --git a/tags/c/custom-library-search-path.tag b/tags/c/custom-library-search-path.tag new file mode 100644 index 0000000..76b36ad --- /dev/null +++ b/tags/c/custom-library-search-path.tag @@ -0,0 +1,25 @@ +Tag: custom-library-search-path +Severity: error +Check: binaries/rpath +Renamed-From: + binary-or-shlib-defines-rpath +Explanation: The binary or shared library sets RPATH or RUNPATH. This + overrides the normal library search path, possibly interfering with + local policy and causing problems for multilib, among other issues. + . + The only time a binary or shared library in a Debian package should + set RPATH or RUNPATH is if it is linked to private shared libraries + in the same package. In that case, place those private shared + libraries in <code>/usr/lib/*package*</code>. Libraries used by + binaries in other packages should be placed in <code>/lib</code> or + <code>/usr/lib</code> as appropriate, with a proper SONAME, in which case + RPATH/RUNPATH is unnecessary. + . + To fix this problem, look for link lines like: + gcc test.o -o test -Wl,--rpath,/usr/local/lib + or + gcc test.o -o test -R/usr/local/lib + and remove the <code>-Wl,--rpath</code> or <code>-R</code> argument. You can also + use the chrpath utility to remove the RPATH. +See-Also: + https://wiki.debian.org/RpathIssue diff --git a/tags/c/cute-field.tag b/tags/c/cute-field.tag new file mode 100644 index 0000000..fde8489 --- /dev/null +++ b/tags/c/cute-field.tag @@ -0,0 +1,8 @@ +Tag: cute-field +Severity: pedantic +Check: fields/style +Explanation: The named field uses a free-style form of capitalization, which + is permitted by policy. The alternative offered is probably a more + common variant in the archive. +See-Also: + debian-policy 5.1 diff --git a/tags/continuous-integration/salsa/include.tag b/tags/continuous-integration/salsa/include.tag new file mode 100644 index 0000000..026cbd2 --- /dev/null +++ b/tags/continuous-integration/salsa/include.tag @@ -0,0 +1,5 @@ +Tag: include +Severity: classification +Check: continuous-integration/salsa +Name-Spaced: yes +Explanation: Include directive in a Salsa CI specification. diff --git a/tags/continuous-integration/salsa/specification.tag b/tags/continuous-integration/salsa/specification.tag new file mode 100644 index 0000000..bdd793b --- /dev/null +++ b/tags/continuous-integration/salsa/specification.tag @@ -0,0 +1,5 @@ +Tag: specification +Severity: classification +Check: continuous-integration/salsa +Name-Spaced: yes +Explanation: File name likely holding a Salsa CI specification. diff --git a/tags/d/data-tarball-compression-format.tag b/tags/d/data-tarball-compression-format.tag new file mode 100644 index 0000000..bd8c238 --- /dev/null +++ b/tags/d/data-tarball-compression-format.tag @@ -0,0 +1,4 @@ +Tag: data-tarball-compression-format +Severity: classification +Check: deb-format +Explanation: This is the compressor format used for the <code>data.tar</code> tarball. diff --git a/tags/d/dbg-package-missing-depends.tag b/tags/d/dbg-package-missing-depends.tag new file mode 100644 index 0000000..bd1a00e --- /dev/null +++ b/tags/d/dbg-package-missing-depends.tag @@ -0,0 +1,16 @@ +Tag: dbg-package-missing-depends +Severity: warning +Check: fields/package-relations +Explanation: The given binary package has a name of the form of "X-dbg", indicating it + contains detached debugging symbols for the package X. If so, it should + depend on the corresponding package, generally with (= ${binary:Version}) + since the debugging symbols are only useful with the binaries created by + the same build. + . + Note that the package being depended upon cannot be "Architecture: + all". + . + If this package provides debugging symbols for multiple other + packages, it should normally depend on all of those packages as + alternatives. In other words, <code>pkga (= ${binary:Version}) | pkgb (= + ${binary:Version})</code> and so forth. diff --git a/tags/d/dbus-policy-at-console.tag b/tags/d/dbus-policy-at-console.tag new file mode 100644 index 0000000..74f29d4 --- /dev/null +++ b/tags/d/dbus-policy-at-console.tag @@ -0,0 +1,28 @@ +Tag: dbus-policy-at-console +Severity: warning +Check: desktop/dbus +Explanation: The package contains D-Bus policy configuration that uses the + deprecated <code>at_console</code> condition to impose a different policy + for users who are "logged in at the console" according to + systemd-logind, ConsoleKit or similar APIs, such as: + . + <policy context="default"> + <deny send_destination="com.example.PowerManagementDaemon"/> + </policy> + <policy at_console="true"> + <allow send_destination="com.example.PowerManagementDaemon"/> + </policy> + . + The maintainers of D-Bus recommend that services should allow or deny + method calls according to broad categories that are not typically altered + by the system administrator (usually either "all users", or only root + and/or a specified system user). + . + If finer-grained authorization + is required, the service should accept the method call message, then call + out to PolicyKit to decide whether to honor the request. PolicyKit can + use system-administrator-configurable policies to make that decision, + including distinguishing between users who are "at the console" and + those who are not. +See-Also: + https://bugs.freedesktop.org/show_bug.cgi?id=39611 diff --git a/tags/d/dbus-policy-excessively-broad.tag b/tags/d/dbus-policy-excessively-broad.tag new file mode 100644 index 0000000..264a14f --- /dev/null +++ b/tags/d/dbus-policy-excessively-broad.tag @@ -0,0 +1,30 @@ +Tag: dbus-policy-excessively-broad +Severity: error +Check: desktop/dbus +Explanation: The package contains D-Bus policy configuration that + matches broad classes of messages. This will cause strange side-effects, + is almost certainly unintended, and is a probable security flaw. + . + For instance, + . + <policy user="daemon"> + <allow send_type="method_call"/> + <allow send_destination="com.example.Bees"/> + </policy> + . + in any system bus policy file would allow the <code>daemon</code> user to send + any method call to any service, including method calls which are meant to + be restricted to root-only for security, such as + <code>org.freedesktop.systemd1.Manager.StartTransientUnit</code>. (In addition, + it allows that user to send any message to the <code>com.example.Bees</code> + service.) + . + The intended policy for that particular example was probably more like + . + <policy user="daemon"> + <allow send_type="method_call" send_destination="com.example.Bees"/> + </policy> + . + which correctly allows method calls to that particular service only. +See-Also: + http://www.openwall.com/lists/oss-security/2015/01/27/25 diff --git a/tags/d/dbus-policy-in-etc.tag b/tags/d/dbus-policy-in-etc.tag new file mode 100644 index 0000000..b126f87 --- /dev/null +++ b/tags/d/dbus-policy-in-etc.tag @@ -0,0 +1,16 @@ +Tag: dbus-policy-in-etc +Severity: warning +Check: desktop/dbus +Explanation: The package contains D-Bus policy configuration and installs it + under <code>/etc/dbus-1/system.d</code> or + <code>/etc/dbus-1/session.d</code>. These directories are reserved for + local configuration, which overrides the default policies in + <code>/usr</code>. + . + The correct directory for system bus policy installed by packages is + <code>/usr/share/dbus-1/system.d</code>. + . + The correct directory for session bus policy installed by packages + (not usually needed) is <code>/usr/share/dbus-1/session.d</code>. +See-Also: + dbus-daemon(1) diff --git a/tags/d/dbus-policy-without-send-destination.tag b/tags/d/dbus-policy-without-send-destination.tag new file mode 100644 index 0000000..65b2345 --- /dev/null +++ b/tags/d/dbus-policy-without-send-destination.tag @@ -0,0 +1,37 @@ +Tag: dbus-policy-without-send-destination +Severity: warning +Check: desktop/dbus +Explanation: The package contains D-Bus policy configuration that uses + one of the <code>send_*</code> conditions, but does not specify a + <code>send_destination</code>, and is not specific to root. + . + Rules of the form + . + <allow send_interface="com.example.MyInterface"/> + . + allow messages with the given interface to be sent to *any* + service, not just the one installing the rule, which is rarely + what was intended. + . + Similarly, on the system bus, rules of the form + . + <deny send_interface="com.example.MyInterface"/> + . + are redundant with the system bus's default-deny policy, and have + unintended effects on other services. + . + This check ignores rules of the form + . + <policy user="root"> + <allow ... /> + </policy> + . + which are commonly used for the "agent" pattern seen in services like + BlueZ and NetworkManager: a root-privileged daemon calls out to + one or more per-user user interface agent processes with no specific + name, so <code>send_destination</code> is not easily applicable. + However, such rules should still be made as specific as possible to + avoid undesired side-effects. +See-Also: + https://bugs.freedesktop.org/show_bug.cgi?id=18961, + http://lists.freedesktop.org/archives/dbus/2008-February/009401.html diff --git a/tags/d/dbus-session-service-wrong-name.tag b/tags/d/dbus-session-service-wrong-name.tag new file mode 100644 index 0000000..d8b7d5c --- /dev/null +++ b/tags/d/dbus-session-service-wrong-name.tag @@ -0,0 +1,14 @@ +Tag: dbus-session-service-wrong-name +Severity: info +Check: desktop/dbus +Explanation: The package contains a D-Bus session service whose filename + does not match the <code>Name</code> field found in the file. + This makes it possible that two non-conflicting packages could + provide the same service name with the same search-path priority + (i.e. in the same directory). dbus-daemon will arbitrarily choose + one of them, which is unlikely to be the desired result. + . + Best-practice is that if you implement a session service whose well-known + name is <code>com.example.MyService1</code>, and it should be + service-activatable, you should achieve that by packaging + <code>/usr/share/dbus-1/services/com.example.MyService1.service</code>. diff --git a/tags/d/dbus-system-service-wrong-name.tag b/tags/d/dbus-system-service-wrong-name.tag new file mode 100644 index 0000000..eabc9dd --- /dev/null +++ b/tags/d/dbus-system-service-wrong-name.tag @@ -0,0 +1,13 @@ +Tag: dbus-system-service-wrong-name +Severity: error +Check: desktop/dbus +Explanation: The package contains a D-Bus system service whose filename + does not match the <code>Name</code> field found in the file. + This will not work, because dbus-daemon-launch-helper specifically + looks for that filename, in order to keep system-level activation + secure and predictable. + . + If you implement a session service whose well-known name is + <code>com.example.MyService1</code>, and it should be service-activatable, + you must provide + <code>/usr/share/dbus-1/system-services/com.example.MyService1.service</code>. diff --git a/tags/d/debconf-config-not-executable.tag b/tags/d/debconf-config-not-executable.tag new file mode 100644 index 0000000..1ec1e57 --- /dev/null +++ b/tags/d/debconf-config-not-executable.tag @@ -0,0 +1,5 @@ +Tag: debconf-config-not-executable +Severity: error +Check: debian/debconf +Explanation: The debconf "config" script in the package control area must be + executable. diff --git a/tags/d/debconf-is-not-a-registry.tag b/tags/d/debconf-is-not-a-registry.tag new file mode 100644 index 0000000..6fdbf4b --- /dev/null +++ b/tags/d/debconf-is-not-a-registry.tag @@ -0,0 +1,17 @@ +Tag: debconf-is-not-a-registry +Severity: warning +Check: debian/debconf +Explanation: In the Unix tradition, Debian packages should have human-readable and + human-editable configuration files. This package uses debconf commands + outside its maintainer scripts, which often indicates that it is taking + configuration information directly from the debconf database. Typically, + packages should use debconf-supplied information to generate + configuration files, and -- to avoid losing configuration information on + upgrades -- should parse these configuration files in the <code>config</code> + script if it is necessary to ask the user for changes. + . + Some standalone programs may legitimately use debconf to prompt the user + for questions. If you maintain a package containing such a program, + please install an override. Other exceptions to this check include + configuration scripts called from the package's post-installation script. +See-Also: developer-reference 6.5.1, debconf-devel(7) diff --git a/tags/d/debconf-translation-using-general-list.tag b/tags/d/debconf-translation-using-general-list.tag new file mode 100644 index 0000000..e3a5322 --- /dev/null +++ b/tags/d/debconf-translation-using-general-list.tag @@ -0,0 +1,11 @@ +Tag: debconf-translation-using-general-list +Severity: warning +Check: debian/po-debconf +Explanation: This debconf translation is using the general debconf-i18n list as + the address in the Language-Team field. + . + The intended purpose of the Language-Team field is to be an additional + contact for new translation requests in addition to the previous + translator (as recorded in Last-Translator). The field should therefore + point to a mailing list dedicated to the language of this PO file, not + the general list for translation discussions. diff --git a/tags/d/debhelper-autoscript-in-maintainer-scripts.tag b/tags/d/debhelper-autoscript-in-maintainer-scripts.tag new file mode 100644 index 0000000..c5c6f11 --- /dev/null +++ b/tags/d/debhelper-autoscript-in-maintainer-scripts.tag @@ -0,0 +1,5 @@ +Tag: debhelper-autoscript-in-maintainer-scripts +Severity: classification +Check: maintainer-scripts/generated +Explanation: The maintainer scripts of the package contain one or more + auto-generated shell snippets inserted by the listed debhelper tool. diff --git a/tags/d/debhelper-but-no-misc-depends.tag b/tags/d/debhelper-but-no-misc-depends.tag new file mode 100644 index 0000000..92df45a --- /dev/null +++ b/tags/d/debhelper-but-no-misc-depends.tag @@ -0,0 +1,10 @@ +Tag: debhelper-but-no-misc-depends +Severity: warning +Check: debhelper +See-Also: debhelper(7) +Explanation: The source package uses debhelper, but it does not include + ${misc:Depends} in the given binary package's debian/control entry. Any + debhelper command may add dependencies to ${misc:Depends} that are + required for the work that it does, so recommended best practice is to + always add ${misc:Depends} to the dependencies of each binary package if + debhelper is in use. diff --git a/tags/d/debhelper-compat-file-contains-multiple-levels.tag b/tags/d/debhelper-compat-file-contains-multiple-levels.tag new file mode 100644 index 0000000..bfcda33 --- /dev/null +++ b/tags/d/debhelper-compat-file-contains-multiple-levels.tag @@ -0,0 +1,11 @@ +Tag: debhelper-compat-file-contains-multiple-levels +Severity: error +Check: debhelper +See-Also: debhelper(7) +Explanation: The <code>debian/compat</code> file appears to contain multiple + compatibility levels. + . + This was likely due to the use of >> instead of > when + updating the level. + . + Please update the file to specify a single level. diff --git a/tags/d/debhelper-compat-file-is-empty.tag b/tags/d/debhelper-compat-file-is-empty.tag new file mode 100644 index 0000000..e88c99d --- /dev/null +++ b/tags/d/debhelper-compat-file-is-empty.tag @@ -0,0 +1,7 @@ +Tag: debhelper-compat-file-is-empty +Severity: error +Check: debhelper +See-Also: debhelper(7) +Explanation: The source package has an empty debian/compat file. This is an error, + the compat level of debhelper should be in there. Note that only the first + line of the file is relevant. diff --git a/tags/d/debhelper-compat-file-is-missing.tag b/tags/d/debhelper-compat-file-is-missing.tag new file mode 100644 index 0000000..f29c4e9 --- /dev/null +++ b/tags/d/debhelper-compat-file-is-missing.tag @@ -0,0 +1,14 @@ +Tag: debhelper-compat-file-is-missing +Severity: warning +Check: debhelper +Explanation: The package build-depends on debhelper but does not ship a compat + file. Packages not using an experimental or beta compatibility level + may alternatively Build-Depend on the debhelper-compat virtual package, + For example: + . + Build-Depends: debhelper-compat (= 13) + . + Please refer to the debhelper documentation on how to create the + compat file and the differences between each compat level. +See-Also: https://lists.debian.org/debian-devel-changes/2012/01/msg01335.html, + debhelper(7) diff --git a/tags/d/debhelper-compat-level.tag b/tags/d/debhelper-compat-level.tag new file mode 100644 index 0000000..b88b4a7 --- /dev/null +++ b/tags/d/debhelper-compat-level.tag @@ -0,0 +1,4 @@ +Tag: debhelper-compat-level +Severity: classification +Check: debhelper +Explanation: This is the debhelper compat level used specified by this package. diff --git a/tags/d/debhelper-compat-not-a-number.tag b/tags/d/debhelper-compat-not-a-number.tag new file mode 100644 index 0000000..c9cc85c --- /dev/null +++ b/tags/d/debhelper-compat-not-a-number.tag @@ -0,0 +1,6 @@ +Tag: debhelper-compat-not-a-number +Severity: error +Check: debhelper +See-Also: debhelper(7) +Explanation: The debhelper compatibility level specified in + <code>debian/compat</code> is not a number. diff --git a/tags/d/debhelper-compat-virtual-relation.tag b/tags/d/debhelper-compat-virtual-relation.tag new file mode 100644 index 0000000..3e22a7b --- /dev/null +++ b/tags/d/debhelper-compat-virtual-relation.tag @@ -0,0 +1,5 @@ +Tag: debhelper-compat-virtual-relation +Severity: classification +Check: debhelper +Explanation: This package is using the <code>debhelper-compat</code> virtual + package as a build-dependency. diff --git a/tags/d/debhelper-tools-from-autotools-dev-are-deprecated.tag b/tags/d/debhelper-tools-from-autotools-dev-are-deprecated.tag new file mode 100644 index 0000000..251dee9 --- /dev/null +++ b/tags/d/debhelper-tools-from-autotools-dev-are-deprecated.tag @@ -0,0 +1,19 @@ +Tag: debhelper-tools-from-autotools-dev-are-deprecated +Severity: warning +Check: debhelper +Explanation: The debhelper tools from autotools-dev has been replaced by the tool + <code>dh_update_autotools_config</code>, which was available in + debhelper (>= 9.20160114) + . + The <code>dh_update_autotools_config</code> is run + by default via the <code>dh</code> + command sequencer. If you are using <code>dh</code>, you can probably just remove + the uses of the tooling from autotools-dev without doing any further changes. + . + If you use the "classic" debhelper style, then please replace all + calls to <code>dh_autotools-dev_updateconfig</code> with + <code>dh_update_autotools_config</code>. The calls to + <code>dh_autotools-dev_restoreconfig</code> are replaced by + <code>dh_clean</code>, so they can most likely just be removed without + any further changes. +See-Also: Bug#878528 diff --git a/tags/d/debian-adds-arch-control-dir.tag b/tags/d/debian-adds-arch-control-dir.tag new file mode 100644 index 0000000..74f7324 --- /dev/null +++ b/tags/d/debian-adds-arch-control-dir.tag @@ -0,0 +1,14 @@ +Tag: debian-adds-arch-control-dir +Severity: warning +Check: files/artifact +Renamed-From: + diff-contains-arch-control-dir +Explanation: The Debian diff or native package contains files in an {arch} or + .arch-ids directory or a directory starting with <code>,,</code> (used by baz + for debugging traces). These are usually artifacts of the revision + control system used by the Debian maintainer and not useful in a diff or + native package. <code>dpkg-source</code> will automatically exclude these if + it is passed <code>-I</code> or <code>-i</code> for native and non-native + packages respectively. +See-Also: + dpkg-source(1) diff --git a/tags/d/debian-adds-arch-inventory-file.tag b/tags/d/debian-adds-arch-inventory-file.tag new file mode 100644 index 0000000..328f76f --- /dev/null +++ b/tags/d/debian-adds-arch-inventory-file.tag @@ -0,0 +1,8 @@ +Tag: debian-adds-arch-inventory-file +Severity: warning +Check: files/artifact +Renamed-From: + diff-contains-arch-inventory-file +Explanation: The Debian diff or native package contains an + <code>.arch-inventory</code> file. This is Arch metadata that should + normally not be distributed. diff --git a/tags/d/debian-adds-bts-control-dir.tag b/tags/d/debian-adds-bts-control-dir.tag new file mode 100644 index 0000000..5ee0c1b --- /dev/null +++ b/tags/d/debian-adds-bts-control-dir.tag @@ -0,0 +1,12 @@ +Tag: debian-adds-bts-control-dir +Severity: warning +Check: files/artifact +Renamed-From: + diff-contains-bts-control-dir +Explanation: The Debian diff or native package contains files in a directory + used by a bug tracking system, which are not useful in a diff or native + package. <code>dpkg-source</code> will automatically exclude these if it + is passed <code>-I</code> or <code>-i</code> for native and non-native packages + respectively. +See-Also: + dpkg-source(1) diff --git a/tags/d/debian-adds-bzr-control-dir.tag b/tags/d/debian-adds-bzr-control-dir.tag new file mode 100644 index 0000000..cecda2f --- /dev/null +++ b/tags/d/debian-adds-bzr-control-dir.tag @@ -0,0 +1,12 @@ +Tag: debian-adds-bzr-control-dir +Severity: warning +Check: files/artifact +Renamed-From: + diff-contains-bzr-control-dir +Explanation: The Debian diff or native package contains files in a .bzr + directory. These are usually artifacts of the revision control system + used by the Debian maintainer and not useful in a diff or native package. + <code>dpkg-source</code> will automatically exclude these if it is passed + <code>-I</code> or <code>-i</code> for native and non-native packages respectively. +See-Also: + dpkg-source(1) diff --git a/tags/d/debian-adds-cvs-conflict-copy.tag b/tags/d/debian-adds-cvs-conflict-copy.tag new file mode 100644 index 0000000..c2d5e76 --- /dev/null +++ b/tags/d/debian-adds-cvs-conflict-copy.tag @@ -0,0 +1,10 @@ +Tag: debian-adds-cvs-conflict-copy +Severity: warning +Check: files/artifact +Renamed-From: + diff-contains-cvs-conflict-copy +Explanation: The Debian diff or native package contains a CVS conflict copy. + These have file names like <code>.#file.version</code> and are generated by + CVS when a conflict was detected when merging local changes with updates + from a source repository. They're useful only while resolving the + conflict and should not be included in the package. diff --git a/tags/d/debian-adds-cvs-control-dir.tag b/tags/d/debian-adds-cvs-control-dir.tag new file mode 100644 index 0000000..29311eb --- /dev/null +++ b/tags/d/debian-adds-cvs-control-dir.tag @@ -0,0 +1,11 @@ +Tag: debian-adds-cvs-control-dir +Severity: warning +Check: files/artifact +Renamed-From: + diff-contains-cvs-control-dir +Explanation: The Debian diff or native package contains files in a CVS directory. + These are usually artifacts of the revision control system used by the + Debian maintainer and not useful in a diff or native package. + <code>dpkg-source</code> will automatically exclude these if it is passed + <code>-I</code> or <code>-i</code> for native and non-native packages respectively. +See-Also: dpkg-source(1) diff --git a/tags/d/debian-adds-editor-backup-file.tag b/tags/d/debian-adds-editor-backup-file.tag new file mode 100644 index 0000000..7cefaf5 --- /dev/null +++ b/tags/d/debian-adds-editor-backup-file.tag @@ -0,0 +1,11 @@ +Tag: debian-adds-editor-backup-file +Severity: warning +Check: files/artifact +Renamed-From: + diff-contains-editor-backup-file +Explanation: The Debian diff or native package contains a file ending in + <code>~</code> or of the form <code>.xxx.swp</code>, which is normally either an + Emacs or vim backup file or a backup file created by programs such as + <code>autoheader</code> or <code>debconf-updatepo</code>. This usually causes no + harm, but it's messy and bloats the size of the Debian diff to no useful + purpose. diff --git a/tags/d/debian-adds-git-control-dir.tag b/tags/d/debian-adds-git-control-dir.tag new file mode 100644 index 0000000..2469e4a --- /dev/null +++ b/tags/d/debian-adds-git-control-dir.tag @@ -0,0 +1,12 @@ +Tag: debian-adds-git-control-dir +Severity: warning +Check: files/artifact +Renamed-From: + diff-contains-git-control-dir +Explanation: The Debian diff or native package contains files in a .git + directory. These are usually artifacts of the revision control system + used by the Debian maintainer and not useful in a diff or native package. + <code>dpkg-source</code> will automatically exclude these if it is passed + <code>-I</code> or <code>-i</code> for native and non-native packages respectively. +See-Also: + dpkg-source(1) diff --git a/tags/d/debian-adds-hg-control-dir.tag b/tags/d/debian-adds-hg-control-dir.tag new file mode 100644 index 0000000..8329d6a --- /dev/null +++ b/tags/d/debian-adds-hg-control-dir.tag @@ -0,0 +1,12 @@ +Tag: debian-adds-hg-control-dir +Severity: warning +Check: files/artifact +Renamed-From: + diff-contains-hg-control-dir +Explanation: The Debian diff or native package contains files in a .hg + directory. These are usually artifacts of the revision control system + used by the Debian maintainer and not useful in a diff or native package. + <code>dpkg-source</code> will automatically exclude these if it is passed + <code>-I</code> or <code>-i</code> for native and non-native packages respectively. +See-Also: + dpkg-source(1) diff --git a/tags/d/debian-adds-hg-tags-file.tag b/tags/d/debian-adds-hg-tags-file.tag new file mode 100644 index 0000000..84eac9c --- /dev/null +++ b/tags/d/debian-adds-hg-tags-file.tag @@ -0,0 +1,9 @@ +Tag: debian-adds-hg-tags-file +Severity: warning +Check: files/artifact +Renamed-From: + diff-contains-hg-tags-file +Explanation: The Debian diff or native package contains an <code>.hgtags</code> + file. This file is Mercurial metadata that should normally not be + distributed. It stores hashes of tagged commits in a Mercurial + repository and isn't therefore useful without the repository. diff --git a/tags/d/debian-adds-patch-failure-file.tag b/tags/d/debian-adds-patch-failure-file.tag new file mode 100644 index 0000000..134c6ff --- /dev/null +++ b/tags/d/debian-adds-patch-failure-file.tag @@ -0,0 +1,10 @@ +Tag: debian-adds-patch-failure-file +Severity: warning +Check: files/artifact +Renamed-From: + diff-contains-patch-failure-file +Explanation: The Debian diff or native package contains a file that looks like + the files left behind by the <code>patch</code> utility when it cannot + completely apply a diff. This may be left over from a patch applied by + the maintainer. Normally such files should not be included in the + package. diff --git a/tags/d/debian-adds-quilt-control-dir.tag b/tags/d/debian-adds-quilt-control-dir.tag new file mode 100644 index 0000000..3134c4f --- /dev/null +++ b/tags/d/debian-adds-quilt-control-dir.tag @@ -0,0 +1,12 @@ +Tag: debian-adds-quilt-control-dir +Severity: warning +Check: files/artifact +Renamed-From: + diff-contains-quilt-control-dir +Explanation: The Debian diff or native package contains files in a directory + used by quilt, which are not useful in a diff or native package. + <code>dpkg-source</code> will automatically exclude these if it is passed + <code>-I</code> or <code>-i</code> for native and non-native packages + respectively. +See-Also: + dpkg-source(1) diff --git a/tags/d/debian-adds-svk-commit-file.tag b/tags/d/debian-adds-svk-commit-file.tag new file mode 100644 index 0000000..59175ed --- /dev/null +++ b/tags/d/debian-adds-svk-commit-file.tag @@ -0,0 +1,8 @@ +Tag: debian-adds-svk-commit-file +Severity: warning +Check: files/artifact +Renamed-From: + diff-contains-svk-commit-file +Explanation: The Debian diff or native package contains an + <code>svk-commitNNN.tmp</code>, almost certainly a left-over from a failed + svk commit by the Debian package maintainer. diff --git a/tags/d/debian-adds-svn-commit-file.tag b/tags/d/debian-adds-svn-commit-file.tag new file mode 100644 index 0000000..56db3ef --- /dev/null +++ b/tags/d/debian-adds-svn-commit-file.tag @@ -0,0 +1,8 @@ +Tag: debian-adds-svn-commit-file +Severity: warning +Check: files/artifact +Renamed-From: + diff-contains-svn-commit-file +Explanation: The Debian diff or native package contains an + <code>svn-commit(.NNN).tmp</code>, almost certainly a left-over from a failed + Subversion commit by the Debian package maintainer. diff --git a/tags/d/debian-adds-svn-conflict-file.tag b/tags/d/debian-adds-svn-conflict-file.tag new file mode 100644 index 0000000..fc170c2 --- /dev/null +++ b/tags/d/debian-adds-svn-conflict-file.tag @@ -0,0 +1,10 @@ +Tag: debian-adds-svn-conflict-file +Severity: warning +Check: files/artifact +Renamed-From: + diff-contains-svn-conflict-file +Explanation: The Debian diff or native package contains a file that looks like a + Subversion conflict file. These are generated by Subversion when a + conflict was detected while merging local changes with updates from a + source repository. Use <code>svn resolved</code> to remove them and clear + the Subversion conflict state after you have resolved the conflict. diff --git a/tags/d/debian-adds-svn-control-dir.tag b/tags/d/debian-adds-svn-control-dir.tag new file mode 100644 index 0000000..5c9c73f --- /dev/null +++ b/tags/d/debian-adds-svn-control-dir.tag @@ -0,0 +1,11 @@ +Tag: debian-adds-svn-control-dir +Severity: warning +Check: files/artifact +Renamed-From: + diff-contains-svn-control-dir +Explanation: The Debian diff or native package contains files in an .svn + directory. These are usually artifacts of the revision control system + used by the Debian maintainer and not useful in a diff or native package. + <code>dpkg-source</code> will automatically exclude these if it is passed + <code>-I</code> or <code>-i</code> for native and non-native packages respectively. +See-Also: dpkg-source(1) diff --git a/tags/d/debian-build-system.tag b/tags/d/debian-build-system.tag new file mode 100644 index 0000000..70282ea --- /dev/null +++ b/tags/d/debian-build-system.tag @@ -0,0 +1,5 @@ +Tag: debian-build-system +Severity: classification +Check: debhelper +Explanation: This is the build system that Lintian believes the package is + using. diff --git a/tags/d/debian-changelog-file-contains-obsolete-user-emacs-settings.tag b/tags/d/debian-changelog-file-contains-obsolete-user-emacs-settings.tag new file mode 100644 index 0000000..4b2030e --- /dev/null +++ b/tags/d/debian-changelog-file-contains-obsolete-user-emacs-settings.tag @@ -0,0 +1,8 @@ +Tag: debian-changelog-file-contains-obsolete-user-emacs-settings +Severity: warning +Check: debian/changelog +Explanation: The add-log-mailing-address variable is no longer honored in + debian-changelog-mode, and should not appear in packages' changelog + files. Instead, put something like this in your ~/.emacs: + . + (setq debian-changelog-mailing-address "userid@debian.org") diff --git a/tags/d/debian-changelog-file-is-a-symlink.tag b/tags/d/debian-changelog-file-is-a-symlink.tag new file mode 100644 index 0000000..a9ec71b --- /dev/null +++ b/tags/d/debian-changelog-file-is-a-symlink.tag @@ -0,0 +1,13 @@ +Tag: debian-changelog-file-is-a-symlink +Severity: warning +Check: debian/changelog +Explanation: The Debian changelog file is a symlink to a file in a different + directory or not found in this package. Please don't do this. It makes + package checking and manipulation unnecessarily difficult. Because it was + a symlink, the Debian changelog file was not checked for other + problems. (Symlinks to another file in /usr/share/doc/*pkg* or a + subdirectory thereof are fine and should not trigger this warning.) + . + To refer to the changelog, copyright, and other documentation files of + another package that this one depends on, please symlink the entire + /usr/share/doc/*pkg* directory rather than individual files. diff --git a/tags/d/debian-changelog-file-missing-or-wrong-name.tag b/tags/d/debian-changelog-file-missing-or-wrong-name.tag new file mode 100644 index 0000000..4584e0a --- /dev/null +++ b/tags/d/debian-changelog-file-missing-or-wrong-name.tag @@ -0,0 +1,11 @@ +Tag: debian-changelog-file-missing-or-wrong-name +Severity: error +Check: debian/changelog +Explanation: Each Debian package (which provides a /usr/share/doc/*pkg* + directory) must install a Debian changelog file in + /usr/share/doc/*pkg*/changelog.Debian.gz + . + A common error is to name the Debian changelog like an upstream changelog + (/usr/share/doc/*pkg*/changelog.gz); therefore, Lintian will apply + further checks to such a file if it exists even after issuing this error. +See-Also: debian-policy 12.7 diff --git a/tags/d/debian-changelog-has-wrong-day-of-week.tag b/tags/d/debian-changelog-has-wrong-day-of-week.tag new file mode 100644 index 0000000..8df5e05 --- /dev/null +++ b/tags/d/debian-changelog-has-wrong-day-of-week.tag @@ -0,0 +1,13 @@ +Tag: debian-changelog-has-wrong-day-of-week +Severity: warning +Check: debian/changelog +Explanation: The date in the changelog entry is not consistent with the actual + day of that week. Either the date is wrong or the day of week is wrong. + . + To avoid problems like this, consider using a tool like dch(1) or + date(1) to generate the date. Example: + . + $ date -R -ud '2013-11-05 23:59:59' + Tue, 05 Nov 2013 23:59:59 +0000 +Renamed-From: + debian-changelog-has-wrong-weekday diff --git a/tags/d/debian-changelog-line-too-long.tag b/tags/d/debian-changelog-line-too-long.tag new file mode 100644 index 0000000..04670c3 --- /dev/null +++ b/tags/d/debian-changelog-line-too-long.tag @@ -0,0 +1,7 @@ +Tag: debian-changelog-line-too-long +Severity: warning +Check: debian/changelog +Explanation: The given line of the latest changelog entry is over 80 columns. + Such changelog entries may look poor in terminal windows and mail + messages and be annoying to read. Please wrap changelog entries at 80 + columns or less where possible. diff --git a/tags/d/debian-changelog-line-too-short.tag b/tags/d/debian-changelog-line-too-short.tag new file mode 100644 index 0000000..79f191a --- /dev/null +++ b/tags/d/debian-changelog-line-too-short.tag @@ -0,0 +1,21 @@ +Tag: debian-changelog-line-too-short +Severity: pedantic +Check: debian/changelog +Explanation: The given line of the latest changelog entry appears to contain a + very terse entry. + . + This can make it hard for others to understand the changelog entry. + Please keep in mind that: + . + - It is not uncommon that people read changelog entries that are more + than a decade old to understand why a change was made or why a + package works in a specific way. + - Many users will read the changelog via + <code>apt-listchanges(1)</code> + - The information in <code>debian/changelog</code> is permanent. + . + Examples for entries that are too short include "dh 11" or simply + "Rยณ" - these could be expanded to, for example: + . + - Switch to debhelper compat 11. + - Set Rules-Requires-Root: no. diff --git a/tags/d/debian-control-file-is-a-symlink.tag b/tags/d/debian-control-file-is-a-symlink.tag new file mode 100644 index 0000000..79304c4 --- /dev/null +++ b/tags/d/debian-control-file-is-a-symlink.tag @@ -0,0 +1,11 @@ +Tag: debian-control-file-is-a-symlink +Severity: warning +Check: debian/control/link +Explanation: The <code>debian/control</code> file is a symbolic link. + . + It is not recommended to use anything other than plain files for the required + source files. Using links makes it harder to check and manipulate sources + automatically. + . + If the file must be available under multiple names, please make + <code>debian/control</code> the real file and let the other names point to it. diff --git a/tags/d/debian-control-has-dbgsym-package.tag b/tags/d/debian-control-has-dbgsym-package.tag new file mode 100644 index 0000000..5ecb70e --- /dev/null +++ b/tags/d/debian-control-has-dbgsym-package.tag @@ -0,0 +1,10 @@ +Tag: debian-control-has-dbgsym-package +Severity: error +Check: debug/automatic +Explanation: The <code>debian/control</code> file declares a <code>-dbgsym</code> + package. Those are now generated automatically. + . + Please remove the declaration and rely on the automatic process. +See-Also: + Bug#858117, + https://wiki.debian.org/DebugPackage diff --git a/tags/d/debian-control-has-empty-field.tag b/tags/d/debian-control-has-empty-field.tag new file mode 100644 index 0000000..a1f9634 --- /dev/null +++ b/tags/d/debian-control-has-empty-field.tag @@ -0,0 +1,8 @@ +Tag: debian-control-has-empty-field +Severity: info +Check: debian/control/field/empty +Explanation: The field on this line of <code>debian/control</code> is empty. + It is permitted in the syntax of Debian control files, but the field is + ignored. + . + Please consider removing the empty field. diff --git a/tags/d/debian-control-has-obsolete-dbg-package.tag b/tags/d/debian-control-has-obsolete-dbg-package.tag new file mode 100644 index 0000000..0949c2a --- /dev/null +++ b/tags/d/debian-control-has-obsolete-dbg-package.tag @@ -0,0 +1,14 @@ +Tag: debian-control-has-obsolete-dbg-package +Severity: info +Check: debug/obsolete +Explanation: The <code>debian/control</code> file declares a + <code>-dbg</code> package. + . + Debug packages are now generated automatically. It reduces the space requirements + for archive mirrors for regular operations. + . + Please drop the <code>-dbg</code> package the <code>debian/control</code> file. + Do not change it to a dummy package that depends on the <code>-dbgsym</code> + package. +See-Also: + https://wiki.debian.org/AutomaticDebugPackages diff --git a/tags/d/debian-control-has-unusual-field-spacing.tag b/tags/d/debian-control-has-unusual-field-spacing.tag new file mode 100644 index 0000000..5158baf --- /dev/null +++ b/tags/d/debian-control-has-unusual-field-spacing.tag @@ -0,0 +1,10 @@ +Tag: debian-control-has-unusual-field-spacing +Severity: pedantic +Check: debian/control/field/spacing +Explanation: A field in the <code>debian/control</code> file has an unusual + amount of whitespace after the colon. + . + The syntax for Deb822 files permits any kind of space, but according to Policy + there is a convention to use a single space after the colon. +See-Also: + debian-policy 5.1 diff --git a/tags/d/debian-control-repeats-field-name-in-value.tag b/tags/d/debian-control-repeats-field-name-in-value.tag new file mode 100644 index 0000000..af206fe --- /dev/null +++ b/tags/d/debian-control-repeats-field-name-in-value.tag @@ -0,0 +1,9 @@ +Tag: debian-control-repeats-field-name-in-value +Severity: warning +Check: debian/control/field/doubled-up +Explanation: The field on this line of <code>debian/control</code> repeats + the field name in the value of the field. As an example: + . + Maintainer: Maintainer: Some Name <maintainer@mail.example.com> +See-Also: + debian-policy 5.1 diff --git a/tags/d/debian-copyright-is-symlink.tag b/tags/d/debian-copyright-is-symlink.tag new file mode 100644 index 0000000..c0c9e6d --- /dev/null +++ b/tags/d/debian-copyright-is-symlink.tag @@ -0,0 +1,7 @@ +Tag: debian-copyright-is-symlink +Severity: warning +Check: debian/copyright +Explanation: The file <code>debian/copyright</code> is a symlink instead of a regular + file. This makes package checking and manipulation more difficult. + . + This problem may have prevented Lintian from performing other checks. diff --git a/tags/d/debian-files-list-in-source.tag b/tags/d/debian-files-list-in-source.tag new file mode 100644 index 0000000..063c574 --- /dev/null +++ b/tags/d/debian-files-list-in-source.tag @@ -0,0 +1,9 @@ +Tag: debian-files-list-in-source +Severity: error +Check: debian/files +Explanation: Leaving <code>debian/files</code> causes problems for the autobuilders, + since that file will likely include the list of .deb files for another + architecture, which will cause dpkg-buildpackage run by the buildd to fail. + . + The clean rule for the package should remove this file. +See-Also: debian-policy 4.12 diff --git a/tags/d/debian-news-entry-has-strange-distribution.tag b/tags/d/debian-news-entry-has-strange-distribution.tag new file mode 100644 index 0000000..552e89c --- /dev/null +++ b/tags/d/debian-news-entry-has-strange-distribution.tag @@ -0,0 +1,8 @@ +Tag: debian-news-entry-has-strange-distribution +Severity: warning +Check: debian/changelog +Explanation: The latest entry in NEWS.Debian has an unusual distribution name. + This field is ignored by the archive software, so its value doesn't truly + matter, but it may be confusing to users reading the entry if the + distribution doesn't match the distribution for the same entry in the + Debian changelog file. diff --git a/tags/d/debian-news-entry-has-unknown-version.tag b/tags/d/debian-news-entry-has-unknown-version.tag new file mode 100644 index 0000000..c84fdcb --- /dev/null +++ b/tags/d/debian-news-entry-has-unknown-version.tag @@ -0,0 +1,8 @@ +Tag: debian-news-entry-has-unknown-version +Severity: warning +Check: debian/changelog +Explanation: The version number of the most recent <code>NEWS.Debian</code> entry + does not match any of the version numbers in the changelog file for this + package. This usually means the version in <code>NEWS.Debian</code> needs to + be updated to match a change to package version that happened after the + <code>NEWS.Debian</code> entry was written. diff --git a/tags/d/debian-news-entry-uses-asterisk.tag b/tags/d/debian-news-entry-uses-asterisk.tag new file mode 100644 index 0000000..ce882b0 --- /dev/null +++ b/tags/d/debian-news-entry-uses-asterisk.tag @@ -0,0 +1,8 @@ +Tag: debian-news-entry-uses-asterisk +Severity: info +Check: debian/changelog +Explanation: The latest entry in NEWS.Debian appears to use asterisks to present + changes in a bulleted list, similar to the normal changelog syntax. The + Debian Developer's Reference recommends using regular paragraphs in + NEWS.Debian rather than a bulleted list. +See-Also: developer-reference 6.3.4 diff --git a/tags/d/debian-news-file-not-compressed.tag b/tags/d/debian-news-file-not-compressed.tag new file mode 100644 index 0000000..8e2bc67 --- /dev/null +++ b/tags/d/debian-news-file-not-compressed.tag @@ -0,0 +1,6 @@ +Tag: debian-news-file-not-compressed +Severity: warning +Check: debian/changelog +Explanation: NEWS.Debian files should be compressed using "gzip -9". The file + must always have the same name. +See-Also: developer-reference 6.3.4 diff --git a/tags/d/debian-pycompat-is-obsolete.tag b/tags/d/debian-pycompat-is-obsolete.tag new file mode 100644 index 0000000..394495e --- /dev/null +++ b/tags/d/debian-pycompat-is-obsolete.tag @@ -0,0 +1,6 @@ +# Imported from lintian4python (python/helpers) +Tag: debian-pycompat-is-obsolete +Severity: info +Check: languages/python/obsolete +Explanation: The file <code>debian/pycompat</code> is not used by any modern + Python helper. It should be safe to remove the file. diff --git a/tags/d/debian-pyversions-is-obsolete.tag b/tags/d/debian-pyversions-is-obsolete.tag new file mode 100644 index 0000000..0efdebd --- /dev/null +++ b/tags/d/debian-pyversions-is-obsolete.tag @@ -0,0 +1,8 @@ +Tag: debian-pyversions-is-obsolete +Severity: info +Check: languages/python/obsolete +Explanation: This package contains a <code>debian/pyversions</code> file. Since + dh_python2 it has been recommended to use the + <code>X-Python3-Version</code> field in <code>debian/control</code> instead. +See-Also: https://wiki.debian.org/Python/TransitionToDHPython2, + https://www.debian.org/doc/packaging-manuals/python-policy/ch-module_packages.html#s-specifying_versions diff --git a/tags/d/debian-revision-is-zero.tag b/tags/d/debian-revision-is-zero.tag new file mode 100644 index 0000000..1a4ac6d --- /dev/null +++ b/tags/d/debian-revision-is-zero.tag @@ -0,0 +1,10 @@ +Tag: debian-revision-is-zero +Severity: error +Check: fields/version +Renamed-From: debian-revision-should-not-be-zero +Explanation: The Debian version part (the part after the -) should start with one, + not with zero. This is to ensure that a correctly-done Maintainer Upload will + always have a higher version number than a Non-Maintainer upload: a NMU could + have been prepared which introduces this upstream version with + Debian-revision -0.1 +See-Also: developer-reference 5.11.2 diff --git a/tags/d/debian-revision-not-well-formed.tag b/tags/d/debian-revision-not-well-formed.tag new file mode 100644 index 0000000..a583890 --- /dev/null +++ b/tags/d/debian-revision-not-well-formed.tag @@ -0,0 +1,7 @@ +Tag: debian-revision-not-well-formed +Severity: warning +Check: fields/version +Explanation: The Debian version part (the part after the -) should consist of one + or two dot-separated parts: one for a regular maintainer release or two + for a source-NMU. +See-Also: developer-reference 5.11.2, debian-policy 5.6.12 diff --git a/tags/d/debian-rules-calls-debhelper-in-odd-order.tag b/tags/d/debian-rules-calls-debhelper-in-odd-order.tag new file mode 100644 index 0000000..a768c7e --- /dev/null +++ b/tags/d/debian-rules-calls-debhelper-in-odd-order.tag @@ -0,0 +1,10 @@ +Tag: debian-rules-calls-debhelper-in-odd-order +Severity: warning +Check: debian/rules +Explanation: One of the targets in the <code>debian/rules</code> file for this + package calls debhelper programs in an odd order. Normally, + dh_makeshlibs should be run before dh_shlibdeps or dh_installdeb, and + dh_shlibdeps should be run before dh_gencontrol. dh_builddeb should be + the last debhelper action when building the package, after any of the + other programs mentioned. Calling these programs in the wrong order may + cause incorrect or missing package files and metadata. diff --git a/tags/d/debian-rules-calls-pwd.tag b/tags/d/debian-rules-calls-pwd.tag new file mode 100644 index 0000000..c27c79b --- /dev/null +++ b/tags/d/debian-rules-calls-pwd.tag @@ -0,0 +1,13 @@ +Tag: debian-rules-calls-pwd +Severity: warning +Check: debian/rules +Renamed-From: debian-rules-should-not-use-pwd +Explanation: The <code>debian/rules</code> file for this package appears to use the + variable $(PWD) to refer to the current directory. This variable is not + set by GNU make and therefore will have whatever value it has in the + environment, which may not be the actual current directory. Some ways of + building Debian packages (such as through sudo) will clear the PWD + environment variable. + . + Instead of $(PWD), use $(CURDIR), which is set by GNU make, ignores the + environment, and is guaranteed to always be set. diff --git a/tags/d/debian-rules-contains-unnecessary-get-orig-source-target.tag b/tags/d/debian-rules-contains-unnecessary-get-orig-source-target.tag new file mode 100644 index 0000000..c00865f --- /dev/null +++ b/tags/d/debian-rules-contains-unnecessary-get-orig-source-target.tag @@ -0,0 +1,15 @@ +Tag: debian-rules-contains-unnecessary-get-orig-source-target +Severity: info +Check: debian/rules +Explanation: This package's <code>debian/rules</code> file contains a + <code>get-orig-source</code> target that appears to be unnecessary. For + example, the package might simply contain a single call to uscan(1). + . + Such calls are not ideal; maintainers should be able to call uscan with + their own choice of options and they additionally encourage the + proliferation of boilerplate code across the archive. + . + Since Debian Policy 4.1.4, packages are encouraged to migrate to uscan + and a <code>Files-Excluded</code> header in the <code>debian/copyright</code> + file. +See-Also: uscan(1) diff --git a/tags/d/debian-rules-ignores-make-clean-error.tag b/tags/d/debian-rules-ignores-make-clean-error.tag new file mode 100644 index 0000000..b4bc8c4 --- /dev/null +++ b/tags/d/debian-rules-ignores-make-clean-error.tag @@ -0,0 +1,19 @@ +Tag: debian-rules-ignores-make-clean-error +Severity: warning +Check: debian/rules +Explanation: A rule in the <code>debian/rules</code> file for this package calls the + package's clean or distclean target with a line like: + . + -$(MAKE) distclean + or + $(MAKE) -i distclean + . + The leading "-" or the option -i tells make to ignore all errors. + Normally this is done for packages using Autoconf since Makefile may not + exist. However, this line ignores all other error messages, not just + the missing Makefile error. It's better to use: + . + [ ! -f Makefile ] || $(MAKE) distclean + . + so that other error messages from the clean or distclean rule will still + be caught (or just remove the "-" if the package uses a static makefile). diff --git a/tags/d/debian-rules-is-dh_make-template.tag b/tags/d/debian-rules-is-dh_make-template.tag new file mode 100644 index 0000000..ca95319 --- /dev/null +++ b/tags/d/debian-rules-is-dh_make-template.tag @@ -0,0 +1,7 @@ +Tag: debian-rules-is-dh_make-template +Severity: error +Check: debian/rules +Explanation: The debian/rules file appears to be an unmodified or insufficiently + modified copy of the dh_make template. + . + Please double-check the rules file. diff --git a/tags/d/debian-rules-is-symlink.tag b/tags/d/debian-rules-is-symlink.tag new file mode 100644 index 0000000..509b435 --- /dev/null +++ b/tags/d/debian-rules-is-symlink.tag @@ -0,0 +1,11 @@ +Tag: debian-rules-is-symlink +Severity: warning +Check: debian/rules +Explanation: The file <code>debian/rules</code> is a symlink instead of a regular + file. This is unnecessary and makes package checking and manipulation + more difficult. If the rules file should be available in the source + package under multiple names, make <code>debian/rules</code> the real + file and the other names symlinks to it. + . + This problem may have prevented Lintian from performing other checks, + leading to undetected changelog errors. diff --git a/tags/d/debian-rules-missing-recommended-target.tag b/tags/d/debian-rules-missing-recommended-target.tag new file mode 100644 index 0000000..fcb50b8 --- /dev/null +++ b/tags/d/debian-rules-missing-recommended-target.tag @@ -0,0 +1,10 @@ +Tag: debian-rules-missing-recommended-target +Severity: warning +Check: debian/rules +Explanation: The <code>debian/rules</code> file for this package does not + provide all recommended targets. + . + There are currently no recommended targets. Please contact the Lintian + maintainers when you encounter this tag. +See-Also: + debian-policy 4.9 diff --git a/tags/d/debian-rules-missing-required-target.tag b/tags/d/debian-rules-missing-required-target.tag new file mode 100644 index 0000000..7e3c671 --- /dev/null +++ b/tags/d/debian-rules-missing-required-target.tag @@ -0,0 +1,33 @@ +Tag: debian-rules-missing-required-target +Severity: error +Check: debian/rules +Explanation: The <code>debian/rules</code> file does not provide all required + targets. Both <code>build-arch</code> and <code>build-indep</code> must be + provided even if they do nothing. + . + For sources that do not currently split the building of architecture dependent + and independent installables, the following rules will fall back on the + <code>build</code> target: + . + build-arch: build + build-indep: build + . + Some say that the following form is recommended: + . + build: build-arch build-indep + build-arch: build-stamp + build-indep: build-stamp + build-stamp: + build here + . + As a modern alternative, you may wish to use the <code>dh</code> sequencer + instead. Your sources will no longer be affected by this issue. + . + Policy now requires those targets. Please add them to avoid rejection. + . + In your next upload, please also close the bug from the mass bug filing you + received. Details are described in the message to <code>debian-devel</code> + cited below. +See-Also: + debian-policy 4.9, + https://lists.debian.org/debian-devel/2021/11/msg00052.html diff --git a/tags/d/debian-rules-not-a-makefile.tag b/tags/d/debian-rules-not-a-makefile.tag new file mode 100644 index 0000000..8264890 --- /dev/null +++ b/tags/d/debian-rules-not-a-makefile.tag @@ -0,0 +1,8 @@ +Tag: debian-rules-not-a-makefile +Severity: error +Check: debian/rules +See-Also: debian-policy 4.9 +Explanation: The <code>debian/rules</code> file for this package does not appear to + be a makefile or does not start with the required line. + <code>debian/rules</code> must be a valid makefile and must have + "<code>#!/usr/bin/make -f</code>" as its first line. diff --git a/tags/d/debian-rules-not-executable.tag b/tags/d/debian-rules-not-executable.tag new file mode 100644 index 0000000..ceb1f9c --- /dev/null +++ b/tags/d/debian-rules-not-executable.tag @@ -0,0 +1,7 @@ +Tag: debian-rules-not-executable +Severity: pedantic +See-Also: debian-policy 4.9 +Check: debian/rules +Explanation: The <code>debian/rules</code> file for this package does not appear to + be marked as executable and should be changed via <code>chmod +x</code> or + similar. diff --git a/tags/d/debian-rules-parses-dpkg-parsechangelog.tag b/tags/d/debian-rules-parses-dpkg-parsechangelog.tag new file mode 100644 index 0000000..4b5a0bd --- /dev/null +++ b/tags/d/debian-rules-parses-dpkg-parsechangelog.tag @@ -0,0 +1,12 @@ +Tag: debian-rules-parses-dpkg-parsechangelog +Severity: info +Check: debian/rules +Explanation: The rules file appears to be parsing the output of dpkg-parsechangelog to + determine the current package version name, version, or timestamp, etc. + . + Since dpkg 1.16.1, this could be replaced by including the + /usr/share/dpkg/pkg-info.mk Makefile library and using the + DEB_{SOURCE,VERSION} or SOURCE_DATE_EPOCH variables. + . + Using this library is not only cleaner and more efficient, it handles many + corner-cases such as binNMUs, epoch versions, etc. diff --git a/tags/d/debian-rules-passes-version-info-to-dh_shlibdeps.tag b/tags/d/debian-rules-passes-version-info-to-dh_shlibdeps.tag new file mode 100644 index 0000000..7682838 --- /dev/null +++ b/tags/d/debian-rules-passes-version-info-to-dh_shlibdeps.tag @@ -0,0 +1,10 @@ +Tag: debian-rules-passes-version-info-to-dh_shlibdeps +Severity: warning +Check: debian/rules +Explanation: The <code>debian/rules</code> file for this package has a call to + <code>dh_shlibdeps(1)</code> with the <code>--version-info</code> or + <code>-V</code> option. + . + However, this has no effect on <code>dh_shlibdeps</code>; you probably + wanted to pass this option to <code>dh_makeshlibs(1)</code> instead. +See-Also: dh_shlibdeps(1), dh_makeshlibs(1) diff --git a/tags/d/debian-rules-sets-DEB_BUILD_OPTIONS.tag b/tags/d/debian-rules-sets-DEB_BUILD_OPTIONS.tag new file mode 100644 index 0000000..381527e --- /dev/null +++ b/tags/d/debian-rules-sets-DEB_BUILD_OPTIONS.tag @@ -0,0 +1,8 @@ +Tag: debian-rules-sets-DEB_BUILD_OPTIONS +Severity: warning +Check: debian/rules +See-Also: dpkg-buildflags(1) +Explanation: The <code>debian/rules</code> file sets the DEB_BUILD_OPTIONS variable, + which will override any user-specified build profile. + . + Please replace with DEB_BUILD_MAINT_OPTIONS. diff --git a/tags/d/debian-rules-sets-DH_COMPAT.tag b/tags/d/debian-rules-sets-DH_COMPAT.tag new file mode 100644 index 0000000..21e79f0 --- /dev/null +++ b/tags/d/debian-rules-sets-DH_COMPAT.tag @@ -0,0 +1,8 @@ +Tag: debian-rules-sets-DH_COMPAT +Severity: warning +Check: debian/rules +See-Also: debhelper(7) +Explanation: As of debhelper version 4, the DH_COMPAT environment variable is + only to be used for temporarily overriding <code>debian/compat</code>. Any + line in <code>debian/rules</code> that sets it globally should be deleted and + a separate <code>debian/compat</code> file created if needed. diff --git a/tags/d/debian-rules-sets-dpkg-architecture-variable.tag b/tags/d/debian-rules-sets-dpkg-architecture-variable.tag new file mode 100644 index 0000000..b95718a --- /dev/null +++ b/tags/d/debian-rules-sets-dpkg-architecture-variable.tag @@ -0,0 +1,16 @@ +Tag: debian-rules-sets-dpkg-architecture-variable +Severity: warning +Check: debian/rules +See-Also: dpkg-architecture(1) +Explanation: The <code>debian/rules</code> file sets one or more + <code>dpkg-architecture</code> variables such as <code>DEB_BUILD_ARCH</code>. + . + These variables are pre-initialized in the environment when running under + <code>dpkg-buildpackage</code> - avoiding these assignments can reduce package + build time. + . + Please use: + . + include /usr/share/dpkg/architecture.mk + . + instead, or replace the assignment operator with <code>?=</code>. diff --git a/tags/d/debian-rules-should-not-set-CFLAGS-from-noopt.tag b/tags/d/debian-rules-should-not-set-CFLAGS-from-noopt.tag new file mode 100644 index 0000000..390cc70 --- /dev/null +++ b/tags/d/debian-rules-should-not-set-CFLAGS-from-noopt.tag @@ -0,0 +1,9 @@ +Tag: debian-rules-should-not-set-CFLAGS-from-noopt +Severity: warning +Check: debian/rules +See-Also: dpkg-buildflags(1) +Explanation: The <code>debian/rules</code> file for this package appears to set + <code>CFLAGS</code> if the value of <code>DEB_BUILD_OPTIONS</code> contains + <code>noopt</code>. + . + This has been obsoleted in favour of <code>dpkg-buildflags</code>. diff --git a/tags/d/debian-rules-should-not-use-DH_EXTRA_ADDONS.tag b/tags/d/debian-rules-should-not-use-DH_EXTRA_ADDONS.tag new file mode 100644 index 0000000..d757fd2 --- /dev/null +++ b/tags/d/debian-rules-should-not-use-DH_EXTRA_ADDONS.tag @@ -0,0 +1,7 @@ +Tag: debian-rules-should-not-use-DH_EXTRA_ADDONS +Severity: warning +Check: debian/rules +Explanation: The DH_EXTRA_ADDONS variable is designed for local or downstream build + use and not for use in debian/rules + . + dh(1)'s <code>--with</code> should be used instead. diff --git a/tags/d/debian-rules-should-not-use-sanitize-all-buildflag.tag b/tags/d/debian-rules-should-not-use-sanitize-all-buildflag.tag new file mode 100644 index 0000000..9147ffe --- /dev/null +++ b/tags/d/debian-rules-should-not-use-sanitize-all-buildflag.tag @@ -0,0 +1,17 @@ +Tag: debian-rules-should-not-use-sanitize-all-buildflag +Severity: error +Check: debian/rules +Explanation: This package's <code>debian/rules</code> file contains a + <code>DEB_BUILD_MAINT_OPTIONS</code> assignment that enables the + <code>sanitize=+all</code> build flag. + . + This option instructs the compiler to enable options designed to + protect the binary against memory corruptions, memory leaks, use after + free, threading data races, and undefined behavior bugs. + . + However, this options should not be used for production Debian binaries + as they can reduce reliability for conformant code, reduce security or + even functionality. + . + Please remove the reference to <code>sanitize=+all</code>. +See-Also: dpkg-buildflags(1), Bug#895811 diff --git a/tags/d/debian-rules-updates-control-automatically.tag b/tags/d/debian-rules-updates-control-automatically.tag new file mode 100644 index 0000000..5a0c228 --- /dev/null +++ b/tags/d/debian-rules-updates-control-automatically.tag @@ -0,0 +1,9 @@ +Tag: debian-rules-updates-control-automatically +Severity: error +Check: debian/rules +Renamed-From: debian-rules-should-not-automatically-update-control +Explanation: DEB_AUTO_UPDATE_DEBIAN_CONTROL + appears to be set to <code>yes</code> in + the <code>debian/rules</code> file. This activates a feature of CDBS which + may not be used in packages uploaded to the Debian archive. +See-Also: https://ftp-master.debian.org/REJECT-FAQ.html diff --git a/tags/d/debian-rules-uses-as-needed-linker-flag.tag b/tags/d/debian-rules-uses-as-needed-linker-flag.tag new file mode 100644 index 0000000..f40e73d --- /dev/null +++ b/tags/d/debian-rules-uses-as-needed-linker-flag.tag @@ -0,0 +1,15 @@ +Tag: debian-rules-uses-as-needed-linker-flag +Severity: pedantic +Experimental: yes +Check: debian/rules +Explanation: The <code>debian/rules</code> file for this package uses the + <code>-Wl,--as-needed</code> linker flag. + . + The bullseye toolchain defaults to linking with <code>--as-needed</code> and + therefore it should no longer be necessary to inject this into the + build process. + . + However, it is not safe to make this change if the package will target + the buster distribution such as via backports to the buster-bpo / + stable-bpo distribution or, during the bookworm cycle itself, the + oldstable-bpo distribution. diff --git a/tags/d/debian-rules-uses-deb-build-opts.tag b/tags/d/debian-rules-uses-deb-build-opts.tag new file mode 100644 index 0000000..0457fb3 --- /dev/null +++ b/tags/d/debian-rules-uses-deb-build-opts.tag @@ -0,0 +1,7 @@ +Tag: debian-rules-uses-deb-build-opts +Severity: warning +Check: debian/rules +Renamed-From: debian-rules-should-not-use-DEB_BUILD_OPTS +Explanation: The standard environment variable for build options is + DEB_BUILD_OPTIONS. Usually, referring to DEB_BUILD_OPTS is a mistake and + DEB_BUILD_OPTIONS was intended instead. diff --git a/tags/d/debian-rules-uses-deprecated-makefile.tag b/tags/d/debian-rules-uses-deprecated-makefile.tag new file mode 100644 index 0000000..c02c0d9 --- /dev/null +++ b/tags/d/debian-rules-uses-deprecated-makefile.tag @@ -0,0 +1,6 @@ +Tag: debian-rules-uses-deprecated-makefile +Severity: warning +Check: debian/rules +Explanation: The <code>debian/rules</code> file for this package appears to + include a Makefile that has been deprecated. Please refer to the + documentation of the providing package for a replacement (if any). diff --git a/tags/d/debian-rules-uses-deprecated-systemd-override.tag b/tags/d/debian-rules-uses-deprecated-systemd-override.tag new file mode 100644 index 0000000..f0f6d31 --- /dev/null +++ b/tags/d/debian-rules-uses-deprecated-systemd-override.tag @@ -0,0 +1,14 @@ +Tag: debian-rules-uses-deprecated-systemd-override +Severity: error +Check: debhelper +Explanation: The <code>debian/rules</code> file for this package has an + <code>override_dh_systemd_enable</code> or + <code>override_dh_systemd_start</code> + target but the package uses debhelper compatibility level 11. + . + The <code>dh_systemd_{enable,start}</code> commands were deprecated in this + compat level and are no longer called. This is likely to cause your + package to not function as intended. + . + Please replace these with calls to <code>dh_installsystemd</code>. +See-Also: debhelper(7) diff --git a/tags/d/debian-rules-uses-installed-python-versions.tag b/tags/d/debian-rules-uses-installed-python-versions.tag new file mode 100644 index 0000000..c25e559 --- /dev/null +++ b/tags/d/debian-rules-uses-installed-python-versions.tag @@ -0,0 +1,17 @@ +Tag: debian-rules-uses-installed-python-versions +Severity: warning +Check: debian/rules +Explanation: The package appears to use <code>py3versions -i</code> to determine + the "installed" Python versions. + . + However, this can cause issues if a Python transition is in progress + as the <code>-minimal</code> variant of the previous version + (eg. <code>python3.X-minimal</code>) remains installed in many environments. + This variant then provides enough of an interpreter to count as being + "installed" but not enough for the tests themselves to succeed in most + cases. This then prevents the overall transition from taking place. + . + Please replace this will a call to all "supported" packages instead + (eg. <code>py3versions -s</code> and ensure <code>python3-all</code> is listed + in the build dependencies. +See-Also: https://lists.debian.org/debian-devel/2020/03/msg00280.html diff --git a/tags/d/debian-rules-uses-special-shell-variable.tag b/tags/d/debian-rules-uses-special-shell-variable.tag new file mode 100644 index 0000000..f59f0ed --- /dev/null +++ b/tags/d/debian-rules-uses-special-shell-variable.tag @@ -0,0 +1,20 @@ +Tag: debian-rules-uses-special-shell-variable +Severity: warning +Check: debian/rules +Renamed-From: + debian-rules-should-not-use-underscore-variable +Explanation: The rules file use the make variable $(_). + . + According to Policy 4.9, 'invoking either of <code>make -f debian/rules + <...></code> or <code>./debian/rules + <args...></code>' must result in identical behavior'. + The <code>$_</code> variable is an easy way to violate that rule + unwittingly. + . + If the <code>rules</code> file uses <code>$(dir $(_))</code> to + discover the directory containing the source package (for example, in order + to implement the <code>get-orig-source</code> target) please replace it + with <code>$(dir $(firstword $(MAKEFILE_LIST)))</code>. +See-Also: + debian-policy 4.9, + https://stackoverflow.com/a/27628164 diff --git a/tags/d/debian-rules-uses-supported-python-versions-without-python-all-build-depends.tag b/tags/d/debian-rules-uses-supported-python-versions-without-python-all-build-depends.tag new file mode 100644 index 0000000..51385af --- /dev/null +++ b/tags/d/debian-rules-uses-supported-python-versions-without-python-all-build-depends.tag @@ -0,0 +1,12 @@ +Tag: debian-rules-uses-supported-python-versions-without-python-all-build-depends +Severity: warning +Check: debian/rules +Explanation: The package appears to use <code>py3versions -s</code> to determine + the "supported" Python versions without specifying <code>python3-all</code> + as a build-dependency. + . + With only the default version of Python installed, the package may + build and test successfully but subsequently fail at runtime when + another, non-default, Python version is present. + . + Please add <code>python3-all</code> as a build-dependency. diff --git a/tags/d/debian-rules-uses-unnecessary-dh-argument.tag b/tags/d/debian-rules-uses-unnecessary-dh-argument.tag new file mode 100644 index 0000000..d82f9d2 --- /dev/null +++ b/tags/d/debian-rules-uses-unnecessary-dh-argument.tag @@ -0,0 +1,9 @@ +Tag: debian-rules-uses-unnecessary-dh-argument +Severity: warning +Check: debhelper +Explanation: The <code>debian/rules</code> file passes the specified argument to + <code>dh $@</code> but it is enabled by default from the mentioned debhelper + compatibility level onwards. + . + Please remove the argument from the call to <code>dh(1)</code>. +See-Also: debhelper(7), dh(1) diff --git a/tags/d/debian-rules-uses-wrong-environment-variable.tag b/tags/d/debian-rules-uses-wrong-environment-variable.tag new file mode 100644 index 0000000..41f2013 --- /dev/null +++ b/tags/d/debian-rules-uses-wrong-environment-variable.tag @@ -0,0 +1,13 @@ +Tag: debian-rules-uses-wrong-environment-variable +Severity: warning +Check: debian/rules +Renamed-From: debian-rules-should-not-use-or-modify-user-only-variable +See-Also: Bug#631786 +Explanation: The rules file appears to be reading or modifying a variable not + intended for use by package maintainers. + . + The special variables <code>DEB_*FLAGS_{SET,APPEND}</code> can be used by + users who want to re-compile Debian packages with special (or + non-standard) build flags. + . + Please use the <code>DEB_*FLAGS_MAINT_{SET,APPEND}</code> flags instead. diff --git a/tags/d/debian-tests-control-autodep8-is-obsolete.tag b/tags/d/debian-tests-control-autodep8-is-obsolete.tag new file mode 100644 index 0000000..0c03030 --- /dev/null +++ b/tags/d/debian-tests-control-autodep8-is-obsolete.tag @@ -0,0 +1,21 @@ +Tag: debian-tests-control-autodep8-is-obsolete +Severity: warning +Check: testsuite +See-Also: autodep8(1) +Explanation: The specified autopkgtest control file is considered obsolete. + . + Before autodep8 version 0.17 and autopkgtest version 5.7 if a + maintainer wished to add tests to the set of tests generated + by autodep8 they provided those tests in a file named + <code>debian/tests/control.autodep8</code>. + . + It is now preferred to declare the additional tests in the regular + <code>debian/tests/control</code> file so that <code>dpkg-source</code> can + pick up the test dependencies. + . + When configured to run autodep8 tests, autopkgtest will run the + additional tests and the autodep8 tests when <code>debian/control</code> + has the proper <code>Testsuite: autopkgtest-*</code> in the source + headers. + . + Please merge the specified file into <code>debian/tests/control</code>. diff --git a/tags/d/debian-upstream-obsolete-path.tag b/tags/d/debian-upstream-obsolete-path.tag new file mode 100644 index 0000000..1995444 --- /dev/null +++ b/tags/d/debian-upstream-obsolete-path.tag @@ -0,0 +1,15 @@ +Tag: debian-upstream-obsolete-path +Severity: error +Check: debian/upstream/metadata +Explanation: Upstream metadata is stored under an obsolete path. + . + Upstream MEtadata GAthered with YAml (UMEGAYA) is an effort to collect + meta-information about upstream projects from any source package + with a publicly accessible VCS via a file called + <code>debian/upstream/metadata</code>. + . + Older versions of this specification used + <code>debian/upstream-metadata.yaml</code> or <code>debian/upstream</code> + as meta-information storage file. + . + You should move any such file to <code>debian/upstream/metadata</code>. diff --git a/tags/d/debian-watch-contains-dh_make-template.tag b/tags/d/debian-watch-contains-dh_make-template.tag new file mode 100644 index 0000000..049c34a --- /dev/null +++ b/tags/d/debian-watch-contains-dh_make-template.tag @@ -0,0 +1,5 @@ +Tag: debian-watch-contains-dh_make-template +Severity: info +Check: debian/watch +Explanation: The watch file contains a standard template included by dh_make. + Please remove them once you have implemented the watch file. diff --git a/tags/d/debian-watch-could-verify-download.tag b/tags/d/debian-watch-could-verify-download.tag new file mode 100644 index 0000000..a48cd57 --- /dev/null +++ b/tags/d/debian-watch-could-verify-download.tag @@ -0,0 +1,9 @@ +Tag: debian-watch-could-verify-download +Severity: warning +Check: debian/watch +See-Also: uscan(1) +Explanation: One or more upstream signing keys are present in the Debian package + but are not being used. + . + Please enable the cryptographic verification of downloads with the + "pgpsigurlmangle" option in your watch file or remove the key. diff --git a/tags/d/debian-watch-does-not-check-openpgp-signature.tag b/tags/d/debian-watch-does-not-check-openpgp-signature.tag new file mode 100644 index 0000000..367b522 --- /dev/null +++ b/tags/d/debian-watch-does-not-check-openpgp-signature.tag @@ -0,0 +1,21 @@ +Tag: debian-watch-does-not-check-openpgp-signature +Severity: pedantic +Check: debian/watch +Experimental: yes +See-Also: uscan(1) +Explanation: This watch file does not specify a means to verify the upstream + tarball using a cryptographic signature. + . + If upstream distributions provides such signatures, please use the + <code>pgpsigurlmangle</code> options in this watch file's <code>opts=</code> to + generate the URL of an upstream OpenPGP signature. This signature is + automatically downloaded and verified against a keyring stored in + <code>debian/upstream/signing-key.asc</code> + . + Of course, not all upstreams provide such signatures but you could + request them as a way of verifying that no third party has modified the + code after its release (projects such as phpmyadmin, unrealircd, and + proftpd have suffered from this kind of attack). +Renamed-From: + debian-watch-does-not-check-gpg-signature + debian-watch-may-check-gpg-signature diff --git a/tags/d/debian-watch-file-in-native-package.tag b/tags/d/debian-watch-file-in-native-package.tag new file mode 100644 index 0000000..977742b --- /dev/null +++ b/tags/d/debian-watch-file-in-native-package.tag @@ -0,0 +1,8 @@ +Tag: debian-watch-file-in-native-package +Severity: warning +Check: debian/watch +See-Also: https://wiki.debian.org/DEHS +Explanation: The package ships a watch file although it is a Debian native + package. DEHS does not process watch files in native packages based on + the reasoning that native packages do not have upstreams to check for new + releases. diff --git a/tags/d/debian-watch-file-is-missing.tag b/tags/d/debian-watch-file-is-missing.tag new file mode 100644 index 0000000..cc1987d --- /dev/null +++ b/tags/d/debian-watch-file-is-missing.tag @@ -0,0 +1,16 @@ +Tag: debian-watch-file-is-missing +Severity: info +Check: debian/watch +See-Also: debian-policy 4.11, uscan(1) +Explanation: This source package is not Debian-native but it does not have a + <code>debian/watch</code> file. This file is used for automatic detection of + new upstream versions by the Debian External Health Status project and + other project infrastructure. If this package is maintained upstream, + please consider adding a <code>debian/watch</code> file to detect new + releases. + . + If the package is not maintained upstream or if upstream uses a + distribution mechanism that cannot be meaningfully monitored by uscan + and the Debian External Health Status project, please consider adding a + <code>debian/watch</code> file containing only comments documenting the + situation. diff --git a/tags/d/debian-watch-file-pubkey-file-is-missing.tag b/tags/d/debian-watch-file-pubkey-file-is-missing.tag new file mode 100644 index 0000000..d12d3b0 --- /dev/null +++ b/tags/d/debian-watch-file-pubkey-file-is-missing.tag @@ -0,0 +1,10 @@ +Tag: debian-watch-file-pubkey-file-is-missing +Severity: error +Check: debian/watch +See-Also: uscan(1) +Explanation: This watch file verifies a cryptographic signature but + the upstream public key is missing. + . + Please add upstream public keys in either + debian/upstream/signing-key.asc or + debian/upstream/signing-key.pgp. diff --git a/tags/d/debian-watch-file-specifies-old-upstream-version.tag b/tags/d/debian-watch-file-specifies-old-upstream-version.tag new file mode 100644 index 0000000..05e4715 --- /dev/null +++ b/tags/d/debian-watch-file-specifies-old-upstream-version.tag @@ -0,0 +1,10 @@ +Tag: debian-watch-file-specifies-old-upstream-version +Severity: warning +Check: debian/watch +Explanation: The watch file specifies an upstream version number which matches + the upstream portion of an old <code>debian/changelog</code> entry, and the + current <code>debian/changelog</code> entry specifies a newer upstream + version. The version number in the watch file is very likely to be + incorrect and probably should be replaced with the current expected + upstream version. Otherwise, DEHS and similar projects will think the + package is out of date even when it may not be. diff --git a/tags/d/debian-watch-file-specifies-wrong-upstream-version.tag b/tags/d/debian-watch-file-specifies-wrong-upstream-version.tag new file mode 100644 index 0000000..cbdbb32 --- /dev/null +++ b/tags/d/debian-watch-file-specifies-wrong-upstream-version.tag @@ -0,0 +1,10 @@ +Tag: debian-watch-file-specifies-wrong-upstream-version +Severity: warning +Check: debian/watch +See-Also: uscan(1) +Explanation: The watch file specifies an upstream version which exactly matches + the version of a <code>debian/changelog</code> entry, this is not a + native package, and no version mangling is being done. The version + field in a watch file should specify the expected upstream version, not + the version of the Debian package. Any epochs and Debian revisions + should be removed first or mangled away. diff --git a/tags/d/debian-watch-file-standard.tag b/tags/d/debian-watch-file-standard.tag new file mode 100644 index 0000000..2b9f387 --- /dev/null +++ b/tags/d/debian-watch-file-standard.tag @@ -0,0 +1,6 @@ +Tag: debian-watch-file-standard +Severity: classification +Check: debian/watch/standard +Explanation: The watch file uses this version standard. The currently known + watch file versions are 2, 3 and 4. Version 1 means it was undeclared. +See-Also: uscan(1) diff --git a/tags/d/debian-watch-file-uses-deprecated-githubredir.tag b/tags/d/debian-watch-file-uses-deprecated-githubredir.tag new file mode 100644 index 0000000..02235cb --- /dev/null +++ b/tags/d/debian-watch-file-uses-deprecated-githubredir.tag @@ -0,0 +1,12 @@ +Tag: debian-watch-file-uses-deprecated-githubredir +Severity: error +Check: debian/watch +See-Also: https://lists.debian.org/debian-devel-announce/2014/10/msg00000.html +Explanation: The watch file specifies a githubredir.debian.net URL, which is deprecated + Instead, use direct links to the tags page: + . + version=3 + https://github.com/<user>/<project>/tags .*/(.*)\.tar\.gz + . + replacing <code><user></code> and <code><project></code> with the Github + username and project respectively. diff --git a/tags/d/debian-watch-file-uses-deprecated-sf-redirector-method.tag b/tags/d/debian-watch-file-uses-deprecated-sf-redirector-method.tag new file mode 100644 index 0000000..5e4c894 --- /dev/null +++ b/tags/d/debian-watch-file-uses-deprecated-sf-redirector-method.tag @@ -0,0 +1,7 @@ +Tag: debian-watch-file-uses-deprecated-sf-redirector-method +Severity: warning +Check: debian/watch +Explanation: The watch file seems to be passing arguments to the redirector + other than a path. Calling the SourceForge redirector with parameters like + <code>project</code> prevents uscan from generating working URIs to the files + and thus has been deprecated and is no longer supported by the redirector. diff --git a/tags/d/debian-watch-lacks-sourceforge-redirector.tag b/tags/d/debian-watch-lacks-sourceforge-redirector.tag new file mode 100644 index 0000000..55545c1 --- /dev/null +++ b/tags/d/debian-watch-lacks-sourceforge-redirector.tag @@ -0,0 +1,16 @@ +Tag: debian-watch-lacks-sourceforge-redirector +Severity: warning +Check: debian/watch +Renamed-From: debian-watch-file-should-use-sf-redirector +See-Also: uscan(1) +Explanation: The watch file specifies a SourceForge page or download server + directly. This is not recommended; SourceForge changes their download + servers and website periodically, requiring watch files to be modified + every time. Instead, use the qa.debian.org redirector by using the magic + URL: + . + http://sf.net/<project>/<tar-name>-(.+)\.tar\.gz + . + replacing <code><project></code> with the name of the SourceForge + project and <code><tar-name></code> with the name of the tarball + distributed within that project. Adjust the filename regex as necessary. diff --git a/tags/d/debian-watch-line-invalid.tag b/tags/d/debian-watch-line-invalid.tag new file mode 100644 index 0000000..82f2eae --- /dev/null +++ b/tags/d/debian-watch-line-invalid.tag @@ -0,0 +1,6 @@ +Tag: debian-watch-line-invalid +Severity: warning +Check: debian/watch +See-Also: uscan(1) +Explanation: The indicated line in the <code>debian/watch</code> file in this + package does not have a regnized format. diff --git a/tags/d/debian-watch-mangles-debian-version-improperly.tag b/tags/d/debian-watch-mangles-debian-version-improperly.tag new file mode 100644 index 0000000..734bda2 --- /dev/null +++ b/tags/d/debian-watch-mangles-debian-version-improperly.tag @@ -0,0 +1,12 @@ +Tag: debian-watch-mangles-debian-version-improperly +Severity: info +Check: debian/watch +Renamed-From: debian-watch-file-should-dversionmangle-not-uversionmangle +See-Also: https://wiki.debian.org/DEHS +Explanation: The version of this package contains <code>dfsg</code>, <code>ds</code>, + or <code>debian</code>, but a misleading upstream version mangling occurs in + the <code>debian/watch</code> file. Since the <code>dfsg</code> string is not + part of the upstream version and its addition is Debian-specific, the + <code>debian/watch</code> file should use the dversionmangle option to + remove, instead of adding in uversionmangle, the <code>dfsg</code> before + comparing version numbers. diff --git a/tags/d/debian-watch-mangles-upstream-version-improperly.tag b/tags/d/debian-watch-mangles-upstream-version-improperly.tag new file mode 100644 index 0000000..aea470d --- /dev/null +++ b/tags/d/debian-watch-mangles-upstream-version-improperly.tag @@ -0,0 +1,10 @@ +Tag: debian-watch-mangles-upstream-version-improperly +Severity: info +Check: debian/watch +Renamed-From: debian-watch-file-should-uversionmangle-not-dversionmangle +See-Also: https://wiki.debian.org/DEHS +Explanation: The version of this package contains <code>alpha</code>, <code>beta</code>, + or <code>rc</code>, but a misleading Debian version mangling occurs in + the <code>debian/watch</code> file. You should use the uversionmangle + option instead of dversionmangle so that the prerelease is sorted by + uscan before a possible future final release. diff --git a/tags/d/debian-watch-not-mangling-version.tag b/tags/d/debian-watch-not-mangling-version.tag new file mode 100644 index 0000000..b436a3a --- /dev/null +++ b/tags/d/debian-watch-not-mangling-version.tag @@ -0,0 +1,13 @@ +Tag: debian-watch-not-mangling-version +Severity: warning +Check: debian/watch +Renamed-From: debian-watch-file-should-mangle-version +See-Also: uscan(1), https://wiki.debian.org/DEHS +Explanation: The version of this package contains <code>dfsg</code>, <code>ds</code>, + or <code>debian</code>, which normally indicates that the upstream source + has been repackaged to comply with the Debian Free Software Guidelines + (or similar reason), but there is no version mangling in the + <code>debian/watch</code> file. Since the <code>dfsg</code> string is not + part of the upstream version, the <code>debian/watch</code> file should + use the dversionmangle option to remove the <code>dfsg</code> before + version number comparison. diff --git a/tags/d/debian-watch-upstream-component.tag b/tags/d/debian-watch-upstream-component.tag new file mode 100644 index 0000000..41c09f0 --- /dev/null +++ b/tags/d/debian-watch-upstream-component.tag @@ -0,0 +1,5 @@ +Tag: debian-watch-upstream-component +Severity: classification +Check: debian/watch +See-Also: uscan(1) +Explanation: Component embedded in debian/watch diff --git a/tags/d/debian-watch-uses-insecure-uri.tag b/tags/d/debian-watch-uses-insecure-uri.tag new file mode 100644 index 0000000..2eb935a --- /dev/null +++ b/tags/d/debian-watch-uses-insecure-uri.tag @@ -0,0 +1,9 @@ +Tag: debian-watch-uses-insecure-uri +Severity: info +Check: debian/watch +Explanation: The watch file uses an unencrypted transport protocol for the + URI such as http:// or ftp://. It is recommended to use a secure + transport such as HTTPS for anonymous read-only access. + . + Upstream may already provide a HTTPS variant of the URI. If not, + please contact them and ask them to consider adding one. diff --git a/tags/d/debug-file-with-no-debug-symbols.tag b/tags/d/debug-file-with-no-debug-symbols.tag new file mode 100644 index 0000000..cdd4aa2 --- /dev/null +++ b/tags/d/debug-file-with-no-debug-symbols.tag @@ -0,0 +1,12 @@ +Tag: debug-file-with-no-debug-symbols +Severity: warning +Check: binaries/debug-symbols/detached +Explanation: The binary is installed as a detached "debug symbols" ELF file, + but it does not appear to have debug information associated with it. + . + A common cause is not passing <code>-g</code> to GCC when compiling. + . + Implementation detail: Lintian checks for the ".debug_line" and the + ".debug_str" sections. If either of these are present, the binary + is assumed to contain debug information. +See-Also: Bug#668437 diff --git a/tags/d/debug-package-for-multi-arch-same-pkg-not-coinstallable.tag b/tags/d/debug-package-for-multi-arch-same-pkg-not-coinstallable.tag new file mode 100644 index 0000000..7a2fddc --- /dev/null +++ b/tags/d/debug-package-for-multi-arch-same-pkg-not-coinstallable.tag @@ -0,0 +1,19 @@ +Tag: debug-package-for-multi-arch-same-pkg-not-coinstallable +Severity: info +Check: group-checks +Explanation: The debug package appear to be containing debug symbols for a + "Multi-Arch: same" package, but the debug package itself is not + "Multi-Arch: same". If so, it is not possible to have the debug + symbols for all architecture variants of the binaries available + at the same time. + . + Making a debug package co-installable with itself is very trivial, + when installing the debug symbols beneath: + <code>/usr/lib/debug/.build-id/<XX>/<rest-id>.debug</code> + . + dh_strip does this in debhelper compat 9. Otherwise, the expected + location of the debug symbols of a given ELF binary can be determined + by using: + . + readelf -n <binary-elf> | \ + perl -ne 'print if s,^\s*Build ID:\s*(\S\S)(\S+),/usr/lib/debug/.build-id/$1/$2.debug,' diff --git a/tags/d/debug-suffix-not-dbg.tag b/tags/d/debug-suffix-not-dbg.tag new file mode 100644 index 0000000..35eefcc --- /dev/null +++ b/tags/d/debug-suffix-not-dbg.tag @@ -0,0 +1,11 @@ +Tag: debug-suffix-not-dbg +Severity: warning +Check: files/debug +Renamed-From: + debug-package-should-be-named-dbg +Explanation: This package provides at least one file in <code>/usr/lib/debug</code>, + which is intended for detached debugging symbols, but the package name + does not end in "-dbg". Detached debugging symbols should be put into a + separate package, Priority: extra, with a package name ending in "-dbg". +See-Also: + developer-reference 6.8.9 diff --git a/tags/d/debug-symbol-migration-possibly-complete.tag b/tags/d/debug-symbol-migration-possibly-complete.tag new file mode 100644 index 0000000..e71c5f9 --- /dev/null +++ b/tags/d/debug-symbol-migration-possibly-complete.tag @@ -0,0 +1,18 @@ +Tag: debug-symbol-migration-possibly-complete +Severity: pedantic +Check: debian/rules +Explanation: The <code>debian/rules</code> file for this package has a call to + <code>dh_strip(1)</code> with the specified <code>--dbgsym-migration</code> or + <code>--ddeb-migration</code> argument. + . + Such arguments are used to migrate packages to use automatic debug + symbols, which first became available in December 2015. + . + If this command was added to the <code>debian/rules</code> that was + included in the current stable release of Debian then it can possibly + be removed. + . + However, if the command was added later (and/or the package was not + included in stretch) please wait until it has been included in a stable + release before removing it. +See-Also: dh_strip(1), https://wiki.debian.org/AutomaticDebugPackages diff --git a/tags/d/debug-symbols-directly-in-usr-lib-debug.tag b/tags/d/debug-symbols-directly-in-usr-lib-debug.tag new file mode 100644 index 0000000..4d57931 --- /dev/null +++ b/tags/d/debug-symbols-directly-in-usr-lib-debug.tag @@ -0,0 +1,11 @@ +Tag: debug-symbols-directly-in-usr-lib-debug +Severity: error +Check: binaries/debug-symbols/detached +Explanation: The given debugging symbols-only object is installed directly in + <code>/usr/lib/debug</code>, although it should be installed in a + subdirectory. For example, debug symbols of a binary in + <code>/usr/bin</code> should be placed in <code>/usr/lib/debug/usr/bin</code>. + gdb, when looking for debugging symbols, prepends <code>/usr/lib/debug</code> + to whatever path it finds in the .gnu_debuglink section, which when using + dh_strip(1) is either the path to your binary/library or a build-id based + path. diff --git a/tags/d/debug-symbols-not-detached.tag b/tags/d/debug-symbols-not-detached.tag new file mode 100644 index 0000000..64b2238 --- /dev/null +++ b/tags/d/debug-symbols-not-detached.tag @@ -0,0 +1,21 @@ +Tag: debug-symbols-not-detached +Severity: warning +Check: binaries/debug-symbols/detached +Renamed-From: + debug-file-should-use-detached-symbols +Explanation: This file is in a location generally used for detached debugging + symbols, but it appears to contain a complete copy of the executable or + library instead of only the debugging symbols. + . + Files in subdirectories of <code>/usr/lib/debug</code> mirroring the main file + system should contain only debugging information generated by <code>objcopy + --only-keep-debug</code>. Binaries or shared objects built with extra + debugging should be installed directly in <code>/usr/lib/debug</code> or in + subdirectories corresponding to the package, not in the directories that + mirror the main file system. + . + If you are using dh_strip with the --dbg-package flag, don't also install + the library in <code>/usr/lib/debug</code>. dh_strip does all the work for + you. +See-Also: + developer-reference 6.8.9 diff --git a/tags/d/declare-python-versions-for-test.tag b/tags/d/declare-python-versions-for-test.tag new file mode 100644 index 0000000..a488a2f --- /dev/null +++ b/tags/d/declare-python-versions-for-test.tag @@ -0,0 +1,25 @@ +Tag: declare-python-versions-for-test +Severity: warning +Check: testsuite +Renamed-from: + declare-requested-python-versions-for-test +Explanation: The specified test attempts to query the Python versions + <em>requested</em> by your sources with the command + <code>py3versions --requested</code> but your sources do not declare + any versions with the field <code>X-Python3-Version</code>. + . + Please choose between two suggested remedies: + . + In most circumstances, it is probably best to replace the argument + <code>--requested</code> with <code>--supported</code>. That will + exercise the test with all available Python versions. + . + Should your installable require only specific Python versions, please add + the field <code>X-Python3-Version</code> with the appropriate information + to the source stanza in the <code>debian/control</code> file. + . + No redirection of the output, as in <code>2 > /dev/null</code>, is + needed in either case. +See-Also: + py3versions(1), + Bug#1001677 diff --git a/tags/d/declares-possibly-conflicting-debhelper-compat-versions.tag b/tags/d/declares-possibly-conflicting-debhelper-compat-versions.tag new file mode 100644 index 0000000..40e7f0e --- /dev/null +++ b/tags/d/declares-possibly-conflicting-debhelper-compat-versions.tag @@ -0,0 +1,8 @@ +Tag: declares-possibly-conflicting-debhelper-compat-versions +Severity: error +Check: debhelper +See-Also: debhelper(7) +Explanation: The source package declares the debhelper compatibility version + both in the <code>debian/compat</code> file and in the <code>debian/rules</code> + file or in <code>debian/control</code>. If these ever get out of + synchronisation, the package may not build as expected. diff --git a/tags/d/default-mta-dependency-does-not-specify-mail-transport-agent.tag b/tags/d/default-mta-dependency-does-not-specify-mail-transport-agent.tag new file mode 100644 index 0000000..da73bf4 --- /dev/null +++ b/tags/d/default-mta-dependency-does-not-specify-mail-transport-agent.tag @@ -0,0 +1,12 @@ +Tag: default-mta-dependency-does-not-specify-mail-transport-agent +Severity: warning +Check: fields/package-relations +Explanation: This package has a relationship with the default-mta virtual + package but does not specify the mail-transport-agent as an + alternative. + . + default-mta and mail-transport-agent should only ever be in a set of + alternatives together, with default-mta listed first. + . + Please add a "or" dependency on mail-transport-agent after + default-mta. diff --git a/tags/d/default-mta-dependency-not-listed-first.tag b/tags/d/default-mta-dependency-not-listed-first.tag new file mode 100644 index 0000000..cc3e62d --- /dev/null +++ b/tags/d/default-mta-dependency-not-listed-first.tag @@ -0,0 +1,13 @@ +Tag: default-mta-dependency-not-listed-first +Severity: warning +Check: fields/package-relations +Explanation: This package has a relationship with the mail-transport-agent + or default-mta packages but does not specify the default-mta as an + first option. + . + default-mta and mail-transport-agent should only ever be in a set of + alternatives together, with default-mta listed in the primary + position. + . + Please rearrange the dependencies such that default-mta is listed + first. diff --git a/tags/d/dep5-copyright-license-name-not-unique.tag b/tags/d/dep5-copyright-license-name-not-unique.tag new file mode 100644 index 0000000..f9a25e9 --- /dev/null +++ b/tags/d/dep5-copyright-license-name-not-unique.tag @@ -0,0 +1,26 @@ +Tag: dep5-copyright-license-name-not-unique +Severity: warning +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: This paragraph defines an already defined license. + . + According to the specification, short license names are required to be + unique within a single copyright file. + . + This tag could be raised by something like this: + . + Files: filea ... + Copyright: 2009, ... + License: LGPL-2.1 + This program is free software; + ... + . + Files: fileb ... + Copyright: 2009, ... + License: LGPL-2.1 + This program is free software; + ... + . + In this case, you redefine LGPL-2.1 license. You should use + a stand-alone paragraph or merge the two files (using a single + paragraph). diff --git a/tags/d/dep5-file-paragraph-references-header-paragraph.tag b/tags/d/dep5-file-paragraph-references-header-paragraph.tag new file mode 100644 index 0000000..fd87ac4 --- /dev/null +++ b/tags/d/dep5-file-paragraph-references-header-paragraph.tag @@ -0,0 +1,11 @@ +Tag: dep5-file-paragraph-references-header-paragraph +Severity: warning +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: The Files paragraph uses a reference to a license which is + only defined in the Header paragraph. The copyright specification + requires that the Files paragraph either contains the full license + itself or references a "stand-alone" License paragraph, and not the + Header paragraph. +Renamed-From: + dep5-file-paragraph-reference-header-paragraph diff --git a/tags/d/dependency-is-not-multi-archified.tag b/tags/d/dependency-is-not-multi-archified.tag new file mode 100644 index 0000000..05f9400 --- /dev/null +++ b/tags/d/dependency-is-not-multi-archified.tag @@ -0,0 +1,6 @@ +Tag: dependency-is-not-multi-archified +Severity: warning +Check: group-checks +Explanation: The package is Multi-Arch "same", but it depends on a package that + is neither Multi-Arch "same" nor "foreign". +See-Also: https://wiki.ubuntu.com/MultiarchSpec diff --git a/tags/d/dependency-on-python-version-marked-for-end-of-life.tag b/tags/d/dependency-on-python-version-marked-for-end-of-life.tag new file mode 100644 index 0000000..32cb06e --- /dev/null +++ b/tags/d/dependency-on-python-version-marked-for-end-of-life.tag @@ -0,0 +1,17 @@ +Tag: dependency-on-python-version-marked-for-end-of-life +Severity: pedantic +Check: languages/python +Experimental: yes +See-Also: https://wiki.debian.org/Python/Python3Port, +https://www.python.org/dev/peps/pep-0373/, Bug#897213 +Explanation: The package specifies a dependency on Python 2.x which is due for + deprecation and will not be maintained upstream past 2020 and will + likely be dropped after the release of Debian "buster". + . + You should not make any changes to your package based on this presence + of this tag. + . + However, please override this tag with a suitably-commented override if + it is known that this package will not be migrated to Python 3.x for one + reason or another. This is so that developers may ignore the package + when looking for software that needs to be ported. diff --git a/tags/d/depends-exclusively-on-makedev.tag b/tags/d/depends-exclusively-on-makedev.tag new file mode 100644 index 0000000..0d755ed --- /dev/null +++ b/tags/d/depends-exclusively-on-makedev.tag @@ -0,0 +1,8 @@ +Tag: depends-exclusively-on-makedev +Severity: warning +Check: fields/package-relations +Explanation: This package depends on makedev without a udev alternative. This + probably means that it doesn't have udev rules and relies on makedev to + create devices, which won't work if udev is installed and running. + Alternatively, it may mean that there are udev rules, but udev was not + added as an alternative to the makedev dependency. diff --git a/tags/d/depends-on-essential-package-without-using-version.tag b/tags/d/depends-on-essential-package-without-using-version.tag new file mode 100644 index 0000000..b1f6dbb --- /dev/null +++ b/tags/d/depends-on-essential-package-without-using-version.tag @@ -0,0 +1,10 @@ +Tag: depends-on-essential-package-without-using-version +Severity: error +Check: fields/package-relations +See-Also: debian-policy 3.5 +Explanation: The package declares a depends on an essential package, e.g. dpkg, + without using a versioned depends. Packages do not need to depend on + essential packages; essential means that they will always be present. + The only reason to list an explicit dependency on an essential package + is if you need a particular version of that package, in which case the + version should be given in the dependency. diff --git a/tags/d/depends-on-libdb1-compat.tag b/tags/d/depends-on-libdb1-compat.tag new file mode 100644 index 0000000..95760ec --- /dev/null +++ b/tags/d/depends-on-libdb1-compat.tag @@ -0,0 +1,7 @@ +Tag: depends-on-libdb1-compat +Severity: error +Check: fields/package-relations +Explanation: The package seems to declare a relation on libdb1-compat. + This library exists for compatibility with applications built against + glibc 2.0 or 2.1. There is intentionally no corresponding development + package. Do not link new applications against this library! diff --git a/tags/d/depends-on-metapackage.tag b/tags/d/depends-on-metapackage.tag new file mode 100644 index 0000000..247c77d --- /dev/null +++ b/tags/d/depends-on-metapackage.tag @@ -0,0 +1,9 @@ +Tag: depends-on-metapackage +Severity: error +Check: fields/package-relations +Explanation: This package is one of the packages that Lintian believes is a + metapackage: a package that exists for the convenience of users or + installers to install a set of related packages. Packages that are not + themselves metapackages must not depend on metapackages, since this may + prevent the user from removing portions of the package set they don't + need. diff --git a/tags/d/depends-on-misc-pre-depends.tag b/tags/d/depends-on-misc-pre-depends.tag new file mode 100644 index 0000000..23e631d --- /dev/null +++ b/tags/d/depends-on-misc-pre-depends.tag @@ -0,0 +1,7 @@ +Tag: depends-on-misc-pre-depends +Severity: warning +Check: substvars/misc/pre-depends +Explanation: The <code>Depends</code> field contains the substitution variable + <code>${misc:Pre-Depends}</code>. + . + The variable should be in listed in the <code>Pre-Depends</code> field instead. diff --git a/tags/d/depends-on-obsolete-package.tag b/tags/d/depends-on-obsolete-package.tag new file mode 100644 index 0000000..9ce542a --- /dev/null +++ b/tags/d/depends-on-obsolete-package.tag @@ -0,0 +1,6 @@ +Tag: depends-on-obsolete-package +Severity: error +Check: fields/package-relations +Explanation: The package depends on a package that has been superseded. + If the superseded package is part of an ORed group, it should not be + the first package in the group. diff --git a/tags/d/depends-on-old-emacs.tag b/tags/d/depends-on-old-emacs.tag new file mode 100644 index 0000000..c26629e --- /dev/null +++ b/tags/d/depends-on-old-emacs.tag @@ -0,0 +1,11 @@ +Tag: depends-on-old-emacs +Severity: warning +Check: fields/package-relations +Explanation: The package lists an old version of Emacs as its first dependency. + It should probably be updated to support the current version of Emacs + in the archive and then list that version first in the list of Emacs + flavors it supports. + . + If the package intentionally only supports older versions of Emacs (if, + for example, it was included with later versions of Emacs), add a Lintian + override. diff --git a/tags/d/depends-on-packaging-dev.tag b/tags/d/depends-on-packaging-dev.tag new file mode 100644 index 0000000..b14e955 --- /dev/null +++ b/tags/d/depends-on-packaging-dev.tag @@ -0,0 +1,5 @@ +Tag: depends-on-packaging-dev +Explanation: You depend/recommend/build-depend on packaging-dev, which is + only a metapackage to install common packages needed for packaging. +Severity: warning +Check: fields/package-relations diff --git a/tags/d/depends-on-python-minimal.tag b/tags/d/depends-on-python-minimal.tag new file mode 100644 index 0000000..4620825 --- /dev/null +++ b/tags/d/depends-on-python-minimal.tag @@ -0,0 +1,8 @@ +Tag: depends-on-python-minimal +Severity: error +Check: fields/package-relations +Explanation: The python-minimal package (and versioned variants thereof) exists + only to possibly become an Essential package. Depending on it is always + an error since it should never be installed without python. If it + becomes Essential, there is no need to depend on it, and until then, + packages that require Python must depend on python. diff --git a/tags/d/depends-on-python2-and-python3.tag b/tags/d/depends-on-python2-and-python3.tag new file mode 100644 index 0000000..dadbac9 --- /dev/null +++ b/tags/d/depends-on-python2-and-python3.tag @@ -0,0 +1,8 @@ +Tag: depends-on-python2-and-python3 +Severity: info +Check: languages/python +Explanation: The specified package has a relation to both the Python 2 and + Python 3 interpreters. It may be that the package has only been + partially migrated to Python 3 from Python 2.x. + . + Please check the contents and/or dependencies of this package. diff --git a/tags/d/depends-on-specific-java-doc-package.tag b/tags/d/depends-on-specific-java-doc-package.tag new file mode 100644 index 0000000..6d2948a --- /dev/null +++ b/tags/d/depends-on-specific-java-doc-package.tag @@ -0,0 +1,6 @@ +Tag: depends-on-specific-java-doc-package +Severity: warning +Check: fields/package-relations +Explanation: The package should use default-jdk-doc instead of classpath-doc + or openjdk-X-doc to ease transitions when the providing doc package + is replaced (e.g. openjdk-6-doc being replaced by openjdk-7-doc). diff --git a/tags/d/deprecated-configure-filename.tag b/tags/d/deprecated-configure-filename.tag new file mode 100644 index 0000000..86c35dd --- /dev/null +++ b/tags/d/deprecated-configure-filename.tag @@ -0,0 +1,8 @@ +Tag: deprecated-configure-filename +Severity: info +Check: build-systems/automake +Explanation: The use of 'configure.in' with automake is deprecated and will + not be supported in future versions of automake. Please consider + (helping upstream) migrating to 'configure.ac' instead. +See-Also: https://lists.gnu.org/archive/html/automake/2013-05/msg00049.html +Experimental: yes diff --git a/tags/d/description-contains-dh-make-perl-template.tag b/tags/d/description-contains-dh-make-perl-template.tag new file mode 100644 index 0000000..ec865fc --- /dev/null +++ b/tags/d/description-contains-dh-make-perl-template.tag @@ -0,0 +1,7 @@ +Tag: description-contains-dh-make-perl-template +Severity: warning +Check: fields/description +Explanation: The extended description contains the statement that it was + automagically extracted by dh-make-perl. Please check the description + for correctness and usefulness and remove the dh-make-perl statement + to signal that you have done so. diff --git a/tags/d/description-contains-homepage.tag b/tags/d/description-contains-homepage.tag new file mode 100644 index 0000000..39e000d --- /dev/null +++ b/tags/d/description-contains-homepage.tag @@ -0,0 +1,9 @@ +Tag: description-contains-homepage +Severity: warning +Check: fields/description +Explanation: The extended description contains a "Homepage" pseudo-field + following the old Developer's Reference recommendation. As of 1.14.6, + dpkg now supports Homepage as a regular field in + <code>debian/control</code>. This pseudo-field should be moved from the + extended description to the fields for the relevant source or binary + packages. diff --git a/tags/d/description-contains-invalid-control-statement.tag b/tags/d/description-contains-invalid-control-statement.tag new file mode 100644 index 0000000..f95afb6 --- /dev/null +++ b/tags/d/description-contains-invalid-control-statement.tag @@ -0,0 +1,14 @@ +Tag: description-contains-invalid-control-statement +Severity: error +Check: fields/description +Explanation: The description contains an invalid control statement. + . + A control statement is a line starting with a dot (.). The only + control statement is defined by the policy is a single dot denoting + an empty line. + . + The "empty-line" control statement does not permit any characters + following it on the same line. Therefore, the line must consist + entirely of a space followed by a dot. +See-Also: + debian-policy 5.6.13 diff --git a/tags/d/description-contains-tabs.tag b/tags/d/description-contains-tabs.tag new file mode 100644 index 0000000..8fa9c7d --- /dev/null +++ b/tags/d/description-contains-tabs.tag @@ -0,0 +1,5 @@ +Tag: description-contains-tabs +Severity: error +Check: fields/description +Explanation: The package "Description:" must not contain tab characters. +See-Also: debian-policy 5.6.13 diff --git a/tags/d/description-is-debmake-template.tag b/tags/d/description-is-debmake-template.tag new file mode 100644 index 0000000..fe8e797 --- /dev/null +++ b/tags/d/description-is-debmake-template.tag @@ -0,0 +1,5 @@ +Tag: description-is-debmake-template +Severity: error +Check: fields/description +Explanation: The synopsis or the extended description just says "Missing", + which is a template provided by debmake. diff --git a/tags/d/description-is-dh_make-template.tag b/tags/d/description-is-dh_make-template.tag new file mode 100644 index 0000000..338dbf5 --- /dev/null +++ b/tags/d/description-is-dh_make-template.tag @@ -0,0 +1,5 @@ +Tag: description-is-dh_make-template +Severity: error +Check: fields/description +Explanation: The synopsis or the extended description has not been changed + from the template provided by dh_make. diff --git a/tags/d/description-is-pkg-name.tag b/tags/d/description-is-pkg-name.tag new file mode 100644 index 0000000..f3aac2a --- /dev/null +++ b/tags/d/description-is-pkg-name.tag @@ -0,0 +1,6 @@ +Tag: description-is-pkg-name +Severity: error +Check: fields/description +See-Also: developer-reference 6.2.2 +Explanation: The description is the same as the package name. + A better description should be provided for the user. diff --git a/tags/d/description-mentions-planned-features.tag b/tags/d/description-mentions-planned-features.tag new file mode 100644 index 0000000..200f368 --- /dev/null +++ b/tags/d/description-mentions-planned-features.tag @@ -0,0 +1,11 @@ +Tag: description-mentions-planned-features +Severity: info +Check: fields/description +Explanation: This package appears to mention planned or upcoming features of + the software. + . + Package descriptions should not mention features that are not yet implemented + as they waste the time of people searching for particular keywords. They are + also liable to become outdated quickly. + . + Please remove such statements from the package description. diff --git a/tags/d/description-possibly-contains-homepage.tag b/tags/d/description-possibly-contains-homepage.tag new file mode 100644 index 0000000..535a3c1 --- /dev/null +++ b/tags/d/description-possibly-contains-homepage.tag @@ -0,0 +1,7 @@ +Tag: description-possibly-contains-homepage +Severity: info +Check: fields/description +Explanation: This package has no Homepage field but has a URL in the description + and wording that might indicate this is the package Homepage. If it is, + add a Homepage control field containing it rather than mentioning it in + the package description. diff --git a/tags/d/description-starts-with-leading-spaces.tag b/tags/d/description-starts-with-leading-spaces.tag new file mode 100644 index 0000000..afd5f46 --- /dev/null +++ b/tags/d/description-starts-with-leading-spaces.tag @@ -0,0 +1,7 @@ +Tag: description-starts-with-leading-spaces +Severity: warning +Check: fields/description +Explanation: The package's extended "Description:" paragraph starts with more than + one leading space. Usually, leading spaces are used to switch "verbatim + display" on (i.e., lines are not wrapped) so this might be a bug in the + package. diff --git a/tags/d/description-starts-with-package-name.tag b/tags/d/description-starts-with-package-name.tag new file mode 100644 index 0000000..8d2fd54 --- /dev/null +++ b/tags/d/description-starts-with-package-name.tag @@ -0,0 +1,7 @@ +Tag: description-starts-with-package-name +Severity: error +Check: fields/description +Explanation: The first line of the "Description:" should not start with the + package name. For example, the package <code>foo</code> should not + have a description like this: "foo is a program that...". +See-Also: debian-policy 3.4.1 diff --git a/tags/d/description-synopsis-is-duplicated.tag b/tags/d/description-synopsis-is-duplicated.tag new file mode 100644 index 0000000..de97cb2 --- /dev/null +++ b/tags/d/description-synopsis-is-duplicated.tag @@ -0,0 +1,7 @@ +Tag: description-synopsis-is-duplicated +Severity: error +Check: fields/description +Explanation: The first line of the extended Description: should not repeat the + synopsis exactly. This indicates that either the synopsis is badly formed + or that the extended description has been wrongly copied and pasted. +See-Also: debian-policy 3.4.2 diff --git a/tags/d/description-synopsis-is-empty.tag b/tags/d/description-synopsis-is-empty.tag new file mode 100644 index 0000000..1f42d5f --- /dev/null +++ b/tags/d/description-synopsis-is-empty.tag @@ -0,0 +1,5 @@ +Tag: description-synopsis-is-empty +Severity: error +Check: fields/description +Explanation: The first line in the "Description:" is empty. +See-Also: debian-policy 3.4 diff --git a/tags/d/description-synopsis-starts-with-article.tag b/tags/d/description-synopsis-starts-with-article.tag new file mode 100644 index 0000000..c660c17 --- /dev/null +++ b/tags/d/description-synopsis-starts-with-article.tag @@ -0,0 +1,10 @@ +Tag: description-synopsis-starts-with-article +Severity: warning +Check: fields/description +Explanation: The first line of the "Description:" should omit any initial indefinite + or definite article: "a", "an", or "the". A good heuristic is that it should + be possible to substitute the package <code>name</code> and <code>synopsis</code> + into this formula: + . + The package <code>name</code> provides {a,an,the,some} <code>synopsis</code>. +See-Also: developer-reference 6.2.2 diff --git a/tags/d/description-too-short.tag b/tags/d/description-too-short.tag new file mode 100644 index 0000000..625df3b --- /dev/null +++ b/tags/d/description-too-short.tag @@ -0,0 +1,6 @@ +Tag: description-too-short +Severity: error +Check: fields/description +See-Also: developer-reference 6.2.2 +Explanation: The description contains only a single word. It is likely that the + description won't be very clear for the user. diff --git a/tags/d/desktop-command-not-in-package.tag b/tags/d/desktop-command-not-in-package.tag new file mode 100644 index 0000000..96110be --- /dev/null +++ b/tags/d/desktop-command-not-in-package.tag @@ -0,0 +1,11 @@ +Tag: desktop-command-not-in-package +Severity: warning +Check: menu-format +Explanation: The desktop entry specifies a <code>Command</code> that does not + match any of the executables shipped in the package. + . + This condition is often caused by a typo, or the desktop file was not updated + after the installed path of the executable was modified. + . + Packages should ship executables that are used as commands in <code>desktop</code> + files. diff --git a/tags/d/desktop-contains-deprecated-key.tag b/tags/d/desktop-contains-deprecated-key.tag new file mode 100644 index 0000000..5d57d1a --- /dev/null +++ b/tags/d/desktop-contains-deprecated-key.tag @@ -0,0 +1,13 @@ +Tag: desktop-contains-deprecated-key +Severity: warning +Check: menu-format +Explanation: The key on this line of the desktop entry was deprecated in the + FreeDesktop specification. + . + If that key is <code>KDE Desktop Entry</code>, the fix for this condition is + usually to change it to <code>Desktop Entry</code>. + . + The <code>desktop-file-validate</code> tool in the <code>desktop-file-utils</code> + package may be useful when checking the syntax of desktop entries. +See-Also: + https://specifications.freedesktop.org/desktop-entry-spec/latest/apc.html diff --git a/tags/d/desktop-entry-contains-deprecated-key.tag b/tags/d/desktop-entry-contains-deprecated-key.tag new file mode 100644 index 0000000..5094056 --- /dev/null +++ b/tags/d/desktop-entry-contains-deprecated-key.tag @@ -0,0 +1,10 @@ +Tag: desktop-entry-contains-deprecated-key +Severity: warning +Check: menu-format +Explanation: The key on this line of the Desktop entry was deprecated by the + FreeDesktop specification. + . + The <code>desktop-file-validate</code> tool in the <code>desktop-file-utils</code> + package may be useful for checking the syntax of Desktop entries. +See-Also: + https://specifications.freedesktop.org/desktop-entry-spec/latest/apc.html diff --git a/tags/d/desktop-entry-contains-encoding-key.tag b/tags/d/desktop-entry-contains-encoding-key.tag new file mode 100644 index 0000000..a4e8183 --- /dev/null +++ b/tags/d/desktop-entry-contains-encoding-key.tag @@ -0,0 +1,12 @@ +Tag: desktop-entry-contains-encoding-key +Severity: info +Check: menu-format +Explanation: The <code>Encoding</code> key is deprecated in the FreeDesktop + standard. Instead, all strings must now be encoded in UTF-8. This desktop entry + specifies an <code>Encoding</code> of <code>UTF-8</code>. It is harmless but can + be dropped. + . + The <code>desktop-file-validate</code> tool in the <code>desktop-file-utils</code> + package may be useful for checking the syntax of desktop entries. +See-Also: + https://specifications.freedesktop.org/desktop-entry-spec/latest/apc.html diff --git a/tags/d/desktop-entry-contains-unknown-key.tag b/tags/d/desktop-entry-contains-unknown-key.tag new file mode 100644 index 0000000..01d0aa7 --- /dev/null +++ b/tags/d/desktop-entry-contains-unknown-key.tag @@ -0,0 +1,13 @@ +Tag: desktop-entry-contains-unknown-key +Severity: warning +Check: menu-format +Explanation: The key on this line of the <code>desktop</code> entry is not listed + as being defined by the FreeDesktop specification. It is also not one of the legacy + KDE keywords and does not begin with <code>X-</code>. + . + The key may have been misspelled. + . + The <code>desktop-file-validate</code> tool in the <code>desktop-file-utils</code> + package may be useful when checking the syntax of <code>desktop</code> entries. +See-Also: + https://specifications.freedesktop.org/desktop-entry-spec/latest/ar01s06.html diff --git a/tags/d/desktop-entry-file-has-crs.tag b/tags/d/desktop-entry-file-has-crs.tag new file mode 100644 index 0000000..e865b76 --- /dev/null +++ b/tags/d/desktop-entry-file-has-crs.tag @@ -0,0 +1,14 @@ +Tag: desktop-entry-file-has-crs +Severity: warning +Check: menu-format +Explanation: The desktop entry file has lines ending in carriage-return and line-feed + instead of just a line-feed. The Desktop Entry Specification says that lines should + end with line-feed alone. + . + Some software may mistake the carriage-return as a part of the field value. + . + You can run the following command to remove any <code>CR</code> character in a file: + . + <code>sed -i 's/\r//g' path/to/file</code> +See-Also: + https://specifications.freedesktop.org/desktop-entry-spec/latest/ar01s03.html diff --git a/tags/d/desktop-entry-invalid-category.tag b/tags/d/desktop-entry-invalid-category.tag new file mode 100644 index 0000000..869576e --- /dev/null +++ b/tags/d/desktop-entry-invalid-category.tag @@ -0,0 +1,15 @@ +Tag: desktop-entry-invalid-category +Severity: warning +Check: menu-format +Explanation: This <code>desktop</code> entry shows a category that is not + among the registered "main" or "additional" categories in the FreeDesktop + specification. + . + The values are case-sensitive. Whitespace is only allowed just before and + after the equals sign in the <code>Category</code> key, and nowhere else. + . + The <code>desktop-file-validate</code> tool in the + <code>desktop-file-utils</code> package is useful when checking the syntax + of desktop entries. +See-Also: + https://specifications.freedesktop.org/menu-spec/latest/apa.html diff --git a/tags/d/desktop-entry-lacks-icon-entry.tag b/tags/d/desktop-entry-lacks-icon-entry.tag new file mode 100644 index 0000000..80d134c --- /dev/null +++ b/tags/d/desktop-entry-lacks-icon-entry.tag @@ -0,0 +1,17 @@ +Tag: desktop-entry-lacks-icon-entry +Severity: info +Check: menu-format +Explanation: This <code>.desktop</code> file does not contain an <code>Icon</code> + entry. + . + The <code>Icon</code> field should contain the name of the icon file, without the + extension, that is displayed. The different icon themes are searched to locate it. + For absolute paths, the name given will be used. The icon should be sufficiently + unique so that the user can recognize the application. + . + The <code>desktop-file-validate</code> tool in the <code>desktop-file-utils</code> + package may be useful for checking the syntax of desktop entries. +See-Also: + https://specifications.freedesktop.org/desktop-entry-spec/latest/ar01s06.html, + https://specifications.freedesktop.org/icon-theme-spec/icon-theme-spec-latest.html, + Bug#854132 diff --git a/tags/d/desktop-entry-lacks-keywords-entry.tag b/tags/d/desktop-entry-lacks-keywords-entry.tag new file mode 100644 index 0000000..52d200e --- /dev/null +++ b/tags/d/desktop-entry-lacks-keywords-entry.tag @@ -0,0 +1,18 @@ +Tag: desktop-entry-lacks-keywords-entry +Severity: info +Check: menu-format +Explanation: This <code>.desktop</code> file is either missing a <code>Keywords</code> + entry, or it does not contain keywords above and beyond those already present in the + <code>Name</code> or <code>GenericName</code> entries. + . + The <code>Keywords</code> field is intended to show keywords relevant for a + <code>.desktop</code> file. + . + Desktop files are organized in key-value pairs and are similar to INI files. + . + The <code>desktop-file-validate</code> tool in the <code>desktop-file-utils</code> + package may be useful when checking the syntax of desktop entries. +See-Also: + https://specifications.freedesktop.org/desktop-entry-spec/latest/ar01s06.html, + Bug#693918, + https://wiki.gnome.org/Initiatives/GnomeGoals/DesktopFileKeywords diff --git a/tags/d/desktop-entry-lacks-main-category.tag b/tags/d/desktop-entry-lacks-main-category.tag new file mode 100644 index 0000000..8729486 --- /dev/null +++ b/tags/d/desktop-entry-lacks-main-category.tag @@ -0,0 +1,11 @@ +Tag: desktop-entry-lacks-main-category +Severity: warning +Check: menu-format +Explanation: The categories for this <code>desktop</code> entry do not contain any + "main" categories, but only "additional" ones. Additional categories should only + be used on conjunction with one or more main categories. + . + The <code>desktop-file-validate</code> tool in the <code>desktop-file-utils</code> + package may be useful when checking the syntax of <code>desktop</code> entries. +See-Also: + https://specifications.freedesktop.org/menu-spec/latest/apa.html diff --git a/tags/d/desktop-entry-limited-to-environments.tag b/tags/d/desktop-entry-limited-to-environments.tag new file mode 100644 index 0000000..f13a3a6 --- /dev/null +++ b/tags/d/desktop-entry-limited-to-environments.tag @@ -0,0 +1,14 @@ +Tag: desktop-entry-limited-to-environments +Severity: info +Check: menu-format +Explanation: This desktop entry limits the environments in which it is shown + via the <code>OnlyShowIn</code> field but lists multiple environments therein. + . + The condition often indicates that a desktop file was written under the + assumption that only GNOME, KDE, or Xfce are being used, and that the desktop + file is in fact intended to exclude one of them. + . + That the application from desktop environments like LXDE where it may work + fine. If this application supports any desktop environment except specific + ones, it would be better to instead specify the unsupported environments via + the <code>NotShowIn</code> field. diff --git a/tags/d/desktop-entry-missing-required-key.tag b/tags/d/desktop-entry-missing-required-key.tag new file mode 100644 index 0000000..159ae2b --- /dev/null +++ b/tags/d/desktop-entry-missing-required-key.tag @@ -0,0 +1,10 @@ +Tag: desktop-entry-missing-required-key +Severity: error +Check: menu-format +Explanation: Desktop entries must contain the keys <code>Type</code> and + <code>Name</code>. + . + The <code>desktop-file-validate</code> tool in the <code>desktop-file-utils</code> + package may be useful when checking the syntax of desktop entries. +See-Also: + https://specifications.freedesktop.org/desktop-entry-spec/latest/ar01s06.html diff --git a/tags/d/desktop-entry-unknown-type.tag b/tags/d/desktop-entry-unknown-type.tag new file mode 100644 index 0000000..de3a534 --- /dev/null +++ b/tags/d/desktop-entry-unknown-type.tag @@ -0,0 +1,16 @@ +Tag: desktop-entry-unknown-type +Severity: warning +Check: menu-format +Explanation: This <code>desktop</code> entry uses a <code>Type</code> that is + not among the currently recognized values of <code>Application</code>, + <code>Link</code> or <code>Directory</code>. + . + Implementations normally ignore unknown values but this condition is probably + not intended. + . + The values are case-sensitive. + . + The <code>desktop-file-validate</code> tool in the <code>desktop-file-utils</code> + package may be useful when checking the syntax of desktop entries. +See-Also: + https://specifications.freedesktop.org/desktop-entry-spec/latest/ar01s06.html diff --git a/tags/d/desktop-entry-uses-reserved-category.tag b/tags/d/desktop-entry-uses-reserved-category.tag new file mode 100644 index 0000000..ec58bc3 --- /dev/null +++ b/tags/d/desktop-entry-uses-reserved-category.tag @@ -0,0 +1,16 @@ +Tag: desktop-entry-uses-reserved-category +Severity: warning +Check: menu-format +Explanation: This <code>desktop</code> entry uses a <code>Reserved Category</code> + as explained below, but does not include an <code>OnlyShowIn</code> key. + . + Reserved categories like <code>Screensaver</code>, <code>TrayIcon</code>, + <code>Applet</code> or <code>Shell</code> have a desktop-specific meaning + but have not been standardized yet. Desktop entry files that use such a + reserved category must also include an <code>OnlyShowIn</code> key to limit + the entry to environments that support the category. + . + The <code>desktop-file-validate</code> tool in the <code>desktop-file-utils</code> + package may be useful when checking the syntax of <code>desktop</code> entries. +See-Also: + https://specifications.freedesktop.org/menu-spec/latest/apas03.html diff --git a/tags/d/desktop-file-in-wrong-dir.tag b/tags/d/desktop-file-in-wrong-dir.tag new file mode 100644 index 0000000..5fed630 --- /dev/null +++ b/tags/d/desktop-file-in-wrong-dir.tag @@ -0,0 +1,9 @@ +Tag: desktop-file-in-wrong-dir +Severity: warning +Check: files/desktop +Explanation: The package contains a <code>.desktop</code> file in an obsolete + folder such as <code>/usr/share/gnome/apps</code>. + . + According to the latest draft of the <code>menu</code> specification available + on freedesktop.org, <code>.desktop</code> files intended to create menus should + be placed in <code>/usr/share/applications</code>. diff --git a/tags/d/desktop-mime-but-no-exec-code.tag b/tags/d/desktop-mime-but-no-exec-code.tag new file mode 100644 index 0000000..7cd48ee --- /dev/null +++ b/tags/d/desktop-mime-but-no-exec-code.tag @@ -0,0 +1,10 @@ +Tag: desktop-mime-but-no-exec-code +Severity: warning +Check: menu-format +Explanation: The named desktop entry indicates support for at least one MIME + type, but does not provide a code like %f, %F, %u or %U in the <code>Exec</code> + key. + . + If the application can in fact handle files of the given MIME types, the + <code>menu</code> item should somehow pass those filenames as parameters to the + executable. diff --git a/tags/d/development-package-ships-elf-binary-in-path.tag b/tags/d/development-package-ships-elf-binary-in-path.tag new file mode 100644 index 0000000..535e2ee --- /dev/null +++ b/tags/d/development-package-ships-elf-binary-in-path.tag @@ -0,0 +1,20 @@ +Tag: development-package-ships-elf-binary-in-path +Severity: info +Check: binaries/location +Experimental: yes +Explanation: This development package (ie. from the <code>libdevel</code> section of + the archive) installs an ELF binary within <code>$PATH</code>. + . + Commonly, executables in development packages provide values that are + relevant for using the library. Source packages that use such + development packages tend to execute those executables to discover how + to use the library. + . + When performing a cross build, host architecture binaries are generally not + executable. However, development packages need to be installed on the host + architecture so such files are useless. + . + An alternative approach is to use <code>pkg-config(1)</code> or potentially + splitting architecture-independent development tools into a separate + package that can be marked <code>Multi-Arch: foreign</code>. +See-Also: Bug#794295, Bug#794103 diff --git a/tags/d/dfsg-version-in-native-package.tag b/tags/d/dfsg-version-in-native-package.tag new file mode 100644 index 0000000..0cf6e6c --- /dev/null +++ b/tags/d/dfsg-version-in-native-package.tag @@ -0,0 +1,13 @@ +Tag: dfsg-version-in-native-package +Severity: warning +Check: fields/version/repack/native +Explanation: The version number contains the string <code>dfsg</code> but + the sources are native. + . + The string <code>dfsg</code> is used in Debian versions to indicate that + the sources were repackaged in order to comply with the Debian Free + Software Guidelines, but all native packages should comply with the + guidelines. +See-Also: + https://wiki.debian.org/DebianFreeSoftwareGuidelines, + https://wiki.debian.org/DFSGLicenses diff --git a/tags/d/dfsg-version-misspelled.tag b/tags/d/dfsg-version-misspelled.tag new file mode 100644 index 0000000..47c41aa --- /dev/null +++ b/tags/d/dfsg-version-misspelled.tag @@ -0,0 +1,6 @@ +Tag: dfsg-version-misspelled +Severity: warning +Check: fields/version/repack/typo +Explanation: The version contains the string <code>dsfg</code>. You probably + meant <code>dfsg</code>. That is the conventional marker for upstream sources + that were repackaged in order to comply with the Debian Free Software Guidelines. diff --git a/tags/d/dfsg-version-with-period.tag b/tags/d/dfsg-version-with-period.tag new file mode 100644 index 0000000..ed5e9ae --- /dev/null +++ b/tags/d/dfsg-version-with-period.tag @@ -0,0 +1,13 @@ +Tag: dfsg-version-with-period +Severity: info +Check: fields/version/repack/period +Explanation: The version contains the string <code>.dfsg</code>. + That versioning may harbor a subtle sorting issue, namely: <code>1.2.dfsg1</code> + is a more recent version than <code>1.2.1</code>. It will therefore be difficult + to find a nice version string for the next upstream release if it gains another + dotted digit at the end. + . + It is better to use <code>+dfsg</code> instead. The plus sign <code>+</code> sorts + before <code>.</code>, so the sorting that is usually desired can take place: + . + <code>1.2</code> < <code>1.2+dfsg</code> < <code>1.2.1</code> diff --git a/tags/d/dfsg-version-with-tilde.tag b/tags/d/dfsg-version-with-tilde.tag new file mode 100644 index 0000000..ada8c12 --- /dev/null +++ b/tags/d/dfsg-version-with-tilde.tag @@ -0,0 +1,16 @@ +Tag: dfsg-version-with-tilde +Severity: info +Check: fields/version/repack/tilde +Explanation: The source version string contains a tilde like <code>~dfsg</code>. + It is probably in a form like <code>1.0~dfsg-1</code>. + . + Most people should use a plus sign instead, as in <code>+dfsg</code>. It will + ensure proper version sorting. + . + We can think of two cases for which a tilde makes sense. First, upstream may release + a tarball again using the same version, but with the offending files removed. The + second case is when all DFSG concerns for a source tarball disappeared. In both cases, + repacking is no longer necessary. We think both cases are rare. +See-Also: + https://lists.debian.org/debian-devel/2021/10/msg00012.html, + https://salsa.debian.org/lintian/lintian/-/merge_requests/379 diff --git a/tags/d/dh-clean-k-is-deprecated.tag b/tags/d/dh-clean-k-is-deprecated.tag new file mode 100644 index 0000000..9cdf47c --- /dev/null +++ b/tags/d/dh-clean-k-is-deprecated.tag @@ -0,0 +1,6 @@ +Tag: dh-clean-k-is-deprecated +Severity: warning +Check: debhelper +See-Also: dh_clean(1) +Explanation: This package calls dh_clean -k in its <code>debian/rules</code> file + instead of dh_prep. diff --git a/tags/d/dh-exec-install-not-allowed-here.tag b/tags/d/dh-exec-install-not-allowed-here.tag new file mode 100644 index 0000000..bf444da --- /dev/null +++ b/tags/d/dh-exec-install-not-allowed-here.tag @@ -0,0 +1,8 @@ +Tag: dh-exec-install-not-allowed-here +Severity: error +Check: debhelper +Explanation: The package uses a dh-exec-install construct in a debhelper + config file, where it is not permitted. + . + The dh-exec-install constructs are only allowed in dh_install's + .install and dh_installman's .manpages files, and nowhere else. diff --git a/tags/d/dh-exec-private-helper.tag b/tags/d/dh-exec-private-helper.tag new file mode 100644 index 0000000..2071e6f --- /dev/null +++ b/tags/d/dh-exec-private-helper.tag @@ -0,0 +1,8 @@ +Tag: dh-exec-private-helper +Severity: error +Check: debhelper +Explanation: The packaging file uses dh-exec, but it does not use /usr/bin/dh-exec. + . + If running dh-exec with the default set of helpers is not desired, + use its --with or --without options instead of directly using the + desired helper. diff --git a/tags/d/dh-exec-script-without-dh-exec-features.tag b/tags/d/dh-exec-script-without-dh-exec-features.tag new file mode 100644 index 0000000..e0f887c --- /dev/null +++ b/tags/d/dh-exec-script-without-dh-exec-features.tag @@ -0,0 +1,8 @@ +Tag: dh-exec-script-without-dh-exec-features +Severity: warning +Check: debhelper +Explanation: The package uses dh-exec in at least one of its files, but does + not use any of the features provided by dh-exec. + . + If the features provided by dh-exec is not needed, please remove the + executable bit, and the dh-exec usage. diff --git a/tags/d/dh-exec-subst-unknown-variable.tag b/tags/d/dh-exec-subst-unknown-variable.tag new file mode 100644 index 0000000..dac9fd7 --- /dev/null +++ b/tags/d/dh-exec-subst-unknown-variable.tag @@ -0,0 +1,10 @@ +Tag: dh-exec-subst-unknown-variable +Severity: info +Check: debhelper +Explanation: The package uses a variable in one of its debhelper config + files, but the variable is not one known to dpkg-architecture. + . + It is recommended to use a known subset of variables. If the package + needs more than that, and makes sure the variable is exported through + the build one way or the other, then this tag can be safely ignored + or overridden. diff --git a/tags/d/dh-exec-useless-usage.tag b/tags/d/dh-exec-useless-usage.tag new file mode 100644 index 0000000..0670845 --- /dev/null +++ b/tags/d/dh-exec-useless-usage.tag @@ -0,0 +1,19 @@ +Tag: dh-exec-useless-usage +Severity: info +Check: debhelper +Explanation: The package uses dh-exec for things it is not needed for. + . + This typically includes using ${DEB_HOST_MULTIARCH} in an install + target where a wildcard would suffice. For example, if you had: + . + #! /usr/bin/dh-exec + usr/lib/${DEB_HOST_MULTIARCH} + . + This could be replaced with the following in most cases, dropping the + need for dh-exec: + . + usr/lib/* + . + However, there may be other directories that match the wildcard, + which one does not wish to install. In that case, this warning should + be ignored or overridden. diff --git a/tags/d/dh-make-template-in-source.tag b/tags/d/dh-make-template-in-source.tag new file mode 100644 index 0000000..27c9878 --- /dev/null +++ b/tags/d/dh-make-template-in-source.tag @@ -0,0 +1,10 @@ +Tag: dh-make-template-in-source +Severity: warning +Check: dh-make/template +Explanation: The named file looks like a <code>dh_make</code> template. + . + Source files like <code>debian/*.ex</code> or <code>debian/ex.*</code> + were usually installed by <code>dh_make</code>. They are meant to be + renamed after they were adapted by the maintainer. + . + Unused templates should be removed. diff --git a/tags/d/dh-quilt-addon-but-quilt-source-format.tag b/tags/d/dh-quilt-addon-but-quilt-source-format.tag new file mode 100644 index 0000000..3e61137 --- /dev/null +++ b/tags/d/dh-quilt-addon-but-quilt-source-format.tag @@ -0,0 +1,8 @@ +Tag: dh-quilt-addon-but-quilt-source-format +Severity: warning +Check: debhelper +Explanation: The package uses (for example) <code>dh $@ --with quilt</code> in + <code>debian/rules</code> but is already using the <code>3.0 (quilt)</code> + source format via the <code>debian/source/format</code> file. + . + Please remove the <code>--with quilt</code> argument. diff --git a/tags/d/dh_installmanpages-is-obsolete.tag b/tags/d/dh_installmanpages-is-obsolete.tag new file mode 100644 index 0000000..4cd0fe5 --- /dev/null +++ b/tags/d/dh_installmanpages-is-obsolete.tag @@ -0,0 +1,6 @@ +Tag: dh_installmanpages-is-obsolete +Severity: warning +Check: debhelper +See-Also: dh_installmanpages(1) +Explanation: This package calls dh_installmanpages in its <code>debian/rules</code> file. + dh_installmanpages is deprecated in favour of dh_installman. diff --git a/tags/d/dir-in-usr-local.tag b/tags/d/dir-in-usr-local.tag new file mode 100644 index 0000000..ee60f88 --- /dev/null +++ b/tags/d/dir-in-usr-local.tag @@ -0,0 +1,13 @@ +Tag: dir-in-usr-local +Severity: error +Check: files/hierarchy/standard +Explanation: The package installs a directory in <code>/usr/local/...</code>. That is + not allowed. + . + If you want to provide an empty directory in <code>/usr/local</code> for + convenience of the local system administrator, please follow the rules + in the policy manual (section 9.1.2), i.e. create the directories in + the <code>postinst</code> maintainer script but do not fail if the operation + is unsuccessful (for example, if <code>/usr/local</code> is mounted read-only). +See-Also: + debian-policy 9.1.2 diff --git a/tags/d/dir-or-file-in-build-tree.tag b/tags/d/dir-or-file-in-build-tree.tag new file mode 100644 index 0000000..84f0bc2 --- /dev/null +++ b/tags/d/dir-or-file-in-build-tree.tag @@ -0,0 +1,8 @@ +Tag: dir-or-file-in-build-tree +Severity: error +Check: files/build-path +Explanation: The package installs a file in common build paths. + . + This often occurs if the package uses regular expressions to + strip the build path without properly regex quoting the build + path. diff --git a/tags/d/dir-or-file-in-etc-opt.tag b/tags/d/dir-or-file-in-etc-opt.tag new file mode 100644 index 0000000..ad278b1 --- /dev/null +++ b/tags/d/dir-or-file-in-etc-opt.tag @@ -0,0 +1,6 @@ +Tag: dir-or-file-in-etc-opt +Severity: error +Check: files/hierarchy/standard +Explanation: Debian packages should not install into <code>/etc/opt</code>, because it + is reserved for add-on software. +See-Also: filesystem-hierarchy optaddonapplicationsoftwarepackages diff --git a/tags/d/dir-or-file-in-home.tag b/tags/d/dir-or-file-in-home.tag new file mode 100644 index 0000000..1f20163 --- /dev/null +++ b/tags/d/dir-or-file-in-home.tag @@ -0,0 +1,5 @@ +Tag: dir-or-file-in-home +Severity: error +Check: files/hierarchy/standard +Explanation: Debian packages should not install into <code>/home</code>, because it + is reserved for users. diff --git a/tags/d/dir-or-file-in-mnt.tag b/tags/d/dir-or-file-in-mnt.tag new file mode 100644 index 0000000..21a0415 --- /dev/null +++ b/tags/d/dir-or-file-in-mnt.tag @@ -0,0 +1,7 @@ +Tag: dir-or-file-in-mnt +Severity: error +Check: files/hierarchy/standard +Explanation: Packages should not install into <code>/mnt</code>. The FHS states that + this directory is reserved for the local system administrator for + temporary mounts and that it must not be used by installation programs. +See-Also: filesystem-hierarchy mntmountpointforatemporarilymount diff --git a/tags/d/dir-or-file-in-opt.tag b/tags/d/dir-or-file-in-opt.tag new file mode 100644 index 0000000..2028621 --- /dev/null +++ b/tags/d/dir-or-file-in-opt.tag @@ -0,0 +1,6 @@ +Tag: dir-or-file-in-opt +Severity: error +Check: files/hierarchy/standard +Explanation: Debian packages should not install into <code>/opt</code>, because it + is reserved for add-on software. +See-Also: filesystem-hierarchy optaddonapplicationsoftwarepackages diff --git a/tags/d/dir-or-file-in-run.tag b/tags/d/dir-or-file-in-run.tag new file mode 100644 index 0000000..f36f189 --- /dev/null +++ b/tags/d/dir-or-file-in-run.tag @@ -0,0 +1,6 @@ +Tag: dir-or-file-in-run +Severity: error +Check: files/hierarchy/standard +Explanation: <code>/run</code> may be a temporary filesystem, so any directories + or files needed there must be created dynamically at boot time. +See-Also: debian-policy 9.3.2 diff --git a/tags/d/dir-or-file-in-srv.tag b/tags/d/dir-or-file-in-srv.tag new file mode 100644 index 0000000..afdd4ff --- /dev/null +++ b/tags/d/dir-or-file-in-srv.tag @@ -0,0 +1,18 @@ +Tag: dir-or-file-in-srv +Severity: error +Check: files/hierarchy/standard +Explanation: Debian packages should install nothing into <code>/srv</code>. + . + The specification for <code>/srv</code> states that its use is at the + discretion of the local administrator. No package should rely on a + particular layout. + . + Debian packages that install files there are unable to adjust to any local + policy. They force a local administrator's hand. + . + If a package wishes to place data below <code>/srv</code>, it must do so in + a way that permits the local administrator to select the folder (for + example, through post-install configuration, setup scripts, + <code>debconf</code> prompts, or similar). +See-Also: + filesystem-hierarchy srvdataforservicesprovidedbysystem diff --git a/tags/d/dir-or-file-in-tmp.tag b/tags/d/dir-or-file-in-tmp.tag new file mode 100644 index 0000000..7bd4fdc --- /dev/null +++ b/tags/d/dir-or-file-in-tmp.tag @@ -0,0 +1,9 @@ +Tag: dir-or-file-in-tmp +Severity: error +Check: files/hierarchy/standard +Explanation: Packages must not install files into <code>/tmp</code> or + <code>/var/tmp</code>. The File Hierarchy Standard specifies that such files + may be removed by the administrator and that programs may not depend on + any files in <code>/tmp</code> being preserved across invocations, which + combined mean that it makes no sense to ship files in these directories. +See-Also: filesystem-hierarchy tmptemporaryfiles, filesystem-hierarchy vartmptemporaryfilespreservedbetwee diff --git a/tags/d/dir-or-file-in-var-lock.tag b/tags/d/dir-or-file-in-var-lock.tag new file mode 100644 index 0000000..2c5b59f --- /dev/null +++ b/tags/d/dir-or-file-in-var-lock.tag @@ -0,0 +1,6 @@ +Tag: dir-or-file-in-var-lock +Severity: error +Check: files/hierarchy/standard +Explanation: <code>/var/lock</code> may be a temporary filesystem, so any directories + or files needed there must be created dynamically at boot time. +See-Also: debian-policy 9.3.2 diff --git a/tags/d/dir-or-file-in-var-run.tag b/tags/d/dir-or-file-in-var-run.tag new file mode 100644 index 0000000..874a432 --- /dev/null +++ b/tags/d/dir-or-file-in-var-run.tag @@ -0,0 +1,6 @@ +Tag: dir-or-file-in-var-run +Severity: error +Check: files/hierarchy/standard +Explanation: <code>/var/run</code> may be a temporary filesystem, so any directories + or files needed there must be created dynamically at boot time. +See-Also: debian-policy 9.3.2 diff --git a/tags/d/dir-or-file-in-var-www.tag b/tags/d/dir-or-file-in-var-www.tag new file mode 100644 index 0000000..8250fcb --- /dev/null +++ b/tags/d/dir-or-file-in-var-www.tag @@ -0,0 +1,20 @@ +Tag: dir-or-file-in-var-www +Severity: error +Check: files/hierarchy/standard +See-Also: filesystem-hierarchy thevarhierarchy +Explanation: Debian packages should not install files under <code>/var/www</code>. + This is not one of the <code>/var</code> directories in the File Hierarchy + Standard and is under the control of the local administrator. Packages + should not assume that it is the document root for a web server; it is + very common for users to change the default document root and packages + should not assume that users will keep any particular setting. + . + Packages that want to make files available via an installed web server + should instead put instructions for the local administrator in a + README.Debian file and ideally include configuration fragments for common + web servers such as Apache. + . + As an exception, packages are permitted to create the <code>/var/www</code> + directory due to its past history as the default document root, but + should at most copy over a default file in postinst for a new install. + In this case, please add a Lintian override. diff --git a/tags/d/direct-changes-in-diff-but-no-patch-system.tag b/tags/d/direct-changes-in-diff-but-no-patch-system.tag new file mode 100644 index 0000000..91ca08d --- /dev/null +++ b/tags/d/direct-changes-in-diff-but-no-patch-system.tag @@ -0,0 +1,13 @@ +Tag: direct-changes-in-diff-but-no-patch-system +Severity: pedantic +Check: debian/patches +Explanation: The Debian diff.gz contains changes to files or creation of additional + files outside the <code>debian</code> directory. Keeping the changes as separate + patches under the control of a patch system allows for more fine grained + control over them. The package will also more easily support possible + future source package formats if all changes outside the <code>debian</code> + directory are stored as patches. + . + If the diff only creates new files that can be copied into place by the + package build rules, consider putting them in the <code>debian</code> + directory rather than using a patch system. diff --git a/tags/d/directory-in-etc-sv-directory-without-executable-run-script.tag b/tags/d/directory-in-etc-sv-directory-without-executable-run-script.tag new file mode 100644 index 0000000..dfbbb5e --- /dev/null +++ b/tags/d/directory-in-etc-sv-directory-without-executable-run-script.tag @@ -0,0 +1,10 @@ +Tag: directory-in-etc-sv-directory-without-executable-run-script +Severity: error +Check: init-d +Explanation: This package provides the specified directory under + <code>/etc/sv</code> but it does not ship a <code>run</code> script under this + directory. + . + Please check that you are installing your <code>run</code> script to the + right location and that has the correct executable permissions. +See-Also: dh_runit(1) diff --git a/tags/d/distant-prerequisite-in-shlibs.tag b/tags/d/distant-prerequisite-in-shlibs.tag new file mode 100644 index 0000000..e6d908b --- /dev/null +++ b/tags/d/distant-prerequisite-in-shlibs.tag @@ -0,0 +1,18 @@ +Tag: distant-prerequisite-in-shlibs +Severity: warning +Check: debian/shlibs +Renamed-From: + shlibs-declares-dependency-on-other-package +Explanation: This package declares in its shlibs control file either a dependency + on some other package not listed in the Provides of this package or on a + version of this package that the package version doesn't satisfy. + . + Packages should normally only list in their shlibs control file the + shared libraries included in that package, and therefore the dependencies + listed there should normally be satisfied by either the package itself or + one of its Provides. + . + In unusual circumstances where it's necessary to declare more complex + dependencies in the shlibs control file, please add a Lintian override + for this warning. +See-Also: debian-policy 8.6 diff --git a/tags/d/distribution-and-changes-mismatch.tag b/tags/d/distribution-and-changes-mismatch.tag new file mode 100644 index 0000000..47ab397 --- /dev/null +++ b/tags/d/distribution-and-changes-mismatch.tag @@ -0,0 +1,12 @@ +Tag: distribution-and-changes-mismatch +Severity: warning +Check: fields/distribution +Explanation: The <code>Distribution</code> in the <code>.changes</code> file indicates + that packages should be installed into one distribution (suite), but the + distribution in the <code>Changes</code> field copied from + <code>debian/changelog</code> indicates that a different distribution + was intended. + . + This is an easy mistake to make when invoking "sbuild ... foo.dsc". + Double-check the <code>-d</code> option if using sbuild in this way. +See-Also: Bug#542747, Bug#529281 diff --git a/tags/d/distribution-and-experimental-mismatch.tag b/tags/d/distribution-and-experimental-mismatch.tag new file mode 100644 index 0000000..6e84f18 --- /dev/null +++ b/tags/d/distribution-and-experimental-mismatch.tag @@ -0,0 +1,11 @@ +Tag: distribution-and-experimental-mismatch +Severity: error +Check: fields/distribution +Explanation: The <code>Distribution</code> in the <code>.changes</code> file indicates + that packages should be installed into a non-experimental distribution + (suite), but the distribution in the <code>Changes</code> field copied from + <code>debian/changelog</code> indicates that experimental was intended. + . + This is an easy mistake to make when invoking "sbuild ... foo.dsc". + Double-check the <code>-d</code> option if using sbuild in this way. +See-Also: Bug#542747, Bug#529281 diff --git a/tags/d/diversion-for-unknown-file.tag b/tags/d/diversion-for-unknown-file.tag new file mode 100644 index 0000000..edd4e36 --- /dev/null +++ b/tags/d/diversion-for-unknown-file.tag @@ -0,0 +1,5 @@ +Tag: diversion-for-unknown-file +Severity: error +Check: maintainer-scripts/diversion +Explanation: The named maintainer script adds a diversion for a file that + is not being provided by this package. diff --git a/tags/d/django-package-does-not-depend-on-django.tag b/tags/d/django-package-does-not-depend-on-django.tag new file mode 100644 index 0000000..0f782c4 --- /dev/null +++ b/tags/d/django-package-does-not-depend-on-django.tag @@ -0,0 +1,8 @@ +Tag: django-package-does-not-depend-on-django +Severity: warning +Check: languages/python +Explanation: This package appears to be library module for the Django web development + framework but it does not specify a binary dependency on the Django package + itself. + . + Please add a Depends on <code>python-django</code> or <code>python3-django</code>. diff --git a/tags/d/dm-upload-allowed-is-obsolete.tag b/tags/d/dm-upload-allowed-is-obsolete.tag new file mode 100644 index 0000000..398afeb --- /dev/null +++ b/tags/d/dm-upload-allowed-is-obsolete.tag @@ -0,0 +1,8 @@ +Tag: dm-upload-allowed-is-obsolete +Severity: warning +Check: fields/dm-upload-allowed +Explanation: The implementation of the "Debian Maintainers" GR has changed + and the "DM-Upload-Allowed" field is now obsolete. + . + Instead these permissions are granted via "dak-commands" files. +See-Also: https://lists.debian.org/debian-devel-announce/2012/09/msg00008.html diff --git a/tags/d/doc-base-abstract-field-is-template.tag b/tags/d/doc-base-abstract-field-is-template.tag new file mode 100644 index 0000000..f544f3a --- /dev/null +++ b/tags/d/doc-base-abstract-field-is-template.tag @@ -0,0 +1,8 @@ +Tag: doc-base-abstract-field-is-template +Severity: warning +Check: menus +Explanation: The <code>Abstract</code> field of the <code>doc-base</code> + control file contains the phrase "manage online manuals" that likely + originated from an sample control file in the <code>doc-base</code> manual. +See-also: + doc-base-manual 2.3.1 diff --git a/tags/d/doc-base-abstract-field-separator-extra-whitespace.tag b/tags/d/doc-base-abstract-field-separator-extra-whitespace.tag new file mode 100644 index 0000000..57c5a27 --- /dev/null +++ b/tags/d/doc-base-abstract-field-separator-extra-whitespace.tag @@ -0,0 +1,10 @@ +Tag: doc-base-abstract-field-separator-extra-whitespace +Severity: warning +Check: menus +Explanation: The line separating two paragraphs in an <code>Abstract</code> + field in the given <code>doc-base</code> contains additional whitespace. + . + The separator line should consist of a single space followed by a single dot, + and nothing else. +See-Also: + doc-base-manual 2.3.2 diff --git a/tags/d/doc-base-abstract-might-contain-extra-leading-whitespace.tag b/tags/d/doc-base-abstract-might-contain-extra-leading-whitespace.tag new file mode 100644 index 0000000..f62ce21 --- /dev/null +++ b/tags/d/doc-base-abstract-might-contain-extra-leading-whitespace.tag @@ -0,0 +1,8 @@ +Tag: doc-base-abstract-might-contain-extra-leading-whitespace +Severity: warning +Check: menus +Explanation: Continuation lines in the <code>Abstract</code> field of + a <code>doc-base</code> control file should start with a single space, + except when the spaces are meant to be shown by frontends. +See-Also: + doc-base-manual 2.3.2 diff --git a/tags/d/doc-base-document-field-ends-in-whitespace.tag b/tags/d/doc-base-document-field-ends-in-whitespace.tag new file mode 100644 index 0000000..5526004 --- /dev/null +++ b/tags/d/doc-base-document-field-ends-in-whitespace.tag @@ -0,0 +1,9 @@ +Tag: doc-base-document-field-ends-in-whitespace +Severity: error +Check: menus +Explanation: The <code>Document</code> field in a <code>doc-base</code> + file should not end in whitespace. Versions of <code>doc-base</code> as + recent as 0.8.5 cannot deal gracefully with such fields. + . + Also, Ddebhelper versions 5.0.57 or earlier may create files that end in + whitespace when such files are installed. diff --git a/tags/d/doc-base-document-field-not-in-first-line.tag b/tags/d/doc-base-document-field-not-in-first-line.tag new file mode 100644 index 0000000..66f896a --- /dev/null +++ b/tags/d/doc-base-document-field-not-in-first-line.tag @@ -0,0 +1,10 @@ +Tag: doc-base-document-field-not-in-first-line +Severity: error +Check: menus +Explanation: The <code>Document</code> field must be located in the first line + of the given <code>doc-base</code> control file. + . + For performance reasons, versions 0.8 and later of <code>doc-base</code> + parse only the first line of the file when unregistering documents. +See-Also: + doc-base-manual 2.3.2.1 diff --git a/tags/d/doc-base-file-lacks-required-field.tag b/tags/d/doc-base-file-lacks-required-field.tag new file mode 100644 index 0000000..4e23a99 --- /dev/null +++ b/tags/d/doc-base-file-lacks-required-field.tag @@ -0,0 +1,8 @@ +Tag: doc-base-file-lacks-required-field +Severity: error +Check: menus +Explanation: The named field is required in that particular section but + missing from the given <code>doc-base</code> control file. +See-Also: + doc-base-manual 2.3.2.1, + doc-base-manual 2.3.2.2 diff --git a/tags/d/doc-base-file-no-format-section.tag b/tags/d/doc-base-file-no-format-section.tag new file mode 100644 index 0000000..9a0ea12 --- /dev/null +++ b/tags/d/doc-base-file-no-format-section.tag @@ -0,0 +1,7 @@ +Tag: doc-base-file-no-format-section +Severity: error +Check: menus +Explanation: The given <code>doc-base</code> control file does specify + a <code>Format</code> section. +See-Also: + doc-base-manual 2.3.2.2 diff --git a/tags/d/doc-base-file-no-format.tag b/tags/d/doc-base-file-no-format.tag new file mode 100644 index 0000000..db0066c --- /dev/null +++ b/tags/d/doc-base-file-no-format.tag @@ -0,0 +1,9 @@ +Tag: doc-base-file-no-format +Severity: error +Check: menus +Explanation: A <code>Format</code> sections in the given <code>doc-base</code> + control file does not actually specify a format. + . + Each section, except the first, must specify a format. +See-Also: + doc-base-manual 2.3.2.2 diff --git a/tags/d/doc-base-file-no-index.tag b/tags/d/doc-base-file-no-index.tag new file mode 100644 index 0000000..3852ab6 --- /dev/null +++ b/tags/d/doc-base-file-no-index.tag @@ -0,0 +1,11 @@ +Tag: doc-base-file-no-index +Severity: error +Check: menus +Explanation: The <code>Format</code> sections in the given <code>doc-base</code> + control files for <code>HTML</code> or <code>Info</code> documents must also + contain an <code>Index</code> field that shows an appropriate starting point + for the document series. + . + The field must be present even if the documentation is a single file. +See-Also: + doc-base-manual 2.3.2.2 diff --git a/tags/d/doc-base-file-references-missing-file.tag b/tags/d/doc-base-file-references-missing-file.tag new file mode 100644 index 0000000..52b8924 --- /dev/null +++ b/tags/d/doc-base-file-references-missing-file.tag @@ -0,0 +1,9 @@ +Tag: doc-base-file-references-missing-file +Severity: error +Check: menus +Explanation: One of the files mentioned in an <code>Index</code> or + <code>Files</code> field in this <code>doc-base</code> control file + does not exist in the package. + . + This issue can occur when installable packages attempt to register + documentation that is actually shipped in a related package. diff --git a/tags/d/doc-base-file-references-wrong-path.tag b/tags/d/doc-base-file-references-wrong-path.tag new file mode 100644 index 0000000..8c1002c --- /dev/null +++ b/tags/d/doc-base-file-references-wrong-path.tag @@ -0,0 +1,8 @@ +Tag: doc-base-file-references-wrong-path +Severity: error +Check: menus +Explanation: The given <code>doc-base</code> control file references a + file in an <code>Index</code> or <code>Files</code> field that does not + start with <code>/usr/share/doc</code> or <code>/usr/share/info</code>. +See-Also: + doc-base-manual 2.3.2.2 diff --git a/tags/d/doc-base-file-separator-extra-whitespace.tag b/tags/d/doc-base-file-separator-extra-whitespace.tag new file mode 100644 index 0000000..35a7e7e --- /dev/null +++ b/tags/d/doc-base-file-separator-extra-whitespace.tag @@ -0,0 +1,11 @@ +Tag: doc-base-file-separator-extra-whitespace +Severity: warning +Check: menus +Explanation: The separating line between two <code>File</code> sections + in the given <code>doc-base</code> control file contains additional + whitespace. + . + The section separator should be just an empty line without any other + whitespace. +See-Also: + doc-base-manual 2.3.2 diff --git a/tags/d/doc-base-file-syntax-error.tag b/tags/d/doc-base-file-syntax-error.tag new file mode 100644 index 0000000..783a44c --- /dev/null +++ b/tags/d/doc-base-file-syntax-error.tag @@ -0,0 +1,7 @@ +Tag: doc-base-file-syntax-error +Severity: error +Check: menus +Explanation: Lintian found a syntax error in the give <code>doc-base</code> + control file. +See-Also: + doc-base-manual 2.3.2.2 diff --git a/tags/d/doc-base-file-unknown-field.tag b/tags/d/doc-base-file-unknown-field.tag new file mode 100644 index 0000000..78e19ef --- /dev/null +++ b/tags/d/doc-base-file-unknown-field.tag @@ -0,0 +1,12 @@ +Tag: doc-base-file-unknown-field +Severity: error +Check: menus +Explanation: The <code>doc-base</code> control file contains a field that + is either unknown or invalid in the section in which it appears. + . + Possible reasons are a typo in field name, a missing empty line between + sections in the <doc-base> control file, or an extra empty line between + sections. +See-Also: + doc-base-manual 2.3.2.1, + doc-base-manual 2.3.2.2 diff --git a/tags/d/doc-base-file-unknown-format.tag b/tags/d/doc-base-file-unknown-format.tag new file mode 100644 index 0000000..c2d5da9 --- /dev/null +++ b/tags/d/doc-base-file-unknown-format.tag @@ -0,0 +1,13 @@ +Tag: doc-base-file-unknown-format +Severity: warning +Check: menus +Explanation: The <code>Format</code> field in this <code>doc-base</code> + control file declares an unsupported format. + . + Recognized formats are <code>HTML</code>, <code>Text</code>, <code>PDF</code>, + <code>PostScript</code>, <code>Info</code>, <code>DVI</code>, + and <code>DebianDoc-SGML</code>. + . + All of those are case-insensitive. +See-Also: + doc-base-manual 2.3.2.2 diff --git a/tags/d/doc-base-index-references-multiple-files.tag b/tags/d/doc-base-index-references-multiple-files.tag new file mode 100644 index 0000000..d202966 --- /dev/null +++ b/tags/d/doc-base-index-references-multiple-files.tag @@ -0,0 +1,10 @@ +Tag: doc-base-index-references-multiple-files +Severity: error +Check: menus +Explanation: The <code>Index</code> field in a <code>doc-base</code> file + should reference the single index file for that document. + . + Any other files belonging to the same document should be listed in the + <code>Files</code> field. +See-Also: + doc-base-manual 2.3.2.2 diff --git a/tags/d/doc-base-invalid-document-field.tag b/tags/d/doc-base-invalid-document-field.tag new file mode 100644 index 0000000..d6c0cb1 --- /dev/null +++ b/tags/d/doc-base-invalid-document-field.tag @@ -0,0 +1,10 @@ +Tag: doc-base-invalid-document-field +Severity: error +Check: menus +Explanation: The <code>Document</code> field should consist only of lowercase letters + (<code>a-z</code>), digits (<code>0-9</code>), the plus sign (<code>+</code>), + the minus sign (<code>-</code>) sign, or dots (<code>.</code>). + . + Uppercase letters are not allowed. +See-Also: + doc-base-manual 2.2 diff --git a/tags/d/doc-base-unknown-section.tag b/tags/d/doc-base-unknown-section.tag new file mode 100644 index 0000000..a08800b --- /dev/null +++ b/tags/d/doc-base-unknown-section.tag @@ -0,0 +1,11 @@ +Tag: doc-base-unknown-section +Severity: warning +Check: menus +Explanation: The section name indicated in the given <code>doc-base</code> + control file is outside the <code>doc-base</code> standard. + . + The <code>doc-base</code> section names are loosely based on <code>menu</code> + sections, but are not the same. +See-Also: + doc-base-manual 2.3.3, + file:///usr/share/doc/doc-base/doc-base.html/index.html diff --git a/tags/d/doc-base-uses-applications-section.tag b/tags/d/doc-base-uses-applications-section.tag new file mode 100644 index 0000000..a0f9f47 --- /dev/null +++ b/tags/d/doc-base-uses-applications-section.tag @@ -0,0 +1,12 @@ +Tag: doc-base-uses-applications-section +Severity: warning +Check: menus +Explanation: The section indicated in the given <code>doc-base</code> + control file uses a top-level section named <code>Apps</code> or + <code>Applications</code>. Those names are only used in <code>menu</code>, + but not in <code>doc-base</code>. + . + You may just be able to drop the <code>Applications/</code> part in the + section. +See-Also: + doc-base-manual 2.3.3 diff --git a/tags/d/doc-package-depends-on-main-package.tag b/tags/d/doc-package-depends-on-main-package.tag new file mode 100644 index 0000000..4f63af0 --- /dev/null +++ b/tags/d/doc-package-depends-on-main-package.tag @@ -0,0 +1,9 @@ +Tag: doc-package-depends-on-main-package +Severity: warning +Check: fields/package-relations +Explanation: The name of this package suggests that it is a documentation package. + It is usually not desirable for documentation packages to depend on the + packages they document, because users may want to install the docs before + they decide whether they want to install the package. Also, documentation + packages are often architecture-independent, so on other architectures + the package on which it depends may not even exist. diff --git a/tags/d/documentation-package-not-architecture-independent.tag b/tags/d/documentation-package-not-architecture-independent.tag new file mode 100644 index 0000000..2dd7c63 --- /dev/null +++ b/tags/d/documentation-package-not-architecture-independent.tag @@ -0,0 +1,5 @@ +Tag: documentation-package-not-architecture-independent +Severity: warning +Check: fields/architecture +Explanation: Documentation packages usually shouldn't carry anything that requires + recompiling on various architectures, in order to save space on mirrors. diff --git a/tags/d/dot-before-repack-count.tag b/tags/d/dot-before-repack-count.tag new file mode 100644 index 0000000..db39328 --- /dev/null +++ b/tags/d/dot-before-repack-count.tag @@ -0,0 +1,15 @@ +Tag: dot-before-repack-count +Severity: info +Check: fields/version/repack/count +Explanation: The source version contains a repack count that is prefaced by a dot, + like <code>+dfsg.N</code>. + . + For proper version sorting, please use <code>+dfsgN</code> instead. + . + Please note, however, that a version containing the dot <code>+dfsg.N-1</code> (here + with a Debian revision) should not change to <code>+dfsgN-1</code> (without the dot) + for the same upstream release. That is because <code>1.0+dfsgN-1</code> always appears + less recent than the original <code>1.0+dfsg.1-1</code>. Please consider the new + format when upstream cuts the next release. +See-Also: + https://lists.debian.org/debian-devel/2021/10/msg00026.html diff --git a/tags/d/doubly-armored-upstream-signature.tag b/tags/d/doubly-armored-upstream-signature.tag new file mode 100644 index 0000000..14705f3 --- /dev/null +++ b/tags/d/doubly-armored-upstream-signature.tag @@ -0,0 +1,8 @@ +Tag: doubly-armored-upstream-signature +Severity: error +Check: upstream-signature +Explanation: The packaging includes a detached upstream signature file that was armored + twice (or more) using <code>gpg --enarmor</code>. That is an error. + . + Please armor the signature just once. You can also use standard tools such as + <code>gpg --armor --detach-sig</code>. diff --git a/tags/d/dpatch-build-dep-but-no-patch-list.tag b/tags/d/dpatch-build-dep-but-no-patch-list.tag new file mode 100644 index 0000000..d2159c8 --- /dev/null +++ b/tags/d/dpatch-build-dep-but-no-patch-list.tag @@ -0,0 +1,11 @@ +Tag: dpatch-build-dep-but-no-patch-list +Severity: warning +Check: debian/patches/dpatch +Explanation: Using dpatch requires you to explicitly list all patches you want + to apply in debian/patches/00list. This package build-depends on dpatch, + but does not provide a patch list. You should either remove the dpatch + build dependency or add a patch list. + . + Note that an empty file cannot be represented in the Debian diff, so an + empty patch list will disappear in the source package. If you intended + for the series file to be empty, add a comment line. diff --git a/tags/d/dpatch-index-references-non-existent-patch.tag b/tags/d/dpatch-index-references-non-existent-patch.tag new file mode 100644 index 0000000..685c0e3 --- /dev/null +++ b/tags/d/dpatch-index-references-non-existent-patch.tag @@ -0,0 +1,5 @@ +Tag: dpatch-index-references-non-existent-patch +Severity: error +Check: debian/patches/dpatch +Explanation: In the 00list file listing all your dpatches, you referenced a file + that does not exist. This will lead to a fatal error when calling dpatch. diff --git a/tags/d/dpatch-missing-description.tag b/tags/d/dpatch-missing-description.tag new file mode 100644 index 0000000..2930c74 --- /dev/null +++ b/tags/d/dpatch-missing-description.tag @@ -0,0 +1,14 @@ +Tag: dpatch-missing-description +Severity: info +Check: debian/patches/dpatch +Explanation: dpatch files should carry a description of the included patch. + Description lines start with "## DP:". + . + As well as a description of the purpose and function of the patch, the + description should ideally contain author information, a URL for the bug + report (if any), Debian or upstream bugs fixed by it, upstream status, + the Debian version and date the patch was first included, and any other + information that would be useful if someone were investigating the + patch and underlying problem. Please consider using the DEP 3 format for + this information. +See-Also: https://dep-team.pages.debian.net/deps/dep3/ diff --git a/tags/d/drop-python-version-declaration.tag b/tags/d/drop-python-version-declaration.tag new file mode 100644 index 0000000..67c0317 --- /dev/null +++ b/tags/d/drop-python-version-declaration.tag @@ -0,0 +1,16 @@ +Tag: drop-python-version-declaration +Severity: warning +Check: testsuite +Renamed-From: + query-requested-python-versions-in-test + query-declared-python-versions-in-test +Explanation: + Your sources request a specific set of Python versions via the control field + <code>X-Python3-Version</code> but all declared autopkgtests exercise all supported + Python versions by using the command <code>py3versions --supported</code>. + . + The <code>X-Python3-Version</code> control field is not needed when sources work + with all Python versions currently supported. +See-Also: + py3versions(1), + Bug#1001677 diff --git a/tags/d/duplicate-changelog-files.tag b/tags/d/duplicate-changelog-files.tag new file mode 100644 index 0000000..13f675c --- /dev/null +++ b/tags/d/duplicate-changelog-files.tag @@ -0,0 +1,9 @@ +Tag: duplicate-changelog-files +Severity: warning +Check: files/duplicates +Explanation: The package appears to be shipping two copies of the changelog. + . + If the second copy is really needed, consider making it a symlink to + the canonical place for the relevant changelog. + . + Both upstream and Debian changelogs are checked with this tag. diff --git a/tags/d/duplicate-conffile.tag b/tags/d/duplicate-conffile.tag new file mode 100644 index 0000000..79baba9 --- /dev/null +++ b/tags/d/duplicate-conffile.tag @@ -0,0 +1,7 @@ +Tag: duplicate-conffile +Severity: error +Check: conffiles +Explanation: The file is listed more than once in your <code>debian/conffiles</code> file. + Usually, this is because debhelper (dh_installdeb, compat level 3 or higher) + will add any files in your package located in /etc automatically to the list + of conffiles, so if you do that manually too, you'll get duplicates. diff --git a/tags/d/duplicate-contact.tag b/tags/d/duplicate-contact.tag new file mode 100644 index 0000000..8e0cfb2 --- /dev/null +++ b/tags/d/duplicate-contact.tag @@ -0,0 +1,5 @@ +Tag: duplicate-contact +Severity: warning +Check: fields/mail-address +Explanation: The contact appears more than once in the named field. + The duplicate information should be removed. diff --git a/tags/d/duplicate-entry-in-symbols-control-file.tag b/tags/d/duplicate-entry-in-symbols-control-file.tag new file mode 100644 index 0000000..f00b056 --- /dev/null +++ b/tags/d/duplicate-entry-in-symbols-control-file.tag @@ -0,0 +1,4 @@ +Tag: duplicate-entry-in-symbols-control-file +Severity: error +Check: debian/shlibs +Explanation: The symbols control file contains a duplicate entry. diff --git a/tags/d/duplicate-field-in-doc-base.tag b/tags/d/duplicate-field-in-doc-base.tag new file mode 100644 index 0000000..e9b9ba0 --- /dev/null +++ b/tags/d/duplicate-field-in-doc-base.tag @@ -0,0 +1,5 @@ +Tag: duplicate-field-in-doc-base +Severity: error +Check: menus +Renamed-From: doc-base-file-duplicated-field +Explanation: The <code>doc-base</code> control file contains the given field twice. diff --git a/tags/d/duplicate-files.tag b/tags/d/duplicate-files.tag new file mode 100644 index 0000000..a39eeea --- /dev/null +++ b/tags/d/duplicate-files.tag @@ -0,0 +1,16 @@ +Tag: duplicate-files +Severity: pedantic +Check: files/duplicates +Experimental: yes +See-Also: jdupes(1) +Explanation: The package ships the two (or more) files with the exact same + contents. + . + Duplicates can often be replaced with symlinks by running: + . + jdupes -rl debian/${binary}/usr + . + ... after they are installed, eg. in <code>override_dh_link</code>. In + addition, please consider reporting this upstream. + . + Note: empty files are exempt from this check. diff --git a/tags/d/duplicate-font-file.tag b/tags/d/duplicate-font-file.tag new file mode 100644 index 0000000..641acd7 --- /dev/null +++ b/tags/d/duplicate-font-file.tag @@ -0,0 +1,16 @@ +Tag: duplicate-font-file +Severity: warning +Check: fonts +Explanation: This package appears to include a font file that is already provided + by another package in Debian. Ideally it should instead depend on the + relevant font package. If the application in this package loads the font + file by name, you may need to include a symlink pointing to the file name + of the font in its Debian package. + . + Sometimes the font package containing the font is huge and you only need + one font. In that case, you have a few options: modify the package (in + conjunction with upstream) to use libfontconfig to find the font that you + prefer but fall back on whatever installed font is available, ask that + the font package be split apart into packages of a more reasonable size, + or add an override and be aware of the duplication when new versions of + the font are released. diff --git a/tags/d/duplicate-format-in-doc-base.tag b/tags/d/duplicate-format-in-doc-base.tag new file mode 100644 index 0000000..d57df93 --- /dev/null +++ b/tags/d/duplicate-format-in-doc-base.tag @@ -0,0 +1,11 @@ +Tag: duplicate-format-in-doc-base +Severity: error +Check: menus +Renamed-From: + doc-base-file-duplicated-format +Explanation: The <code>doc-base</code> control file contains the same file in + two different formats. + . + The files listed in <code>doc-base</code> must have distinct contents. +See-Also: + doc-base-manual 2.3.2.2 diff --git a/tags/d/duplicate-globbing-patterns.tag b/tags/d/duplicate-globbing-patterns.tag new file mode 100644 index 0000000..96976d5 --- /dev/null +++ b/tags/d/duplicate-globbing-patterns.tag @@ -0,0 +1,10 @@ +Tag: duplicate-globbing-patterns +Severity: error +Check: debian/copyright/dep5 +Explanation: A globbing pattern was used again in <code>debian/copyright</code>. + It always an error and may indicate confusion about the applicable + license for the author or any reader of the file. + . + Please remove all but one of the identical globbing patterns. +See-Also: Bug#90574, + https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ diff --git a/tags/d/duplicate-in-shlibs.tag b/tags/d/duplicate-in-shlibs.tag new file mode 100644 index 0000000..6e1ae9e --- /dev/null +++ b/tags/d/duplicate-in-shlibs.tag @@ -0,0 +1,6 @@ +Tag: duplicate-in-shlibs +Severity: error +Check: debian/shlibs +Renamed-From: + duplicate-entry-in-shlibs-control-file +Explanation: The shlibs control file contains a duplicate entry. diff --git a/tags/d/duplicate-key-in-desktop.tag b/tags/d/duplicate-key-in-desktop.tag new file mode 100644 index 0000000..164ed2c --- /dev/null +++ b/tags/d/duplicate-key-in-desktop.tag @@ -0,0 +1,9 @@ +Tag: duplicate-key-in-desktop +Severity: warning +Check: menu-format +Renamed-From: duplicated-key-in-desktop-entry +Explanation: The <code>desktop</code> entry contains the same key twice. The + standard does not define the behavior of such entries. + . + The <code>desktop-file-validate</code> tool in the <code>desktop-file-utils</code> + package may be useful when checking the syntax of <code>desktop</code> entries. diff --git a/tags/d/duplicate-long-description-in-template.tag b/tags/d/duplicate-long-description-in-template.tag new file mode 100644 index 0000000..066d9c6 --- /dev/null +++ b/tags/d/duplicate-long-description-in-template.tag @@ -0,0 +1,6 @@ +Tag: duplicate-long-description-in-template +Severity: warning +Check: debian/debconf +Explanation: The long description of one of the templates provided by this package + is a duplicate of the short description. If you cannot provide a good + extended description, it is better to leave it blank. diff --git a/tags/d/duplicate-long-description.tag b/tags/d/duplicate-long-description.tag new file mode 100644 index 0000000..dea1baf --- /dev/null +++ b/tags/d/duplicate-long-description.tag @@ -0,0 +1,10 @@ +Tag: duplicate-long-description +Severity: info +Check: debian/control/field/description/duplicate +Explanation: The listed binary packages all share the same extended description. + . + Please add some additional, useful information to the extended descriptions + that explain what is in each package and how it differs from the next. + . + It is not okay to rely only on package naming conventions to indicate what + is inside. diff --git a/tags/d/duplicate-override-context.tag b/tags/d/duplicate-override-context.tag new file mode 100644 index 0000000..77074c1 --- /dev/null +++ b/tags/d/duplicate-override-context.tag @@ -0,0 +1,12 @@ +Tag: duplicate-override-context +Severity: warning +Show-Always: yes +Check: debian/lintian-overrides/duplicate +Explanation: The named lines in the given <code>override</code> file + refer to the same tag with the same context. It is redundant, and + may indicate outdated overrides. + . + This condition is also flagged for renamed tags, for which it occurs + perhaps more often when the overrides are adjusted for new tag names. + . + Please remove one of the overrides or adjust in some way. diff --git a/tags/d/duplicate-p3dist-override.tag b/tags/d/duplicate-p3dist-override.tag new file mode 100644 index 0000000..a97f3d6 --- /dev/null +++ b/tags/d/duplicate-p3dist-override.tag @@ -0,0 +1,28 @@ +Tag: duplicate-p3dist-override +Severity: error +Check: languages/python/dist-overrides +Explanation: + <code>dh_python3</code> has an override mechanism + (<code>debian/py3dist-overrides</code>) that lets you specify different + prerequisites for particular Python + imports. + . + <code>debian/py3dist-overrides</code> is mainly used for Python programs + that use GObject introspection, since <code>dh_python3</code> cannot yet + detect that the packages <code>gir1.2-*-*</code> map to Python imports, + so overrides are needed. + . + When the same import appears twice in the file, the information from the + first one is used but all the others are discarded. That can lead to + missing prerequisites. + . + An example of a second line that gets ignored: + . + gi.repository.Gst gir1.2-gst-plugins-base-1.0 + gi.repository.Gst gir1.2-gstreamer-1.0 + . + An example of a double dependency that gets kept: + . + gi.repository.Gst gir1.2-gst-plugins-base-1.0, gir1.2-gstreamer-1.0 +See-Also: + Bug#980987 diff --git a/tags/d/duplicate-packaging-file.tag b/tags/d/duplicate-packaging-file.tag new file mode 100644 index 0000000..dab412c --- /dev/null +++ b/tags/d/duplicate-packaging-file.tag @@ -0,0 +1,14 @@ +Tag: duplicate-packaging-file +Severity: warning +Check: debian/filenames +Explanation: Some packaging files obtain different names when they are copied + from source to installation packages. Debhelper sometimes adds *.Debian + extensions to NEWS, README and TODO files. That can be confusing. + . + Debhelper's behavior also depends on the filename. + . + This source package contains both a file with the proper name and also + a file with incorrect name. Please remove the file as indicated. + . + Please merge all relevant information into the surviving file. +See-Also: Bug#429510, Bug#946126 diff --git a/tags/d/duplicate-short-description.tag b/tags/d/duplicate-short-description.tag new file mode 100644 index 0000000..9694230 --- /dev/null +++ b/tags/d/duplicate-short-description.tag @@ -0,0 +1,11 @@ +Tag: duplicate-short-description +Severity: info +Check: debian/control/field/description/duplicate +Explanation: The listed binary packages all share the same short description, + i.e. the first line of the Description field in <code>debian/control</code>. + . + Please add a word or two, in parentheses if needed, to describe to users what + they are installing. + . + It is not okay to rely solely on package naming conventions to indicate what + is inside. diff --git a/tags/d/duplicate-tag-in-menu.tag b/tags/d/duplicate-tag-in-menu.tag new file mode 100644 index 0000000..3dc8462 --- /dev/null +++ b/tags/d/duplicate-tag-in-menu.tag @@ -0,0 +1,9 @@ +Tag: duplicate-tag-in-menu +Severity: warning +Check: menu-format +Renamed-From: + duplicated-tag-in-menu-item +Explanation: The <code>menu</code> item contains the same tag twice. At best, it is + a waste of space. The <code>menu</code> system will only use one of them. +See-Also: + menu-manual 3.2 diff --git a/tags/d/duplicate-updaterc.d-calls-in-postinst.tag b/tags/d/duplicate-updaterc.d-calls-in-postinst.tag new file mode 100644 index 0000000..ab763b7 --- /dev/null +++ b/tags/d/duplicate-updaterc.d-calls-in-postinst.tag @@ -0,0 +1,5 @@ +Tag: duplicate-updaterc.d-calls-in-postinst +Severity: error +Check: init-d +Explanation: The <code>postinst</code> script calls <code>update-rc.d</code> several + times for the same <code>/etc/init.d</code> script. diff --git a/tags/d/duplicate-updaterc.d-calls-in-postrm.tag b/tags/d/duplicate-updaterc.d-calls-in-postrm.tag new file mode 100644 index 0000000..88910a4 --- /dev/null +++ b/tags/d/duplicate-updaterc.d-calls-in-postrm.tag @@ -0,0 +1,5 @@ +Tag: duplicate-updaterc.d-calls-in-postrm +Severity: error +Check: init-d +Explanation: The <code>postrm</code> script calls <code>update-rc.d</code> several + times for the same <code>/etc/init.d</code> script. diff --git a/tags/e/elevated-privileges.tag b/tags/e/elevated-privileges.tag new file mode 100644 index 0000000..f38357e --- /dev/null +++ b/tags/e/elevated-privileges.tag @@ -0,0 +1,16 @@ +Tag: elevated-privileges +Severity: warning +Check: files/permissions +Renamed-From: + setuid-binary + setgid-binary + setuid-gid-binary +Explanation: This executable does not run with the identity of the user + who executes it. It runs instead with its owner ID in the file system + or with its group ID, or both. + . + This security-relevant setting is intentional for programs that + regularly acquire elevated privileges, such as <code>/bin/su</code>, + but can be a significant risk when it the setting is not intended. + . + Please override if needed. diff --git a/tags/e/elf-error.tag b/tags/e/elf-error.tag new file mode 100644 index 0000000..040aaeb --- /dev/null +++ b/tags/e/elf-error.tag @@ -0,0 +1,14 @@ +Tag: elf-error +Severity: warning +Check: binaries/corrupted +Renamed-From: + apparently-corrupted-elf-binary +Explanation: The file appears to be in ELF format but readelf produced the indicated + error when parsing it. + . + In case of a false positive, you may need to install <code>binutils-multiarch</code> + so that ELF files from other architectures are handled correctly. It is also possible + that the file is not actually in ELF format but was misidentified as such. +See-Also: + https://refspecs.linuxfoundation.org/elf/elf.pdf, + readelf(1) diff --git a/tags/e/elf-maintainer-script.tag b/tags/e/elf-maintainer-script.tag new file mode 100644 index 0000000..0b78b7e --- /dev/null +++ b/tags/e/elf-maintainer-script.tag @@ -0,0 +1,4 @@ +Tag: elf-maintainer-script +Severity: classification +Check: scripts +Explanation: The maintainer script is an ELF binary. diff --git a/tags/e/elf-warning.tag b/tags/e/elf-warning.tag new file mode 100644 index 0000000..c7eb964 --- /dev/null +++ b/tags/e/elf-warning.tag @@ -0,0 +1,13 @@ +Tag: elf-warning +Severity: pedantic +Experimental: yes +Check: binaries/corrupted +Explanation: The file appears to be in ELF format but readelf produced the indicated + warning when parsing it. + . + In case of a false positive, you may need to install <code>binutils-multiarch</code> + so that ELF files from other architectures are handled correctly. It is also possible + that the file is not actually in ELF format but was misidentified as such. +See-Also: + https://refspecs.linuxfoundation.org/elf/elf.pdf, + readelf(1) diff --git a/tags/e/emacsen-common-without-dh-elpa.tag b/tags/e/emacsen-common-without-dh-elpa.tag new file mode 100644 index 0000000..ad0a598 --- /dev/null +++ b/tags/e/emacsen-common-without-dh-elpa.tag @@ -0,0 +1,15 @@ +Tag: emacsen-common-without-dh-elpa +Severity: warning +Check: emacs/elpa +Explanation: The package uses the emacsen-common infrastructure but the + package was not built with dh-elpa. Please consider transitioning + the package build to use dh-elpa, unless the package is required to + work with XEmacs. + . + dh-elpa centralises the emacsen-common maintscripts, which makes for + fewer bugs, and significantly easier cross-archive updates to emacsen + packages. + . + In addition, a package built with dh-elpa integrates with the GNU + Emacs package manager, for a better user experience. +See-Also: dh_elpa(1), dh-make-elpa(1), https://wiki.debian.org/Teams/DebianEmacsenTeam/elpa-hello diff --git a/tags/e/embedded-feedparser-library.tag b/tags/e/embedded-feedparser-library.tag new file mode 100644 index 0000000..9a15f02 --- /dev/null +++ b/tags/e/embedded-feedparser-library.tag @@ -0,0 +1,7 @@ +Tag: embedded-feedparser-library +Severity: warning +Check: languages/python/feedparser +Explanation: This package contains an embedded copy of Mark Pilgrim's Universal + Feed Parser. Please depend on the "python-feedparser" package and use + the normal Python import mechanism to load it. +See-Also: debian-policy 4.13 diff --git a/tags/e/embedded-javascript-library.tag b/tags/e/embedded-javascript-library.tag new file mode 100644 index 0000000..4601c8a --- /dev/null +++ b/tags/e/embedded-javascript-library.tag @@ -0,0 +1,8 @@ +Tag: embedded-javascript-library +Severity: warning +Check: languages/javascript/embedded +Explanation: This package contains an embedded copy of JavaScript libraries + that are now available in their own packages (for example, JQuery, + Prototype, Mochikit or "Cropper"). Please depend on the appropriate + package and symlink the library into the appropriate location. +See-Also: debian-policy 4.13 diff --git a/tags/e/embedded-library.tag b/tags/e/embedded-library.tag new file mode 100644 index 0000000..378ad8d --- /dev/null +++ b/tags/e/embedded-library.tag @@ -0,0 +1,12 @@ +Tag: embedded-library +Severity: error +Check: libraries/embedded +Explanation: The given ELF object appears to have been statically linked to + a library. Doing this is strongly discouraged due to the extra work + needed by the security team to fix all the extra embedded copies or + trigger the package rebuilds, as appropriate. + . + If the package uses a modified version of the given library it is highly + recommended to coordinate with the library's maintainer to include the + changes on the system version of the library. +See-Also: debian-policy 4.13 diff --git a/tags/e/embedded-pear-module.tag b/tags/e/embedded-pear-module.tag new file mode 100644 index 0000000..990a839 --- /dev/null +++ b/tags/e/embedded-pear-module.tag @@ -0,0 +1,8 @@ +Tag: embedded-pear-module +Severity: warning +Check: languages/php/pear/embedded +Experimental: yes +Explanation: This package appears to contain an embedded copy of a PEAR module. + Please depend on the respective PEAR package providing the module and + make sure the library can be found by the scripts via the include_path. +See-Also: debian-policy 4.13 diff --git a/tags/e/embedded-php-library.tag b/tags/e/embedded-php-library.tag new file mode 100644 index 0000000..d1bb917 --- /dev/null +++ b/tags/e/embedded-php-library.tag @@ -0,0 +1,7 @@ +Tag: embedded-php-library +Severity: warning +Check: languages/php/embedded +Explanation: This package appears to contain an embedded copy of a PHP library. + Please depend on the respective package providing the library and + make sure it can be found by the scripts via the include_path. +See-Also: debian-policy 4.13 diff --git a/tags/e/embedded-script-includes-copyright-statement.tag b/tags/e/embedded-script-includes-copyright-statement.tag new file mode 100644 index 0000000..fd24489 --- /dev/null +++ b/tags/e/embedded-script-includes-copyright-statement.tag @@ -0,0 +1,11 @@ +Tag: embedded-script-includes-copyright-statement +Severity: pedantic +Check: cruft +Explanation: The specified file includes an embedded script with a copyright + statement. + . + The script was likely copy-pasted and likely needs to be rebuilt from + the original source. + . + This script may be also outdated and may need to be updated from a + security point of view. diff --git a/tags/e/empty-binary-package.tag b/tags/e/empty-binary-package.tag new file mode 100644 index 0000000..c3ef358 --- /dev/null +++ b/tags/e/empty-binary-package.tag @@ -0,0 +1,17 @@ +Tag: empty-binary-package +Severity: warning +Check: files/empty-package +Explanation: This binary package appears to be empty, and its description does + not say that it's a metapackage or a transitional package. This is + often due to problems with updating debhelper *.install files during + package renames or similar problems where installation rules don't put + files in the correct place. + . + If the package is deliberately empty, please mention in the package long + description one of the phrases "metapackage", "dummy", "dependency + package", or "empty package". + . + Previously, Lintian also accepted the use of "virtual package". This + was removed to avoid overloading the term. If you have been relying on + the phrase "virtual package" to avoid this warning, please replace it + with one of the others. diff --git a/tags/e/empty-debian-tests-control.tag b/tags/e/empty-debian-tests-control.tag new file mode 100644 index 0000000..0deb12e --- /dev/null +++ b/tags/e/empty-debian-tests-control.tag @@ -0,0 +1,6 @@ +Tag: empty-debian-tests-control +Severity: error +Check: testsuite +Explanation: + The debian/tests/control is empty when any comments are removed. +See-Also: https://salsa.debian.org/ci-team/autopkgtest/tree/master/doc/README.package-tests.rst diff --git a/tags/e/empty-field.tag b/tags/e/empty-field.tag new file mode 100644 index 0000000..6c72752 --- /dev/null +++ b/tags/e/empty-field.tag @@ -0,0 +1,6 @@ +Tag: empty-field +Severity: warning +Check: fields/empty +Explanation: The named field in this package's control file is empty + or consists only of whitespace. +See-Also: debian-policy 2.4, Bug#879809 diff --git a/tags/e/empty-manual-page.tag b/tags/e/empty-manual-page.tag new file mode 100644 index 0000000..a38ef1e --- /dev/null +++ b/tags/e/empty-manual-page.tag @@ -0,0 +1,4 @@ +Tag: empty-manual-page +Severity: error +Check: documentation/manual +Explanation: The referenced manual page is empty. diff --git a/tags/e/empty-rust-library-declares-provides.tag b/tags/e/empty-rust-library-declares-provides.tag new file mode 100644 index 0000000..77ac2f6 --- /dev/null +++ b/tags/e/empty-rust-library-declares-provides.tag @@ -0,0 +1,24 @@ +Tag: empty-rust-library-declares-provides +Severity: error +Check: languages/rust +Explanation: For some time, Rust libraries used empty installation packages + with long Provides lines in their control files to deal with peculiarities + in Rust packaging. It is no longer considered acceptable because it strains + our archive infrastructure. + . + Rust packages should not be empty and merely declare a Provides control + field. Instead, please merge such packages into the main installation + package. When using <code>debcargo</code>, this can usually be achieved by + adding <code>collapse_features = true</code> to the + <code>debcargo.toml</code> file. + . + You can see some examples here: + . + - https://sources.debian.org/src/rust-dbus/0.9.0-2/debian/control/ + - https://sources.debian.org/src/rust-x11rb/0.7.0-1/debian/control/ + . + The decision to burden the Rust packaging team with that extra step was + made after weighing all possible alternatives. +See-Also: + Bug#942898, Bug#945542, + http://meetbot.debian.net/debian-rust/2020/debian-rust.2020-10-28-18.58.log.html#l-150 diff --git a/tags/e/empty-shared-library-symbols.tag b/tags/e/empty-shared-library-symbols.tag new file mode 100644 index 0000000..c93fb59 --- /dev/null +++ b/tags/e/empty-shared-library-symbols.tag @@ -0,0 +1,13 @@ +Tag: empty-shared-library-symbols +Severity: error +Check: debian/shlibs +Renamed-From: + pkg-has-symbols-control-file-but-no-shared-libs +Explanation: Although the package does not include any shared libraries, it does + have a symbols control file. If you did include a shared library, check that + the SONAME of the library is set and that it matches the contents of the + symbols file. + . + SONAMEs are set with something like <code>gcc -Wl,-soname,libfoo.so.0</code>, + where 0 is the major version of the library. If your package uses libtool, + then libtool invoked with the right options should be doing this. diff --git a/tags/e/empty-shlibs.tag b/tags/e/empty-shlibs.tag new file mode 100644 index 0000000..34390e7 --- /dev/null +++ b/tags/e/empty-shlibs.tag @@ -0,0 +1,17 @@ +Tag: empty-shlibs +Severity: error +Check: debian/shlibs +Renamed-From: + pkg-has-shlibs-control-file-but-no-actual-shared-libs +Explanation: Although the package does not include any shared libraries, it does + have a shlibs control file. If you did include a shared library, check that + the SONAME of the library is set and that it matches the contents of the + shlibs file. + . + SONAMEs are set with something like <code>gcc -Wl,-soname,libfoo.so.0</code>, + where 0 is the major version of the library. If your package uses libtool, + then libtool invoked with the right options should be doing this. + . + Note this is sometimes triggered for packages with a private shared + library due to a bug in Debhelper. +See-Also: Bug#204975, Bug#633853 diff --git a/tags/e/empty-short-license-in-dep5-copyright.tag b/tags/e/empty-short-license-in-dep5-copyright.tag new file mode 100644 index 0000000..f7646c2 --- /dev/null +++ b/tags/e/empty-short-license-in-dep5-copyright.tag @@ -0,0 +1,6 @@ +Tag: empty-short-license-in-dep5-copyright +Severity: warning +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: The short license field in the machine readable copyright file + is empty. diff --git a/tags/e/empty-translated-choices.tag b/tags/e/empty-translated-choices.tag new file mode 100644 index 0000000..ffb26e1 --- /dev/null +++ b/tags/e/empty-translated-choices.tag @@ -0,0 +1,6 @@ +Tag: empty-translated-choices +Severity: error +Check: debian/debconf +Explanation: When the translation of a Choices: field is empty, the whole question + is skipped (and nothing is selected). Please verify that the translation + you're using is valid. diff --git a/tags/e/empty-udeb-package.tag b/tags/e/empty-udeb-package.tag new file mode 100644 index 0000000..a9ee919 --- /dev/null +++ b/tags/e/empty-udeb-package.tag @@ -0,0 +1,13 @@ +Tag: empty-udeb-package +Severity: info +Check: files/empty-package +Experimental: yes +Explanation: This udeb package appears to be empty, and its description does + not say that it's a metapackage or a package. This is often due to + problems with updating debhelper *.install files during package + renames or similar problems where installation rules don't put files + in the correct place. + . + If the package is deliberately empty, you can avoid this tag by + using one of the following phrases "metapackage", "dummy", "dependency + package", or "empty package" in the long description of the udeb. diff --git a/tags/e/empty-upstream-sources.tag b/tags/e/empty-upstream-sources.tag new file mode 100644 index 0000000..86e1d36 --- /dev/null +++ b/tags/e/empty-upstream-sources.tag @@ -0,0 +1,5 @@ +Tag: empty-upstream-sources +Severity: error +Check: origtar +Explanation: The .orig.tar.gz file is empty. +See-Also: Bug#471537 diff --git a/tags/e/epoch-change-without-comment.tag b/tags/e/epoch-change-without-comment.tag new file mode 100644 index 0000000..b5ed4bb --- /dev/null +++ b/tags/e/epoch-change-without-comment.tag @@ -0,0 +1,26 @@ +Tag: epoch-change-without-comment +Severity: warning +Check: debian/changelog +Explanation: The previous version of this package had a different version epoch + (eg. 2:1.0-1) to the current version but there's no reference to this in + the changelog entry. + . + Epochs exist to cope with changes to the upstream version numbering + scheme. Whilst they are a powerful tool, increasing or adding an epoch + has many downsides including causing issues with versioned dependencies, + being misleading to users and being aesthetically unappealing. Whilst + they should be avoided, valid reasons to add or increment the epoch + include: + . + - Upstream changed their versioning scheme in a way that makes the + latest version lower than the previous one. + - You need to permanently revert to a lower upstream version. + . + Temporary revertions (eg. after an NMU) should use not modify or + introduce an epoch - please use the <code>CURRENT+reallyFORMER</code> until + you can upload the latest version again. + . + If you are unsure whether you need to increase the epoch for a package, + please consult the debian-devel mailing list. + . + Lintian looks in this version's changelog entry for the phrase "epoch". diff --git a/tags/e/epoch-changed-but-upstream-version-did-not-go-backwards.tag b/tags/e/epoch-changed-but-upstream-version-did-not-go-backwards.tag new file mode 100644 index 0000000..83a8de7 --- /dev/null +++ b/tags/e/epoch-changed-but-upstream-version-did-not-go-backwards.tag @@ -0,0 +1,27 @@ +Tag: epoch-changed-but-upstream-version-did-not-go-backwards +Severity: error +Check: debian/changelog +Explanation: The previous version of this package had a different version epoch + to the current version but the upstream version did not go "backwards". + For example, the previous package version was "1:1.0-1" and the current + version is "2:2.0-1". + . + This was likely an accidental bump or addition of an epoch. + . + Epochs exist to cope with changes to the upstream version numbering + scheme. Whilst they are a powerful tool, increasing or adding an epoch + has many downsides including causing issues with versioned dependencies, + being misleading to users and being aesthetically unappealing. Whilst + they should be avoided, valid reasons to add or increment the epoch + include: + . + - Upstream changed their versioning scheme in a way that makes the + latest version lower than the previous one. + - You need to permanently revert to a lower upstream version. + . + Temporary revertions (eg. after an NMU) should use not modify or + introduce an epoch - please use the <code>CURRENT+reallyFORMER</code> until + you can upload the latest version again. + . + If you are unsure whether you need to increase the epoch for a package, + please consult the debian-devel mailing list. diff --git a/tags/e/essential-in-source-package.tag b/tags/e/essential-in-source-package.tag new file mode 100644 index 0000000..b13a894 --- /dev/null +++ b/tags/e/essential-in-source-package.tag @@ -0,0 +1,5 @@ +Tag: essential-in-source-package +Severity: error +Check: fields/essential +Explanation: This field should only appear in binary packages. +See-Also: debian-policy 5.6.9 diff --git a/tags/e/essential-no-not-needed.tag b/tags/e/essential-no-not-needed.tag new file mode 100644 index 0000000..2c82180 --- /dev/null +++ b/tags/e/essential-no-not-needed.tag @@ -0,0 +1,6 @@ +Tag: essential-no-not-needed +Severity: warning +Check: fields/essential +Explanation: Having "Essential: no" is the same as not having the field at all, + so it just makes the Packages file longer with no benefit. +See-Also: debian-policy 5.6.9 diff --git a/tags/e/example-incorrect-path-for-interpreter.tag b/tags/e/example-incorrect-path-for-interpreter.tag new file mode 100644 index 0000000..0607a4d --- /dev/null +++ b/tags/e/example-incorrect-path-for-interpreter.tag @@ -0,0 +1,14 @@ +Tag: example-incorrect-path-for-interpreter +Severity: info +Check: scripts +Explanation: The interpreter used by this example script is installed at another + location on Debian systems. Normally the path should be updated to match + the Debian location. + . + Whilst the script may work, it is in violation of Debian Policy. This + may have been caused by usrmerge. + . + Note that, as a particular exception, Debian Policy ยง 10.4 states that + Perl scripts should use <code>/usr/bin/perl</code> directly and not + <code>/usr/bin/env</code>, etc. +See-Also: debian-policy 10.4, https://wiki.debian.org/UsrMerge diff --git a/tags/e/example-interpreter-in-usr-local.tag b/tags/e/example-interpreter-in-usr-local.tag new file mode 100644 index 0000000..9952f8d --- /dev/null +++ b/tags/e/example-interpreter-in-usr-local.tag @@ -0,0 +1,7 @@ +Tag: example-interpreter-in-usr-local +Severity: pedantic +Check: scripts +Explanation: This package contains an example script that looks for an + interpreter in a directory in /usr/local. Since Debian does not install + anything in /usr/local, the example script would probably need + modifications before a user could run it. diff --git a/tags/e/example-interpreter-not-absolute.tag b/tags/e/example-interpreter-not-absolute.tag new file mode 100644 index 0000000..a35e21b --- /dev/null +++ b/tags/e/example-interpreter-not-absolute.tag @@ -0,0 +1,9 @@ +Tag: example-interpreter-not-absolute +Severity: info +Check: scripts +Explanation: This example script uses a relative path to locate its interpreter. + This path will be taken relative to the caller's current directory, not + the script's, so a user will probably not be able to run the example + without modification. This tag can also be caused by script headers like + <code>#!@BASH@</code>, which usually mean that the examples were copied out + of the source tree before proper Autoconf path substitution. diff --git a/tags/e/example-script-uses-bin-env.tag b/tags/e/example-script-uses-bin-env.tag new file mode 100644 index 0000000..3b8aab8 --- /dev/null +++ b/tags/e/example-script-uses-bin-env.tag @@ -0,0 +1,7 @@ +Tag: example-script-uses-bin-env +Severity: info +Check: scripts +Explanation: This example script uses /bin/env as its interpreter (used to find + the actual interpreter on the user's path). There is no /bin/env on + Debian systems; env is instead installed as /usr/bin/env. Usually, the + path to env in the script should be changed. diff --git a/tags/e/example-script-uses-deprecated-nodejs-location.tag b/tags/e/example-script-uses-deprecated-nodejs-location.tag new file mode 100644 index 0000000..5009bd8 --- /dev/null +++ b/tags/e/example-script-uses-deprecated-nodejs-location.tag @@ -0,0 +1,14 @@ +Tag: example-script-uses-deprecated-nodejs-location +Severity: warning +Check: scripts +Explanation: You used <code>/usr/bin/nodejs</code> or <code>/usr/bin/env nodejs</code> as an + interpreter for an example script. + . + The <code>/usr/bin/node</code> binary was previously provided by + <code>ax25-node</code> and packages were required to use <code>/usr/bin/nodejs</code> + instead. <code>ax25-node</code> has since been removed from the archive and the + <code>nodejs</code> package now ships the <code>/usr/bin/node</code> binary to match + the rest of the Node.js ecosystem. + . + Please update your package to use the <code>node</code> variant. +See-Also: Bug#614907, Bug#862051 diff --git a/tags/e/example-script-without-interpreter.tag b/tags/e/example-script-without-interpreter.tag new file mode 100644 index 0000000..4766194 --- /dev/null +++ b/tags/e/example-script-without-interpreter.tag @@ -0,0 +1,5 @@ +Tag: example-script-without-interpreter +Severity: info +Check: scripts +Explanation: This example file starts with the #! sequence that identifies + scripts, but it does not name an interpreter. diff --git a/tags/e/example-shell-script-fails-syntax-check.tag b/tags/e/example-shell-script-fails-syntax-check.tag new file mode 100644 index 0000000..54ac0b8 --- /dev/null +++ b/tags/e/example-shell-script-fails-syntax-check.tag @@ -0,0 +1,12 @@ +Tag: example-shell-script-fails-syntax-check +Severity: pedantic +Check: script/syntax +Explanation: Running this shell script with the shell's -n option set fails, + which means that the script has syntax errors. The most common cause of + this problem is a script expecting <code>/bin/sh</code> to be bash checked on + a system using dash as <code>/bin/sh</code>. + . + Run e.g. <code>sh -n yourscript</code> to see the errors yourself. + . + Note this can have false-positives, for an example with bash scripts + using "extglob". diff --git a/tags/e/example-unusual-interpreter.tag b/tags/e/example-unusual-interpreter.tag new file mode 100644 index 0000000..4081a98 --- /dev/null +++ b/tags/e/example-unusual-interpreter.tag @@ -0,0 +1,6 @@ +Tag: example-unusual-interpreter +Severity: pedantic +Check: scripts +Explanation: This package contains an example script for an interpreter that + is not shipped in the package and is not known to Lintian. It is + possible that there is a typo or the interpreter is not executable. diff --git a/tags/e/example-wrong-path-for-interpreter.tag b/tags/e/example-wrong-path-for-interpreter.tag new file mode 100644 index 0000000..b507908 --- /dev/null +++ b/tags/e/example-wrong-path-for-interpreter.tag @@ -0,0 +1,10 @@ +Tag: example-wrong-path-for-interpreter +Severity: info +Check: scripts +Explanation: The interpreter used by this example script is installed at another + location on Debian systems. Normally the path should be updated to match + the Debian location. + . + Note that, as a particular exception, Debian Policy ยง 10.4 states that + Perl scripts should use <code>/usr/bin/perl</code> directly and not + <code>/usr/bin/env</code>, etc. diff --git a/tags/e/excessive-debhelper-overrides.tag b/tags/e/excessive-debhelper-overrides.tag new file mode 100644 index 0000000..7b396e3 --- /dev/null +++ b/tags/e/excessive-debhelper-overrides.tag @@ -0,0 +1,24 @@ +Tag: excessive-debhelper-overrides +Severity: warning +Check: debhelper +Explanation: The <code>debian/rules</code> file appears to include a suspiciously + high number of <code>override_dh_</code>-style overrides. + . + It is likely that is this was intended to optimise package builds by + introducing "no-op" overrides that avoid specific debhelper commands. + . + However, whilst using overrides are not a problem per-se, such a list + is usually subject to constant revision, prevents future debhelper + versions fixing archive-wide problems, adds unnecessary + noise/distraction for anyone reviewing the package, and increases the + package's "bus factor". It is, in addition, aesthetically displeasing. + . + Furthermore, this is typically a premature optimisation. debhelper already + includes optimizations to avoid running commands when unnecessary. If you find + a debhelper command taking unnecessarily long when it has no work to do, + please work with the debhelper developers to help debhelper skip that command + in more circumstances, optimizing not only your package build but everyone + else's as well. + . + Please remove the unnecessary overrides. +See-Also: debhelper(7), dh(1) diff --git a/tags/e/excessive-priority-for-library-package.tag b/tags/e/excessive-priority-for-library-package.tag new file mode 100644 index 0000000..e887f26 --- /dev/null +++ b/tags/e/excessive-priority-for-library-package.tag @@ -0,0 +1,12 @@ +Tag: excessive-priority-for-library-package +Severity: warning +Check: fields/priority +Explanation: The given package appears to be a library package, but it has "Priority" + of "required", "important", or "standard". + . + In general, a library package should only get pulled in on a system because + some other package depends on it; no library package needs installation on a + system where nothing uses it. + . + Please update <code>debian/control</code> and downgrade the severity to, for + example, <code>Priority: optional</code>. diff --git a/tags/e/executable-debhelper-file-without-being-executable.tag b/tags/e/executable-debhelper-file-without-being-executable.tag new file mode 100644 index 0000000..f5e2760 --- /dev/null +++ b/tags/e/executable-debhelper-file-without-being-executable.tag @@ -0,0 +1,8 @@ +Tag: executable-debhelper-file-without-being-executable +Severity: error +Check: debhelper +Explanation: The packaging file is marked executable, but it does not appear to be + executable (e.g. it has no #! line). + . + If debhelper file is not supposed to be executable, please remove the + executable bit from it. diff --git a/tags/e/executable-desktop-file.tag b/tags/e/executable-desktop-file.tag new file mode 100644 index 0000000..b74be86 --- /dev/null +++ b/tags/e/executable-desktop-file.tag @@ -0,0 +1,7 @@ +Tag: executable-desktop-file +Severity: error +Check: menu-format +Explanation: The desktop entry file is marked executable. + . + Desktop entries are regular files. They should be installed with file permissions of + mode <code>0644</code>. diff --git a/tags/e/executable-in-usr-lib.tag b/tags/e/executable-in-usr-lib.tag new file mode 100644 index 0000000..307ba7f --- /dev/null +++ b/tags/e/executable-in-usr-lib.tag @@ -0,0 +1,41 @@ +Tag: executable-in-usr-lib +Severity: pedantic +Experimental: yes +Check: files/permissions/usr-lib +Explanation: The package ships an executable file in /usr/lib. + . + Please move the file to <code>/usr/libexec</code>. + . + With policy revision 4.1.5, Debian adopted the Filesystem + Hierarchy Specification (FHS) version 3.0. + . + The FHS 3.0 describes <code>/usr/libexec</code>. Please use that + location for executables. +See-Also: + debian-policy 9.1.1, + filesystem-hierarchy, + https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch04s07.html, + Bug#954149 + +Screen: emacs/elpa/scripts +Advocates: David Bremner <bremner@debian.org> +Reason: The <code>emacsen-common</code> package places installation + and removal scripts, which for ELPA packages are executable, + in the folder <code>/usr/lib/emacsen-common/packages</code>. + . + About four hundred installation packages are affected. All of + them declare <code>emacsen-common</code> as an installation + prerequisite. +See-Also: + Bug#974175, + Bug#954149 + +Screen: web/cgi/scripts +Advocates: Andrius Merkys <merkys@debian.org> +Reason: The folder <code>/usr/lib/cgi-bin/</code> is designated for + scripts in the Common Gateway Interface (CGI). They require the + executable bit so the server can run them. +See-Also: + https://en.wikipedia.org/wiki/Common_Gateway_Interface, + https://datatracker.ietf.org/doc/html/rfc3875.html, + Bug#1003941 diff --git a/tags/e/executable-in-usr-share-doc.tag b/tags/e/executable-in-usr-share-doc.tag new file mode 100644 index 0000000..b3a15f3 --- /dev/null +++ b/tags/e/executable-in-usr-share-doc.tag @@ -0,0 +1,6 @@ +Tag: executable-in-usr-share-doc +Severity: error +Check: documentation +Explanation: Usually, documentation files in <code>/usr/share/doc</code> should have mode + 0644. If the executable is an example, it should go in + <code>/usr/share/doc/*pkg*/examples</code>. diff --git a/tags/e/executable-in-usr-share-docbase.tag b/tags/e/executable-in-usr-share-docbase.tag new file mode 100644 index 0000000..5b7f72c --- /dev/null +++ b/tags/e/executable-in-usr-share-docbase.tag @@ -0,0 +1,4 @@ +Tag: executable-in-usr-share-docbase +Severity: error +Check: menus +Explanation: Files in <code>/usr/share/doc-base</code> may not be marked as executables. diff --git a/tags/e/executable-is-not-world-readable.tag b/tags/e/executable-is-not-world-readable.tag new file mode 100644 index 0000000..517ea3b --- /dev/null +++ b/tags/e/executable-is-not-world-readable.tag @@ -0,0 +1,9 @@ +Tag: executable-is-not-world-readable +Severity: warning +Check: files/permissions +Explanation: All executables should be readable by any user. Since anyone can + download the Debian package and obtain a copy of the executable, no + security is gained by making the executable unreadable even for setuid + binaries. If only members of a certain group may execute this file, + remove execute permission for world, but leave read permission. +See-Also: debian-policy 10.9 diff --git a/tags/e/executable-jar-without-main-class.tag b/tags/e/executable-jar-without-main-class.tag new file mode 100644 index 0000000..4f4d92d --- /dev/null +++ b/tags/e/executable-jar-without-main-class.tag @@ -0,0 +1,5 @@ +Tag: executable-jar-without-main-class +Severity: error +Check: languages/java +See-Also: java-policy 2.2 +Explanation: An executable JAR must have a Main-Class set in its manifest. diff --git a/tags/e/executable-manual-page.tag b/tags/e/executable-manual-page.tag new file mode 100644 index 0000000..873f16d --- /dev/null +++ b/tags/e/executable-manual-page.tag @@ -0,0 +1,5 @@ +Tag: executable-manual-page +Severity: error +Check: documentation/manual +Renamed-From: executable-manpage +Explanation: Manual pages are not meant to be executed. diff --git a/tags/e/executable-menu-file.tag b/tags/e/executable-menu-file.tag new file mode 100644 index 0000000..fae9ad2 --- /dev/null +++ b/tags/e/executable-menu-file.tag @@ -0,0 +1,6 @@ +Tag: executable-menu-file +Severity: warning +Check: menus +Explanation: Menu files should not be marked as executables. + . + Packages only need to do that when menu entries are generated on the fly. diff --git a/tags/e/executable-not-elf-or-script.tag b/tags/e/executable-not-elf-or-script.tag new file mode 100644 index 0000000..cdf56ed --- /dev/null +++ b/tags/e/executable-not-elf-or-script.tag @@ -0,0 +1,13 @@ +Tag: executable-not-elf-or-script +Severity: warning +Check: executable +Explanation: This executable file is not an ELF format binary, and does not start + with the #! sequence that marks interpreted scripts. It might be a sh + script that fails to name /bin/sh as its shell, or it may be incorrectly + marked as executable. Sometimes upstream files developed on Windows are + marked unnecessarily as executable on other systems. + . + If you are using debhelper to build your package, running dh_fixperms will + often correct this problem for you. +See-Also: + debian-policy 10.4 diff --git a/tags/e/executable-stack-in-shared-library.tag b/tags/e/executable-stack-in-shared-library.tag new file mode 100644 index 0000000..bc5544b --- /dev/null +++ b/tags/e/executable-stack-in-shared-library.tag @@ -0,0 +1,20 @@ +Tag: executable-stack-in-shared-library +Severity: warning +Check: libraries/shared/stack +Renamed-From: + shlib-with-executable-stack +Explanation: The listed shared library declares the stack as executable. + . + Executable stack is usually an error as it is only needed if the code + contains GCC trampolines or similar constructs which uses code on the + stack. One possible source for false positives are object files built + from assembler files which don't define a proper .note.GNU-stack + section. + . + To see the permissions on the stack, run <code>readelf -l</code> on the + shared library and look for the program header of type GNU_STACK. In the + flag column, there should not be an E flag set. + . + This tag is currently not emitted on MIPS architectures. +See-Also: https://bugs.debian.org/1025436, + https://bugs.debian.org/1022787 diff --git a/tags/e/exit-in-shared-library.tag b/tags/e/exit-in-shared-library.tag new file mode 100644 index 0000000..9e0657a --- /dev/null +++ b/tags/e/exit-in-shared-library.tag @@ -0,0 +1,15 @@ +Tag: exit-in-shared-library +Severity: info +Check: libraries/shared/exit +Experimental: yes +Renamed-From: + shlib-calls-exit +Explanation: The listed shared library calls the C library exit() or _exit() + functions. + . + In the case of an error, the library should instead return an appropriate + error code to the calling program which can then determine how to handle + the error, including performing any required clean-up. + . + In most cases, removing the call should be discussed with upstream, + particularly as it may produce an ABI change. diff --git a/tags/e/experimental-to-unstable-without-comment.tag b/tags/e/experimental-to-unstable-without-comment.tag new file mode 100644 index 0000000..67a4725 --- /dev/null +++ b/tags/e/experimental-to-unstable-without-comment.tag @@ -0,0 +1,13 @@ +Tag: experimental-to-unstable-without-comment +Severity: pedantic +Check: debian/changelog +Explanation: The previous version of this package had a distribution of + "experimental", this version has a distribution of "unstable", and there's + apparently no comment about the change of distributions. + . + Lintian looks in this version's changelog entry for the phrase "to + unstable" or "to sid", with or without quotation marks around the + distribution name. + . + This may indicate a mistake in setting the distribution and an accidental + upload to unstable of a package intended for experimental. diff --git a/tags/e/explicit-default-in-package-type.tag b/tags/e/explicit-default-in-package-type.tag new file mode 100644 index 0000000..57dbb84 --- /dev/null +++ b/tags/e/explicit-default-in-package-type.tag @@ -0,0 +1,7 @@ +Tag: explicit-default-in-package-type +Severity: warning +Check: fields/package-type +Explanation: Having <code>Package-Type: deb</code> is the same as not having + the field at all, so it makes the Packages file longer with no + benefit. Policy also discourages it. +See-Also: debian-policy 5.6.28 diff --git a/tags/e/explicitly-armored-upstream-signature.tag b/tags/e/explicitly-armored-upstream-signature.tag new file mode 100644 index 0000000..1b9a601 --- /dev/null +++ b/tags/e/explicitly-armored-upstream-signature.tag @@ -0,0 +1,7 @@ +Tag: explicitly-armored-upstream-signature +Severity: warning +Check: upstream-signature +Explanation: The packaging includes a detached upstream signature file that was armored + explicitly using <code>gpg --enarmor</code>. That is likely an error. + . + Please generate the signature with <code>gpg --armor --detach-sig</code> instead. diff --git a/tags/e/extended-description-contains-empty-paragraph.tag b/tags/e/extended-description-contains-empty-paragraph.tag new file mode 100644 index 0000000..e1567ce --- /dev/null +++ b/tags/e/extended-description-contains-empty-paragraph.tag @@ -0,0 +1,5 @@ +Tag: extended-description-contains-empty-paragraph +Severity: warning +Check: fields/description +Explanation: The extended description (the lines after the first line of the + "Description:" field) contains an empty paragraph. diff --git a/tags/e/extended-description-is-empty.tag b/tags/e/extended-description-is-empty.tag new file mode 100644 index 0000000..16bf9df --- /dev/null +++ b/tags/e/extended-description-is-empty.tag @@ -0,0 +1,6 @@ +Tag: extended-description-is-empty +Severity: error +Check: fields/description +Explanation: The extended description (the lines after the first line of the + "Description:" field) is empty. +See-Also: debian-policy 3.4 diff --git a/tags/e/extended-description-is-probably-too-short.tag b/tags/e/extended-description-is-probably-too-short.tag new file mode 100644 index 0000000..9401072 --- /dev/null +++ b/tags/e/extended-description-is-probably-too-short.tag @@ -0,0 +1,10 @@ +Tag: extended-description-is-probably-too-short +Severity: info +Check: fields/description +See-Also: developer-reference 6.2.1, developer-reference 6.2.3 +Explanation: The extended description (the lines after the first line of the + "Description:" field) is only one or two lines long. The extended + description should provide a user with enough information to decide + whether they want to install this package, what it contains, and how it + compares to similar packages. One or two lines is normally not enough to + do this. diff --git a/tags/e/extended-description-line-too-long.tag b/tags/e/extended-description-line-too-long.tag new file mode 100644 index 0000000..a9ce1c2 --- /dev/null +++ b/tags/e/extended-description-line-too-long.tag @@ -0,0 +1,8 @@ +Tag: extended-description-line-too-long +Severity: warning +Check: fields/description +Explanation: One or more lines in the extended part of the "Description:" field + have been found to contain more than 80 characters. For the benefit of + users of 80x25 terminals, it is recommended that the lines do not exceed + 80 characters. +See-Also: debian-policy 3.4.1 diff --git a/tags/e/extra-license-file.tag b/tags/e/extra-license-file.tag new file mode 100644 index 0000000..dc23680 --- /dev/null +++ b/tags/e/extra-license-file.tag @@ -0,0 +1,7 @@ +Tag: extra-license-file +Severity: info +Check: files/licenses +See-Also: debian-policy 12.5 +Explanation: All license information should be collected in the + <code>debian/copyright</code> file. This usually makes it unnecessary + for the package to install this information in other places as well. diff --git a/tags/e/extra-whitespace-around-name-in-changelog-trailer.tag b/tags/e/extra-whitespace-around-name-in-changelog-trailer.tag new file mode 100644 index 0000000..b427ee2 --- /dev/null +++ b/tags/e/extra-whitespace-around-name-in-changelog-trailer.tag @@ -0,0 +1,10 @@ +Tag: extra-whitespace-around-name-in-changelog-trailer +Severity: warning +Check: nmu +Explanation: There is too much whitespace around the name in debian/changelog. + . + The format is: + -- NAME <EMAIL> DATE + . + Note that there must be exactly 1 space after the "--" and exactly + 2 spaces before the "DATE". diff --git a/tags/f/FSSTND-dir-in-manual-page.tag b/tags/f/FSSTND-dir-in-manual-page.tag new file mode 100644 index 0000000..67b08dd --- /dev/null +++ b/tags/f/FSSTND-dir-in-manual-page.tag @@ -0,0 +1,10 @@ +Tag: FSSTND-dir-in-manual-page +Severity: info +Check: documentation/manual +Explanation: The manual page references a directory that is specified + in the FSSTND but not in the FHS which is used by Debian. + This can be an indicator of a mismatch of the location of + files as installed for Debian and as described by the manual page. + . + If you have to change file locations to abide by Debian Policy + please also patch the manual page to mention these new locations. diff --git a/tags/f/FSSTND-dir-in-usr.tag b/tags/f/FSSTND-dir-in-usr.tag new file mode 100644 index 0000000..91e9e11 --- /dev/null +++ b/tags/f/FSSTND-dir-in-usr.tag @@ -0,0 +1,9 @@ +Tag: FSSTND-dir-in-usr +Severity: error +Check: files/hierarchy/standard +Explanation: As of policy version 3.0.0.0, Debian no longer follows the FSSTND. + . + Instead, we use the Filesystem Hierarchy Standard (FHS). +See-Also: + debian-policy 9.1.1, + filesystem-hierarchy diff --git a/tags/f/FSSTND-dir-in-var.tag b/tags/f/FSSTND-dir-in-var.tag new file mode 100644 index 0000000..aca3d42 --- /dev/null +++ b/tags/f/FSSTND-dir-in-var.tag @@ -0,0 +1,10 @@ +Tag: FSSTND-dir-in-var +Severity: error +Check: files/hierarchy/standard +Explanation: As of policy version 3.0.0.0, Debian no longer follows the FSSTND. + . + Instead, the Filesystem Hierarchy Standard (FHS), version 2.3, is + used. You can find it in /usr/share/doc/debian-policy/fhs/ . +See-Also: + debian-policy 9.1.1, + filesystem-hierarchy diff --git a/tags/f/faulty-debian-qa-group-address.tag b/tags/f/faulty-debian-qa-group-address.tag new file mode 100644 index 0000000..5883ec2 --- /dev/null +++ b/tags/f/faulty-debian-qa-group-address.tag @@ -0,0 +1,10 @@ +Tag: faulty-debian-qa-group-address +Severity: error +Check: fields/mail-address +Renamed-From: wrong-debian-qa-address-set-as-maintainer +Explanation: Orphaned packages should no longer have the address + <debian-qa@lists.debian.org> in the Maintainer field. + . + The correct Maintainer field for orphaned packages is + Debian QA Group <packages@qa.debian.org>. +See-Also: developer-reference 5.9.4 diff --git a/tags/f/faulty-debian-qa-group-phrase.tag b/tags/f/faulty-debian-qa-group-phrase.tag new file mode 100644 index 0000000..4406eee --- /dev/null +++ b/tags/f/faulty-debian-qa-group-phrase.tag @@ -0,0 +1,6 @@ +Tag: faulty-debian-qa-group-phrase +Severity: error +Check: fields/mail-address +Explanation: Orphaned packages should have "Debian QA Group + <packages@qa.debian.org>" in the maintainer field. +See-Also: developer-reference 5.9.4 diff --git a/tags/f/field-too-long.tag b/tags/f/field-too-long.tag new file mode 100644 index 0000000..45f943d --- /dev/null +++ b/tags/f/field-too-long.tag @@ -0,0 +1,11 @@ +Tag: field-too-long +Severity: error +Check: fields/length +Explanation: The length of the specified field is too long. + . + Overly-long fields not only can break some tools (e.g. + <code>reprepro(1)</code>) they can waste space as they are shipped to all + users. + . + Please reduce the number of characters. +See-Also: Bug#942493 diff --git a/tags/f/file-contains-fixme-placeholder.tag b/tags/f/file-contains-fixme-placeholder.tag new file mode 100644 index 0000000..ddc638a --- /dev/null +++ b/tags/f/file-contains-fixme-placeholder.tag @@ -0,0 +1,9 @@ +Tag: file-contains-fixme-placeholder +Severity: info +Check: dh-make +Explanation: This file appears to be incomplete or insufficiently modified as it + contains a "FIXME" placeholder text. These can often be generated by + package generation tools such as dh_make or npm2deb. + . + Please double-check the file and replace the placeholder with the required + command or information. diff --git a/tags/f/file-directly-in-usr-share-doc.tag b/tags/f/file-directly-in-usr-share-doc.tag new file mode 100644 index 0000000..c11d863 --- /dev/null +++ b/tags/f/file-directly-in-usr-share-doc.tag @@ -0,0 +1,6 @@ +Tag: file-directly-in-usr-share-doc +Severity: error +Check: documentation +Explanation: Documentation files have to be installed in + <code>/usr/share/doc/*pkg*</code>. +See-Also: debian-policy 12.3 diff --git a/tags/f/file-directly-in-usr-share.tag b/tags/f/file-directly-in-usr-share.tag new file mode 100644 index 0000000..c0822fb --- /dev/null +++ b/tags/f/file-directly-in-usr-share.tag @@ -0,0 +1,8 @@ +Tag: file-directly-in-usr-share +Severity: error +Check: files/hierarchy/standard +Explanation: Packages should not install files directly in <code>/usr/share</code>, + i.e., without a subdirectory. + . + You should either create a subdirectory <code>/usr/share/...</code> for your + package or place the file in <code>/usr/share/misc</code>. diff --git a/tags/f/file-in-discouraged-x11-font-directory.tag b/tags/f/file-in-discouraged-x11-font-directory.tag new file mode 100644 index 0000000..2b814a6 --- /dev/null +++ b/tags/f/file-in-discouraged-x11-font-directory.tag @@ -0,0 +1,10 @@ +Tag: file-in-discouraged-x11-font-directory +Severity: warning +Check: desktop/x11 +See-Also: debian-policy 11.8.5 +Explanation: For historical reasons, use of <code>PEX</code>, <code>CID</code>, + <code>Speedo</code>, and <code>cyrillic</code> subdirectories of + <code>/usr/share/fonts/X11</code> are permitted, but installation of files + into these directories is discouraged. Support for the first three font + types is deprecated or no longer available, and Cyrillic fonts should use + the normal font directories where possible. diff --git a/tags/f/file-in-etc-not-marked-as-conffile.tag b/tags/f/file-in-etc-not-marked-as-conffile.tag new file mode 100644 index 0000000..80d35fb --- /dev/null +++ b/tags/f/file-in-etc-not-marked-as-conffile.tag @@ -0,0 +1,6 @@ +Tag: file-in-etc-not-marked-as-conffile +Severity: error +Check: conffiles +See-Also: debian-policy 10.7 +Explanation: Files in <code>/etc</code> must be marked conffiles if they are included + in a package. Otherwise they should be created by maintainer scripts. diff --git a/tags/f/file-in-etc-rc.d-marked-as-conffile.tag b/tags/f/file-in-etc-rc.d-marked-as-conffile.tag new file mode 100644 index 0000000..63e8363 --- /dev/null +++ b/tags/f/file-in-etc-rc.d-marked-as-conffile.tag @@ -0,0 +1,5 @@ +Tag: file-in-etc-rc.d-marked-as-conffile +Severity: error +Check: conffiles +See-Also: debian-policy 9.3.3 +Explanation: The symbolic links in <code>/etc/rc?.d</code> may not be marked as conffiles. diff --git a/tags/f/file-in-root-and-usr.tag b/tags/f/file-in-root-and-usr.tag new file mode 100644 index 0000000..ecf4401 --- /dev/null +++ b/tags/f/file-in-root-and-usr.tag @@ -0,0 +1,12 @@ +Tag: file-in-root-and-usr +Severity: error +Check: usrmerge +Explanation: The package ships two files with the same name installed both in + /{bin,sbin,lib*}/ and /usr/{bin,sbin,lib*}/. + This is incompatible with the merged /usr directories scheme. + . + Packages with conflicting files must remove one of them if possible or + make it a symlink to the other and manage the links in the maintainer + scripts. +See-Also: https://wiki.debian.org/UsrMerge, + https://anonscm.debian.org/cgit/users/md/usrmerge.git/plain/debian/README.Debian diff --git a/tags/f/file-in-unknown-x11-font-directory.tag b/tags/f/file-in-unknown-x11-font-directory.tag new file mode 100644 index 0000000..0632c31 --- /dev/null +++ b/tags/f/file-in-unknown-x11-font-directory.tag @@ -0,0 +1,9 @@ +Tag: file-in-unknown-x11-font-directory +Severity: error +Check: desktop/x11 +See-Also: debian-policy 11.8.5 +Explanation: Subdirectories of <code>/usr/share/fonts/X11</code> other than + <code>100dpi</code>, <code>75dpi</code>, <code>misc</code>, <code>Type1</code>, and some + historic exceptions must be neither created nor used. (The directories + <code>encodings</code> and <code>util</code>, used by some X Window System + packages, are also permitted by Lintian.) diff --git a/tags/f/file-in-unusual-dir.tag b/tags/f/file-in-unusual-dir.tag new file mode 100644 index 0000000..74ee428 --- /dev/null +++ b/tags/f/file-in-unusual-dir.tag @@ -0,0 +1,5 @@ +Tag: file-in-unusual-dir +Severity: warning +Check: files/hierarchy/standard +Explanation: This file or symbolic link is in a directory where files are not + normally installed by Debian packages. diff --git a/tags/f/file-in-usr-lib-sgml.tag b/tags/f/file-in-usr-lib-sgml.tag new file mode 100644 index 0000000..c741348 --- /dev/null +++ b/tags/f/file-in-usr-lib-sgml.tag @@ -0,0 +1,7 @@ +Tag: file-in-usr-lib-sgml +Severity: warning +Check: files/sgml +See-Also: filesystem-hierarchy theusrhierarchy +Explanation: This package installs a file in <code>/usr/lib/sgml</code>. This was + the old location for SGML catalogs and similar flies. All those files + should now go into <code>/usr/share/sgml</code>. diff --git a/tags/f/file-in-usr-lib-site-python.tag b/tags/f/file-in-usr-lib-site-python.tag new file mode 100644 index 0000000..549df64 --- /dev/null +++ b/tags/f/file-in-usr-lib-site-python.tag @@ -0,0 +1,9 @@ +Tag: file-in-usr-lib-site-python +Severity: error +Check: languages/python +See-Also: python-policy 2.5 +Explanation: The directory /usr/lib/site-python has been deprecated as a + location for installing Python modules and may be dropped from Python's + module search path in a future version. Most likely this module is a + private module and should be packaged in a directory outside of Python's + default search path. diff --git a/tags/f/file-in-usr-local.tag b/tags/f/file-in-usr-local.tag new file mode 100644 index 0000000..8b08157 --- /dev/null +++ b/tags/f/file-in-usr-local.tag @@ -0,0 +1,6 @@ +Tag: file-in-usr-local +Severity: error +Check: files/hierarchy/standard +Explanation: The package installs a file in <code>/usr/local/...</code> which is + not allowed. +See-Also: debian-policy 9.1.2 diff --git a/tags/f/file-in-usr-marked-as-conffile.tag b/tags/f/file-in-usr-marked-as-conffile.tag new file mode 100644 index 0000000..8d68d1c --- /dev/null +++ b/tags/f/file-in-usr-marked-as-conffile.tag @@ -0,0 +1,8 @@ +Tag: file-in-usr-marked-as-conffile +Severity: error +Check: conffiles +See-Also: debian-policy 10.7.2 +Explanation: All configuration files must reside in <code>/etc</code>. Files below + <code>/usr</code> may not be marked as conffiles since <code>/usr</code> might be + mounted read-only. The local system administrator would therefore not + have a chance to modify this configuration file. diff --git a/tags/f/file-included-already.tag b/tags/f/file-included-already.tag new file mode 100644 index 0000000..7ef8067 --- /dev/null +++ b/tags/f/file-included-already.tag @@ -0,0 +1,11 @@ +Tag: file-included-already +Severity: error +Check: debian/copyright/dep5 +Explanation: The Debian <code>copyright</code> notes included files with the + <code>Files-Included</code> field, but the given file would have been shipped + without it. + . + The wildcards in the field may be too broad. Please narrow the criteria for + files included in the field <code>Files-Included</code>. +See-also: + https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ diff --git a/tags/f/file-missing-in-md5sums.tag b/tags/f/file-missing-in-md5sums.tag new file mode 100644 index 0000000..c79efa0 --- /dev/null +++ b/tags/f/file-missing-in-md5sums.tag @@ -0,0 +1,9 @@ +Tag: file-missing-in-md5sums +Severity: warning +Check: md5sums +Explanation: The package contains a file which isn't listed in the md5sums control + file. + . + Usually, this error occurs during the package build process if the + <code>debian/tmp/</code> directory is touched after <code>dh_md5sums</code> + is run. diff --git a/tags/f/file-name-contains-wildcard-character.tag b/tags/f/file-name-contains-wildcard-character.tag new file mode 100644 index 0000000..9bb82a5 --- /dev/null +++ b/tags/f/file-name-contains-wildcard-character.tag @@ -0,0 +1,7 @@ +Tag: file-name-contains-wildcard-character +Severity: warning +Check: files/names +Explanation: The file name contains shell wildcard characters. + . + These are most likely unexpanded wildcard characters from (for example) + <code>debian/*.install</code> files, or it may have been installed by accident. diff --git a/tags/f/file-name-ends-in-whitespace.tag b/tags/f/file-name-ends-in-whitespace.tag new file mode 100644 index 0000000..ebf50ad --- /dev/null +++ b/tags/f/file-name-ends-in-whitespace.tag @@ -0,0 +1,10 @@ +Tag: file-name-ends-in-whitespace +Severity: warning +Check: files/names +Explanation: This package installs a file or directory whose name ends in + whitespace. This might be intentional but it's normally a mistake. If + it is intentional, add a Lintian override. + . + One possible cause is using Debhelper 5.0.57 or earlier to install a + <code>doc-base</code> file with a <code>Document</code> field that ends + in whitespace. diff --git a/tags/f/file-name-in-PATH-is-not-ASCII.tag b/tags/f/file-name-in-PATH-is-not-ASCII.tag new file mode 100644 index 0000000..d40a587 --- /dev/null +++ b/tags/f/file-name-in-PATH-is-not-ASCII.tag @@ -0,0 +1,8 @@ +Tag: file-name-in-PATH-is-not-ASCII +Severity: error +Check: files/names +See-Also: debian-policy 10.10 +Explanation: The given file is in PATH but consists of non-ASCII characters. + . + Note that Lintian may be unable to display the filename accurately. + Unprintable characters may have been replaced. diff --git a/tags/f/file-references-package-build-path.tag b/tags/f/file-references-package-build-path.tag new file mode 100644 index 0000000..5e8c533 --- /dev/null +++ b/tags/f/file-references-package-build-path.tag @@ -0,0 +1,18 @@ +Tag: file-references-package-build-path +Severity: info +Check: files/contents +Explanation: The listed file or maintainer script appears to reference + the build path used to build the package as specified in the + <code>Build-Path</code> field of the <code>.buildinfo</code> file. + . + This is likely to cause the package to be unreproducible, but it may + also indicate that the package will not work correctly outside of the + maintainer's own system. + . + Please note that this tag will not appear unless the + <code>.buildinfo</code> file contains a <code>Build-Path</code> field. That + field is optional. You may have to set + <code>DEB_BUILD_OPTIONS=buildinfo=+path</code> or use + <code>--buildinfo-option=--always-include-path</code> with + <code>dpkg-buildpackage</code> when building. +See-Also: https://reproducible-builds.org/, https://wiki.debian.org/ReproducibleBuilds/BuildinfoFiles, dpkg-genbuildinfo(1) diff --git a/tags/f/file-size-mismatch-in-changes-file.tag b/tags/f/file-size-mismatch-in-changes-file.tag new file mode 100644 index 0000000..cbaf49a --- /dev/null +++ b/tags/f/file-size-mismatch-in-changes-file.tag @@ -0,0 +1,6 @@ +Tag: file-size-mismatch-in-changes-file +Severity: error +Check: changes-file +Explanation: The actual file size does not match what's listed in the + <code>.changes</code> file. +See-Also: debian-policy 5.6.21, debian-policy 5.6.24 diff --git a/tags/f/file-without-copyright-information.tag b/tags/f/file-without-copyright-information.tag new file mode 100644 index 0000000..5ac3b34 --- /dev/null +++ b/tags/f/file-without-copyright-information.tag @@ -0,0 +1,7 @@ +Tag: file-without-copyright-information +Severity: warning +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: The source tree contains a file which was not matched by any of + the <code>Files</code> paragraphs in debian/copyright. Either adjust existing + wildcards to match that file or add a new <code>Files</code> paragraph. diff --git a/tags/f/files-excluded-without-copyright-format-1.0.tag b/tags/f/files-excluded-without-copyright-format-1.0.tag new file mode 100644 index 0000000..a49b47a --- /dev/null +++ b/tags/f/files-excluded-without-copyright-format-1.0.tag @@ -0,0 +1,15 @@ +Tag: files-excluded-without-copyright-format-1.0 +Severity: error +Check: debian/copyright/dep5 +Explanation: The <code>Files-Excluded</code> field in <code>debian/copyright</code> is + used to exclude files from upstream source packages such as when they + violate the Debian Free Software Guidelines + . + However, this field will be ignored by uscan(1) if the <code>copyright</code> + file is not declared as following the <code>1.0</code> format. + . + Please ensure your <code>debian/copyright</code> file starts with the + following line: + . + Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +See-Also: uscan(1) diff --git a/tags/f/font-in-non-font-package.tag b/tags/f/font-in-non-font-package.tag new file mode 100644 index 0000000..7308ac3 --- /dev/null +++ b/tags/f/font-in-non-font-package.tag @@ -0,0 +1,11 @@ +Tag: font-in-non-font-package +Severity: info +Check: fonts +Explanation: This package contains a *.ttf, *.otf, or *.pfb file, file + extensions used by TrueType, OpenType, or Type 1 fonts, but the package + does not appear to be a dedicated font package. Dedicated font package + names should begin with <code>fonts-</code>. (Type 1 fonts are also allowed + in packages starting with <code>xfonts-</code>.) If the font is already + packaged, you should depend on that package instead. Otherwise, normally + the font should be packaged separately, since fonts are usually useful + outside of the package that embeds them. diff --git a/tags/f/font-outside-font-dir.tag b/tags/f/font-outside-font-dir.tag new file mode 100644 index 0000000..6df6def --- /dev/null +++ b/tags/f/font-outside-font-dir.tag @@ -0,0 +1,6 @@ +Tag: font-outside-font-dir +Severity: info +Check: fonts +Explanation: This package contains a TrueType, OpenType, or Type 1 fonts, + but the package does not install this file under <code>/usr/share/fonts/</code>. +See-Also: https://wiki.debian.org/Fonts/PackagingPolicy diff --git a/tags/f/font-package-not-multi-arch-foreign.tag b/tags/f/font-package-not-multi-arch-foreign.tag new file mode 100644 index 0000000..eae3589 --- /dev/null +++ b/tags/f/font-package-not-multi-arch-foreign.tag @@ -0,0 +1,10 @@ +Tag: font-package-not-multi-arch-foreign +Severity: warning +Check: fields/multi-arch +Explanation: This package is architecture all and hence requires a Multi-Arch + foreign value. + . + An Architecture: all package to satisfy the dependencies of a + foreign-architecture package, it must be marked Multi-Arch: foreign + or Multi-Arch: allowed. +See-Also: https://wiki.ubuntu.com/MultiarchSpec#Dependencies_involving_Architecture:_all_packages diff --git a/tags/f/forbidden-config-interpreter.tag b/tags/f/forbidden-config-interpreter.tag new file mode 100644 index 0000000..e48ca3c --- /dev/null +++ b/tags/f/forbidden-config-interpreter.tag @@ -0,0 +1,7 @@ +Tag: forbidden-config-interpreter +Severity: error +Check: scripts +Explanation: This package contains a <code>config</code> script for pre-configuring + the package. During pre-configuration, however, only essential packages + are guaranteed to be installed, so you cannot use a non-essential + interpreter. diff --git a/tags/f/forbidden-postrm-interpreter.tag b/tags/f/forbidden-postrm-interpreter.tag new file mode 100644 index 0000000..622a75b --- /dev/null +++ b/tags/f/forbidden-postrm-interpreter.tag @@ -0,0 +1,9 @@ +Tag: forbidden-postrm-interpreter +Severity: error +Check: scripts +Explanation: This package contains a <code>postrm</code> maintainer script that uses + an interpreter that isn't essential. The <code>purge</code> action of + <code>postrm</code> can only rely on essential packages, which means the + interpreter used by <code>postrm</code> must be one of the essential ones + (<code>sh</code>, <code>bash</code>, or <code>perl</code>). +See-Also: debian-policy 7.2 diff --git a/tags/f/format-3.0-but-debian-changes-patch.tag b/tags/f/format-3.0-but-debian-changes-patch.tag new file mode 100644 index 0000000..40cc5a0 --- /dev/null +++ b/tags/f/format-3.0-but-debian-changes-patch.tag @@ -0,0 +1,12 @@ +Tag: format-3.0-but-debian-changes-patch +Severity: warning +Check: debian/patches/quilt +Explanation: This package declares source format 3.0 (quilt), but the Debian + .debian.tar.gz file contains a debian-changes-VERSION patch, which represents + direct changes to files outside of the <code>debian</code> directory. This often + indicates accidental changes that weren't meant to be in the package or changes + that were supposed to be separated out into a patch. + . + If this is intentional, you may wish to consider adding + <code>single-debian-patch</code> to <code>debian/source/options</code>, and/or a patch + header to <code>debian/source/patch-header</code> explaining why this is done. diff --git a/tags/g/game-outside-section.tag b/tags/g/game-outside-section.tag new file mode 100644 index 0000000..2a087e2 --- /dev/null +++ b/tags/g/game-outside-section.tag @@ -0,0 +1,7 @@ +Tag: game-outside-section +Severity: warning +Check: games +Renamed-From: games-package-should-be-section-games +Explanation: All the executables in this package are in <code>/usr/games</code>, but + the package is not in section games. This can be intentional but is + usually a mistake. diff --git a/tags/g/gawk-script-but-no-gawk-dep.tag b/tags/g/gawk-script-but-no-gawk-dep.tag new file mode 100644 index 0000000..81eaf4b --- /dev/null +++ b/tags/g/gawk-script-but-no-gawk-dep.tag @@ -0,0 +1,9 @@ +Tag: gawk-script-but-no-gawk-dep +Severity: error +Check: scripts +Explanation: Packages that use gawk scripts must depend on the gawk package. + If they don't need gawk-specific features, and can just as easily work + with mawk, then they should be awk scripts instead. + . + In some cases a weaker relationship, such as Suggests or Recommends, will + be more appropriate. diff --git a/tags/g/generated-file.tag b/tags/g/generated-file.tag new file mode 100644 index 0000000..af3ef04 --- /dev/null +++ b/tags/g/generated-file.tag @@ -0,0 +1,12 @@ +Tag: generated-file +Severity: classification +Check: files/generated +Explanation: This file contains a common marker for generated files. + . + Some examples are: + . + - <code>DO NOT EDIT BY HAND</code> + - <code>file was autogenerated</code> + . + In general, Debian likes to ship only true source files. Please consider + asking upstream to generate the file during the build process instead. diff --git a/tags/g/gfortran-module-does-not-declare-version.tag b/tags/g/gfortran-module-does-not-declare-version.tag new file mode 100644 index 0000000..38ae3e0 --- /dev/null +++ b/tags/g/gfortran-module-does-not-declare-version.tag @@ -0,0 +1,9 @@ +Tag: gfortran-module-does-not-declare-version +Severity: warning +Check: languages/fortran/gfortran +Explanation: The installation package ships a GFORTRAN module which does not + declare a module version number. That number is needed to establish the + proper prerequisites for binary rebuilds. +See-Also: Bug#796352, + Bug#714730, + https://salsa.debian.org/science-team/dh-fortran-mod/blob/debian/master/dh_fortran_mod.in diff --git a/tags/g/gir-in-arch-all-package.tag b/tags/g/gir-in-arch-all-package.tag new file mode 100644 index 0000000..74276f6 --- /dev/null +++ b/tags/g/gir-in-arch-all-package.tag @@ -0,0 +1,8 @@ +Tag: gir-in-arch-all-package +Severity: warning +Check: desktop/gnome/gir +Explanation: GObject-Introspection XML files + (<code>/usr/share/gir-1.0/Foo-23.gir</code>) must be made available in + an architecture-dependent package of the same source. +See-Also: + /usr/share/doc/gobject-introspection/policy.txt diff --git a/tags/g/gir-missing-typelib-dependency.tag b/tags/g/gir-missing-typelib-dependency.tag new file mode 100644 index 0000000..1b467b8 --- /dev/null +++ b/tags/g/gir-missing-typelib-dependency.tag @@ -0,0 +1,25 @@ +Tag: gir-missing-typelib-dependency +Severity: warning +Check: desktop/gnome/gir +Explanation: Development packages that contain GObject-Introspection XML files + (<code>/usr/share/gir-1.0/Foo-23.gir</code>) must depend on the package + containing the corresponding binary typelib, which is conventionally named + <code>gir1.2-foo-23</code>. The dependency must be strictly versioned + (for example <code>gir1.2-foo-23 (= ${binary:Version})</code> when using + debhelper). + . + If multiple typelibs are shipped in the same package, then that package + should have versioned <code>Provides</code> for the names that would have been + used for separate packages. In this case, Lintian does not emit this tag + when a group of binary packages from the same source is checked together. + . + For example, <code>libgtk-3-dev</code> contains <code>Gtk-3.0.gir</code>, + <code>Gdk-3.0.gir</code> and <code>GdkX11-3.0.gir</code>. + <code>gir1.2-gtk-3.0</code> contains all three corresponding typelibs, + so it is sufficient for <code>libgtk-3-dev</code> to depend on + <code>gir1.2-gtk-3.0</code>. Giving <code>gir1.2-gtk-3.0</code> <code>Provides</code> + entries for <code>gir1.2-gdk-3.0 (= ${binary:Version})</code> + and <code>gir1.2-gdkx11-3.0 (= ${binary:Version})</code> signals this + situation to Lintian. +See-Also: + /usr/share/doc/gobject-introspection/policy.txt diff --git a/tags/g/gir-section-not-libdevel.tag b/tags/g/gir-section-not-libdevel.tag new file mode 100644 index 0000000..8e050ea --- /dev/null +++ b/tags/g/gir-section-not-libdevel.tag @@ -0,0 +1,10 @@ +Tag: gir-section-not-libdevel +Severity: warning +Check: desktop/gnome/gir +Explanation: GObject-Introspection XML files + (<code>/usr/share/gir-1.0/Foo-23.gir</code>) must be made available in + a development package in the <code>libdevel</code> section of the archive. + This is normally the same <code>libfoo-dev</code> package that contains + other development files. +See-Also: + /usr/share/doc/gobject-introspection/policy.txt diff --git a/tags/g/git-patches-not-exported.tag b/tags/g/git-patches-not-exported.tag new file mode 100644 index 0000000..deb14ad --- /dev/null +++ b/tags/g/git-patches-not-exported.tag @@ -0,0 +1,15 @@ +Tag: git-patches-not-exported +Severity: error +Check: debian/source-dir +Explanation: The source package contains files in + <code>debian/source/git-patches</code>. These patches should have been exported + via the <code>quilt-patches-deb-export-hook</code> of <code>gitpkg</code>. + . + It does not look like the patches were exported for this source package. + . + You will see this tag when you generate a source package without + <code>gitpkg</code> (or with a misconfigured version) unless the patches + were exported manually. + . + See the above mentioned hook file (in <code>/usr/share/gitpkg/hooks</code>) + for information on how to export patches manually. diff --git a/tags/g/global-data-in-games-directory.tag b/tags/g/global-data-in-games-directory.tag new file mode 100644 index 0000000..dabec16 --- /dev/null +++ b/tags/g/global-data-in-games-directory.tag @@ -0,0 +1,14 @@ +Tag: global-data-in-games-directory +Severity: error +Check: games +Explanation: This package contains files under <code>/usr/share/games</code>, such as + desktop files, icons, pixmaps, or MIME type entries, that are global + system data. The user's desktop environment will only check in the + directories directly under <code>/usr/share</code> and this information + should be put in the global directory even if it is for games. + . + The most common cause of this problem is using a + <code>--datadir=/usr/share/games</code> argument to configure or an + equivalent and using the upstream installation rules. These files need + to be moved into the corresponding directories directly under + <code>/usr/share</code>. diff --git a/tags/g/global-files-wildcard-not-first-paragraph-in-dep5-copyright.tag b/tags/g/global-files-wildcard-not-first-paragraph-in-dep5-copyright.tag new file mode 100644 index 0000000..7f4e0b9 --- /dev/null +++ b/tags/g/global-files-wildcard-not-first-paragraph-in-dep5-copyright.tag @@ -0,0 +1,15 @@ +Tag: global-files-wildcard-not-first-paragraph-in-dep5-copyright +Severity: warning +Check: debian/copyright/dep5 +Explanation: The specified paragraph in the machine readable copyright file references + all possible files but is not the first paragraph. For example: + . + Files: filea + Copyright: 2009, ... + . + Files: * + Copyright: 2010, ... + . + As the paragraphs is matched on a "last match wins" principle, all proceeding + paragraphs are overridden. +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ diff --git a/tags/g/globbing-patterns-out-of-order.tag b/tags/g/globbing-patterns-out-of-order.tag new file mode 100644 index 0000000..88237d2 --- /dev/null +++ b/tags/g/globbing-patterns-out-of-order.tag @@ -0,0 +1,13 @@ +Tag: globbing-patterns-out-of-order +Severity: warning +Check: debian/copyright/dep5 +Explanation: The <code>Files</code> sections in debian/copyright are out of order. + The relative directory depth should increase from one section to the next. + That is the general pattern of the specification, with * at the top. + . + When sections are in another order, some files may be associated + with the wrong license. + . + Please reorder the sections. +See-Also: Bug#905747, + https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ diff --git a/tags/g/gobject-introspection-package-missing-depends-on-gir-depends.tag b/tags/g/gobject-introspection-package-missing-depends-on-gir-depends.tag new file mode 100644 index 0000000..0cf432c --- /dev/null +++ b/tags/g/gobject-introspection-package-missing-depends-on-gir-depends.tag @@ -0,0 +1,11 @@ +Tag: gobject-introspection-package-missing-depends-on-gir-depends +Severity: error +Check: desktop/gnome/gir/substvars +Explanation: The package in <code>debian/control</code> is a GObject Introspection + installation package but does not declare its prerequisites using the + <code>${gir:Depends}</code> substvar. + . + Without proper runtime prerequisites, a program usually aborts. + . + This tag can often be fixed by adding the <code>--with=gir</code> Debhelper + sequence. diff --git a/tags/g/groff-message.tag b/tags/g/groff-message.tag new file mode 100644 index 0000000..767a486 --- /dev/null +++ b/tags/g/groff-message.tag @@ -0,0 +1,39 @@ +Tag: groff-message +Severity: warning +Check: documentation/manual +Renamed-From: manpage-has-errors-from-man +Explanation: A manual page provoked warnings or errors from the <code>man</code> + program. Here are some common ones: + . + "cannot adjust" or "can't break" are issues with paragraph filling. They + are usually related to long lines. Justifying text on the left hand side + can help with adjustments. Hyphenation can help with breaks. + . + For more information, please see "Manipulating Filling and Adjusting" + and "Manipulating Hyphenation" in the Groff manual (see <code>info groff</code>). + . + "can't find numbered character" usually means that the input was in a + national legacy encoding. The warning means that some characters were + dropped. Please use escapes such as <code>\[:a]</code> as described on the + <code>groff_char</code> manual page. + . + Other common warnings are formatting typos. String arguments to + <code>.IP</code> require quotes. Usually, some text is lost or mangled. See + the <code>groff_man</code> (or <code>groff_mdoc</code> if using <code>mdoc</code>) + manual page for details on macros. + . + The check for manual pages uses the <code>--warnings</code> option to + <code>man</code> to catch common problems, like a <code>.</code> or a <code>'</code> + at the beginning of a line as literal text. They are interpreted as + Groff commands. Just reformat the paragraph so the characters are not at + the beginning of a line. You can also add a zero-width space (<code>\&</code>) + in front of them. + . + Aside from overrides, warnings can be disabled with the <code>.warn</code> + directive. Please see "Debugging" in the Groff manual. + . + You can see the warnings yourself by running the command used by Lintian: + . + <code>LC_ALL=C.UTF-8 MANROFFSEQ='' MANWIDTH=80 \ + man --warnings -E UTF-8 -l -Tutf8 -Z <file> >/dev/null</code> +See-Also: groff_man(7), groff_mdoc(7) diff --git a/tags/g/gzip-file-is-not-multi-arch-same-safe.tag b/tags/g/gzip-file-is-not-multi-arch-same-safe.tag new file mode 100644 index 0000000..1c2f0d2 --- /dev/null +++ b/tags/g/gzip-file-is-not-multi-arch-same-safe.tag @@ -0,0 +1,8 @@ +Tag: gzip-file-is-not-multi-arch-same-safe +Severity: error +Check: files/compressed/gz +Explanation: The gzip file contains a timestamp that will differ between + architectures. Multi-Arch: same implies all shared files must be + byte-for-byte identical. + . + This can usually be fixed by passing -n to gzip. diff --git a/tags/h/hardening-no-bindnow.tag b/tags/h/hardening-no-bindnow.tag new file mode 100644 index 0000000..c12e705 --- /dev/null +++ b/tags/h/hardening-no-bindnow.tag @@ -0,0 +1,17 @@ +Tag: hardening-no-bindnow +Severity: info +Check: binaries/hardening +Explanation: This package provides an ELF binary that lacks the "bindnow" + linker flag. + . + This is needed (together with "relro") to make the "Global Offset + Table" (GOT) fully read-only. The bindnow feature trades startup + time for improved security. Please consider enabling this feature + or consider overriding the tag (possibly with a comment about why). + . + If you use <code>dpkg-buildflags</code>, you may have to add + <code>hardening=+bindnow</code> or <code>hardening=+all</code> to + <code>DEB_BUILD_MAINT_OPTIONS</code>. + . + The relevant compiler flags are set in <code>LDFLAGS</code>. +See-Also: https://wiki.debian.org/Hardening diff --git a/tags/h/hardening-no-fortify-functions.tag b/tags/h/hardening-no-fortify-functions.tag new file mode 100644 index 0000000..63833f0 --- /dev/null +++ b/tags/h/hardening-no-fortify-functions.tag @@ -0,0 +1,13 @@ +Tag: hardening-no-fortify-functions +Severity: info +Check: binaries/hardening +Explanation: This package provides an ELF binary that lacks the use of fortified + libc functions. Either there are no potentially unfortified functions + called by any routines, all unfortified calls have already been fully + validated at compile-time, or the package was not built with the default + Debian compiler flags defined by <code>dpkg-buildflags</code>. If built using + <code>dpkg-buildflags</code> directly, be sure to import <code>CPPFLAGS</code>. + . + NB: Due to false-positives, Lintian ignores some unprotected functions + (e.g. memcpy). +See-Also: https://wiki.debian.org/Hardening, Bug#673112 diff --git a/tags/h/hardening-no-pie.tag b/tags/h/hardening-no-pie.tag new file mode 100644 index 0000000..06a5eff --- /dev/null +++ b/tags/h/hardening-no-pie.tag @@ -0,0 +1,23 @@ +Tag: hardening-no-pie +Severity: warning +Check: binaries/hardening +Explanation: This package provides an ELF executable that was not compiled + as a position independent executable (PIE). + . + In Debian, since version 6.2.0-7 of the gcc-6 package GCC will + compile ELF binaries with PIE by default. In most cases a simple + rebuild will be sufficient to remove this tag. + . + PIE is required for fully enabling Address Space Layout + Randomization (ASLR), which makes "Return-oriented" attacks more + difficult. + . + Historically, PIE has been associated with noticeable performance + overhead on i386. However, GCC >= 5 has implemented an optimization + that can reduce the overhead significantly. + . + If you use <code>dpkg-buildflags</code> with <code>hardening=+all,-pie</code> + in <code>DEB_BUILD_MAINT_OPTIONS</code>, remove the <code>-pie</code>. +See-Also: https://wiki.debian.org/Hardening, + https://gcc.gnu.org/gcc-5/changes.html, + https://software.intel.com/en-us/blogs/2014/12/26/new-optimizations-for-x86-in-upcoming-gcc-50-32bit-pic-mode diff --git a/tags/h/hardening-no-relro.tag b/tags/h/hardening-no-relro.tag new file mode 100644 index 0000000..e1bb69c --- /dev/null +++ b/tags/h/hardening-no-relro.tag @@ -0,0 +1,9 @@ +Tag: hardening-no-relro +Severity: warning +Check: binaries/hardening +Explanation: This package provides an ELF binary that lacks the "read-only + relocation" link flag. This package was likely not built with the + default Debian compiler flags defined by <code>dpkg-buildflags</code>. + If built using <code>dpkg-buildflags</code> directly, be sure to import + <code>LDFLAGS</code>. +See-Also: https://wiki.debian.org/Hardening diff --git a/tags/h/header-has-overly-generic-name.tag b/tags/h/header-has-overly-generic-name.tag new file mode 100644 index 0000000..7b27787 --- /dev/null +++ b/tags/h/header-has-overly-generic-name.tag @@ -0,0 +1,8 @@ +Tag: header-has-overly-generic-name +Severity: error +Check: files/includes +Explanation: This package installs a header to the <code>/usr/include</code> global + namespace with an overly generic name. + . + This was either a mistake and/or likely to cause conflicts with other + packages. diff --git a/tags/h/helper-templates-in-copyright.tag b/tags/h/helper-templates-in-copyright.tag new file mode 100644 index 0000000..4fb0066 --- /dev/null +++ b/tags/h/helper-templates-in-copyright.tag @@ -0,0 +1,8 @@ +Tag: helper-templates-in-copyright +Severity: error +Check: debian/copyright +Explanation: The /usr/share/doc/*pkg*/copyright file still contains + template markers from a packaging helper. Please fill in the actual + license, upstream copyright holders, and download information about the + package and remove any remaining templates generated by the packaging + helper. diff --git a/tags/h/homepage-field-uses-insecure-uri.tag b/tags/h/homepage-field-uses-insecure-uri.tag new file mode 100644 index 0000000..abd4da2 --- /dev/null +++ b/tags/h/homepage-field-uses-insecure-uri.tag @@ -0,0 +1,5 @@ +Tag: homepage-field-uses-insecure-uri +Severity: pedantic +Check: fields/homepage +Explanation: The Homepage field uses an unencrypted transport protocol for the + URI. diff --git a/tags/h/homepage-for-bioconductor-package-not-canonical.tag b/tags/h/homepage-for-bioconductor-package-not-canonical.tag new file mode 100644 index 0000000..0f47059 --- /dev/null +++ b/tags/h/homepage-for-bioconductor-package-not-canonical.tag @@ -0,0 +1,14 @@ +Tag: homepage-for-bioconductor-package-not-canonical +Severity: info +Check: fields/homepage +Explanation: The Homepage field for this package points to an uncanonical Bioconductor URL. + Please update to use the current canonical URL instead. The canonical URL is + recommended for use in publications, etc., will always redirect to current + release version (or devel if package is not in release yet). For example, the + link for the package "foo" should be: + . + https://bioconductor.org/packages/foo/ + . + not: + . + https://www.bioconductor.org/packages/(release|devel|*)/bioc/html/foo.html diff --git a/tags/h/homepage-for-cpan-package-contains-version.tag b/tags/h/homepage-for-cpan-package-contains-version.tag new file mode 100644 index 0000000..ab8668a --- /dev/null +++ b/tags/h/homepage-for-cpan-package-contains-version.tag @@ -0,0 +1,17 @@ +Tag: homepage-for-cpan-package-contains-version +Severity: warning +Check: fields/homepage +Explanation: The Homepage field for this package points to CPAN and the URL + includes the version. It's better to link to the unversioned CPAN page + so that the URL doesn't have to be updated for each new release. For + example, use: + . + http://search.cpan.org/dist/HTML-Template/ + . + or + . + https://metacpan.org/release/HTML-Template/ + . + not: + . + http://search.cpan.org/~samtregar/HTML-Template-2.9/ diff --git a/tags/h/homepage-for-cran-package-not-canonical.tag b/tags/h/homepage-for-cran-package-not-canonical.tag new file mode 100644 index 0000000..d0286e4 --- /dev/null +++ b/tags/h/homepage-for-cran-package-not-canonical.tag @@ -0,0 +1,14 @@ +Tag: homepage-for-cran-package-not-canonical +Severity: info +Check: fields/homepage +Explanation: The Homepage field for this package points to an uncanonical CRAN URL. + Please update to use the current canonical URL instead. The canonical URL is + recommended for use in publications, etc., will always redirect to current + release version (or devel if package is not in release yet). For example, the + link for the package "foo" should be: + . + https://cran.r-project.org/package=foo + . + not: + . + https://cran.r-project.org/web/packages/foo/index.html diff --git a/tags/h/homepage-github-url-ends-with-dot-git.tag b/tags/h/homepage-github-url-ends-with-dot-git.tag new file mode 100644 index 0000000..32fc033 --- /dev/null +++ b/tags/h/homepage-github-url-ends-with-dot-git.tag @@ -0,0 +1,12 @@ +Tag: homepage-github-url-ends-with-dot-git +Severity: info +Check: fields/homepage +Explanation: The Homepage field contains a GitHub URL that ends with .git + Please update to use the canonical URL, without .git at the end, for the + GitHub repository instead. + . + https://github.com/foo/bar + . + not: + . + https://github.com/foo/bar.git diff --git a/tags/h/homepage-gitlab-url-ends-with-dot-git.tag b/tags/h/homepage-gitlab-url-ends-with-dot-git.tag new file mode 100644 index 0000000..7055298 --- /dev/null +++ b/tags/h/homepage-gitlab-url-ends-with-dot-git.tag @@ -0,0 +1,12 @@ +Tag: homepage-gitlab-url-ends-with-dot-git +Severity: info +Check: fields/homepage +Explanation: The Homepage field contains a GitLab URL that ends with .git + Please update to use the canonical URL, without .git at the end, for the + GitLab repository instead. + . + https://gitlab.com/foo/bar + . + not: + . + https://gitlab.com/foo/bar.git diff --git a/tags/h/homepage-in-binary-package.tag b/tags/h/homepage-in-binary-package.tag new file mode 100644 index 0000000..174f32c --- /dev/null +++ b/tags/h/homepage-in-binary-package.tag @@ -0,0 +1,13 @@ +Tag: homepage-in-binary-package +Severity: info +Check: fields/homepage +Explanation: This non-native source package produces at least one binary package + with a <code>Homepage</code> field. However, the source package itself has + no <code>Homepage</code> field. Unfortunately, this results in some + source-based tools/services (e.g. the PTS) not linking to the homepage + of the upstream project. + . + If you move the <code>Homepage</code> field to the source paragraph in + <code>debian/control</code> then all binary packages from this source + will inherit the value by default. +See-Also: debian-policy 5.6.23 diff --git a/tags/h/homepage-refers-to-filesystem-listing.tag b/tags/h/homepage-refers-to-filesystem-listing.tag new file mode 100644 index 0000000..04d0e4d --- /dev/null +++ b/tags/h/homepage-refers-to-filesystem-listing.tag @@ -0,0 +1,7 @@ +Tag: homepage-refers-to-filesystem-listing +Severity: info +Check: fields/homepage +Explanation: The <code>Homepage</code> field for this package points to a + download directory / filesystem listing. + . + Please update the field to point to the project's regular homepage. diff --git a/tags/h/homepage-refers-to-obsolete-debian-infrastructure.tag b/tags/h/homepage-refers-to-obsolete-debian-infrastructure.tag new file mode 100644 index 0000000..a20c385 --- /dev/null +++ b/tags/h/homepage-refers-to-obsolete-debian-infrastructure.tag @@ -0,0 +1,13 @@ +Tag: homepage-refers-to-obsolete-debian-infrastructure +Severity: warning +Check: fields/homepage +Explanation: The <code>Homepage</code> field for this package points to an area + within the *.debian.org infrastructure that has been deprecated. + . + After 1st May 2018, the Alioth service became read-only in May 2018. + Packages should migrate to website hosting on https://salsa.debian.org. + . + For further information about salsa.debian.org, including how to add + HTTP redirects from alioth, please consult the Debian Wiki. +See-Also: https://lists.debian.org/debian-devel-announce/2017/08/msg00008.html, + https://wiki.debian.org/Salsa diff --git a/tags/h/homepage-salsa-url-ends-with-dot-git.tag b/tags/h/homepage-salsa-url-ends-with-dot-git.tag new file mode 100644 index 0000000..4dce9b2 --- /dev/null +++ b/tags/h/homepage-salsa-url-ends-with-dot-git.tag @@ -0,0 +1,12 @@ +Tag: homepage-salsa-url-ends-with-dot-git +Severity: info +Check: fields/homepage +Explanation: The Homepage field contains a Salsa URL that ends with .git + Please update to use the canonical URL, without .git at the end, for the + Salsa repository instead. + . + https://salsa.debian.org/foo/bar + . + not: + . + https://salsa.debian.org/foo/bar.git diff --git a/tags/h/html-changelog-without-text-version.tag b/tags/h/html-changelog-without-text-version.tag new file mode 100644 index 0000000..9ea1465 --- /dev/null +++ b/tags/h/html-changelog-without-text-version.tag @@ -0,0 +1,7 @@ +Tag: html-changelog-without-text-version +Severity: error +Check: debian/changelog +Explanation: If the upstream changelog file is HTML formatted, a text version + should also be accessible as "changelog.gz". (This can be created by + "lynx -dump -nolist") +See-Also: debian-policy 12.7 diff --git a/tags/h/hyphen-file.tag b/tags/h/hyphen-file.tag new file mode 100644 index 0000000..e8c8e5a --- /dev/null +++ b/tags/h/hyphen-file.tag @@ -0,0 +1,7 @@ +Tag: hyphen-file +Severity: error +Check: files/names +Explanation: The given file is literally installed as <code>-</code> (hyphen + symbol). Normally this indicates a mistake in the package when + attempting to write to standard output. +See-Also: Bug#882638 diff --git a/tags/h/hyphen-in-upstream-part-of-debian-changelog-version.tag b/tags/h/hyphen-in-upstream-part-of-debian-changelog-version.tag new file mode 100644 index 0000000..ed451eb --- /dev/null +++ b/tags/h/hyphen-in-upstream-part-of-debian-changelog-version.tag @@ -0,0 +1,7 @@ +Tag: hyphen-in-upstream-part-of-debian-changelog-version +Severity: pedantic +Check: debian/changelog +Explanation: The upstream version in the debian changelog contains one or more + hyphens. While that is okay according to Debian Policy, some tools may + croak. +See-Also: debian-policy 5.6.12 diff --git a/tags/i/icon-size-and-directory-name-mismatch.tag b/tags/i/icon-size-and-directory-name-mismatch.tag new file mode 100644 index 0000000..2865a35 --- /dev/null +++ b/tags/i/icon-size-and-directory-name-mismatch.tag @@ -0,0 +1,6 @@ +Tag: icon-size-and-directory-name-mismatch +Severity: warning +Check: desktop/icons +Explanation: The icon has a size that differs from the size specified by the name + of the directory under which it was installed. The icon was probably + mistakenly installed into the wrong directory. diff --git a/tags/i/illegal-multi-arch-value.tag b/tags/i/illegal-multi-arch-value.tag new file mode 100644 index 0000000..0911275 --- /dev/null +++ b/tags/i/illegal-multi-arch-value.tag @@ -0,0 +1,7 @@ +Tag: illegal-multi-arch-value +Severity: error +Check: fields/multi-arch +Explanation: The package is architecture all and has the Multi-Arch same value. + . + This combination is not allowed by the Multi-Arch specification. +See-Also: https://wiki.ubuntu.com/MultiarchSpec diff --git a/tags/i/illegal-runtime-test-name.tag b/tags/i/illegal-runtime-test-name.tag new file mode 100644 index 0000000..315a84d --- /dev/null +++ b/tags/i/illegal-runtime-test-name.tag @@ -0,0 +1,7 @@ +Tag: illegal-runtime-test-name +Severity: warning +Check: testsuite +Explanation: Runtime test names in debian/tests/control are only allowed to + contain decimal digits, lowercase ASCII letters, plus or minus signs, + dots or slashes. +See-Also: https://salsa.debian.org/ci-team/autopkgtest/tree/master/doc/README.package-tests.rst diff --git a/tags/i/illegal-variable.tag b/tags/i/illegal-variable.tag new file mode 100644 index 0000000..74dd973 --- /dev/null +++ b/tags/i/illegal-variable.tag @@ -0,0 +1,21 @@ +Tag: illegal-variable +Severity: error +Check: debian/variables +Explanation: With debhelper compatibility level >= 13 (and also + <code>dh-exec</code> before it) several files in the + <code>./debian</code> folder support the expansion of variables. + Unfortunately, people sometimes confuse the + <code>DEB_BUILD_*</code> + variables with the similarly-named + <code>DEB_HOST_*</code> variables. + . + Some conditions are difficult to detect but it is never correct + to use <code>DEB_BUILD_MULTIARCH</code> in + <code>debian/*.install</code> or in + <code>debian/*.links</code>. + . + Please use <code>DEB_HOST_MULTIARCH</code> instead + of <code>DEB_BUILD_MULTIARCH</code>. +See-Also: + https://wiki.debian.org/Multiarch/Implementation#Recipes_for_converting_packages, + Bug#983219 diff --git a/tags/i/image-file-has-conflicting-name.tag b/tags/i/image-file-has-conflicting-name.tag new file mode 100644 index 0000000..092e590 --- /dev/null +++ b/tags/i/image-file-has-conflicting-name.tag @@ -0,0 +1,6 @@ +Tag: image-file-has-conflicting-name +Severity: info +Check: images/filenames +Explanation: An image file in this package has a name that is + usually associated with another image format. +See-Also: Bug#717818 diff --git a/tags/i/image-file-has-unexpected-name.tag b/tags/i/image-file-has-unexpected-name.tag new file mode 100644 index 0000000..0bbfc2b --- /dev/null +++ b/tags/i/image-file-has-unexpected-name.tag @@ -0,0 +1,6 @@ +Tag: image-file-has-unexpected-name +Severity: pedantic +Check: images/filenames +Explanation: An image file in this package has a name not generally + associated with its format. +See-Also: Bug#717818 diff --git a/tags/i/image-file-in-usr-lib.tag b/tags/i/image-file-in-usr-lib.tag new file mode 100644 index 0000000..666bb56 --- /dev/null +++ b/tags/i/image-file-in-usr-lib.tag @@ -0,0 +1,6 @@ +Tag: image-file-in-usr-lib +Severity: pedantic +Check: images +Explanation: This package installs a pixmap or a bitmap within <code>/usr/lib</code>. + According to the Filesystem Hierarchy Standard, architecture-independent + files should be placed within <code>/usr/share</code> instead. diff --git a/tags/i/improbable-bug-number-in-closes.tag b/tags/i/improbable-bug-number-in-closes.tag new file mode 100644 index 0000000..26f5a04 --- /dev/null +++ b/tags/i/improbable-bug-number-in-closes.tag @@ -0,0 +1,6 @@ +Tag: improbable-bug-number-in-closes +Severity: warning +Check: debian/changelog +Explanation: The most recent changelog closes a low-numbered bug number. + While this is distantly possible, it's more likely a typo or a + placeholder value that mistakenly wasn't filled in. diff --git a/tags/i/incompatible-java-bytecode-format.tag b/tags/i/incompatible-java-bytecode-format.tag new file mode 100644 index 0000000..aea1761 --- /dev/null +++ b/tags/i/incompatible-java-bytecode-format.tag @@ -0,0 +1,7 @@ +Tag: incompatible-java-bytecode-format +Severity: warning +Check: languages/java +Explanation: The package contains Java class files with a minimum requirement on the + listed Java version. This Java version is not supported by the default JVM + in Debian and is therefore likely to be a mistake. +See-Also: Bug#673276 diff --git a/tags/i/incomplete-creative-commons-license.tag b/tags/i/incomplete-creative-commons-license.tag new file mode 100644 index 0000000..86be15b --- /dev/null +++ b/tags/i/incomplete-creative-commons-license.tag @@ -0,0 +1,23 @@ +Tag: incomplete-creative-commons-license +Severity: warning +Check: debian/copyright/dep5 +Explanation: The package appears to be licensed under a Creative Commons + license but only includes the human-readable summary in the + debian/copyright file which is not the actual licence. The Creative + Commons webpages contains the following disclaimer: + . + This deed highlights only some of the key features and terms of the + actual license. It is not a license and has no legal value. You should + carefully review all of the terms and conditions of the actual license + before using the licensed material. + . + Creative Commons is not a law firm and does not provide legal + services. Distributing, displaying, or linking to this deed or the + license that it summarizes does not create a lawyer-client or any + other relationship. + . + Please use the full, plain-text version of the license text which may + be found here: + . + https://creativecommons.org/2014/01/07/plaintext-versions-of-creative-commons-4-0-licenses/ +See-Also: Bug#903470, Bug#795402 diff --git a/tags/i/inconsistent-appstream-metadata-license.tag b/tags/i/inconsistent-appstream-metadata-license.tag new file mode 100644 index 0000000..03680a9 --- /dev/null +++ b/tags/i/inconsistent-appstream-metadata-license.tag @@ -0,0 +1,10 @@ +Tag: inconsistent-appstream-metadata-license +Severity: warning +Check: debian/copyright/dep5 +Explanation: The specified AppStream metadata file specifies a + <code>metadata_license</code> field but this does not match + its entry (possibly via the <code>Files: *</code> stanza) in + <code>debian/copyright</code>. +See-Also: https://wiki.debian.org/AppStream/Guidelines, + https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/, + https://www.freedesktop.org/software/appstream/docs/chap-Metadata.html#tag-metadata_license diff --git a/tags/i/inconsistent-maintainer.tag b/tags/i/inconsistent-maintainer.tag new file mode 100644 index 0000000..ea85a19 --- /dev/null +++ b/tags/i/inconsistent-maintainer.tag @@ -0,0 +1,10 @@ +Tag: inconsistent-maintainer +Severity: error +Check: fields/maintainer +Explanation: The Maintainer address in a group of related processables is + inconsistent as indicated. + . + This sometimes happens when environmental variables like <code>DEBEMAIL</code> + are set to different values when building sources and changes separately. + Please use the same maintainer everywhere. +See-Also: Bug#546525, https://wiki.ubuntu.com/DebianMaintainerField, Ubuntu Bug#1862787 diff --git a/tags/i/incorrect-libdir-in-la-file.tag b/tags/i/incorrect-libdir-in-la-file.tag new file mode 100644 index 0000000..a09daa9 --- /dev/null +++ b/tags/i/incorrect-libdir-in-la-file.tag @@ -0,0 +1,8 @@ +Tag: incorrect-libdir-in-la-file +Severity: error +Check: build-systems/libtool/la-file +Explanation: The given .la file points to a libdir other than the path where it is + installed. This can be caused by resetting <code>prefix</code> at make install + time instead of using <code>DESTDIR</code>. The incorrect path will cause + packages linking to this library using libtool to build incorrectly (adding + incorrect paths to RPATH, for example). diff --git a/tags/i/incorrect-locale-code.tag b/tags/i/incorrect-locale-code.tag new file mode 100644 index 0000000..f4cdb53 --- /dev/null +++ b/tags/i/incorrect-locale-code.tag @@ -0,0 +1,15 @@ +Tag: incorrect-locale-code +Severity: warning +Check: files/locales +Explanation: The package appears to ship locales for a language but uses an + incorrect locale code as a subdirectory of <code>/usr/share/locale</code>. + This usually results in users of the intended target language not + finding the locale. The language codes used in the locale directories + are those from the ISO 639-1 and ISO 639-2 standards, not those + usually used as TLDs (which are from the ISO 3166 standard). + . + When both standards define a language code for a given language, the + ISO 639-1 code should be used (i.e. the two lettered code). + . + Lintian only knows about some commonly-mistaken set of incorrect + locale codes. diff --git a/tags/i/incorrect-naming-of-pkcs11-module.tag b/tags/i/incorrect-naming-of-pkcs11-module.tag new file mode 100644 index 0000000..4e5477f --- /dev/null +++ b/tags/i/incorrect-naming-of-pkcs11-module.tag @@ -0,0 +1,11 @@ +Tag: incorrect-naming-of-pkcs11-module +Severity: error +Check: files/p11-kit +Explanation: This package ships a PKCS#11 module configuration file under + <code>/usr/share/p11-kit/modules</code>, but its naming doesn't conform + to what <code>p11-kit</code> expects. Files in that directory should + respect the following convention, case insensitive: + [a-z0-9][a-z0-9_.-]*.module + . + p11-kit currently warns on every file that does not follow the + convention and may ignore them in the future. diff --git a/tags/i/incorrect-packaging-filename.tag b/tags/i/incorrect-packaging-filename.tag new file mode 100644 index 0000000..6a1045b --- /dev/null +++ b/tags/i/incorrect-packaging-filename.tag @@ -0,0 +1,16 @@ +Tag: incorrect-packaging-filename +Severity: warning +Check: debian/filenames +Explanation: Some packaging files obtain different names when they are copied + from source to installation packages. Debhelper sometimes adds *.Debian + extensions to NEWS, README and TODO files. That can be confusing. + . + Debhelper's behavior also depends on the filename. + . + This source package contains a file that debhelper will not find. The + file will not be included in your installation packages. Important + information, such as incompatibilties on upgrades, may not reach your + users. + . + Please rename the file as indicated. +See-Also: Bug#429510, Bug#946126, Bug#946041 diff --git a/tags/i/incorrect-path-for-interpreter.tag b/tags/i/incorrect-path-for-interpreter.tag new file mode 100644 index 0000000..4425dff --- /dev/null +++ b/tags/i/incorrect-path-for-interpreter.tag @@ -0,0 +1,13 @@ +Tag: incorrect-path-for-interpreter +Severity: warning +Check: scripts +Explanation: The interpreter you used is installed at another location on Debian + systems. + . + Whilst the script may work, it is in violation of Debian Policy. This + may have been caused by usrmerge. + . + Note that, as a particular exception, Debian Policy ยง 10.4 states that + Perl scripts should use <code>/usr/bin/perl</code> directly and not + <code>/usr/bin/env</code>, etc. +See-Also: debian-policy 10.4, https://wiki.debian.org/UsrMerge diff --git a/tags/i/info-document-has-wrong-extension.tag b/tags/i/info-document-has-wrong-extension.tag new file mode 100644 index 0000000..f0f6eda --- /dev/null +++ b/tags/i/info-document-has-wrong-extension.tag @@ -0,0 +1,4 @@ +Tag: info-document-has-wrong-extension +Severity: warning +Check: documentation/texinfo +Explanation: The info document has an extension other than info*.gz. diff --git a/tags/i/info-document-missing-dir-entry.tag b/tags/i/info-document-missing-dir-entry.tag new file mode 100644 index 0000000..62115e3 --- /dev/null +++ b/tags/i/info-document-missing-dir-entry.tag @@ -0,0 +1,16 @@ +Tag: info-document-missing-dir-entry +Severity: error +Check: documentation/texinfo +Explanation: This info document has no directory entry. This is text between + START-INFO-DIR-ENTRY and END-INFO-DIR-ENTRY lines which is copied into + the <code>dir</code> file in <code>/usr/share/info</code> by + <code>install-info</code>. The best solution is to add lines like: + . + @dircategory Software development + @direntry + * foo: (foo). Foo creator and editor + @end direntry + . + to the texinfo source so that the generated info file will contain an + appropriate entry. You will have to ensure that the build process builds + new info files rather than using ones built by upstream. diff --git a/tags/i/info-document-missing-dir-section.tag b/tags/i/info-document-missing-dir-section.tag new file mode 100644 index 0000000..3d7eb88 --- /dev/null +++ b/tags/i/info-document-missing-dir-section.tag @@ -0,0 +1,13 @@ +Tag: info-document-missing-dir-section +Severity: error +Check: documentation/texinfo +Explanation: This info document has no INFO-DIR-SECTION line. + <code>install-info</code> will be unable to determine the section into which + this info page should be put. The best solution is to add a line like: + . + @dircategory Software development + . + to the texinfo source so that the generated info file will contain a + section. See <code>/usr/share/info/dir</code> for sections to choose from. + You will have to ensure that the build process builds new info files + rather than using ones built by upstream. diff --git a/tags/i/info-document-missing-image-file.tag b/tags/i/info-document-missing-image-file.tag new file mode 100644 index 0000000..469a67a --- /dev/null +++ b/tags/i/info-document-missing-image-file.tag @@ -0,0 +1,19 @@ +Tag: info-document-missing-image-file +Severity: warning +Check: documentation/texinfo +Explanation: This info document contains an "[image]" but the image file it + specifies is missing. Texinfo <code>@image{}</code> becomes + . + [image src="filename.png"] + . + in the <code>.info</code>. Emacs 22 and up info + mode can display this in a GUI if filename.png is in + <code>/usr/share/info</code> or if the src gives a path to the file + elsewhere. + . + If you put an image file in <code>/usr/share/info</code> then please name + it like the document so as to avoid name clashes. Eg. foo.info might + call an image foo-example1.png. If upstream does not do this already + then it may be easier to <code>sed</code> the <code>src=""</code> to a path + elsewhere, perhaps to share with an HTML rendition under say + <code>/usr/share/doc/foo/html/</code>. diff --git a/tags/i/info-document-not-compressed-with-gzip.tag b/tags/i/info-document-not-compressed-with-gzip.tag new file mode 100644 index 0000000..e06929c --- /dev/null +++ b/tags/i/info-document-not-compressed-with-gzip.tag @@ -0,0 +1,7 @@ +Tag: info-document-not-compressed-with-gzip +Severity: error +Check: documentation/texinfo +Explanation: Info documents should be compressed with <code>gzip -9n</code>. This + file ends in <code>.gz</code> but doesn't appear to be a gzip-compressed + file. +See-Also: debian-policy 12.2 diff --git a/tags/i/info-document-not-compressed-with-max-compression.tag b/tags/i/info-document-not-compressed-with-max-compression.tag new file mode 100644 index 0000000..7326198 --- /dev/null +++ b/tags/i/info-document-not-compressed-with-max-compression.tag @@ -0,0 +1,6 @@ +Tag: info-document-not-compressed-with-max-compression +Severity: error +Check: documentation/texinfo +Explanation: Info documents should be compressed with <code>gzip -9n</code>. This + file is compressed with gzip, but without using maximum compression. +See-Also: debian-policy 12.2 diff --git a/tags/i/info-document-not-compressed.tag b/tags/i/info-document-not-compressed.tag new file mode 100644 index 0000000..bc1f982 --- /dev/null +++ b/tags/i/info-document-not-compressed.tag @@ -0,0 +1,5 @@ +Tag: info-document-not-compressed +Severity: error +Check: documentation/texinfo +Explanation: Info documents should be compressed with <code>gzip -9n</code>. +See-Also: debian-policy 12.2 diff --git a/tags/i/init-d-script-stops-in-s-runlevel.tag b/tags/i/init-d-script-stops-in-s-runlevel.tag new file mode 100644 index 0000000..5f6dd27 --- /dev/null +++ b/tags/i/init-d-script-stops-in-s-runlevel.tag @@ -0,0 +1,8 @@ +Tag: init-d-script-stops-in-s-runlevel +Severity: warning +Check: init-d +Explanation: This <code>/etc/init.d</code> script specifies the S runlevel in + Default-Stop in its LSB keyword section. The S runlevel is not a real + runlevel and is only used during boot. There is no way to switch to it + and hence no use for stop scripts for it, so S should be removed from + Default-Stop. diff --git a/tags/i/init-script-is-not-a-file.tag b/tags/i/init-script-is-not-a-file.tag new file mode 100644 index 0000000..20cd1bf --- /dev/null +++ b/tags/i/init-script-is-not-a-file.tag @@ -0,0 +1,5 @@ +Tag: init-script-is-not-a-file +Severity: error +Check: systemd +Explanation: The package contains an init script that is not a regular file or + resolvable symlink. diff --git a/tags/i/init.d-script-contains-skeleton-template-content.tag b/tags/i/init.d-script-contains-skeleton-template-content.tag new file mode 100644 index 0000000..bc06f66 --- /dev/null +++ b/tags/i/init.d-script-contains-skeleton-template-content.tag @@ -0,0 +1,8 @@ +Tag: init.d-script-contains-skeleton-template-content +Severity: error +Check: init-d +Explanation: The given init script appears to contain content from the + <code>/etc/init.d/skeleton</code> example. + . + Please double-check the script and/or replace it with content suitable to + this binary package. diff --git a/tags/i/init.d-script-depends-on-all-virtual-facility.tag b/tags/i/init.d-script-depends-on-all-virtual-facility.tag new file mode 100644 index 0000000..6b7e304 --- /dev/null +++ b/tags/i/init.d-script-depends-on-all-virtual-facility.tag @@ -0,0 +1,9 @@ +Tag: init.d-script-depends-on-all-virtual-facility +Severity: error +Check: init-d +Explanation: The given init script declares a dependency on the virtual + facility "$all". This virtual facility is reserved for very special + cases, that work specifically with init system. + . + Regular services should not use this facility. +See-Also: https://wiki.debian.org/LSBInitScripts diff --git a/tags/i/init.d-script-depends-on-unknown-virtual-facility.tag b/tags/i/init.d-script-depends-on-unknown-virtual-facility.tag new file mode 100644 index 0000000..de3ff7c --- /dev/null +++ b/tags/i/init.d-script-depends-on-unknown-virtual-facility.tag @@ -0,0 +1,8 @@ +Tag: init.d-script-depends-on-unknown-virtual-facility +Severity: error +Check: init-d +Explanation: The given init script declares a dependency on a virtual facility + that is not known to be provided by any init.d script in the archive. + If the dependency cannot be satisfied upon the package's + installation, insserv will refuse the activation of the init.d script. +See-Also: https://wiki.debian.org/LSBInitScripts diff --git a/tags/i/init.d-script-does-not-implement-required-option.tag b/tags/i/init.d-script-does-not-implement-required-option.tag new file mode 100644 index 0000000..0d1653e --- /dev/null +++ b/tags/i/init.d-script-does-not-implement-required-option.tag @@ -0,0 +1,6 @@ +Tag: init.d-script-does-not-implement-required-option +Severity: error +Check: init-d +See-Also: debian-policy 9.3.2 +Explanation: The <code>/etc/init.d</code> scripts have to support the following + command line arguments: start, stop, restart, force-reload. diff --git a/tags/i/init.d-script-does-not-implement-status-option.tag b/tags/i/init.d-script-does-not-implement-status-option.tag new file mode 100644 index 0000000..a693edd --- /dev/null +++ b/tags/i/init.d-script-does-not-implement-status-option.tag @@ -0,0 +1,8 @@ +Tag: init.d-script-does-not-implement-status-option +Severity: info +Check: init-d +See-Also: https://wiki.debian.org/LSBInitScripts +Explanation: The specified <code>/etc/init.d</code> script does not implement the + <code>status</code> option. This is actually required by LSB, often + requested by users and will be required by the Debian Policy in + the future. diff --git a/tags/i/init.d-script-does-not-provide-itself.tag b/tags/i/init.d-script-does-not-provide-itself.tag new file mode 100644 index 0000000..e9bc72a --- /dev/null +++ b/tags/i/init.d-script-does-not-provide-itself.tag @@ -0,0 +1,9 @@ +Tag: init.d-script-does-not-provide-itself +Severity: info +Check: init-d +Explanation: This <code>/etc/init.d</code> script indicates it provides one or + more facilities, but none of the provided facilities match the name of + the init script. In certain cases, it may be necessary to not follow + that convention, but normally init scripts should always provide a + facility matching the name of the init script. +See-Also: https://wiki.debian.org/LSBInitScripts diff --git a/tags/i/init.d-script-does-not-source-init-functions.tag b/tags/i/init.d-script-does-not-source-init-functions.tag new file mode 100644 index 0000000..9b7a823 --- /dev/null +++ b/tags/i/init.d-script-does-not-source-init-functions.tag @@ -0,0 +1,11 @@ +Tag: init.d-script-does-not-source-init-functions +Severity: warning +Check: systemd +Explanation: The <code>/etc/init.d</code> script does not source + <code>/lib/lsb/init-functions</code>. The <code>systemd</code> package provides + <code>/lib/lsb/init-functions.d/40-systemd</code> to redirect + <code>/etc/init.d/$script</code> calls to systemctl. + . + Please add a line like this to your <code>/etc/init.d</code> script: + . + . /lib/lsb/init-functions diff --git a/tags/i/init.d-script-has-bad-lsb-line.tag b/tags/i/init.d-script-has-bad-lsb-line.tag new file mode 100644 index 0000000..e2bab8e --- /dev/null +++ b/tags/i/init.d-script-has-bad-lsb-line.tag @@ -0,0 +1,10 @@ +Tag: init.d-script-has-bad-lsb-line +Severity: warning +Check: init-d +See-Also: https://wiki.debian.org/LSBInitScripts +Explanation: This line in the LSB keyword section of an <code>/etc/init.d</code> + script doesn't match the required formatting of that section. Note that + keyword settings must start with <code>#</code>, a single space, the keyword, + a colon, and some whitespace, followed by the value (if any). Only the + Description keyword allows continuation lines, and continuation lines + must begin with <code>#</code> and either a tab or two or more spaces. diff --git a/tags/i/init.d-script-has-bad-start-runlevel.tag b/tags/i/init.d-script-has-bad-start-runlevel.tag new file mode 100644 index 0000000..8f7652f --- /dev/null +++ b/tags/i/init.d-script-has-bad-start-runlevel.tag @@ -0,0 +1,7 @@ +Tag: init.d-script-has-bad-start-runlevel +Severity: warning +Check: init-d +See-Also: https://wiki.debian.org/LSBInitScripts +Explanation: The given runlevel specified in the Default-Start keyword of the LSB + keyword section of this <code>/etc/init.d</code> script isn't one of the + recognized standard runlevels (S, 0, 1, 2, 3, 4, 5, and 6). diff --git a/tags/i/init.d-script-has-bad-stop-runlevel.tag b/tags/i/init.d-script-has-bad-stop-runlevel.tag new file mode 100644 index 0000000..9fec931 --- /dev/null +++ b/tags/i/init.d-script-has-bad-stop-runlevel.tag @@ -0,0 +1,7 @@ +Tag: init.d-script-has-bad-stop-runlevel +Severity: warning +Check: init-d +See-Also: https://wiki.debian.org/LSBInitScripts +Explanation: The given runlevel specified in the Default-Stop keyword of the LSB + keyword section of this <code>/etc/init.d</code> script isn't one of the + recognized standard runlevels (0, 1, 2, 3, 4, 5, and 6). diff --git a/tags/i/init.d-script-has-conflicting-start-stop.tag b/tags/i/init.d-script-has-conflicting-start-stop.tag new file mode 100644 index 0000000..6d027b5 --- /dev/null +++ b/tags/i/init.d-script-has-conflicting-start-stop.tag @@ -0,0 +1,9 @@ +Tag: init.d-script-has-conflicting-start-stop +Severity: warning +Check: init-d +See-Also: https://wiki.debian.org/LSBInitScripts +Explanation: The given runlevel was included in both the Default-Start and + Default-Stop keywords of the LSB keyword section of this + <code>/etc/init.d</code> script. Since it doesn't make sense to both start + and stop a service in the same runlevel, there is probably an error in + one or the other of these keywords. diff --git a/tags/i/init.d-script-has-duplicate-lsb-keyword.tag b/tags/i/init.d-script-has-duplicate-lsb-keyword.tag new file mode 100644 index 0000000..3006758 --- /dev/null +++ b/tags/i/init.d-script-has-duplicate-lsb-keyword.tag @@ -0,0 +1,7 @@ +Tag: init.d-script-has-duplicate-lsb-keyword +Severity: warning +Check: init-d +See-Also: https://wiki.debian.org/LSBInitScripts +Explanation: The given keyword was set twice in the LSB keyword section in this + <code>/etc/init.d</code> script. This is probably a mistake; the behavior of + setting the same keyword twice is undefined. diff --git a/tags/i/init.d-script-has-duplicate-lsb-section.tag b/tags/i/init.d-script-has-duplicate-lsb-section.tag new file mode 100644 index 0000000..4e32eb3 --- /dev/null +++ b/tags/i/init.d-script-has-duplicate-lsb-section.tag @@ -0,0 +1,8 @@ +Tag: init.d-script-has-duplicate-lsb-section +Severity: error +Check: init-d +See-Also: https://wiki.debian.org/LSBInitScripts +Explanation: This <code>/etc/init.d</code> script has more than one LSB keyword + section. These sections start with <code>### BEGIN INIT INFO</code> and end + with <code>### END INIT INFO</code>. There should be only one such section + per init script. diff --git a/tags/i/init.d-script-has-unknown-lsb-keyword.tag b/tags/i/init.d-script-has-unknown-lsb-keyword.tag new file mode 100644 index 0000000..f743f17 --- /dev/null +++ b/tags/i/init.d-script-has-unknown-lsb-keyword.tag @@ -0,0 +1,8 @@ +Tag: init.d-script-has-unknown-lsb-keyword +Severity: warning +Check: init-d +See-Also: https://wiki.debian.org/LSBInitScripts +Explanation: The given keyword was set in the LSB keyword section in this + <code>/etc/init.d</code> script but isn't one of the known LSB keywords and + doesn't begin with <code>X-</code>. One of the standard keywords may have + been misspelled. diff --git a/tags/i/init.d-script-has-unterminated-lsb-section.tag b/tags/i/init.d-script-has-unterminated-lsb-section.tag new file mode 100644 index 0000000..7e2d22b --- /dev/null +++ b/tags/i/init.d-script-has-unterminated-lsb-section.tag @@ -0,0 +1,11 @@ +Tag: init.d-script-has-unterminated-lsb-section +Severity: error +Check: init-d +See-Also: https://wiki.debian.org/LSBInitScripts +Explanation: This <code>/etc/init.d</code> script has an LSB keyword section starting + with <code>### BEGIN INIT INFO</code> but either has no matching <code>### END + INIT INFO</code> or has lines between those two markers that are not + comments. The line number given is the first line that doesn't look like + part of an LSB keyword section. There must be an end marker after all + the keyword settings and there must not be any lines between those + markers that do not begin with <code>#</code>. diff --git a/tags/i/init.d-script-missing-dependency-on-local_fs.tag b/tags/i/init.d-script-missing-dependency-on-local_fs.tag new file mode 100644 index 0000000..eb3c34b --- /dev/null +++ b/tags/i/init.d-script-missing-dependency-on-local_fs.tag @@ -0,0 +1,12 @@ +Tag: init.d-script-missing-dependency-on-local_fs +Severity: error +Check: init-d +Explanation: The given init script seems to refer to <code>/var</code>, possibly + using a file from there. Without a dependency on <code>$local_fs</code> in + Required-Start or Required-Stop, as appropriate, the init script might be + run before <code>/var</code> is mounted or after it's unmounted. + . + Using Should-Start or Should-Stop to declare the dependency is + conceptually incorrect since the $local_fs facility is always + available. Required-Start or Required-Stop should be used instead. +See-Also: https://wiki.debian.org/LSBInitScripts diff --git a/tags/i/init.d-script-missing-lsb-keyword.tag b/tags/i/init.d-script-missing-lsb-keyword.tag new file mode 100644 index 0000000..bef14ef --- /dev/null +++ b/tags/i/init.d-script-missing-lsb-keyword.tag @@ -0,0 +1,8 @@ +Tag: init.d-script-missing-lsb-keyword +Severity: warning +Check: init-d +See-Also: https://wiki.debian.org/LSBInitScripts +Explanation: This <code>/etc/init.d</code> script has an LSB keyword section, but it + is missing the given required LSB keyword. If the value of this keyword + should be empty, please still include it in the LSB keyword section with + an empty value. diff --git a/tags/i/init.d-script-missing-lsb-section.tag b/tags/i/init.d-script-missing-lsb-section.tag new file mode 100644 index 0000000..0fe9111 --- /dev/null +++ b/tags/i/init.d-script-missing-lsb-section.tag @@ -0,0 +1,9 @@ +Tag: init.d-script-missing-lsb-section +Severity: warning +Check: init-d +See-Also: https://wiki.debian.org/LSBInitScripts +Explanation: This <code>/etc/init.d</code> script does not have an LSB keyword + section (or the <code>### BEGIN INIT INFO</code> tag is incorrect). This + section provides description and runlevel information in a standard + format and provides dependency information that can be used to + parallelize the boot process. Please consider adding it. diff --git a/tags/i/init.d-script-missing-lsb-short-description.tag b/tags/i/init.d-script-missing-lsb-short-description.tag new file mode 100644 index 0000000..a1bbd81 --- /dev/null +++ b/tags/i/init.d-script-missing-lsb-short-description.tag @@ -0,0 +1,8 @@ +Tag: init.d-script-missing-lsb-short-description +Severity: info +Check: init-d +See-Also: https://wiki.debian.org/LSBInitScripts +Explanation: This <code>/etc/init.d</code> script has an LSB keyword section, but it + is missing a Short-Description LSB keyword. This field isn't directly + used currently, but adding it is still a good idea for documentation + purposes. diff --git a/tags/i/init.d-script-missing-start.tag b/tags/i/init.d-script-missing-start.tag new file mode 100644 index 0000000..518c96d --- /dev/null +++ b/tags/i/init.d-script-missing-start.tag @@ -0,0 +1,8 @@ +Tag: init.d-script-missing-start +Severity: warning +Check: init-d +Explanation: The given <code>/etc/init.d</code> script indicates it should be + started at one of the runlevels 2-5 but not at all of them. This is a + mistake. The system administrators should be given the opportunity to + customize the runlevels at their will. +See-Also: debian-policy 9.3.3.1 diff --git a/tags/i/init.d-script-not-included-in-package.tag b/tags/i/init.d-script-not-included-in-package.tag new file mode 100644 index 0000000..79af697 --- /dev/null +++ b/tags/i/init.d-script-not-included-in-package.tag @@ -0,0 +1,5 @@ +Tag: init.d-script-not-included-in-package +Severity: error +Check: init-d +Explanation: The <code>/etc/init.d</code> script is registered in the + <code>postinst</code> script, but is not included in the package. diff --git a/tags/i/init.d-script-not-marked-as-conffile.tag b/tags/i/init.d-script-not-marked-as-conffile.tag new file mode 100644 index 0000000..3d5a5d3 --- /dev/null +++ b/tags/i/init.d-script-not-marked-as-conffile.tag @@ -0,0 +1,8 @@ +Tag: init.d-script-not-marked-as-conffile +Severity: warning +Check: init-d +See-Also: debian-policy 9.3.2 +Explanation: <code>/etc/init.d</code> scripts should be marked as conffiles. + . + This is usually an error, but the Policy allows for managing these files + manually in maintainer scripts and Lintian cannot reliably detect that. diff --git a/tags/i/init.d-script-possible-missing-stop.tag b/tags/i/init.d-script-possible-missing-stop.tag new file mode 100644 index 0000000..ee1a2da --- /dev/null +++ b/tags/i/init.d-script-possible-missing-stop.tag @@ -0,0 +1,15 @@ +Tag: init.d-script-possible-missing-stop +Severity: warning +Check: init-d +Explanation: The given <code>/etc/init.d</code> script indicates it should be + stopped at one of the runlevels 0, 1, or 6 but not at all of them. + This is usually a mistake. Normally, facilities that need to be stopped + at any of those runlevels need to be stopped at all of them. + . + For example, if it is safe for the facility provided by this init script + to be stopped by <code>sendsigs</code> at runlevels 0 and 6, there should be + no reason to special case runlevel 1, where <code>killprocs</code> would + stop it. If the facility needs special shutdown handling when rebooting + the system (runlevel 6), it probably needs the same handling when + halting the system (runlevel 0) or switching to single-user mode + (runlevel 1). diff --git a/tags/i/init.d-script-provides-virtual-facility.tag b/tags/i/init.d-script-provides-virtual-facility.tag new file mode 100644 index 0000000..89c10f6 --- /dev/null +++ b/tags/i/init.d-script-provides-virtual-facility.tag @@ -0,0 +1,16 @@ +Tag: init.d-script-provides-virtual-facility +Severity: warning +Check: init-d +Explanation: This <code>/etc/init.d</code> script indicates in its LSB headers that + it provides a virtual facility, denoted by the dollar sign in front of + the name. + . + This is not the correct way to provide a virtual facility. Instead, the + package should include a file in <code>/etc/insserv.conf.d</code>, usually + named after the package, containing: + . + $virtual_facility_name +init-script-name + . + to declare that the named init script provides the named virtual + facility. +See-Also: https://wiki.debian.org/LSBInitScripts/DebianVirtualFacilities diff --git a/tags/i/init.d-script-should-always-start-service.tag b/tags/i/init.d-script-should-always-start-service.tag new file mode 100644 index 0000000..c26c24a --- /dev/null +++ b/tags/i/init.d-script-should-always-start-service.tag @@ -0,0 +1,19 @@ +Tag: init.d-script-should-always-start-service +Severity: error +Check: init-d +Explanation: The specified file under <code>/etc/default/</code> includes a line + such as <code>ENABLED=</code>, <code>DISABLED=</code>, <code>RUN=</code>, etc. + . + This is an older practice used so that the package's init script would + not start the service until the local system administrator changed this + value. + . + However, this hides from the underlying init system whether or not the + daemon should actually be started leading to confusing behavior + including <code>service package start</code> returning success without the + service actually starting. + . + Please remove this mechanism and disable enabling the daemon on install + via <code>dh_installinit --no-enable</code> or move to automatically + starting it. +See-Also: debian-policy 9.3.3.1, update-rc.d(8), dh_installinit(1) diff --git a/tags/i/init.d-script-sourcing-without-test.tag b/tags/i/init.d-script-sourcing-without-test.tag new file mode 100644 index 0000000..8998372 --- /dev/null +++ b/tags/i/init.d-script-sourcing-without-test.tag @@ -0,0 +1,11 @@ +Tag: init.d-script-sourcing-without-test +Severity: error +Check: init-d +Explanation: The given <code>/etc/init.d</code> script seems to be sourcing an + <code>/etc/default/</code> file without checking for its existence first. + Files in <code>/etc/default/</code> can be deleted by the administrator at + any time, and init scripts are required to handle the situation + gracefully. For example: + . + [ -r /etc/default/foo ] && . /etc/default/foo +See-Also: debian-policy 9.3.2 diff --git a/tags/i/init.d-script-starts-in-stop-runlevel.tag b/tags/i/init.d-script-starts-in-stop-runlevel.tag new file mode 100644 index 0000000..9943d1b --- /dev/null +++ b/tags/i/init.d-script-starts-in-stop-runlevel.tag @@ -0,0 +1,9 @@ +Tag: init.d-script-starts-in-stop-runlevel +Severity: error +Check: init-d +Explanation: This <code>/etc/init.d</code> script specifies the 0 or 6 runlevels in + Default-Start in its LSB keyword section. The 0 and 6 runlevels are + meant to only stop services, not to start them. Even if the init script + is doing something that isn't exactly stopping a service, the run-level + should be listed in Default-Stop, not Default-Start, and the script + should perform those actions when passed the <code>stop</code> argument. diff --git a/tags/i/init.d-script-uses-usr-interpreter.tag b/tags/i/init.d-script-uses-usr-interpreter.tag new file mode 100644 index 0000000..203c765 --- /dev/null +++ b/tags/i/init.d-script-uses-usr-interpreter.tag @@ -0,0 +1,15 @@ +Tag: init.d-script-uses-usr-interpreter +Severity: warning +Check: init-d +Explanation: The given <code>/etc/init.d</code> script specifies an interpreter in + its shebang located under <code>/usr</code>. + . + It indicates that the init script may be using a non-essential + interpreter. Since init scripts are configuration files, they may be + left on the system after their package has been removed but not purged. + At that point, the package dependencies are not guaranteed to exist and + the interpreter may therefore not be available. + . + It's generally best to write init scripts using <code>/bin/sh</code> or + <code>/bin/bash</code> where possible, since they are guaranteed to always be + available. diff --git a/tags/i/initial-upload-closes-no-bugs.tag b/tags/i/initial-upload-closes-no-bugs.tag new file mode 100644 index 0000000..4651ddc --- /dev/null +++ b/tags/i/initial-upload-closes-no-bugs.tag @@ -0,0 +1,12 @@ +Tag: initial-upload-closes-no-bugs +Severity: warning +Check: debian/changelog +Renamed-From: new-package-should-close-itp-bug +Explanation: This package appears to be the first packaging of a new upstream + software package (there is only one changelog entry and the Debian + revision is 1), but it does not close any bugs. The initial upload of a + new package should close the corresponding ITP bug for that package. + . + This warning can be ignored if the package is not intended for Debian or + if it is a split of an existing Debian package. +See-Also: developer-reference 5.1 diff --git a/tags/i/insecure-copyright-format-uri.tag b/tags/i/insecure-copyright-format-uri.tag new file mode 100644 index 0000000..0f19843 --- /dev/null +++ b/tags/i/insecure-copyright-format-uri.tag @@ -0,0 +1,11 @@ +Tag: insecure-copyright-format-uri +Severity: pedantic +Check: debian/copyright/dep5 +Explanation: Format URI of the machine-readable copyright file uses the plain HTTP + unencrypted transport protocol. Since policy version 4.0.0, using HTTPS is preferred. + . + Please use + <code>https://www.debian.org/doc/packaging-manuals/copyright-format/*version*/</code> + as the format URI instead. +See-Also: + https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ diff --git a/tags/i/install-info-used-in-maintainer-script.tag b/tags/i/install-info-used-in-maintainer-script.tag new file mode 100644 index 0000000..8151360 --- /dev/null +++ b/tags/i/install-info-used-in-maintainer-script.tag @@ -0,0 +1,10 @@ +Tag: install-info-used-in-maintainer-script +Severity: error +Check: scripts +Explanation: This script apparently runs <code>install-info</code>. Updating the + <code>/usr/share/info/dir</code> file is now handled automatically by + triggers, so running <code>install-info</code> from maintainer scripts is no + longer necessary. + . + If debhelper generated the maintainer script fragment, rebuilding the + package with debhelper 7.2.17 or later will fix this problem. diff --git a/tags/i/installable-field-mirrors-source.tag b/tags/i/installable-field-mirrors-source.tag new file mode 100644 index 0000000..f91ceeb --- /dev/null +++ b/tags/i/installable-field-mirrors-source.tag @@ -0,0 +1,11 @@ +Tag: installable-field-mirrors-source +Severity: info +Check: debian/control/field/redundant +Renamed-From: + binary-control-field-duplicates-source +Explanation: The named field for an installation package in + <code>debian/control</code> has the same value as the one inherited + from the source paragraph. + . + In the interest of shorter and clearer files, you may wish to take advantage + of the inheritance rules. This field is redundant. diff --git a/tags/i/interpreter-in-usr-local.tag b/tags/i/interpreter-in-usr-local.tag new file mode 100644 index 0000000..8caceae --- /dev/null +++ b/tags/i/interpreter-in-usr-local.tag @@ -0,0 +1,6 @@ +Tag: interpreter-in-usr-local +Severity: error +Check: scripts +Explanation: This package contains a script that looks for an interpreter in a + directory in /usr/local. Since Debian does not install anything in + /usr/local, this is the wrong place to look. diff --git a/tags/i/interpreter-not-absolute.tag b/tags/i/interpreter-not-absolute.tag new file mode 100644 index 0000000..7e62d1e --- /dev/null +++ b/tags/i/interpreter-not-absolute.tag @@ -0,0 +1,6 @@ +Tag: interpreter-not-absolute +Severity: warning +Check: scripts +Explanation: This script uses a relative path to locate its interpreter. + This path will be taken relative to the caller's current directory, not + the script's, so it is not likely to be what was intended. diff --git a/tags/i/intra-source-package-circular-dependency.tag b/tags/i/intra-source-package-circular-dependency.tag new file mode 100644 index 0000000..e1d5ad4 --- /dev/null +++ b/tags/i/intra-source-package-circular-dependency.tag @@ -0,0 +1,14 @@ +Tag: intra-source-package-circular-dependency +Severity: warning +Check: group-checks +Explanation: The listed packages from the same source circularly depend + (or pre-depend) on each other. This makes it difficult for tools + to properly handle install/upgrade sequences. Furthermore this + complicates automated removal of unused packages. + . + If possible, consider removing or reducing one of the depends. + . + Note: This check is limited to packages created from the same + source package. Full circular dependencies between binaries from + different source packages is beyond the scope of Lintian. +See-Also: debian-policy 7.2 diff --git a/tags/i/invalid-arch-string-in-source-relation.tag b/tags/i/invalid-arch-string-in-source-relation.tag new file mode 100644 index 0000000..db8cc03 --- /dev/null +++ b/tags/i/invalid-arch-string-in-source-relation.tag @@ -0,0 +1,9 @@ +Tag: invalid-arch-string-in-source-relation +Severity: error +Check: fields/package-relations +See-Also: debian-policy 5.6.8 +Explanation: The architecture string in the source relation includes an unknown + architecture. This may be a typo, or it may be an architecture that dpkg + doesn't know about yet. A common problem is incorrectly separating + architectures with a comma, such as <code>[i386, m68k]</code>. Architectures + are separated by spaces; this should instead be <code>[i386 m68k]</code>. diff --git a/tags/i/invalid-date-in-debian-changelog.tag b/tags/i/invalid-date-in-debian-changelog.tag new file mode 100644 index 0000000..0c6de55 --- /dev/null +++ b/tags/i/invalid-date-in-debian-changelog.tag @@ -0,0 +1,16 @@ +Tag: invalid-date-in-debian-changelog +Severity: error +Check: debian/changelog +Explanation: The date format in the latest changelog entry file appears to be invalid. + . + Dates should use the following format (compatible and with the same semantics + of RFC 2822 and RFC 5322): + . + day-of-week, dd month yyyy hh:mm:ss +zzzz + . + To avoid problems like this, consider using a tool like dch(1) or + date(1) to generate the date. Example: + . + $ date -R -ud '2013-11-05 23:59:59' + Tue, 05 Nov 2013 23:59:59 +0000 +See-Also: debian-policy 4.4 diff --git a/tags/i/invalid-escape-sequence-in-dep5-copyright.tag b/tags/i/invalid-escape-sequence-in-dep5-copyright.tag new file mode 100644 index 0000000..347cdb1 --- /dev/null +++ b/tags/i/invalid-escape-sequence-in-dep5-copyright.tag @@ -0,0 +1,9 @@ +Tag: invalid-escape-sequence-in-dep5-copyright +Severity: warning +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: The only allowed escape sequences are "\*", "\?" and "\\" (without + quotes) to produce a literal star, question mark and backslash, respectively. + Without the escaping backslash, the star and question mark take the role of + globbing operators similar to shell globs which is why they have to be + escaped. No other escapable characters than "*", "?" and "\" exist. diff --git a/tags/i/invalid-field-for-derivative.tag b/tags/i/invalid-field-for-derivative.tag new file mode 100644 index 0000000..89d59c7 --- /dev/null +++ b/tags/i/invalid-field-for-derivative.tag @@ -0,0 +1,17 @@ +Tag: invalid-field-for-derivative +Severity: error +Check: fields/derivatives +Explanation: The specified field in <code>debian/control</code> does not match the + required format for this Debian derivative. + . + Derivative distributions of Debian may enforce additional restrictions + on such fields for many reasons including ensuring that: + . + - Debian maintainers are not contacted for forked or packages that + are otherwise modified by the derivative. + - The original maintainer is still credited for their work (eg. in a + <code>XSBC-Original-Maintainer</code> field). + - References to revision control systems (eg. <code>Vcs-Git</code>) are + pointing to the correct, updated location. + - Fields that become misleading in the context of a derivative are + removed. diff --git a/tags/i/invalid-override-restriction.tag b/tags/i/invalid-override-restriction.tag new file mode 100644 index 0000000..26ea506 --- /dev/null +++ b/tags/i/invalid-override-restriction.tag @@ -0,0 +1,8 @@ +Tag: invalid-override-restriction +Severity: error +Show-Always: yes +Check: debian/lintian-overrides/restricted +Explanation: The architecture restriction in the given <code>override</code> + line is invalid for the reason indicated. +See-Also: + lintian-manual 2.4.1 diff --git a/tags/i/invalid-po-file.tag b/tags/i/invalid-po-file.tag new file mode 100644 index 0000000..69e8117 --- /dev/null +++ b/tags/i/invalid-po-file.tag @@ -0,0 +1,6 @@ +Tag: invalid-po-file +Severity: warning +Check: debian/po-debconf +Explanation: Errors were found in the listed PO file that will cause its content + to be discarded. Run <code>msgfmt</code> on the file to see the error + messages. diff --git a/tags/i/invalid-potfiles-in.tag b/tags/i/invalid-potfiles-in.tag new file mode 100644 index 0000000..5f6bb1c --- /dev/null +++ b/tags/i/invalid-potfiles-in.tag @@ -0,0 +1,11 @@ +Tag: invalid-potfiles-in +Severity: warning +Check: debian/po-debconf +Explanation: Errors were found in the <code>debian/po/POTFILES.in</code> file. + . + Please make sure that all strings marked for translation are in uniform + encoding (say UTF-8) then prepend the following line to POTFILES.in and + rerun intltool-update. + . + [encoding: UTF-8] +See-Also: Bug#849912, Bug#883653 diff --git a/tags/i/invalid-profile-name-in-build-profiles-field.tag b/tags/i/invalid-profile-name-in-build-profiles-field.tag new file mode 100644 index 0000000..e14ce77 --- /dev/null +++ b/tags/i/invalid-profile-name-in-build-profiles-field.tag @@ -0,0 +1,28 @@ +Tag: invalid-profile-name-in-build-profiles-field +Severity: error +Check: debian/control/field/build-profiles +Explanation: The restriction formula in the <code>Build-Profiles</code> field + includes an unknown build profile. The only allowed build profiles are: + . + - <code>cross</code> + - <code>nobiarch</code> + - <code>nocheck</code> + - <code>nocil</code> + - <code>nodoc</code> + - <code>nogolang</code> + - <code>noguile</code> + - <code>noinsttest</code> + - <code>nojava</code> + - <code>nolua</code> + - <code>noocaml</code> + - <code>noperl</code> + - <code>nopython</code> + - <code>noruby</code> + - <code>noudeb</code> + - <code>nowasm</code> + - <code>nowindows</code> + - <code>stage1</code> + - <code>stage2</code> + - <code>pkg.*srcpkg*.*anything*</code> +See-Also: + https://wiki.debian.org/BuildProfileSpec#Registered_profile_names diff --git a/tags/i/invalid-profile-name-in-source-relation.tag b/tags/i/invalid-profile-name-in-source-relation.tag new file mode 100644 index 0000000..613d130 --- /dev/null +++ b/tags/i/invalid-profile-name-in-source-relation.tag @@ -0,0 +1,26 @@ +Tag: invalid-profile-name-in-source-relation +Severity: error +Check: fields/package-relations +Explanation: The restriction formula in the source relation includes an unknown build + profile. The only allowed build profiles are + "cross", + "nobiarch", + "nocheck", + "nocil", + "nodoc", + "nogolang", + "noguile", + "noinsttest", + "nojava", + "nolua", + "noocaml", + "noperl", + "nopython", + "noruby", + "noudeb", + "nowasm", + "nowindows", + "stage1", + "stage2" + and "pkg.*srcpkg*.*anything*". +See-Also: https://wiki.debian.org/BuildProfileSpec#Registered_profile_names diff --git a/tags/i/invalid-restriction-formula-in-build-profiles-field.tag b/tags/i/invalid-restriction-formula-in-build-profiles-field.tag new file mode 100644 index 0000000..8375d87 --- /dev/null +++ b/tags/i/invalid-restriction-formula-in-build-profiles-field.tag @@ -0,0 +1,8 @@ +Tag: invalid-restriction-formula-in-build-profiles-field +Severity: error +Check: debian/control/field/build-profiles +Explanation: The restriction formula in the <code>Build-Profiles</code> field + must be in the same format as the restriction formula in the + <code>Build-Depends</code> field (with angle brackets). +See-Also: + https://wiki.debian.org/BuildProfileSpec#The_Build-Profiles_field diff --git a/tags/i/invalid-short-name-in-dep5-copyright.tag b/tags/i/invalid-short-name-in-dep5-copyright.tag new file mode 100644 index 0000000..f9b5ec3 --- /dev/null +++ b/tags/i/invalid-short-name-in-dep5-copyright.tag @@ -0,0 +1,6 @@ +Tag: invalid-short-name-in-dep5-copyright +Severity: warning +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: The โLicenseโ field contains a short name observed to be a + misspelling of one of the standard short names. diff --git a/tags/i/invalid-standards-version.tag b/tags/i/invalid-standards-version.tag new file mode 100644 index 0000000..5051291 --- /dev/null +++ b/tags/i/invalid-standards-version.tag @@ -0,0 +1,6 @@ +Tag: invalid-standards-version +Severity: error +Check: fields/standards-version +Explanation: The source package refers to a Standards-Version which never + existed. Please update your package to latest Policy and set this + control field appropriately. diff --git a/tags/i/invalid-systemd-documentation.tag b/tags/i/invalid-systemd-documentation.tag new file mode 100644 index 0000000..a4d126c --- /dev/null +++ b/tags/i/invalid-systemd-documentation.tag @@ -0,0 +1,25 @@ +Tag: invalid-systemd-documentation +Severity: info +Check: systemd +Explanation: The named systemd service file contains a <code>Documentation</code> + field that is not a URI. + . + The field should contain a space-separated list of URIs referencing documentation + for the unit or its configuration. Accepted are only URIs of the types + <code>http://</code>, <code>https://</code>, <code>file:</code>, <code>info:</code>, + <code>man:</code>. + . + For more information about the syntax of these URIs, see <code>uri(7)</code>. The URIs + should be listed in order of relevance, starting with the most relevant. It is a good + idea to first reference documentation that explains what the unit's purpose is, + followed by how it is configured, followed by any other related documentation. + . + The <code>Documentation</code> key may be specified more than once, in which case the + specified list of URIs is merged. If the empty string is assigned to this option, the + list is reset and prior assignments have no effect. + . + Documentation for systemd service files can be automatically viewed using + <code>systemctl help servicename</code> if this field is present. +See-Also: + systemd.unit(5), + uri(7) diff --git a/tags/i/invalid-template-id-in-symbols-file.tag b/tags/i/invalid-template-id-in-symbols-file.tag new file mode 100644 index 0000000..577ebd5 --- /dev/null +++ b/tags/i/invalid-template-id-in-symbols-file.tag @@ -0,0 +1,9 @@ +Tag: invalid-template-id-in-symbols-file +Severity: error +Check: debian/shlibs +Explanation: The symbol definition refers to an alternative dependency template + which is not defined for the library containing the symbol. + . + The first alternative dependency template for a library the id number + of 1, with the ids of subsequent alternative templates increasing in + sequence. diff --git a/tags/i/invalid-value-in-built-using-field.tag b/tags/i/invalid-value-in-built-using-field.tag new file mode 100644 index 0000000..c8fab8f --- /dev/null +++ b/tags/i/invalid-value-in-built-using-field.tag @@ -0,0 +1,11 @@ +Tag: invalid-value-in-built-using-field +Severity: error +Check: fields/built-using +Explanation: The Built-Using field contains invalid fields. + . + The Built-Using field must consist of simple <code>source (= + version)</code> clauses. Notably, it must use a strictly equal in the + relation. + . + Only first issue is shown. +See-Also: debian-policy 7.8 diff --git a/tags/i/invalid-version-number-for-derivative.tag b/tags/i/invalid-version-number-for-derivative.tag new file mode 100644 index 0000000..ebea535 --- /dev/null +++ b/tags/i/invalid-version-number-for-derivative.tag @@ -0,0 +1,9 @@ +Tag: invalid-version-number-for-derivative +Severity: error +Check: fields/version/derivative +Explanation: The version does not comply with the format required for that Debian + derivative. + . + Derivative distributions may enforce additional restrictions on version strings + in order to ensure that packages modified specifically for that derivative can + be so identified. diff --git a/tags/i/invalid-versioned-provides.tag b/tags/i/invalid-versioned-provides.tag new file mode 100644 index 0000000..fd79895 --- /dev/null +++ b/tags/i/invalid-versioned-provides.tag @@ -0,0 +1,8 @@ +Tag: invalid-versioned-provides +Severity: error +Check: fields/package-relations +See-Also: debian-policy 7.1, Bug#761219 +Explanation: The package declares a provides relation with an invalid version + operator (e.g. ">="). + . + If a provides is versioned, it must use "=". diff --git a/tags/i/isdefault-flag-is-deprecated.tag b/tags/i/isdefault-flag-is-deprecated.tag new file mode 100644 index 0000000..a53f0bf --- /dev/null +++ b/tags/i/isdefault-flag-is-deprecated.tag @@ -0,0 +1,12 @@ +Tag: isdefault-flag-is-deprecated +Severity: warning +Check: debian/debconf +Explanation: The "isdefault" flag on debconf questions is deprecated as of debconf + 0.5.00, and has been replaced by "seen" with the inverse meaning. From + debconf 0.5 onwards there should be very few reasons to use isdefault/seen + anyway, as backing up works much better now. See + /usr/share/doc/debconf-doc/changelog.gz for more information. + . + The misuse of isdefault often leads to questions being asked twice in one + installation run, or, worse, on every upgrade. Please test your package + carefully to make sure this does not happen. diff --git a/tags/j/jar-contains-source.tag b/tags/j/jar-contains-source.tag new file mode 100644 index 0000000..94be210 --- /dev/null +++ b/tags/j/jar-contains-source.tag @@ -0,0 +1,12 @@ +Tag: jar-contains-source +Severity: warning +Check: languages/java +Explanation: The package ships the specified Jar file containing a + <code>.java</code> file alongside a corresponding <code>.class</code> file. + . + This wastes disk space as the source is always available via <code>apt + source</code>. + . + Please ensure that the specified <code>.java</code> files are not shipped in + the Jar file. +See-Also: java-policy 2.4 diff --git a/tags/j/jar-not-in-usr-share.tag b/tags/j/jar-not-in-usr-share.tag new file mode 100644 index 0000000..c031fad --- /dev/null +++ b/tags/j/jar-not-in-usr-share.tag @@ -0,0 +1,14 @@ +Tag: jar-not-in-usr-share +Severity: warning +Check: languages/java +See-Also: java-policy 2.2, java-policy 2.3 +Explanation: The classpath listed in some of the files references files outside + of /usr/share, while all installed JAR files must be within + /usr/share/java for libraries or /usr/share/*package* for JARs for + private use. + . + The rationale is that jar files are in almost all cases architecture + independent and therefore should be in /usr/share. If the jar file is + truly architecture dependent or it cannot be moved since symlinked jar + files are not accepted by the application, then please override this + tag. diff --git a/tags/j/javalib-but-no-public-jars.tag b/tags/j/javalib-but-no-public-jars.tag new file mode 100644 index 0000000..4de9b60 --- /dev/null +++ b/tags/j/javalib-but-no-public-jars.tag @@ -0,0 +1,10 @@ +Tag: javalib-but-no-public-jars +Severity: info +Check: languages/java +Explanation: The name of the package suggests it contains a java library but + the package does not ship any JAR files in <code>/usr/share/java</code>. + . + The java policy mandates that JAR files outside <code>/usr/share/java</code> + are for private use. +See-Also: + java-policy diff --git a/tags/k/kill-mode-none.tag b/tags/k/kill-mode-none.tag new file mode 100644 index 0000000..e182905 --- /dev/null +++ b/tags/k/kill-mode-none.tag @@ -0,0 +1,13 @@ +Tag: kill-mode-none +Severity: warning +Check: systemd +Explanation: The named systemd unit is configured to use <code>KillMode=none</code>. + That is unsafe because it disables systemd's process lifecycle management for the + service. + . + Please update your service to use a safer <code>KillMode</code>, such as + <code>mixed</code> or <code>control-group</code>. + . + Support for <code>KillMode=none</code> is deprecated and will eventually be removed. +See-also: + systemd.kill(5) diff --git a/tags/k/killall-is-dangerous.tag b/tags/k/killall-is-dangerous.tag new file mode 100644 index 0000000..05b8a1d --- /dev/null +++ b/tags/k/killall-is-dangerous.tag @@ -0,0 +1,9 @@ +Tag: killall-is-dangerous +Severity: warning +Check: maintainer-scripts/killall +Explanation: The maintainer script seems to call <code>killall</code>. Since the + program terminates processes by name, it may accidentally affect unrelated + processes. + . + Most uses of <code>killall</code> should use <code>invoke-rc.d</code> + instead. diff --git a/tags/l/lacks-ldconfig-trigger.tag b/tags/l/lacks-ldconfig-trigger.tag new file mode 100644 index 0000000..b38f236 --- /dev/null +++ b/tags/l/lacks-ldconfig-trigger.tag @@ -0,0 +1,20 @@ +Tag: lacks-ldconfig-trigger +Severity: error +Check: libraries/shared/trigger/ldconfig +Renamed-From: + package-must-activate-ldconfig-trigger +Explanation: The package installs shared libraries in a directory controlled by + the dynamic library loader. Therefore, the package must trigger libc's + "ldconfig" trigger to ensure the ldconfig cache is updated. + . + If the package is using debhelper, <code>dh_makeshlibs</code> should + automatically discover this and add the trigger itself. + Otherwise, please add <code>activate-noawait ldconfig</code> to the + <code>triggers</code> file in the control member. + . + Note this tag may trigger for packages built with debhelper before + version 9.20151004. In such case, a simple rebuild will often be + sufficient to fix this issue. +See-Also: + debian-policy 8.1.1, + https://lists.debian.org/debian-devel/2015/08/msg00412.html diff --git a/tags/l/lacks-unversioned-link-to-shared-library.tag b/tags/l/lacks-unversioned-link-to-shared-library.tag new file mode 100644 index 0000000..92ad571 --- /dev/null +++ b/tags/l/lacks-unversioned-link-to-shared-library.tag @@ -0,0 +1,26 @@ +Tag: lacks-unversioned-link-to-shared-library +Severity: warning +Check: libraries/shared/links +Renamed-From: + dev-pkg-without-shlib-symlink +Explanation: A <code>-dev</code> package is supposed to install an unversioned + symbolic link that references the shared library by name. + . + There is no requirement that the names are otherwise related. + . + The dynamic linker uses the link to load the executable into memory. + . + In most cases, the symbolic link should be in the same folder as the library itself. + A major exception are libraries installed under <code>/lib</code>. In those cases, + the links should go into the corresponding folders under <code>/usr</code>. + . + For a library installed as <code>/lib/i386-linux-gnu/libXYZ.so.V</code>, a good link + would be <code>/usr/lib/i386-linux-gnu/libXYZ.so</code>. + . + This tag is emitted for the library package and not for the <code>-dev</code> package. + That is because Lintian looks for links after locating the library. The links can be + in any of several installables, but there is only one library for each set of links + pointing to it. +See-Also: + debian-policy 8.4 + Bug#963099 diff --git a/tags/l/lacks-versioned-link-to-shared-library.tag b/tags/l/lacks-versioned-link-to-shared-library.tag new file mode 100644 index 0000000..f2316ff --- /dev/null +++ b/tags/l/lacks-versioned-link-to-shared-library.tag @@ -0,0 +1,12 @@ +Tag: lacks-versioned-link-to-shared-library +Severity: error +Check: libraries/shared/links +Renamed-From: + ldconfig-symlink-missing-for-shlib +Explanation: The package should not only include the shared library itself, but also + the symbolic link which ldconfig would produce. (This is necessary, so + that the link gets removed by dpkg automatically when the package + gets removed.) If the symlink is in the package, check that the SONAME of the + library matches the info in the shlibs file. +See-Also: + debian-policy 8.1 diff --git a/tags/l/latest-changelog-entry-without-new-date.tag b/tags/l/latest-changelog-entry-without-new-date.tag new file mode 100644 index 0000000..bc724cd --- /dev/null +++ b/tags/l/latest-changelog-entry-without-new-date.tag @@ -0,0 +1,9 @@ +Tag: latest-changelog-entry-without-new-date +Severity: error +Check: debian/changelog +Explanation: The latest Debian changelog entry has either the same or even an + older date as the entry before. + . + This can result in subtle bugs due to the <code>SOURCE_DATE_EPOCH</code> + environment variable being the same between the older and newer + versions. diff --git a/tags/l/latest-debian-changelog-entry-reuses-existing-version.tag b/tags/l/latest-debian-changelog-entry-reuses-existing-version.tag new file mode 100644 index 0000000..b69254a --- /dev/null +++ b/tags/l/latest-debian-changelog-entry-reuses-existing-version.tag @@ -0,0 +1,15 @@ +Tag: latest-debian-changelog-entry-reuses-existing-version +Severity: warning +Check: debian/changelog +Explanation: The latest changelog entry has a version that matches one used in + the specified previous entry. All versions of a source package must be + unique even after a leading epoch has been stripped off. + . + Files generated by the current version of this source package would + conflict with some historical files. This is because the Debian archive + does not allow multiple files with the same name and different contents + and the generated .dsc, .deb, etc. do not embed the epoch in their + filenames. + . + Please pick another version, for example by increasing the Debian + revision. diff --git a/tags/l/latest-debian-changelog-entry-without-new-date.tag b/tags/l/latest-debian-changelog-entry-without-new-date.tag new file mode 100644 index 0000000..a5058a3 --- /dev/null +++ b/tags/l/latest-debian-changelog-entry-without-new-date.tag @@ -0,0 +1,9 @@ +Tag: latest-debian-changelog-entry-without-new-date +Severity: error +Check: debian/changelog +Explanation: The latest Debian changelog entry has either the same or even an + older date as the entry before. + . + This can result in subtle bugs due to the <code>SOURCE_DATE_EPOCH</code> + environment variable being the same between the older and newer + versions. diff --git a/tags/l/ldconfig-escape.tag b/tags/l/ldconfig-escape.tag new file mode 100644 index 0000000..bfe1522 --- /dev/null +++ b/tags/l/ldconfig-escape.tag @@ -0,0 +1,14 @@ +Tag: ldconfig-escape +Severity: info +Check: files/hierarchy/links +Renamed-From: + breakout-link +Explanation: The named link is located in the load path for the dynamic + linker but points outside that group of folders. + . + Packages should install public shared libraries into the load path. +See-Also: + Bug#243158, + Bug#964111, + Bug#971707, + Bug#968525 diff --git a/tags/l/ldconfig-symlink-is-not-a-symlink.tag b/tags/l/ldconfig-symlink-is-not-a-symlink.tag new file mode 100644 index 0000000..4338258 --- /dev/null +++ b/tags/l/ldconfig-symlink-is-not-a-symlink.tag @@ -0,0 +1,7 @@ +Tag: ldconfig-symlink-is-not-a-symlink +Severity: error +Check: libraries/shared/links +Explanation: The package installs a file with the name, ldconfig would use for + the symbolic link to reference the shared library. +See-Also: + debian-policy 8.1 diff --git a/tags/l/ldconfig-symlink-referencing-wrong-file.tag b/tags/l/ldconfig-symlink-referencing-wrong-file.tag new file mode 100644 index 0000000..f62db2a --- /dev/null +++ b/tags/l/ldconfig-symlink-referencing-wrong-file.tag @@ -0,0 +1,7 @@ +Tag: ldconfig-symlink-referencing-wrong-file +Severity: error +Check: libraries/shared/links +Explanation: The symbolic link references the wrong file. (It should reference + the shared library.) +See-Also: + debian-policy 8.1 diff --git a/tags/l/lengthy-symlink.tag b/tags/l/lengthy-symlink.tag new file mode 100644 index 0000000..6fd022b --- /dev/null +++ b/tags/l/lengthy-symlink.tag @@ -0,0 +1,10 @@ +Tag: lengthy-symlink +Severity: error +Check: files/symbolic-links +Explanation: This link goes up, and then back down into the same subdirectory. + Making it shorter will improve its chances of finding the right file + if the user's system has lots of symlinked directories. + . + If you use debhelper, running dh_link after creating the package structure + will fix this problem for you. +See-Also: debian-policy 10.5 diff --git a/tags/l/lib-recommends-documentation.tag b/tags/l/lib-recommends-documentation.tag new file mode 100644 index 0000000..c487a7a --- /dev/null +++ b/tags/l/lib-recommends-documentation.tag @@ -0,0 +1,12 @@ +Tag: lib-recommends-documentation +Severity: warning +Check: fields/package-relations +Explanation: The given package appears to be a library package, but it recommends + a documentation package. Doing this can pull in unwanted (and often + large) documentation packages since recommends are installed by default + and library packages are pulled by applications that use them. Users + usually only care about the library documentation if they're developing + against the library, not just using it, so the development package should + recommend the documentation instead. If there is no development package + (for modules for scripting languages, for example), consider Suggests + instead of Recommends. diff --git a/tags/l/libapp-perl-package-name.tag b/tags/l/libapp-perl-package-name.tag new file mode 100644 index 0000000..7c9904f --- /dev/null +++ b/tags/l/libapp-perl-package-name.tag @@ -0,0 +1,12 @@ +Tag: libapp-perl-package-name +Severity: error +Check: application-not-library +Explanation: This package contains a program in $PATH and is named + libapp-*-perl which usually implies that the upstream project on CPAN + is under the App:: hierarchy for applications. Instead of + libfoo-bar-perl it should be named foo-bar. + . + People tend to skip library-like named packages when looking for + applications in the package list and hence wouldn't notice this + package. +See-Also: https://perl-team.pages.debian.net/policy.html#Package_Naming_Policy diff --git a/tags/l/libmodule-build-perl-needs-to-be-in-build-depends.tag b/tags/l/libmodule-build-perl-needs-to-be-in-build-depends.tag new file mode 100644 index 0000000..c88e835 --- /dev/null +++ b/tags/l/libmodule-build-perl-needs-to-be-in-build-depends.tag @@ -0,0 +1,7 @@ +# Imported from pkg-perl-tools +Tag: libmodule-build-perl-needs-to-be-in-build-depends +Severity: error +Check: fields/package-relations +Experimental: yes +Explanation: libmodule-build-perl needs to be in <code>Build-Depends</code>, not in + Build-Depends-Indep, since it's used in the clean target. diff --git a/tags/l/libmodule-build-tiny-perl-needs-to-be-in-build-depends.tag b/tags/l/libmodule-build-tiny-perl-needs-to-be-in-build-depends.tag new file mode 100644 index 0000000..d5a983d --- /dev/null +++ b/tags/l/libmodule-build-tiny-perl-needs-to-be-in-build-depends.tag @@ -0,0 +1,7 @@ +# Imported from pkg-perl-tools +Tag: libmodule-build-tiny-perl-needs-to-be-in-build-depends +Severity: error +Check: fields/package-relations +Experimental: yes +Explanation: libmodule-build-tiny-perl needs to be in <code>Build-Depends</code>, not + in Build-Depends-Indep, since it's used in the clean target. diff --git a/tags/l/library-in-root-and-usr.tag b/tags/l/library-in-root-and-usr.tag new file mode 100644 index 0000000..5698bfb --- /dev/null +++ b/tags/l/library-in-root-and-usr.tag @@ -0,0 +1,12 @@ +Tag: library-in-root-and-usr +Severity: error +Check: usrmerge +Explanation: The package ships two files with the same name installed both in + /lib*/ and /usr/lib*/ (or their subdirectories). + This is not useful and is incompatible with the merged /usr directories + scheme. + . + Shared library files, both static and dynamic, must be installed in + the correct directories as documented in Policy 8.1. +See-Also: https://wiki.debian.org/UsrMerge, + debian-policy 8.1 diff --git a/tags/l/library-not-linked-against-libc.tag b/tags/l/library-not-linked-against-libc.tag new file mode 100644 index 0000000..63d4a5c --- /dev/null +++ b/tags/l/library-not-linked-against-libc.tag @@ -0,0 +1,14 @@ +Tag: library-not-linked-against-libc +Severity: error +Check: binaries/prerequisites +Explanation: The package installs a library which is not dynamically linked + against libc. + . + It is theoretically possible to have a library which doesn't use any + symbols from libc, but it is far more likely that this is a violation + of the requirement that "shared libraries must be linked against all + libraries that they use symbols from in the same way that binaries + are". +See-Also: + debian-policy 10.2, + Bug#698720 diff --git a/tags/l/library-package-name-for-application.tag b/tags/l/library-package-name-for-application.tag new file mode 100644 index 0000000..4287b27 --- /dev/null +++ b/tags/l/library-package-name-for-application.tag @@ -0,0 +1,15 @@ +Tag: library-package-name-for-application +Severity: info +Check: application-not-library +Experimental: yes +Explanation: This package contains a program in $PATH but is named like a + library. E.g. instead of libfoo-bar-perl it should be named just + foo-bar. + . + People tend to skip library-like named packages when looking for + applications in the package list and hence wouldn't notice this + package. See the reference for some (not perl-specific) reasoning. + . + In case the program in $PATH is only a helper tool and the package is + primarily a library, please add a Lintian override for this tag. +See-Also: https://perl-team.pages.debian.net/policy.html#Package_Naming_Policy diff --git a/tags/l/license-file-listed-in-debian-copyright.tag b/tags/l/license-file-listed-in-debian-copyright.tag new file mode 100644 index 0000000..b6dcaeb --- /dev/null +++ b/tags/l/license-file-listed-in-debian-copyright.tag @@ -0,0 +1,6 @@ +Tag: license-file-listed-in-debian-copyright +Severity: info +Check: debian/copyright/dep5 +Explanation: A file containing a software license is listed in + <code>debian/copyright</code>. That is not necessary. Please remove + the entry referring to the license file. diff --git a/tags/l/license-problem-bad-php-license.tag b/tags/l/license-problem-bad-php-license.tag new file mode 100644 index 0000000..014fa64 --- /dev/null +++ b/tags/l/license-problem-bad-php-license.tag @@ -0,0 +1,10 @@ +Tag: license-problem-bad-php-license +Severity: error +Check: cruft +Explanation: This package appears to be covered by version 2.x of the PHP license, + which is not appropriate for anything other than the PHP interpreter + itself. + . + Note that PEAR modules are not a part of the PHP interpreter and cannot + use this license. +See-Also: https://ftp-master.debian.org/REJECT-FAQ.html, Bug#616436 diff --git a/tags/l/license-problem-cc-by-nc-sa.tag b/tags/l/license-problem-cc-by-nc-sa.tag new file mode 100644 index 0000000..7a4e512 --- /dev/null +++ b/tags/l/license-problem-cc-by-nc-sa.tag @@ -0,0 +1,5 @@ +Tag: license-problem-cc-by-nc-sa +Severity: error +Check: cruft +Explanation: The given source file is copyrighted under the non-free + Creative Commons Non-Commercial Share-Alike (CC-NC-SA) license. diff --git a/tags/l/license-problem-convert-utf-code.tag b/tags/l/license-problem-convert-utf-code.tag new file mode 100644 index 0000000..7983c6f --- /dev/null +++ b/tags/l/license-problem-convert-utf-code.tag @@ -0,0 +1,15 @@ +Tag: license-problem-convert-utf-code +Severity: error +Check: cruft +Explanation: The following file source files include material under a + non-free license from Unicode Inc. Therefore, it is + not possible to ship this in main or contrib. + . + This license does not grant any permission + to modify the files (thus failing DFSG#3). Moreover, the license grant + seems to attempt to restrict use to "products supporting the Unicode + Standard" (thus failing DFSG#6). + . + In this case a solution is to use libicu and to remove this code + by repacking. +See-Also: Bug#823100 diff --git a/tags/l/license-problem-font-adobe-copyrighted-fragment-no-credit.tag b/tags/l/license-problem-font-adobe-copyrighted-fragment-no-credit.tag new file mode 100644 index 0000000..5583002 --- /dev/null +++ b/tags/l/license-problem-font-adobe-copyrighted-fragment-no-credit.tag @@ -0,0 +1,12 @@ +Tag: license-problem-font-adobe-copyrighted-fragment-no-credit +Severity: error +Check: fonts/postscript/type1 +Explanation: This type 1 font file includes some postscript fragment with a + non-free license of Adobe. In order to check if this tag is genuine + please follow the procedure described in the reference. + . + Moreover the fragment was likely verbatim copied from black + book without any credit to Adobe. + . + Should this be a false-positive, please override the tag. +See-Also: https://wiki.debian.org/qa.debian.org/type1nondfsg diff --git a/tags/l/license-problem-font-adobe-copyrighted-fragment.tag b/tags/l/license-problem-font-adobe-copyrighted-fragment.tag new file mode 100644 index 0000000..6c7667c --- /dev/null +++ b/tags/l/license-problem-font-adobe-copyrighted-fragment.tag @@ -0,0 +1,9 @@ +Tag: license-problem-font-adobe-copyrighted-fragment +Severity: error +Check: fonts/postscript/type1 +Explanation: This type 1 font file includes some postscript fragment with a + non-free license of Adobe. In order to check if this tag is genuine + please follow the procedure described in the reference. + . + Should this be a false-positive, please override the tag. +See-Also: https://wiki.debian.org/qa.debian.org/type1nondfsg diff --git a/tags/l/license-problem-gfdl-invariants-empty.tag b/tags/l/license-problem-gfdl-invariants-empty.tag new file mode 100644 index 0000000..3689372 --- /dev/null +++ b/tags/l/license-problem-gfdl-invariants-empty.tag @@ -0,0 +1,11 @@ +Tag: license-problem-gfdl-invariants-empty +Severity: info +Check: cruft +Explanation: The given source file is licensed under GFDL, but without any + precision about the presence of invariant sections, front-cover or + back-cover text. + . + GFDL license explicitly requests you to document this non-presence. + . +See-Also: https://wiki.debian.org/qa.debian.org/gfdlinvariant, + https://www.debian.org/vote/2006/vote_001 diff --git a/tags/l/license-problem-gfdl-invariants.tag b/tags/l/license-problem-gfdl-invariants.tag new file mode 100644 index 0000000..81abe73 --- /dev/null +++ b/tags/l/license-problem-gfdl-invariants.tag @@ -0,0 +1,12 @@ +Tag: license-problem-gfdl-invariants +Severity: error +Check: cruft +Explanation: The given source file is licensed under GFDL with invariant + section or front-cover or back-cover text. + . + GFDL with invariant sections, front-cover or back-cover texts are not + suitable for main. + . + If this file be multi-licensed, please override the tag. +See-Also: https://wiki.debian.org/qa.debian.org/gfdlinvariant, + https://www.debian.org/vote/2006/vote_001 diff --git a/tags/l/license-problem-gfdl-non-official-text.tag b/tags/l/license-problem-gfdl-non-official-text.tag new file mode 100644 index 0000000..d1dc70f --- /dev/null +++ b/tags/l/license-problem-gfdl-non-official-text.tag @@ -0,0 +1,8 @@ +Tag: license-problem-gfdl-non-official-text +Severity: pedantic +Check: cruft +Explanation: The given source file is licensed under GFDL, but using a + non-official text for the "no invariant sections" part. + . + Please ask upstream to always use (case insensitive): + with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. diff --git a/tags/l/license-problem-json-evil.tag b/tags/l/license-problem-json-evil.tag new file mode 100644 index 0000000..867abed --- /dev/null +++ b/tags/l/license-problem-json-evil.tag @@ -0,0 +1,7 @@ +Tag: license-problem-json-evil +Severity: error +Check: cruft +Explanation: The given source file is copyrighted under the non-free + license of json and the infamous clause: + The Software shall be used for Good, not Evil. +See-Also: https://wiki.debian.org/qa.debian.org/jsonevil diff --git a/tags/l/license-problem-md5sum-non-distributable-file.tag b/tags/l/license-problem-md5sum-non-distributable-file.tag new file mode 100644 index 0000000..8dca00a --- /dev/null +++ b/tags/l/license-problem-md5sum-non-distributable-file.tag @@ -0,0 +1,12 @@ +Tag: license-problem-md5sum-non-distributable-file +Severity: error +Check: files/banned +Explanation: The following file is not distributable even in the non-free + archive. + . + Please re-package the package without the file (if possible) + or ask the FTP-masters to remove the package. + . + If the package has been uploaded to Debian before, please + remember to also notify snapshot.debian.org about this + package containing a non-distributable file. diff --git a/tags/l/license-problem-md5sum-non-free-file.tag b/tags/l/license-problem-md5sum-non-free-file.tag new file mode 100644 index 0000000..f55f3db --- /dev/null +++ b/tags/l/license-problem-md5sum-non-free-file.tag @@ -0,0 +1,10 @@ +Tag: license-problem-md5sum-non-free-file +Severity: error +Check: files/non-free +Explanation: The following file is not suitable for main or contrib. + . + Please re-package the package without the file (if possible) + or ask the FTP-masters to remove the package. + . + You could also split this package and move this file into the + non-free archive. diff --git a/tags/l/license-problem-non-free-RFC-BCP78.tag b/tags/l/license-problem-non-free-RFC-BCP78.tag new file mode 100644 index 0000000..9d020d5 --- /dev/null +++ b/tags/l/license-problem-non-free-RFC-BCP78.tag @@ -0,0 +1,11 @@ +Tag: license-problem-non-free-RFC-BCP78 +Severity: error +Check: cruft +Explanation: The given source file is licensed under the non-free RFC + license (BCP78). + . + The majority of IETF documents, such as RFCs, are not licensed + under DFSG-free terms, and should thus not be included in Debian main. + . + If this file is multi-licensed, please override the tag. +See-Also: https://wiki.debian.org/NonFreeIETFDocuments diff --git a/tags/l/license-problem-non-free-RFC.tag b/tags/l/license-problem-non-free-RFC.tag new file mode 100644 index 0000000..72f0059 --- /dev/null +++ b/tags/l/license-problem-non-free-RFC.tag @@ -0,0 +1,11 @@ +Tag: license-problem-non-free-RFC +Severity: error +Check: cruft +Explanation: The given source file is licensed under the newer RFC + license. + . + The majority of IETF documents, such as RFCs, are not licensed + under DFSG-free terms, and should thus not be included in Debian main. + . + If this file is multi-licensed, please override the tag. +See-Also: https://wiki.debian.org/NonFreeIETFDocuments diff --git a/tags/l/license-problem-non-free-img-lenna.tag b/tags/l/license-problem-non-free-img-lenna.tag new file mode 100644 index 0000000..4f2ad80 --- /dev/null +++ b/tags/l/license-problem-non-free-img-lenna.tag @@ -0,0 +1,23 @@ +Tag: license-problem-non-free-img-lenna +Severity: error +Check: files/banned/lenna +See-Also: https://en.wikipedia.org/wiki/Lenna, https://www.debian.org/vote/2012/vote_002, Bug#771191 +Explanation: The given source file is cropped from a Playboy centerfold. + . + This image is a picture of Lena Sรถderberg, + shot by photographer Dwight Hooker, cropped from + the centerfold of the November 1972 issue of Playboy magazine. + . + According to Hutchison, Jamie (May-June 2001). "Culture, + Communication, and an Information Age Madonna" (PDF). + IEEE Professional Communication Society Newsletter 45 (3). + (page 5 second column second paragraph), this image is + distributable but not free. + . + Moreover, Lenna photo has been pointed to as an example + of sexism in the sciences, reinforcing gender stereotypes. + . + Please use well known and free test images. + . + Please also submit the md5sum, sha1sum, and sha256 of this file + as a bug report for Lintian. diff --git a/tags/l/license-problem-nvidia-intellectual.tag b/tags/l/license-problem-nvidia-intellectual.tag new file mode 100644 index 0000000..474b34b --- /dev/null +++ b/tags/l/license-problem-nvidia-intellectual.tag @@ -0,0 +1,14 @@ +Tag: license-problem-nvidia-intellectual +Severity: error +Check: cruft +Explanation: The following source files include material under a + non-distributable license from Nvidia. Therefore, it is + not even possible to ship this in non-free. + . + Please re-package the package without the file (if possible) + or ask the FTP-masters to remove the package. + . + If the package has been uploaded to Debian before, please + remember to also notify snapshot.debian.org about this + package containing a non-distributable file. +See-Also: https://bugs.debian.org/724930#27 diff --git a/tags/l/license-problem-php-license.tag b/tags/l/license-problem-php-license.tag new file mode 100644 index 0000000..5746f28 --- /dev/null +++ b/tags/l/license-problem-php-license.tag @@ -0,0 +1,11 @@ +Tag: license-problem-php-license +Severity: error +Check: cruft +Explanation: This package appears to be covered by version 3.0 (exactly) of the + PHP license. This license is not applicable to anything that is not PHP + and has no contributions from the PHP Group. + . + This tag is not emitted for packages from pecl.php.net or pear.php.net as determined by + the <code>Source:</code> field in <code>debian/copyright</code>. +See-Also: https://ftp-master.debian.org/php-license.html, + https://ftp-master.debian.org/REJECT-FAQ.html diff --git a/tags/l/license-problem-undefined-license.tag b/tags/l/license-problem-undefined-license.tag new file mode 100644 index 0000000..d85235d --- /dev/null +++ b/tags/l/license-problem-undefined-license.tag @@ -0,0 +1,20 @@ +Tag: license-problem-undefined-license +Severity: error +Check: debian/copyright/dep5 +See-Also: https://ftp-master.debian.org/REJECT-FAQ.html +Explanation: Your copyright file references a license that is not defined. + Due to copyright law or treaties, files that are not available under + a defined license are non-free and non-re-distributable. + . + Referencing an undefined license could mean the file cannot be + distributed in Debian or it could simply mean that the existing + license needs to be documented. In both cases, + the copyright file should be updated to reflect reality. + . + Please re-package the package without the file (if possible) + or ask the FTP-masters to remove the package. + . + If the package has been uploaded to Debian before, and if + affected files cannot be distributed in Debian please + remember to also notify snapshot.debian.org about this + package containing a non-distributable file. diff --git a/tags/l/link-to-shared-library-in-wrong-package.tag b/tags/l/link-to-shared-library-in-wrong-package.tag new file mode 100644 index 0000000..1e09451 --- /dev/null +++ b/tags/l/link-to-shared-library-in-wrong-package.tag @@ -0,0 +1,19 @@ +Tag: link-to-shared-library-in-wrong-package +Severity: warning +Check: libraries/shared/links +Renamed-From: + non-dev-pkg-with-shlib-symlink +Explanation: Although this package is not a "-dev" package, it installs a + "libsomething.so" symbolic link referencing the corresponding shared + library. When the link doesn't include the version number, it is used by + the linker when other programs are built against this shared library. + . + Shared libraries are supposed to place such symbolic links in their + respective "-dev" packages, so it is a bug to include it with the main + library package. + . + However, if this is a small package which includes the runtime and the + development libraries, this is not a bug. In the latter case, please + override this warning. +See-Also: + debian-policy 8.4 diff --git a/tags/l/linked-with-obsolete-library.tag b/tags/l/linked-with-obsolete-library.tag new file mode 100644 index 0000000..c9a09a0 --- /dev/null +++ b/tags/l/linked-with-obsolete-library.tag @@ -0,0 +1,20 @@ +Tag: linked-with-obsolete-library +Severity: info +Check: libraries/shared/obsolete +Explanation: This tag is currently only issued for libcblas.so. For an explanation, + please continue below. + . + The symbols in <code>libcblas.so</code>, which represent the <code>CBLAS</code> API, + were merged into <code>libblas.so</code>. (Note the missing letter <code>C</code>.) + Please use <code>libblas.so</code> instead. + . + The old library is still being shipped until all packages have modified + their build systems, but it is not managed by <code>update-alternatives</code> + and may result in poor performance. Please do not use it anymore. + . + Some packages may require functionality specific to Atlas3, which is not + implemented by other <code>BLAS/CBLAS</code> alternatives. Please override the + tag if your package falls into that category. +See-Also: https://wiki.debian.org/DebianScience/LinearAlgebraLibraries , + https://lists.debian.org/debian-devel/2019/10/msg00273.html , + https://salsa.debian.org/science-team/lapack/-/blob/master/debian/README.if-you-look-for-libcblas.so.3 diff --git a/tags/l/loads-obsolete-confmodule.tag b/tags/l/loads-obsolete-confmodule.tag new file mode 100644 index 0000000..fa0e3d4 --- /dev/null +++ b/tags/l/loads-obsolete-confmodule.tag @@ -0,0 +1,7 @@ +Tag: loads-obsolete-confmodule +Severity: warning +Check: debian/debconf +Explanation: The maintainer script uses an obsolete name for a debconf confmodule. + Shell scripts should source <code>/usr/share/debconf/confmodule</code>, while + Perl scripts should use <code>Debconf::Client::ConfModule</code>. +See-Also: debconf-devel(7) diff --git a/tags/l/lzma-deb-archive.tag b/tags/l/lzma-deb-archive.tag new file mode 100644 index 0000000..abb81a6 --- /dev/null +++ b/tags/l/lzma-deb-archive.tag @@ -0,0 +1,6 @@ +Tag: lzma-deb-archive +Severity: error +Check: deb-format +Explanation: The data portion of this binary package is compressed with lzma. + This is supported by dpkg but not yet permitted in the Debian archive. + Such a package will be rejected by DAK. diff --git a/tags/m/macos-ds-store-file-in-package.tag b/tags/m/macos-ds-store-file-in-package.tag new file mode 100644 index 0000000..07d0ff3 --- /dev/null +++ b/tags/m/macos-ds-store-file-in-package.tag @@ -0,0 +1,8 @@ +Tag: macos-ds-store-file-in-package +Severity: warning +Check: foreign-operating-systems +Explanation: There is a file in the package named <code>.DS_Store</code> or + <code>.DS_Store.gz</code>, the file name used by Mac OS X to store folder + attributes. Such files are generally useless in Debian packages and were + usually accidentally included by copying complete directories from the + source tarball. diff --git a/tags/m/macos-resource-fork-file-in-package.tag b/tags/m/macos-resource-fork-file-in-package.tag new file mode 100644 index 0000000..aa4a696 --- /dev/null +++ b/tags/m/macos-resource-fork-file-in-package.tag @@ -0,0 +1,8 @@ +Tag: macos-resource-fork-file-in-package +Severity: warning +Check: foreign-operating-systems +Explanation: There is a file in the package with a name starting with + <code>._</code>, the file name pattern used by Mac OS X to store resource + forks in non-native file systems. Such files are generally useless in + Debian packages and were usually accidentally included by copying + complete directories from the source tarball. diff --git a/tags/m/magic-arch-in-arch-list.tag b/tags/m/magic-arch-in-arch-list.tag new file mode 100644 index 0000000..3ba0441 --- /dev/null +++ b/tags/m/magic-arch-in-arch-list.tag @@ -0,0 +1,8 @@ +Tag: magic-arch-in-arch-list +Severity: error +Check: fields/architecture +Explanation: The special architecture value "any" only makes sense if it occurs + alone or (in a *.dsc file) together with "all". The value "all" may + appear together with other architectures in a *.dsc file but must + occur alone if used in a binary package. +See-Also: debian-policy 5.6.8, Bug#626775 diff --git a/tags/m/mail-address-loops-or-bounces.tag b/tags/m/mail-address-loops-or-bounces.tag new file mode 100644 index 0000000..fc07912 --- /dev/null +++ b/tags/m/mail-address-loops-or-bounces.tag @@ -0,0 +1,17 @@ +Tag: mail-address-loops-or-bounces +Severity: error +Check: fields/mail-address +Renamed-From: + maintainer-address-causes-mail-loops-or-bounces + uploader-address-causes-mail-loops-or-bounces +Explanation: The contact's mail address either loops back to itself or is known + to bounce. + . + Loops happen because an address is <code>package@packages.debian.org</code> + or to <code>package@packages.qa.debian.org</code>. Bounces happen when the + recipient, typically a mailing list, is known to bounce mails. + . + The mail address must accept messages from role accounts used to send + automated mails regarding the package, including those from the bug + tracking system. +See-Also: debian-policy 3.3 diff --git a/tags/m/mail-contact.tag b/tags/m/mail-contact.tag new file mode 100644 index 0000000..ee84799 --- /dev/null +++ b/tags/m/mail-contact.tag @@ -0,0 +1,7 @@ +Tag: mail-contact +Severity: classification +Check: fields/mail-address +Renamed-From: + maintainer + uploader +Explanation: This person is a contact in the named group for this package. diff --git a/tags/m/mail-transport-agent-dependency-does-not-specify-default-mta.tag b/tags/m/mail-transport-agent-dependency-does-not-specify-default-mta.tag new file mode 100644 index 0000000..7bf2857 --- /dev/null +++ b/tags/m/mail-transport-agent-dependency-does-not-specify-default-mta.tag @@ -0,0 +1,12 @@ +Tag: mail-transport-agent-dependency-does-not-specify-default-mta +Severity: warning +Check: fields/package-relations +Explanation: This package has a relationship with the mail-transport-agent + virtual package but does not specify the default-mta as an + alternative. + . + default-mta and mail-transport-agent should only ever be in a set of + alternatives together, with default-mta listed first. + . + Please add a "or" dependency on default-mta before + mail-transport-agent. diff --git a/tags/m/mailing-list-on-alioth.tag b/tags/m/mailing-list-on-alioth.tag new file mode 100644 index 0000000..f41b481 --- /dev/null +++ b/tags/m/mailing-list-on-alioth.tag @@ -0,0 +1,10 @@ +Tag: mailing-list-on-alioth +Severity: classification +Check: fields/mail-address +Explanation: The specified email address uses lists.alioth.debian.org. That + system was migrated to a separate debian.net system run by DDs. + Teams were encouraged to migrate to the new system, but they are + also free to use the old address going forward if they like. + . + For further information, please consult the Debian Wiki. +See-Also: https://wiki.debian.org/Alioth/MailingListContinuation, Bug#962448 diff --git a/tags/m/maintainer-also-in-uploaders.tag b/tags/m/maintainer-also-in-uploaders.tag new file mode 100644 index 0000000..de1cf54 --- /dev/null +++ b/tags/m/maintainer-also-in-uploaders.tag @@ -0,0 +1,8 @@ +Tag: maintainer-also-in-uploaders +Severity: warning +Check: fields/uploaders +Explanation: The maintainer value also appears on the <code>Uploaders</code> field. + There were some reasons why this was useful when Uploaders support was + first introduced, but those have long-since been fixed and there is no + longer any need to list the maintainer in Uploaders. The duplicate + information should probably be removed. diff --git a/tags/m/maintainer-desktop-entry.tag b/tags/m/maintainer-desktop-entry.tag new file mode 100644 index 0000000..e14c9c0 --- /dev/null +++ b/tags/m/maintainer-desktop-entry.tag @@ -0,0 +1,10 @@ +Tag: maintainer-desktop-entry +Severity: pedantic +Check: debian/desktop-entries +Explanation: The maintainer keeps a desktop entry in ./debian. Please forward + the desktop entry upstream and ask them to include it in their version + control system, and in their next release. + . + If the desktop entry was already forwarded or rejected, or the upstream + is gone, please override the tag and annotate it with a suitable comment. +See-Also: social contract item 2, developer-reference 3.1.4, debian-policy 4.3 diff --git a/tags/m/maintainer-manual-page.tag b/tags/m/maintainer-manual-page.tag new file mode 100644 index 0000000..b825102 --- /dev/null +++ b/tags/m/maintainer-manual-page.tag @@ -0,0 +1,11 @@ +Tag: maintainer-manual-page +Severity: pedantic +Check: debian/manual-pages +Renamed-From: maintainer-manpage +Explanation: The maintainer keeps a manual page in ./debian. Please forward the + manual page upstream and ask them to include in their version control + system, and in their next release. + . + If the manual page was already forwarded or rejected, or the upstream is + gone, please override the tag and annotate it with a suitable comment. +See-Also: social contract item 2, developer-reference 3.1.4, debian-policy 4.3 diff --git a/tags/m/maintainer-script-calls-chown-improperly.tag b/tags/m/maintainer-script-calls-chown-improperly.tag new file mode 100644 index 0000000..a2d593d --- /dev/null +++ b/tags/m/maintainer-script-calls-chown-improperly.tag @@ -0,0 +1,9 @@ +Tag: maintainer-script-calls-chown-improperly +Severity: warning +Check: scripts +Renamed-From: maintainer-script-should-not-use-deprecated-chown-usage +Explanation: <code>chown user.group</code> is called in one of the maintainer + scripts. The correct syntax is <code>chown user:group</code>. Using "." as a + separator is still supported by the GNU tools, but it will fail as soon + as a system uses the "." in user or group names. +See-Also: chown(1) diff --git a/tags/m/maintainer-script-calls-gconftool.tag b/tags/m/maintainer-script-calls-gconftool.tag new file mode 100644 index 0000000..d21bc70 --- /dev/null +++ b/tags/m/maintainer-script-calls-gconftool.tag @@ -0,0 +1,6 @@ +Tag: maintainer-script-calls-gconftool +Severity: warning +Check: scripts +Renamed-From: maintainer-script-should-not-use-gconftool +Explanation: This script apparently runs gconftool or gconftool-2. It should + probably be calling gconf-schemas or update-gconf-defaults instead. diff --git a/tags/m/maintainer-script-calls-init-script-directly.tag b/tags/m/maintainer-script-calls-init-script-directly.tag new file mode 100644 index 0000000..fb33495 --- /dev/null +++ b/tags/m/maintainer-script-calls-init-script-directly.tag @@ -0,0 +1,11 @@ +Tag: maintainer-script-calls-init-script-directly +Severity: error +Check: init-d/maintainer-script +Explanation: The named maintainer script appear to run an <code>init</code> script in + <code>/etc/init.d/*</code> directly and not via <code>invoke-rc.d</code>, but + the use of <code>invoke-rc.d</code> is required. + . + Maintainer scripts may call an init script directly only when <code>invoke-rc.d</code> + is not available. +See-Also: + debian-policy 9.3.3.2 diff --git a/tags/m/maintainer-script-calls-install-sgmlcatalog.tag b/tags/m/maintainer-script-calls-install-sgmlcatalog.tag new file mode 100644 index 0000000..e4f57af --- /dev/null +++ b/tags/m/maintainer-script-calls-install-sgmlcatalog.tag @@ -0,0 +1,9 @@ +Tag: maintainer-script-calls-install-sgmlcatalog +Severity: error +Check: scripts +Renamed-From: maintainer-script-should-not-use-install-sgmlcatalog +Explanation: The maintainer script apparently runs install-sgmlcatalog. + install-sgmlcatalog is deprecated and should only have been used + in postinst or prerm to remove the entries from earlier packages. + Given how long ago this transition was, consider removing it + entirely. diff --git a/tags/m/maintainer-script-calls-service.tag b/tags/m/maintainer-script-calls-service.tag new file mode 100644 index 0000000..77e7345 --- /dev/null +++ b/tags/m/maintainer-script-calls-service.tag @@ -0,0 +1,14 @@ +Tag: maintainer-script-calls-service +Severity: error +Check: scripts +Experimental: yes +Renamed-From: maintainer-script-should-not-use-service +Explanation: The maintainer script apparently runs the service command. This + command is reserved for local administrators and must never be used + by a Debian package. + . + Please replace with calls to <code>update-rc.d(8)</code> and + <code>invoke-rc.d(8)</code>. If your package installs this service, this + can be automated using <code>dh_installinit(1)</code> or + <code>dh_installsystemd(1)</code>. +See-Also: debian-policy 9.3.3 diff --git a/tags/m/maintainer-script-calls-start-stop-daemon.tag b/tags/m/maintainer-script-calls-start-stop-daemon.tag new file mode 100644 index 0000000..dcae214 --- /dev/null +++ b/tags/m/maintainer-script-calls-start-stop-daemon.tag @@ -0,0 +1,9 @@ +Tag: maintainer-script-calls-start-stop-daemon +Severity: warning +Check: scripts +Renamed-From: maintainer-script-should-not-use-start-stop-daemon +Explanation: The maintainer script seems to call <code>start-stop-daemon</code> + directly. Long-running daemons should be started and stopped via init + scripts using <code>invoke-rc.d</code> rather than directly in maintainer + scripts. +See-Also: debian-policy 9.3.3.2 diff --git a/tags/m/maintainer-script-calls-systemctl.tag b/tags/m/maintainer-script-calls-systemctl.tag new file mode 100644 index 0000000..adbaf3a --- /dev/null +++ b/tags/m/maintainer-script-calls-systemctl.tag @@ -0,0 +1,13 @@ +Tag: maintainer-script-calls-systemctl +Severity: warning +Check: maintainer-scripts/systemctl +Explanation: The maintainer script calls systemctl directly. Actions such as enabling + a unit file should be done using <code>deb-systemd-helper</code> so that they work + on machines with or without systemd. Starting a service should be done via + <code>invoke-rc.d</code> if the service has a corresponding sysvinit script or + <code>deb-systemd-invoke</code> if it does not. + . + If you are using debhelper, please use the <code>systemd</code> debhelper + addon, which is provided by <code>debhelper (>= 9.20160709~)</code>. +See-Also: + https://wiki.debian.org/Teams/pkg-systemd/Packaging diff --git a/tags/m/maintainer-script-changes-ld-so-conf.tag b/tags/m/maintainer-script-changes-ld-so-conf.tag new file mode 100644 index 0000000..45af7ad --- /dev/null +++ b/tags/m/maintainer-script-changes-ld-so-conf.tag @@ -0,0 +1,17 @@ +Tag: maintainer-script-changes-ld-so-conf +Severity: error +Check: scripts +Renamed-From: maintainer-script-should-not-modify-ld-so-conf +Explanation: This package appears to modify <code>/etc/ld.so.conf</code> and does not + appear to be part of libc. Packages installing shared libraries in + non-standard locations were previously permitted to modify + /etc/ld.so.conf to add the non-standard path, but this permission was + removed in Policy 3.8.3. + . + Packages containing shared libraries should either install them into + <code>/usr/lib</code> or should require binaries built against them to set + RPATH to find the library at run-time. Installing libraries in a + different directory and modifying the run-time linker path is equivalent + to installing them into <code>/usr/lib</code> except now conflicting library + packages may cause random segfaults and difficult-to-debug problems + instead of conflicts in the package manager. diff --git a/tags/m/maintainer-script-changes-netbase.tag b/tags/m/maintainer-script-changes-netbase.tag new file mode 100644 index 0000000..b11a1c2 --- /dev/null +++ b/tags/m/maintainer-script-changes-netbase.tag @@ -0,0 +1,9 @@ +Tag: maintainer-script-changes-netbase +Severity: error +Check: scripts +Renamed-From: maintainer-script-should-not-modify-netbase-managed-file +Explanation: The maintainer script modifies at least one of the files + <code>/etc/services</code>, <code>/etc/protocols</code>, and <code>/etc/rpc</code>, + which are managed by the netbase package. Instead of doing this, please + file a wishlist bug against netbase to have an appropriate entry added. +See-Also: debian-policy 11.2 diff --git a/tags/m/maintainer-script-does-not-check-for-existence-of-installdocs.tag b/tags/m/maintainer-script-does-not-check-for-existence-of-installdocs.tag new file mode 100644 index 0000000..7bac250 --- /dev/null +++ b/tags/m/maintainer-script-does-not-check-for-existence-of-installdocs.tag @@ -0,0 +1,12 @@ +Tag: maintainer-script-does-not-check-for-existence-of-installdocs +Severity: error +Check: menus +Explanation: The maintainer script calls the <code>install-docs</code> command without + checking that it exists, but the <code>doc-base</code> package, which provides + the command, is not an <code>essential</code> package and may not be available. + . + For example, you can use the following code in your maintainer script: + . + if which install-docs > /dev/null; then + install-docs -i /usr/share/doc-base/<your-package> + fi diff --git a/tags/m/maintainer-script-does-not-check-for-existence-of-updatemenus.tag b/tags/m/maintainer-script-does-not-check-for-existence-of-updatemenus.tag new file mode 100644 index 0000000..8fc6caf --- /dev/null +++ b/tags/m/maintainer-script-does-not-check-for-existence-of-updatemenus.tag @@ -0,0 +1,14 @@ +Tag: maintainer-script-does-not-check-for-existence-of-updatemenus +Severity: error +Check: menus +Explanation: The given maintainer script calls the <code>update-menus</code> + command but does not check if it exists. + . + The <code>menu</code> package that provides the command is not an "essential" + package. + . + For example, you can use the following code in your maintainer script: + . + if which update-menus > /dev/null; then + update-menus + fi diff --git a/tags/m/maintainer-script-empty.tag b/tags/m/maintainer-script-empty.tag new file mode 100644 index 0000000..613f77e --- /dev/null +++ b/tags/m/maintainer-script-empty.tag @@ -0,0 +1,13 @@ +Tag: maintainer-script-empty +Severity: warning +Check: maintainer-scripts/empty +Explanation: The named maintainer script does not appear to contain code + other than comments or boilerplate such as <code>set -e</code>, + <code>exit</code> statements, or a <code>case</code> statement + to parse options. + . + While harmless in most cases, it is not needed. The package may also leave + files behind until purged, and can contribute to rare problems when + <code>dpkg</code> fails because no maintainer scripts are present. + . + Please do not ship the maintainer script unless it does something useful. diff --git a/tags/m/maintainer-script-has-invalid-update-inetd-options.tag b/tags/m/maintainer-script-has-invalid-update-inetd-options.tag new file mode 100644 index 0000000..a16542b --- /dev/null +++ b/tags/m/maintainer-script-has-invalid-update-inetd-options.tag @@ -0,0 +1,16 @@ +Tag: maintainer-script-has-invalid-update-inetd-options +Severity: warning +Check: scripts +See-Also: update-inetd(1), Bug#909758, Bug#909506 +Explanation: The specified maintainer script seems to call + <code>update-inetd(1)</code> with an invalid option combination. + . + For example, the <code>--group</code> parameter is only valid in + combination with <code>--add</code> and <code>--pattern</code> is only valid + without <code>--add</code>. + . + Whilst these have been ignored in the past they now emit a warning + which will become an error in the future, resulting in upgrade/removal + failures. + . + Please correct the call to <code>update-inetd(1)</code>. diff --git a/tags/m/maintainer-script-has-unexpanded-debhelper-token.tag b/tags/m/maintainer-script-has-unexpanded-debhelper-token.tag new file mode 100644 index 0000000..949bdf5 --- /dev/null +++ b/tags/m/maintainer-script-has-unexpanded-debhelper-token.tag @@ -0,0 +1,9 @@ +Tag: maintainer-script-has-unexpanded-debhelper-token +Severity: warning +Check: build-systems/debhelper/maintainer-script/token +Explanation: The named maintainer script contains a <code>#DEBHELPER#</code> + token. Normally, <code>dh_installdeb</code> removes those tokens + when it makes substitutions in a script. + . + Please note that <code>dh_installdeb</code> does <strong>not</strong> + substitute the <code>#DEBHELPER#</code> token in <code>udebs</code>. diff --git a/tags/m/maintainer-script-hides-init-failure.tag b/tags/m/maintainer-script-hides-init-failure.tag new file mode 100644 index 0000000..cbbc848 --- /dev/null +++ b/tags/m/maintainer-script-hides-init-failure.tag @@ -0,0 +1,12 @@ +Tag: maintainer-script-hides-init-failure +Severity: warning +Check: scripts +Renamed-From: maintainer-script-should-not-hide-init-failure +Explanation: This script calls invoke-rc.d to run an init script but then, if the + init script fails, exits successfully (using || exit 0). If the init + script fails, the maintainer script should probably fail. + . + The most likely cause of this problem is that the package was built with + a debhelper version suffering from Bug#337664 that inserted incorrect + invoke-rc.d code in the generated maintainer script. The package needs to + be reuploaded (could be bin-NMUd, no source changes needed). diff --git a/tags/m/maintainer-script-ignores-errors.tag b/tags/m/maintainer-script-ignores-errors.tag new file mode 100644 index 0000000..767dd7a --- /dev/null +++ b/tags/m/maintainer-script-ignores-errors.tag @@ -0,0 +1,7 @@ +Tag: maintainer-script-ignores-errors +Severity: warning +Check: scripts +See-Also: debian-policy 10.4 +Explanation: The maintainer script doesn't seem to set the <code>-e</code> flag which + ensures that the script's execution is aborted when any executed command + fails. diff --git a/tags/m/maintainer-script-interpreter.tag b/tags/m/maintainer-script-interpreter.tag new file mode 100644 index 0000000..2247ad8 --- /dev/null +++ b/tags/m/maintainer-script-interpreter.tag @@ -0,0 +1,4 @@ +Tag: maintainer-script-interpreter +Severity: classification +Check: scripts +Explanation: Interpreter used in maintainer script or ELF diff --git a/tags/m/maintainer-script-lacks-debhelper-token.tag b/tags/m/maintainer-script-lacks-debhelper-token.tag new file mode 100644 index 0000000..3168b35 --- /dev/null +++ b/tags/m/maintainer-script-lacks-debhelper-token.tag @@ -0,0 +1,8 @@ +Tag: maintainer-script-lacks-debhelper-token +Severity: warning +Check: debhelper +Explanation: This package is built using debhelper commands that may modify + maintainer scripts, but the maintainer scripts do not contain + the "#DEBHELPER#" token debhelper uses to modify them. + . + Adding the token to the scripts is recommended. diff --git a/tags/m/maintainer-script-lacks-home-in-adduser.tag b/tags/m/maintainer-script-lacks-home-in-adduser.tag new file mode 100644 index 0000000..ce372cb --- /dev/null +++ b/tags/m/maintainer-script-lacks-home-in-adduser.tag @@ -0,0 +1,18 @@ +Tag: maintainer-script-lacks-home-in-adduser +Severity: error +Check: scripts +Renamed-From: maintainer-script-should-not-use-adduser-system-without-home +Explanation: The maintainer script apparently runs 'adduser --system' + but hardcodes a path under '/home' for the '--home' option or + does not use the '--home' option. + . + The FHS says: /home is a fairly standard concept, but it + is clearly a site-specific filesystem. The setup will differ + from host to host. Therefore, no program should rely on this + location. + . + Note that passing --no-create-home alone does not solve the issue + because home field of passwd file point to a non existing + /home subdirectory. Please use + <code>adduser --no-create-home --home /nonexistent</code> instead. +See-Also: filesystem-hierarchy homeuserhomedirectories, adduser(8) diff --git a/tags/m/maintainer-script-modifies-inetd-conf.tag b/tags/m/maintainer-script-modifies-inetd-conf.tag new file mode 100644 index 0000000..6127937 --- /dev/null +++ b/tags/m/maintainer-script-modifies-inetd-conf.tag @@ -0,0 +1,7 @@ +Tag: maintainer-script-modifies-inetd-conf +Severity: error +Check: scripts +Explanation: The maintainer script modifies <code>/etc/inetd.conf</code> directly. + This file must not be modified directly; instead, use the + <code>update-inetd</code> script or the <code>DebianNet.pm</code> Perl module. +See-Also: debian-policy 11.2 diff --git a/tags/m/maintainer-script-needs-depends-on-adduser.tag b/tags/m/maintainer-script-needs-depends-on-adduser.tag new file mode 100644 index 0000000..4cc9141 --- /dev/null +++ b/tags/m/maintainer-script-needs-depends-on-adduser.tag @@ -0,0 +1,5 @@ +Tag: maintainer-script-needs-depends-on-adduser +Severity: warning +Check: scripts +Explanation: This script calls adduser, but the package does not depend or + pre-depend on the adduser package. diff --git a/tags/m/maintainer-script-needs-depends-on-gconf2.tag b/tags/m/maintainer-script-needs-depends-on-gconf2.tag new file mode 100644 index 0000000..b5a6c3a --- /dev/null +++ b/tags/m/maintainer-script-needs-depends-on-gconf2.tag @@ -0,0 +1,7 @@ +Tag: maintainer-script-needs-depends-on-gconf2 +Severity: warning +Check: scripts +Explanation: This script calls gconf-schemas, which comes from the gconf2 package, + but does not depend or pre-depend on gconf2. If you are using dh_gconf, + add a dependency on ${misc:Depends} and dh_gconf will take care of this + for you. diff --git a/tags/m/maintainer-script-needs-depends-on-ucf.tag b/tags/m/maintainer-script-needs-depends-on-ucf.tag new file mode 100644 index 0000000..972e040 --- /dev/null +++ b/tags/m/maintainer-script-needs-depends-on-ucf.tag @@ -0,0 +1,5 @@ +Tag: maintainer-script-needs-depends-on-ucf +Severity: warning +Check: scripts +Explanation: This script calls ucf, but the package does not depend or pre-depend + on the ucf package. diff --git a/tags/m/maintainer-script-needs-depends-on-update-inetd.tag b/tags/m/maintainer-script-needs-depends-on-update-inetd.tag new file mode 100644 index 0000000..c7ffaff --- /dev/null +++ b/tags/m/maintainer-script-needs-depends-on-update-inetd.tag @@ -0,0 +1,10 @@ +Tag: maintainer-script-needs-depends-on-update-inetd +Severity: warning +Check: scripts +Explanation: This script calls update-inetd, but the package does not depend or + pre-depend on inet-superserver, any of the providers of inet-superserver + which provide it, or update-inetd. + . + update-inetd has been moved from netbase into a separate package, so a + dependency on netbase should be updated to depend on "openbsd-inetd | + inet-superserver". diff --git a/tags/m/maintainer-script-needs-depends-on-xfonts-utils.tag b/tags/m/maintainer-script-needs-depends-on-xfonts-utils.tag new file mode 100644 index 0000000..4a5ab1e --- /dev/null +++ b/tags/m/maintainer-script-needs-depends-on-xfonts-utils.tag @@ -0,0 +1,11 @@ +Tag: maintainer-script-needs-depends-on-xfonts-utils +Severity: warning +Check: scripts +Explanation: This script calls a utility provided by the xfonts-utils package + but does not depend or pre-depend on this package. + . + Packages that call update-fonts-scale, update-fonts-dir (etc.) need to + depend on xfonts-utils.If you are using debhelper. + . + Please add a dependency on ${misc:Depends} and dh_installxfonts will + take care of this for you. diff --git a/tags/m/maintainer-script-needs-depends-on-xml-core.tag b/tags/m/maintainer-script-needs-depends-on-xml-core.tag new file mode 100644 index 0000000..779484c --- /dev/null +++ b/tags/m/maintainer-script-needs-depends-on-xml-core.tag @@ -0,0 +1,8 @@ +Tag: maintainer-script-needs-depends-on-xml-core +Severity: warning +Check: scripts +Explanation: This script calls update-xmlcatalog, which comes from the xml-core + package, but does not depend or pre-depend on xml-core. Packages that call + update-xmlcatalog need to depend on xml-core. If you are using + dh_installxmlcatalogs, add a dependency on ${misc:Depends} and + dh_installxmlcatalogs will take care of this for you. diff --git a/tags/m/maintainer-script-removes-device-files.tag b/tags/m/maintainer-script-removes-device-files.tag new file mode 100644 index 0000000..5000d30 --- /dev/null +++ b/tags/m/maintainer-script-removes-device-files.tag @@ -0,0 +1,6 @@ +Tag: maintainer-script-removes-device-files +Severity: error +Check: scripts +See-Also: debian-policy 10.6 +Explanation: Maintainer scripts must not remove device files. This is left to + the system administrator. diff --git a/tags/m/maintainer-script-sets-alternative-improperly.tag b/tags/m/maintainer-script-sets-alternative-improperly.tag new file mode 100644 index 0000000..203875d --- /dev/null +++ b/tags/m/maintainer-script-sets-alternative-improperly.tag @@ -0,0 +1,12 @@ +Tag: maintainer-script-sets-alternative-improperly +Severity: warning +Check: scripts +Renamed-From: maintainer-script-should-not-use-update-alternatives-set +Explanation: The maintainer script calls <code>update-alternatives --set + <alternative> foo</code> or <code>update-alternatives --config + <alternative></code> or <code>update-alternatives --set-selections</code>. + . + This makes it impossible to distinguish between an alternative that's + manually set because the user set it and one that's manually set because + the package set it. +See-Also: update-alternatives(8) diff --git a/tags/m/maintainer-script-should-not-parse-etc-passwd-or-group.tag b/tags/m/maintainer-script-should-not-parse-etc-passwd-or-group.tag new file mode 100644 index 0000000..1da9065 --- /dev/null +++ b/tags/m/maintainer-script-should-not-parse-etc-passwd-or-group.tag @@ -0,0 +1,10 @@ +Tag: maintainer-script-should-not-parse-etc-passwd-or-group +Severity: warning +Check: scripts +See-Also: getent(1), nss(5) +Explanation: The maintainer script appears to manually parse <code>/etc/passwd</code> + or <code>/etc/group</code> instead of using the <code>getent(1)</code> utility + to display entries. + . + This bypasses the Name Service Switch (NSS), avoiding querying + centralised or networked user databases such as LDAP, etc. diff --git a/tags/m/maintainer-script-should-not-use-dpkg-maintscript-helper.tag b/tags/m/maintainer-script-should-not-use-dpkg-maintscript-helper.tag new file mode 100644 index 0000000..bd28c61 --- /dev/null +++ b/tags/m/maintainer-script-should-not-use-dpkg-maintscript-helper.tag @@ -0,0 +1,10 @@ +Tag: maintainer-script-should-not-use-dpkg-maintscript-helper +Severity: warning +Check: scripts +Explanation: The maintainer script seems to make manual calls to the + <code>dpkg-maintscript-helper(1)</code> utility. + . + Please use <code>package.maintscript</code> files instead; the + <code>dh_installdeb(1)</code> tool will do some basic validation of some of + the commands listed in this file to catch common mistakes. +See-Also: dpkg-maintscript-helper(1), dh_installdeb(1) diff --git a/tags/m/maintainer-script-should-not-use-piuparts-variable.tag b/tags/m/maintainer-script-should-not-use-piuparts-variable.tag new file mode 100644 index 0000000..6c1b2c8 --- /dev/null +++ b/tags/m/maintainer-script-should-not-use-piuparts-variable.tag @@ -0,0 +1,12 @@ +Tag: maintainer-script-should-not-use-piuparts-variable +Severity: warning +Check: scripts +See-Also: piuparts(1), https://piuparts.debian.org/doc/README.html +Explanation: The maintainer script appears to reference one of the + <code>PIUPARTS_*</code> variables such as <code>PIUPARTS_TEST</code> or + <code>PIUPARTS_PHASE</code>. + . + These variables are intended to be used by custom <code>piuparts(1)</code> + scripts and not by maintainer scripts themselves. + . + Please remove the references to this variable. diff --git a/tags/m/maintainer-script-supports-ancient-package-version.tag b/tags/m/maintainer-script-supports-ancient-package-version.tag new file mode 100644 index 0000000..f523bd4 --- /dev/null +++ b/tags/m/maintainer-script-supports-ancient-package-version.tag @@ -0,0 +1,8 @@ +Tag: maintainer-script-supports-ancient-package-version +Severity: info +Check: maintainer-scripts/ancient-version +Experimental: yes +Explanation: The named maintainer script appears to look for a package version + that is older than the current <code>oldstable</code> release. + . + Please remove the check for that version. Such upgrades are not supported. diff --git a/tags/m/maintainer-script-switches-dir-to-symlink-unsafely.tag b/tags/m/maintainer-script-switches-dir-to-symlink-unsafely.tag new file mode 100644 index 0000000..1b4c715 --- /dev/null +++ b/tags/m/maintainer-script-switches-dir-to-symlink-unsafely.tag @@ -0,0 +1,11 @@ +Tag: maintainer-script-switches-dir-to-symlink-unsafely +Severity: error +Check: scripts +Experimental: yes +Renamed-From: maintainer-script-may-use-dir_to_symlink_helper +Explanation: The maintainer script apparently change a directory to a symlink + not using dir_to_symlink command of dpkg-maintscript-helper, that take + great care to avoid a lot of problems. + . + Please use the dpkg-maintscript-helper dir_to_symlink command. +See-Also: dpkg-maintscript-helper(1) diff --git a/tags/m/maintainer-script-updates-fontconfig-cache-improperly.tag b/tags/m/maintainer-script-updates-fontconfig-cache-improperly.tag new file mode 100644 index 0000000..463c4ba --- /dev/null +++ b/tags/m/maintainer-script-updates-fontconfig-cache-improperly.tag @@ -0,0 +1,7 @@ +Tag: maintainer-script-updates-fontconfig-cache-improperly +Severity: warning +Check: scripts +Renamed-From: maintainer-script-should-not-use-fc-cache +Explanation: This script apparently runs fc-cache. Updating of the fontconfig + cache files is now handled automatically by triggers, so running fc-cache + from maintainer scripts is no longer necessary. diff --git a/tags/m/maintainer-script-without-set-e.tag b/tags/m/maintainer-script-without-set-e.tag new file mode 100644 index 0000000..1bd32f6 --- /dev/null +++ b/tags/m/maintainer-script-without-set-e.tag @@ -0,0 +1,10 @@ +Tag: maintainer-script-without-set-e +Severity: pedantic +Check: scripts +See-Also: debian-policy 10.4 +Explanation: The maintainer script passes <code>-e</code> to the shell on the + <code>#!</code> line rather than using <code>set -e</code> in the body of the + script. This is fine for normal operation, but if the script is run by + hand with <code>sh /path/to/script</code> (common in debugging), <code>-e</code> + will not be in effect. It's therefore better to use <code>set -e</code> in + the body of the script. diff --git a/tags/m/maintainer-shell-script-fails-syntax-check.tag b/tags/m/maintainer-shell-script-fails-syntax-check.tag new file mode 100644 index 0000000..51fe715 --- /dev/null +++ b/tags/m/maintainer-shell-script-fails-syntax-check.tag @@ -0,0 +1,8 @@ +Tag: maintainer-shell-script-fails-syntax-check +Severity: error +Check: script/syntax +Explanation: Running this shell script with the shell's -n option set fails, + which means that the script has syntax errors. This will likely make + the package uninstallable. + . + Run e.g. <code>sh -n yourscript</code> to see the errors yourself. diff --git a/tags/m/maintainer-upload-has-incorrect-version-number.tag b/tags/m/maintainer-upload-has-incorrect-version-number.tag new file mode 100644 index 0000000..6e4109d --- /dev/null +++ b/tags/m/maintainer-upload-has-incorrect-version-number.tag @@ -0,0 +1,7 @@ +Tag: maintainer-upload-has-incorrect-version-number +Severity: warning +Check: nmu +Explanation: A maintainer upload should have a Debian revision without dots. + Revisions with dots are reserved for Non-Maintainer Uploads (NMUs). If you + do a maintainer-upload with dots a potential NMU'er has problems choosing a + correct version number. diff --git a/tags/m/maintscript-calls-ldconfig.tag b/tags/m/maintscript-calls-ldconfig.tag new file mode 100644 index 0000000..19287cd --- /dev/null +++ b/tags/m/maintscript-calls-ldconfig.tag @@ -0,0 +1,24 @@ +Tag: maintscript-calls-ldconfig +Severity: warning +Check: maintainer-scripts/ldconfig +Explanation: The given maintainer script calls <code>ldconfig</code>, + but such calls in maintainer scripts should be replaced instead by a + <code>dpkg</code> trigger. + . + Please replace the <code>ldconfig</code> call with an <code>activate-noawait + ldconfig</code> trigger. With Debhelper, it is usually sufficient + to add that line to <code>debian/<package>.triggers</code>. + . + This warning may appear if the package was compiled with Debhelper older than + version 9.20151004. Assuming all <code>ldconfig</code> invocations were added + by Debhelper, this tag should disappear when the package is rebuilt with a + newer version of Debhelper. +See-Also: + https://lists.debian.org/debian-devel/2015/08/msg00412.html + +Screen: glibc/control/ldconfig +Advocates: Debian Lintian Maintainers <lintian-maint@debian.org> +Reason: The packages built from <code>glibc</code> (notably <code>libc-bin</code>) + need to call <code>ldconfig</code> in order to implement the <code>ldconfig</code> trigger. + . + Transferred from the check. diff --git a/tags/m/maintscript-includes-maint-script-parameters.tag b/tags/m/maintscript-includes-maint-script-parameters.tag new file mode 100644 index 0000000..1c7d20d --- /dev/null +++ b/tags/m/maintscript-includes-maint-script-parameters.tag @@ -0,0 +1,9 @@ +Tag: maintscript-includes-maint-script-parameters +Severity: warning +Check: debian/maintscript +Explanation: The named <code>debian/*.maintscript</code> file uses commands + or parameters from <code>dpkg-maintscript-helper(1)</code>. + . + Debhelper will add them automatically. Please do not include them manually. +See-Also: + dh_installdeb(1) diff --git a/tags/m/making-assumptions-about-interfaces-in-templates.tag b/tags/m/making-assumptions-about-interfaces-in-templates.tag new file mode 100644 index 0000000..162e694 --- /dev/null +++ b/tags/m/making-assumptions-about-interfaces-in-templates.tag @@ -0,0 +1,8 @@ +Tag: making-assumptions-about-interfaces-in-templates +Severity: warning +Check: debian/debconf +Explanation: Template text should not make reference to widgets belonging to + some debconf interfaces. Sentences like "If you answer Yes..." have no + meaning for users of graphical interfaces which use checkboxes for + boolean questions. +See-Also: developer-reference 6.5.2.4 diff --git a/tags/m/malformed-changes-file.tag b/tags/m/malformed-changes-file.tag new file mode 100644 index 0000000..74f0ed1 --- /dev/null +++ b/tags/m/malformed-changes-file.tag @@ -0,0 +1,11 @@ +Tag: malformed-changes-file +Severity: error +Check: fields/format +Explanation: There is no "Format" field in your .changes file. This probably + indicates some serious problem with the file. Perhaps it's not actually + a changes file, or it's not in the proper format, or it's PGP-signed + twice. + . + Since Lintian was unable to parse this .changes file, any further checks + on it were skipped. +See-Also: debian-policy 5.5 diff --git a/tags/m/malformed-contact.tag b/tags/m/malformed-contact.tag new file mode 100644 index 0000000..24e5ad2 --- /dev/null +++ b/tags/m/malformed-contact.tag @@ -0,0 +1,17 @@ +Tag: malformed-contact +Severity: error +Check: fields/mail-address +Renamed-From: + maintainer-address-missing + changed-by-address-missing + malformed-maintainer-field + malformed-uploaders-field + malformed-changed-by-field + maintainer-address-malformed + uploader-address-malformed + changed-by-address-malformed +Explanation: The named field identifying contact persons could not be + parsed according to the rules in the Policy Manual. +See-Also: debian-policy 5.6.2, + debian-policy 5.6.3, + debian-policy 5.6.4 diff --git a/tags/m/malformed-deb-archive.tag b/tags/m/malformed-deb-archive.tag new file mode 100644 index 0000000..39e956f --- /dev/null +++ b/tags/m/malformed-deb-archive.tag @@ -0,0 +1,11 @@ +Tag: malformed-deb-archive +Severity: error +Check: deb-format +Explanation: The binary package is not a correctly constructed archive. A binary + Debian package must be an ar archive with exactly three members: + <code>debian-binary</code>, <code>control.tar.gz</code>, and one of + <code>data.tar.gz</code>, <code>data.tar.bz2</code> or <code>data.tar.xz</code> + in exactly that order. The <code>debian-binary</code> member must start + with a single line containing the version number, with a major revision + of 2. +See-Also: deb(5) diff --git a/tags/m/malformed-debian-changelog-version.tag b/tags/m/malformed-debian-changelog-version.tag new file mode 100644 index 0000000..bfee2df --- /dev/null +++ b/tags/m/malformed-debian-changelog-version.tag @@ -0,0 +1,7 @@ +Tag: malformed-debian-changelog-version +Severity: error +Check: debian/changelog +Explanation: The version string in the latest changelog entry was not parsed + correctly. Usually, that means it does not conform to policy. +See-Also: + debian-policy 5.6.12 diff --git a/tags/m/malformed-dm-upload-allowed.tag b/tags/m/malformed-dm-upload-allowed.tag new file mode 100644 index 0000000..5b263d8 --- /dev/null +++ b/tags/m/malformed-dm-upload-allowed.tag @@ -0,0 +1,8 @@ +Tag: malformed-dm-upload-allowed +Severity: error +Check: fields/dm-upload-allowed +See-Also: https://www.debian.org/vote/2007/vote_003 +Explanation: The Dm-Upload-Allowed field in this package is set to something + other than "yes". The only standardized value for this field in the + Debian GR is "yes" and other values (including capitalization variants) + may not work as expected. diff --git a/tags/m/malformed-md5sums-control-file.tag b/tags/m/malformed-md5sums-control-file.tag new file mode 100644 index 0000000..5f0993b --- /dev/null +++ b/tags/m/malformed-md5sums-control-file.tag @@ -0,0 +1,7 @@ +Tag: malformed-md5sums-control-file +Severity: error +Check: md5sums +Explanation: The indicated line of the md5sums control file for this package was + malformed. Each line of an md5sums control file should contain an MD5 + checksum, some whitespace, and then the path to the file corresponding to + that checksum. diff --git a/tags/m/malformed-override.tag b/tags/m/malformed-override.tag new file mode 100644 index 0000000..e5df4fc --- /dev/null +++ b/tags/m/malformed-override.tag @@ -0,0 +1,15 @@ +Tag: malformed-override +Severity: error +Show-Always: yes +Check: debian/lintian-overrides/malformed +Explanation: Lintian discovered an override entry with an invalid format. An + override entry should have the format: + . + [[<package>][ <archlist>][ <type>]:] <tag>[ <extra> ...] + . + where <package> is the package name, <archlist> is an + architecture list, <type> specifies the package type (binary is the + default), <tag> is the tag to override, and <extra> is any + specific information for the particular tag to override. +See-Also: + lintian-manual 2.4.1 diff --git a/tags/m/malformed-prompt-in-templates.tag b/tags/m/malformed-prompt-in-templates.tag new file mode 100644 index 0000000..05cab6a --- /dev/null +++ b/tags/m/malformed-prompt-in-templates.tag @@ -0,0 +1,11 @@ +Tag: malformed-prompt-in-templates +Severity: warning +Check: debian/debconf +Explanation: The short description of a select, multiselect, string and password + debconf template is a prompt and not a title. Avoid question style + prompts ("IP Address?") in favour of "opened" prompts ("IP address:"). + The use of colons is recommended. + . + If this template is only used internally by the package and not displayed + to the user, put "for internal use" in the short description. +See-Also: developer-reference 6.5.4.2 diff --git a/tags/m/malformed-python-version.tag b/tags/m/malformed-python-version.tag new file mode 100644 index 0000000..bd299e6 --- /dev/null +++ b/tags/m/malformed-python-version.tag @@ -0,0 +1,16 @@ +Tag: malformed-python-version +Severity: error +Check: languages/python +See-Also: python-policy 3.4 +Explanation: The Python-Version or Python3-Version control field is not in one + of the valid formats. It should be in one of the following: + . + all + current + current, >= X.Y + >= X.Y + >= A.B, << X.Y + A.B, X.Y + . + (One or more specific versions may be listed with the last form.) A.B + and X.Y should be Python versions. diff --git a/tags/m/malformed-question-in-templates.tag b/tags/m/malformed-question-in-templates.tag new file mode 100644 index 0000000..5e6c5e2 --- /dev/null +++ b/tags/m/malformed-question-in-templates.tag @@ -0,0 +1,11 @@ +Tag: malformed-question-in-templates +Severity: warning +Check: debian/debconf +Explanation: The short description of a boolean debconf template should be + phrased in the form of a question which should be kept short and should + generally end with a question mark. Terse writing style is permitted and + even encouraged if the question is rather long. + . + If this template is only used internally by the package and not displayed + to the user, put "for internal use" in the short description. +See-Also: developer-reference 6.5.4.2.2 diff --git a/tags/m/malformed-template-name.tag b/tags/m/malformed-template-name.tag new file mode 100644 index 0000000..620ff53 --- /dev/null +++ b/tags/m/malformed-template-name.tag @@ -0,0 +1,6 @@ +Tag: malformed-template-name +Severity: error +Check: debian/debconf +Explanation: The "Template:" field should contain more than one component, each + separated by a slash ("/"). Each component may only consist of the + alphanumeric characters, "+", "-", and ".". diff --git a/tags/m/malformed-title-in-templates.tag b/tags/m/malformed-title-in-templates.tag new file mode 100644 index 0000000..0ee804a --- /dev/null +++ b/tags/m/malformed-title-in-templates.tag @@ -0,0 +1,7 @@ +Tag: malformed-title-in-templates +Severity: warning +Check: debian/debconf +Explanation: The short description of a note debconf template should be written + as a title and therefore should not end with a period, question mark, + colon, or semicolon. +See-Also: developer-reference 6.5.4.2.4 diff --git a/tags/m/manual-page-for-system-command.tag b/tags/m/manual-page-for-system-command.tag new file mode 100644 index 0000000..54a23f4 --- /dev/null +++ b/tags/m/manual-page-for-system-command.tag @@ -0,0 +1,16 @@ +Tag: manual-page-for-system-command +Check: documentation/manual +Severity: pedantic +Renamed-From: command-in-sbin-has-manpage-in-incorrect-section +Explanation: The command in <code>/sbin</code> or <code>/usr/sbin</code> are system + administration commands; their manual pages thus belong in section 8, + not section 1. + . + Please check whether the command is actually useful to non-privileged + user in which case it should be moved to <code>/bin</code> or + <code>/usr/bin</code>, or alternatively the manual page should be moved to + section 8 instead, ie. <code>/usr/share/man/man8</code>. +See-Also: + Bug#348864, + Bug#253011, + hier(7) diff --git a/tags/m/manual-page-from-template.tag b/tags/m/manual-page-from-template.tag new file mode 100644 index 0000000..93428bb --- /dev/null +++ b/tags/m/manual-page-from-template.tag @@ -0,0 +1,12 @@ +Tag: manual-page-from-template +Severity: error +Check: documentation/manual +Renamed-From: manpage-is-dh_make-template +Explanation: This manual page appears to be an unmodified or insufficiently + modified copy of the dh_make manual page template. It has a whatis entry + (the brief description found in the NAME section) of the form: + . + package - program to do something + . + Please double-check the manual page and replace the template language + with specific information about this program. diff --git a/tags/m/manual-page-in-udeb.tag b/tags/m/manual-page-in-udeb.tag new file mode 100644 index 0000000..79ca3f8 --- /dev/null +++ b/tags/m/manual-page-in-udeb.tag @@ -0,0 +1,5 @@ +Tag: manual-page-in-udeb +Severity: error +Check: documentation/manual +Renamed-From: manpage-in-udeb +Explanation: udeb packages should not contain any manual pages. diff --git a/tags/m/manual-page-with-generic-name.tag b/tags/m/manual-page-with-generic-name.tag new file mode 100644 index 0000000..28a4d3c --- /dev/null +++ b/tags/m/manual-page-with-generic-name.tag @@ -0,0 +1,8 @@ +Tag: manual-page-with-generic-name +Severity: error +Check: documentation/manual +Renamed-From: manpage-has-overly-generic-name +Explanation: The manual page appears to have an overly generic name that is likely to + clash with other packages. + . + Please check your debian/rules or upstream Makefile. diff --git a/tags/m/maven-plugin-in-usr-share-java.tag b/tags/m/maven-plugin-in-usr-share-java.tag new file mode 100644 index 0000000..df13ea5 --- /dev/null +++ b/tags/m/maven-plugin-in-usr-share-java.tag @@ -0,0 +1,5 @@ +Tag: maven-plugin-in-usr-share-java +Severity: warning +Check: languages/java +Explanation: A maven plugin is incorrectly installed in /usr/share/java. + Maven plugins should be installed in /usr/share/maven-repo diff --git a/tags/m/mawk-script-but-no-mawk-dep.tag b/tags/m/mawk-script-but-no-mawk-dep.tag new file mode 100644 index 0000000..77e3893 --- /dev/null +++ b/tags/m/mawk-script-but-no-mawk-dep.tag @@ -0,0 +1,9 @@ +Tag: mawk-script-but-no-mawk-dep +Severity: error +Check: scripts +Explanation: Packages that use mawk scripts must depend on the mawk package. + If they don't need mawk-specific features, and can just as easily work + with gawk, then they should be awk scripts instead. + . + In some cases a weaker relationship, such as Suggests or Recommends, will + be more appropriate. diff --git a/tags/m/maybe-not-arch-all-binnmuable.tag b/tags/m/maybe-not-arch-all-binnmuable.tag new file mode 100644 index 0000000..9b1a194 --- /dev/null +++ b/tags/m/maybe-not-arch-all-binnmuable.tag @@ -0,0 +1,10 @@ +Tag: maybe-not-arch-all-binnmuable +Severity: classification +Check: debian/version-substvars +Experimental: yes +Explanation: Tag to attempt to measure the number of packages that might + have an issue with arch:all binNMUs. + . + At this time, please do *not* attempt to "fix" the problem. It + is not clear what the solution is (if any at all), nor is it clear + that this is something that will or should be supported. diff --git a/tags/m/md5sum-mismatch.tag b/tags/m/md5sum-mismatch.tag new file mode 100644 index 0000000..a132cbe --- /dev/null +++ b/tags/m/md5sum-mismatch.tag @@ -0,0 +1,12 @@ +Tag: md5sum-mismatch +Severity: error +Check: md5sums +Explanation: The md5sum listed for the file does not match the actual file + contents. + . + Usually, this error occurs during the package build process if the + <code>debian/tmp/</code> directory is touched after <code>dh_md5sums</code> + is run. + . + Font files regenerated at post-install time by <code>t1c2pfb</code> + should be overridden. diff --git a/tags/m/md5sums-lists-nonexistent-file.tag b/tags/m/md5sums-lists-nonexistent-file.tag new file mode 100644 index 0000000..d1a0e2b --- /dev/null +++ b/tags/m/md5sums-lists-nonexistent-file.tag @@ -0,0 +1,9 @@ +Tag: md5sums-lists-nonexistent-file +Severity: error +Check: md5sums +Explanation: The md5sums control file lists a file which is not included in the + package. + . + Usually, this error occurs during the package build process if the + <code>debian/tmp/</code> directory is touched after <code>dh_md5sums</code> + is run. diff --git a/tags/m/mentions-deprecated-usr-lib-perl5-directory.tag b/tags/m/mentions-deprecated-usr-lib-perl5-directory.tag new file mode 100644 index 0000000..983d038 --- /dev/null +++ b/tags/m/mentions-deprecated-usr-lib-perl5-directory.tag @@ -0,0 +1,10 @@ +# Imported from pkg-perl-tools (named usr-lib-perl5-mentioned there) +Tag: mentions-deprecated-usr-lib-perl5-directory +Severity: error +Check: languages/perl/perl5 +Experimental: yes +Explanation: As of Perl 5.20, the vendorarch directory is /usr/lib/<triplet>/perl5, + but this package still uses usr/lib/perl5 in some of the files under debian/. + Please replace that with the value of $Config{vendorarch} configuration + parameter, e.g. + $(shell perl -MConfig -wE'say substr($$Config{vendorarch},1)') diff --git a/tags/m/menu-command-not-in-package.tag b/tags/m/menu-command-not-in-package.tag new file mode 100644 index 0000000..b8b8bbe --- /dev/null +++ b/tags/m/menu-command-not-in-package.tag @@ -0,0 +1,8 @@ +Tag: menu-command-not-in-package +Severity: warning +Check: menu-format +Explanation: The <code>menu</code> item specifies a command that is not shipped + in the package. + . + The condition can be caused by a typo. Sometimes, an executable was moved + without updating the <code>menu</code> file. diff --git a/tags/m/menu-file-in-usr-lib.tag b/tags/m/menu-file-in-usr-lib.tag new file mode 100644 index 0000000..d546a34 --- /dev/null +++ b/tags/m/menu-file-in-usr-lib.tag @@ -0,0 +1,11 @@ +Tag: menu-file-in-usr-lib +Severity: warning +Check: menus +Explanation: The installation location <code>/usr/lib/menu</code> for + <code>menu</code> files has been deprecated since version 2.1.25 (but + still works). Menu files should go into <code>/usr/share/menu</code>. + . + Only menu files that are compiled executables still need to go into + <code>/usr/lib/menu</code>. +See-Also: + menu-manual 3.1 diff --git a/tags/m/menu-icon-cannot-be-parsed.tag b/tags/m/menu-icon-cannot-be-parsed.tag new file mode 100644 index 0000000..d3acfb4 --- /dev/null +++ b/tags/m/menu-icon-cannot-be-parsed.tag @@ -0,0 +1,10 @@ +Tag: menu-icon-cannot-be-parsed +Severity: warning +Check: menu-format +Explanation: The <code>icon</code> file could not be parsed. + . + Sometimes, it is a bad XPM file. Sometimes, Lintian parsing needs to be + improved. + . + If window managers and other standard tools accept the file without + complaints, please file a bug against Lintian. diff --git a/tags/m/menu-icon-missing.tag b/tags/m/menu-icon-missing.tag new file mode 100644 index 0000000..7bb60ed --- /dev/null +++ b/tags/m/menu-icon-missing.tag @@ -0,0 +1,17 @@ +Tag: menu-icon-missing +Severity: warning +Check: menu-format +Explanation: The given icon file was not found. + . + If the path to the icon that is listed in the menu file is absolute, + make sure that your package also installs the icon at that path. + . + If the path is just a filename or otherwise a relative path, make sure + the icon is being installed in <code>/usr/share/pixmaps</code>, which + is the default location. + . + If the icon is provided by another package on which this package + depends, Lintian may not be able to determine if the icon is + available. In that case, please override this tag. +See-Also: + menu-manual 3.7 diff --git a/tags/m/menu-icon-not-in-xpm-format.tag b/tags/m/menu-icon-not-in-xpm-format.tag new file mode 100644 index 0000000..9f08f29 --- /dev/null +++ b/tags/m/menu-icon-not-in-xpm-format.tag @@ -0,0 +1,14 @@ +Tag: menu-icon-not-in-xpm-format +Severity: error +Check: menu-format +Explanation: The named icon is not in XPM format. + . + Icons in the Debian menu system should be in XPM format. + . + While other image types such as PNG seem to work as well, window managers + are not required to support them. + . + Using such non-XPM icons could break interoperability. +See-Also: + menu-manual 3.7, + Bug#591812 diff --git a/tags/m/menu-icon-too-big.tag b/tags/m/menu-icon-too-big.tag new file mode 100644 index 0000000..a2ad1de --- /dev/null +++ b/tags/m/menu-icon-too-big.tag @@ -0,0 +1,10 @@ +Tag: menu-icon-too-big +Severity: error +Check: menu-format +Explanation: Icons in the Debian <code>menu</code> system should be at most 32x32 + pixels in size. + . + Sometimes the size is even reflected in the icon name. For example, + <code>icon16x16</code> should be no larger than 16x16 pixels. +See-Also: + menu-manual 3.7 diff --git a/tags/m/menu-icon-uses-relative-path.tag b/tags/m/menu-icon-uses-relative-path.tag new file mode 100644 index 0000000..9869150 --- /dev/null +++ b/tags/m/menu-icon-uses-relative-path.tag @@ -0,0 +1,10 @@ +Tag: menu-icon-uses-relative-path +Severity: warning +Check: menu-format +Explanation: This package contains a <code>menu</code> file that refers to an icon + via a relative path. + . + Icons should be referenced by their absolute paths. +See-Also: + menu-manual 3.2, + Bug#693477 diff --git a/tags/m/menu-item-contains-unknown-tag.tag b/tags/m/menu-item-contains-unknown-tag.tag new file mode 100644 index 0000000..cec2470 --- /dev/null +++ b/tags/m/menu-item-contains-unknown-tag.tag @@ -0,0 +1,10 @@ +Tag: menu-item-contains-unknown-tag +Severity: warning +Check: menu-format +Explanation: The <code>menu</code> item has a line with a tag that is not + a standard tags, such as <code>needs=</code>, <code>section=</code>, + <code>title=</code>, <code>longtitle=</code>, or <code>command=</code> + etc. + . + While other tags can be used, it is rare. More commonly, the tag name was + misspelled. diff --git a/tags/m/menu-item-creates-new-root-section.tag b/tags/m/menu-item-creates-new-root-section.tag new file mode 100644 index 0000000..3500c37 --- /dev/null +++ b/tags/m/menu-item-creates-new-root-section.tag @@ -0,0 +1,8 @@ +Tag: menu-item-creates-new-root-section +Severity: error +Check: menu-format +Explanation: The <code>menu</code> item has a line that specifies a new menu section + in the root menu. + . + The addition of new sections at the root level should be cleared with the author + of <code>menu</code>. diff --git a/tags/m/menu-item-creates-new-section.tag b/tags/m/menu-item-creates-new-section.tag new file mode 100644 index 0000000..c34f6a7 --- /dev/null +++ b/tags/m/menu-item-creates-new-section.tag @@ -0,0 +1,11 @@ +Tag: menu-item-creates-new-section +Severity: warning +Check: menu-format +Explanation: The <code>menu</code> item has a line specifying an unknown + section, or it uses a section intended only as a menu root item that + applications should not use directly. + . + The section could be misspelled. Otherwise, please check the section + against the list of valid names in the menu policy. +See-Also: + menu-policy 2.1 diff --git a/tags/m/menu-item-missing-required-tag.tag b/tags/m/menu-item-missing-required-tag.tag new file mode 100644 index 0000000..1c6b9fe --- /dev/null +++ b/tags/m/menu-item-missing-required-tag.tag @@ -0,0 +1,9 @@ +Tag: menu-item-missing-required-tag +Severity: error +Check: menu-format +Explanation: A line in the given <code>menu</code> item is missing a + required tag. + . + Without the tag, the line probably has no effect whatsoever, except + <code>install-menu</code> may report an error during package + installation. diff --git a/tags/m/menu-item-needs-dwww.tag b/tags/m/menu-item-needs-dwww.tag new file mode 100644 index 0000000..09500be --- /dev/null +++ b/tags/m/menu-item-needs-dwww.tag @@ -0,0 +1,7 @@ +Tag: menu-item-needs-dwww +Severity: warning +Check: menu-format +Explanation: The menu item has <code>needs=dwww</code>, but that is deprecated. Please + register your documentation with <code>doc-base</code>. + . + The <code>dwww</code> entries will be generated automatically. diff --git a/tags/m/menu-item-needs-tag-has-unknown-value.tag b/tags/m/menu-item-needs-tag-has-unknown-value.tag new file mode 100644 index 0000000..95e9a0d --- /dev/null +++ b/tags/m/menu-item-needs-tag-has-unknown-value.tag @@ -0,0 +1,8 @@ +Tag: menu-item-needs-tag-has-unknown-value +Severity: warning +Check: menu-format +Explanation: The <code>menu</code> item has a strange value in a <code>needs=</code> + field. + . + It is possible the value is intentional. More than likely, however, there was + a typo that will cause <code>menu</code> to ignore the line. diff --git a/tags/m/menu-item-uses-apps-games-section.tag b/tags/m/menu-item-uses-apps-games-section.tag new file mode 100644 index 0000000..546331c --- /dev/null +++ b/tags/m/menu-item-uses-apps-games-section.tag @@ -0,0 +1,8 @@ +Tag: menu-item-uses-apps-games-section +Severity: warning +Check: menu-format +Explanation: The <code>menu</code> item has a line specifying a section under + <code>Apps/Games</code>. That section was renamed. It is now just called + <code>Games</code>. +See-Also: + menu-policy 2.1 diff --git a/tags/m/menu-item-uses-apps-section.tag b/tags/m/menu-item-uses-apps-section.tag new file mode 100644 index 0000000..309bc0e --- /dev/null +++ b/tags/m/menu-item-uses-apps-section.tag @@ -0,0 +1,8 @@ +Tag: menu-item-uses-apps-section +Severity: warning +Check: menu-format +Explanation: The <code>menu</code> item has a line specifying a section under + <code>Apps</code>. That section was renamed. It is now called + <code>Applications</code>. +See-Also: + menu-policy 2.1 diff --git a/tags/m/menu-item-uses-icon-none.tag b/tags/m/menu-item-uses-icon-none.tag new file mode 100644 index 0000000..387a8ef --- /dev/null +++ b/tags/m/menu-item-uses-icon-none.tag @@ -0,0 +1,6 @@ +Tag: menu-item-uses-icon-none +Severity: warning +Check: menu-format +Explanation: The <code>menu</code> item has a line that uses <code>icon=none</code>. + It is redundant and deprecated. If there is no icon, just leave off the + <code>icon</code> tag. diff --git a/tags/m/menu-item-uses-windowmanagers-section.tag b/tags/m/menu-item-uses-windowmanagers-section.tag new file mode 100644 index 0000000..7b48b7f --- /dev/null +++ b/tags/m/menu-item-uses-windowmanagers-section.tag @@ -0,0 +1,8 @@ +Tag: menu-item-uses-windowmanagers-section +Severity: warning +Check: menu-format +Explanation: The <code>menu</code> item has a line specifying a section under + <code>WindowManagers</code>. That section was renamed. It is now called + <code>Window Managers</code>. +See-Also: + menu-policy 2.1 diff --git a/tags/m/menu-method-lacks-include.tag b/tags/m/menu-method-lacks-include.tag new file mode 100644 index 0000000..7d94744 --- /dev/null +++ b/tags/m/menu-method-lacks-include.tag @@ -0,0 +1,12 @@ +Tag: menu-method-lacks-include +Severity: error +Check: menus +Renamed-From: + menu-method-should-include-menu-h +Explanation: A <code>menu-method</code> file must include the <code>menu.h</code> + configuration file, like so: + . + (using "!include menu.h"). +See-Also: + menu-manual 5, + http://www.tldp.org/HOWTO/NCURSES-Programming-HOWTO/menus.html diff --git a/tags/m/mismatch-translated-choices.tag b/tags/m/mismatch-translated-choices.tag new file mode 100644 index 0000000..f249587 --- /dev/null +++ b/tags/m/mismatch-translated-choices.tag @@ -0,0 +1,12 @@ +Tag: mismatch-translated-choices +Severity: error +Check: debian/debconf +Explanation: A "Choices:" field is a comma separated list, and translated + "Choices:" fields must have the exact same number of elements. One + of the translations does not follow this rule, you should contact the + translator and request for a new translation where elements of "Choices:" + fields have no embedded commas. + . + Cdebconf understands escaped commas in such fields, but packages + outside the scope of debian-installer must not have them until they are + also supported by debconf. diff --git a/tags/m/mismatched-override.tag b/tags/m/mismatched-override.tag new file mode 100644 index 0000000..9adb9b1 --- /dev/null +++ b/tags/m/mismatched-override.tag @@ -0,0 +1,15 @@ +Tag: mismatched-override +Severity: warning +Show-Always: yes +Check: lintian +Explanation: The named tag would have been silenced except the context + specified with the override did not match. + . + Lintian may now provide a different context for the tag, or something + could have changed in a new version of your package. Either way, + overrides work best when you require as little context as needed. + . + You can use wildcards, such as * or ? in the context to + make a match more likely. + . + Please remove or adjust the override. diff --git a/tags/m/mismatched-python-substvar.tag b/tags/m/mismatched-python-substvar.tag new file mode 100644 index 0000000..98cd69f --- /dev/null +++ b/tags/m/mismatched-python-substvar.tag @@ -0,0 +1,8 @@ +Tag: mismatched-python-substvar +Severity: warning +Check: languages/python +Explanation: The specified package declares a dependency on <code>${python:Depends}</code> + whilst appearing to be a Python 3.x package or a dependency on + <code>${python3:Depends}</code> when it appears to be a package for Python 2.x. + . + Please adjust the substvar to match the intended Python version. diff --git a/tags/m/misnamed-po-file.tag b/tags/m/misnamed-po-file.tag new file mode 100644 index 0000000..45333f7 --- /dev/null +++ b/tags/m/misnamed-po-file.tag @@ -0,0 +1,13 @@ +Tag: misnamed-po-file +Severity: warning +Check: debian/po-debconf +Explanation: The name of this PO file doesn't appear to be a valid language + code. Any files in <code>debian/po</code> ending in <code>.po</code> will be + processed as translations by po2debconf for the language code equal to + the file name without the trailing <code>.po</code>. If the file name does + not correctly reflect the language of the translation, the translation + will not be accessible to users of that language. + . + If this file isn't actually a PO file, rename it to something that + doesn't end in <code>.po</code> or move it to another directory so that + translation merging programs will not be confused. diff --git a/tags/m/misplaced-extra-member-in-deb.tag b/tags/m/misplaced-extra-member-in-deb.tag new file mode 100644 index 0000000..94edf61 --- /dev/null +++ b/tags/m/misplaced-extra-member-in-deb.tag @@ -0,0 +1,6 @@ +Tag: misplaced-extra-member-in-deb +Severity: error +Check: deb-format +Explanation: The binary package contains an extra member that Lintian did not + expect or expected at a different position. +See-Also: deb(5) diff --git a/tags/m/misplaced-systemd-tmpfiles.tag b/tags/m/misplaced-systemd-tmpfiles.tag new file mode 100644 index 0000000..8cd4af4 --- /dev/null +++ b/tags/m/misplaced-systemd-tmpfiles.tag @@ -0,0 +1,7 @@ +Tag: misplaced-systemd-tmpfiles +Severity: error +Check: systemd/tmpfiles +Renamed-from: + systemd-tmpfiles.d-outside-usr-lib +Explanation: The package ships a systemd tmpfiles.d(5) conf file outside + <code>/usr/lib/tmpfiles.d/</code> diff --git a/tags/m/missing-build-dependency-for-dh-addon.tag b/tags/m/missing-build-dependency-for-dh-addon.tag new file mode 100644 index 0000000..ee1b627 --- /dev/null +++ b/tags/m/missing-build-dependency-for-dh-addon.tag @@ -0,0 +1,6 @@ +Tag: missing-build-dependency-for-dh-addon +Severity: error +Check: debhelper +Explanation: The source package appears to be using a dh addon but doesn't build + depend on the package that actually provides it. If it uses it, it must + build depend on it. diff --git a/tags/m/missing-build-dependency-for-dh_-command.tag b/tags/m/missing-build-dependency-for-dh_-command.tag new file mode 100644 index 0000000..ae59ea2 --- /dev/null +++ b/tags/m/missing-build-dependency-for-dh_-command.tag @@ -0,0 +1,6 @@ +Tag: missing-build-dependency-for-dh_-command +Severity: error +Check: debhelper +Explanation: The source package appears to be using a dh_ command but doesn't build + depend on the package that actually provides it. If it uses it, it must + build depend on it. diff --git a/tags/m/missing-build-depends-for-clean-target-in-debian-rules.tag b/tags/m/missing-build-depends-for-clean-target-in-debian-rules.tag new file mode 100644 index 0000000..d6668de --- /dev/null +++ b/tags/m/missing-build-depends-for-clean-target-in-debian-rules.tag @@ -0,0 +1,18 @@ +Tag: missing-build-depends-for-clean-target-in-debian-rules +Severity: error +Check: debian/rules +Renamed-From: + clean-should-be-satisfied-by-build-depends +Explanation: The specified condition must be satisfied to run the <code>clean</code> + target in <code>debian/rules</code>. + . + Please add a suitable prerequisite to <code>Build-Depends</code> (and not + <code>Build-Depends-Indep</code>) even if no architecture-dependent packages + are being built. + . + The condition you see in the context is not a recommendation on what to add. If + you see a list, more than likely only one member is needed to make this tag go + away. You probably also do not need the <code>:any</code> multiarch qualifier, + if you see one. +See-Also: + debian-policy 7.7 diff --git a/tags/m/missing-built-using-field-for-golang-package.tag b/tags/m/missing-built-using-field-for-golang-package.tag new file mode 100644 index 0000000..6460424 --- /dev/null +++ b/tags/m/missing-built-using-field-for-golang-package.tag @@ -0,0 +1,14 @@ +Tag: missing-built-using-field-for-golang-package +Severity: info +Check: languages/golang/built-using +Explanation: The stanza for a Golang installation package in the + <code>debian/control</code> file does not include a + <code>Built-Using</code> field that contains the <code>${misc:Built-Using}</code> + substitution variable. + . + The <code>dh-golang(1)</code> build system provides the <code>${misc:Built-Using}</code> + variable. It is used when scheduling binNMUs. + . + Please add the following line to the relevant stanza: + . + <code>Built-Using: ${misc:Built-Using}</code> diff --git a/tags/m/missing-call-to-dpkg-maintscript-helper.tag b/tags/m/missing-call-to-dpkg-maintscript-helper.tag new file mode 100644 index 0000000..10c291b --- /dev/null +++ b/tags/m/missing-call-to-dpkg-maintscript-helper.tag @@ -0,0 +1,8 @@ +Tag: missing-call-to-dpkg-maintscript-helper +Severity: error +Check: maintainer-scripts/helper/dpkg +Explanation: The maintainer script is missing a call to the specified + <code>dpkg-maintscript-helper</code> command. The uses are coordinated + and need each other. +See-Also: + dpkg-maintscript-helper(1) diff --git a/tags/m/missing-call-to-update-fonts.tag b/tags/m/missing-call-to-update-fonts.tag new file mode 100644 index 0000000..757b66b --- /dev/null +++ b/tags/m/missing-call-to-update-fonts.tag @@ -0,0 +1,11 @@ +Tag: missing-call-to-update-fonts +Severity: warning +Check: desktop/x11/font/update +Explanation: The named maintainer script ships the specified X11 font but does + not appear to call <code>update-fonts-scale</code> or <code>update-fonts-dir</code> + in its <code>postinst</code> script. + . + If you are using <code>dh_installxfonts</code>, add <code>${misc:Depends}</code> + as a prerequisite and <code>dh_installxfonts</code> will take care of it for you. +See-Also: + https://lists.debian.org/msgid-search/CAJqvfD-A1EPXxF_mS=_BaQ0FtqygVwRUf+23WqSqrkSmYgVAtA@mail.gmail.com diff --git a/tags/m/missing-conffile.tag b/tags/m/missing-conffile.tag new file mode 100644 index 0000000..571bd64 --- /dev/null +++ b/tags/m/missing-conffile.tag @@ -0,0 +1,12 @@ +Tag: missing-conffile +Severity: error +Check: conffiles +Renamed-From: conffile-is-not-in-package +Explanation: The conffiles control file lists this path, but the path does + not appear to exist in the package. Lintian may also emit this tag + when the file exists, but the canonical name is used in the + "conffiles" control file (e.g. if a parent segment are symlinks). + . + Note that dpkg and Lintian strips all whitespace from the right hand + side of each line. Thus it is not possible for a file ending with + trailing whitespace to be marked as a conffile. diff --git a/tags/m/missing-debconf-dependency-for-preinst.tag b/tags/m/missing-debconf-dependency-for-preinst.tag new file mode 100644 index 0000000..998942f --- /dev/null +++ b/tags/m/missing-debconf-dependency-for-preinst.tag @@ -0,0 +1,8 @@ +Tag: missing-debconf-dependency-for-preinst +Severity: warning +Check: debian/debconf +Explanation: Packages using debconf in their preinst scripts must pre-depend + on debconf. + . + Since debconf is usually installed already, that is better than + depending on it but falling back to a different configuration system. diff --git a/tags/m/missing-debconf-dependency.tag b/tags/m/missing-debconf-dependency.tag new file mode 100644 index 0000000..f7be858 --- /dev/null +++ b/tags/m/missing-debconf-dependency.tag @@ -0,0 +1,5 @@ +Tag: missing-debconf-dependency +Severity: warning +Check: debian/debconf +Explanation: Packages using debconf should depend on it, since debconf is not an + essential package. diff --git a/tags/m/missing-debian-source-format.tag b/tags/m/missing-debian-source-format.tag new file mode 100644 index 0000000..1f0739e --- /dev/null +++ b/tags/m/missing-debian-source-format.tag @@ -0,0 +1,19 @@ +Tag: missing-debian-source-format +Severity: warning +Check: debian/source-dir +Explanation: Explicitly selecting a source format by putting the format in + <code>debian/source/format</code> is recommended. This allows for + future removal of the 1.0 default for the package source format and, + depending on the source format, may allow unambiguous declaration of + whether this package is native or non-native. + . + If you don't have a reason to stay with the old format for this package, + please consider switching to "3.0 (quilt)" (for packages with a separate + upstream tarball) or to "3.0 (native)" (for Debian native packages). + . + If you wish to keep using the old format, please create that file and put + "1.0" in it to be explicit about the source package version. If you have + problems with the 3.0 format, the dpkg maintainers are interested in + hearing, at debian-dpkg@lists.debian.org, the (technical) reasons why the + new formats do not suit you. +See-Also: dpkg-source(1), https://wiki.debian.org/Projects/DebSrc3.0 diff --git a/tags/m/missing-debian-watch-file-standard.tag b/tags/m/missing-debian-watch-file-standard.tag new file mode 100644 index 0000000..1cca43f --- /dev/null +++ b/tags/m/missing-debian-watch-file-standard.tag @@ -0,0 +1,11 @@ +Tag: missing-debian-watch-file-standard +Severity: warning +Check: debian/watch/standard +Renamed-From: + debian-watch-file-missing-version +Explanation: The <code>debian/watch</code> file in this package doesn't start a + <code>version=</code> line. The first non-comment line of + <code>debian/watch</code> should be a <code>version=</code> declaration. This + may mean that this is an old version one watch file that should be + updated to the current version. +See-Also: uscan(1) diff --git a/tags/m/missing-dep-for-interpreter.tag b/tags/m/missing-dep-for-interpreter.tag new file mode 100644 index 0000000..d948e24 --- /dev/null +++ b/tags/m/missing-dep-for-interpreter.tag @@ -0,0 +1,9 @@ +Tag: missing-dep-for-interpreter +Severity: error +Check: scripts +Explanation: You used an interpreter for a script that is not in an essential + package. In most cases, you will need to add a Dependency on the + package that contains the interpreter. + . + In some cases a weaker relationship, such as Suggests or Recommends, will + be more appropriate. diff --git a/tags/m/missing-dep-on-jarwrapper.tag b/tags/m/missing-dep-on-jarwrapper.tag new file mode 100644 index 0000000..98914f7 --- /dev/null +++ b/tags/m/missing-dep-on-jarwrapper.tag @@ -0,0 +1,6 @@ +Tag: missing-dep-on-jarwrapper +Severity: error +Check: languages/java +See-Also: java-policy 2.2 +Explanation: Packages containing an executable JAR must depend on jarwrapper or + other packages providing similar functionalities. diff --git a/tags/m/missing-dependency-on-libc.tag b/tags/m/missing-dependency-on-libc.tag new file mode 100644 index 0000000..f1eb346 --- /dev/null +++ b/tags/m/missing-dependency-on-libc.tag @@ -0,0 +1,15 @@ +Tag: missing-dependency-on-libc +Severity: error +Check: binaries/prerequisites +Explanation: The listed file appears to be linked against the C library, but the + package doesn't depend on the C library package. Normally this indicates + that ${shlibs:Depends} was omitted from the Depends line for this package + in <code>debian/control</code>. + . + All shared libraries and compiled binaries must be run through + dpkg-shlibdeps to find out any libraries they are linked against (often + via the dh_shlibdeps debhelper command). The package containing these + files must then depend on ${shlibs:Depends} in <code>debian/control</code> to + get the proper package dependencies for those libraries. +See-Also: + debian-policy 8.6.1 diff --git a/tags/m/missing-dependency-on-libstdc++.tag b/tags/m/missing-dependency-on-libstdc++.tag new file mode 100644 index 0000000..1d4bc01 --- /dev/null +++ b/tags/m/missing-dependency-on-libstdc++.tag @@ -0,0 +1,16 @@ +Tag: missing-dependency-on-libstdc++ +Severity: error +Check: binaries/prerequisites +Experimental: yes +Explanation: The listed file appears to be linked against the C++ library, but the + package doesn't depend on the C++ library package. Normally this indicates + that ${shlibs:Depends} was omitted from the Depends line for this package + in <code>debian/control</code>. + . + All shared libraries and compiled binaries must be run through + dpkg-shlibdeps to find out any libraries they are linked against (often + via the dh_shlibdeps debhelper command). The package containing these + files must then depend on ${shlibs:Depends} in <code>debian/control</code> to + get the proper package dependencies for those libraries. +See-Also: + debian-policy 8.6.1 diff --git a/tags/m/missing-dependency-on-numpy-abi.tag b/tags/m/missing-dependency-on-numpy-abi.tag new file mode 100644 index 0000000..5eb1424 --- /dev/null +++ b/tags/m/missing-dependency-on-numpy-abi.tag @@ -0,0 +1,9 @@ +Tag: missing-dependency-on-numpy-abi +Severity: error +Check: binaries/prerequisites/numpy +Explanation: This package includes a Python extension module, which uses Numpy via its + binary interface. Such packages must depend on python3-numpy-abi*N*. + . + If the package is using debhelper, this problem is usually due to a + missing dh_numpy3 call in <code>debian/rules</code>. +See-Also: /usr/share/doc/python3-numpy/README.DebianMaints diff --git a/tags/m/missing-dependency-on-perlapi.tag b/tags/m/missing-dependency-on-perlapi.tag new file mode 100644 index 0000000..354f29c --- /dev/null +++ b/tags/m/missing-dependency-on-perlapi.tag @@ -0,0 +1,11 @@ +Tag: missing-dependency-on-perlapi +Severity: error +Check: binaries/prerequisites/perl +Explanation: This package includes a *.so file in <code>/usr/lib/.../perl5</code>, + normally indicating that it includes a binary Perl module. Binary Perl + modules must depend on perlapi-$Config{version} (from the Config module). + If the package is using debhelper, this problem is usually due to a + missing dh_perl call in <code>debian/rules</code> or a missing + ${perl:Depends} substitution variable in the Depends line in + <code>debian/control</code>. +See-Also: perl-policy 4.4.2 diff --git a/tags/m/missing-dependency-on-phpapi.tag b/tags/m/missing-dependency-on-phpapi.tag new file mode 100644 index 0000000..de6b8ab --- /dev/null +++ b/tags/m/missing-dependency-on-phpapi.tag @@ -0,0 +1,15 @@ +Tag: missing-dependency-on-phpapi +Severity: error +Check: binaries/prerequisites/php +Explanation: This package includes a *.so file in <code>/usr/lib/phpN</code> + (where N is a number representing the major PHP version), normally + indicating that it includes a PHP extension. PHP extensions must + depend on phpapi-$(php-configN --phpapi), without adding an + alternative package with the OR operator. + . + This can usually be achieved by, for example, adding the following + code to the binary-arch target of the rules file and adding + <code>${php:Depends}</code> to the <code>Depends</code> field of the binary + package shipping the extension: + . + echo "php:Depends=phpapi-$(php-config5 --phpapi)" > debian/substvars diff --git a/tags/m/missing-depends-on-sensible-utils.tag b/tags/m/missing-depends-on-sensible-utils.tag new file mode 100644 index 0000000..73ae3d2 --- /dev/null +++ b/tags/m/missing-depends-on-sensible-utils.tag @@ -0,0 +1,14 @@ +Tag: missing-depends-on-sensible-utils +Severity: error +Check: files/contents +Explanation: The listed file appears to use one or more of the binaries + in <code>sensible-utils</code> but no binary declares a dependency for + this package. + . + As part of the transition to split <code>sensible-utils</code> and + <code>debianutils</code>, the remaining <code>Depends</code> from + <code>debianutils</code> was removed in version 4.8.2. + . + In most cases you will need to add a <code>Depends</code>, + <code>Recommends</code>, <code>Pre-Depends</code> or <code>Suggests</code> + on <code>sensible-utils</code>. diff --git a/tags/m/missing-explanation-for-contrib-or-non-free-package.tag b/tags/m/missing-explanation-for-contrib-or-non-free-package.tag new file mode 100644 index 0000000..30ef5a3 --- /dev/null +++ b/tags/m/missing-explanation-for-contrib-or-non-free-package.tag @@ -0,0 +1,10 @@ +Tag: missing-explanation-for-contrib-or-non-free-package +Severity: info +Check: debian/copyright/dep5 +Explanation: The specified package is in the contrib or non-free archive + area but does not include a "Comment" (or "Disclaimer") field in + its copyright file. + . + Please add a brief comment why this package cannot be part of the + main Debian distribution. +See-Also: debian-policy 12.5 diff --git a/tags/m/missing-explanation-for-repacked-upstream-tarball.tag b/tags/m/missing-explanation-for-repacked-upstream-tarball.tag new file mode 100644 index 0000000..edb4a30 --- /dev/null +++ b/tags/m/missing-explanation-for-repacked-upstream-tarball.tag @@ -0,0 +1,10 @@ +Tag: missing-explanation-for-repacked-upstream-tarball +Severity: info +Check: debian/copyright/dep5 +Explanation: The version of this package contains <code>dfsg</code>, <code>ds</code>, + or <code>debian</code> which normally indicates that the upstream source + has been repackaged, but there is no "Comment" or "Files-Excluded" + field in its copyright file which explains the reason why. + . + Please add a comment why this tarball was repacked or add a suitable + "Files-Excluded" field. diff --git a/tags/m/missing-field-in-dep5-copyright.tag b/tags/m/missing-field-in-dep5-copyright.tag new file mode 100644 index 0000000..80a3520 --- /dev/null +++ b/tags/m/missing-field-in-dep5-copyright.tag @@ -0,0 +1,6 @@ +Tag: missing-field-in-dep5-copyright +Severity: warning +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: The paragraph in the machine readable copyright file is missing a field + that is required by the specification. diff --git a/tags/m/missing-file-from-potfiles-in.tag b/tags/m/missing-file-from-potfiles-in.tag new file mode 100644 index 0000000..e10b4d1 --- /dev/null +++ b/tags/m/missing-file-from-potfiles-in.tag @@ -0,0 +1,6 @@ +Tag: missing-file-from-potfiles-in +Severity: warning +Check: debian/po-debconf +Explanation: A file listed in <code>debian/po/POTFILES.in</code> could not be found + in the source package. +See-Also: po-debconf(7) diff --git a/tags/m/missing-intermediate-directory.tag b/tags/m/missing-intermediate-directory.tag new file mode 100644 index 0000000..dc40dbd --- /dev/null +++ b/tags/m/missing-intermediate-directory.tag @@ -0,0 +1,7 @@ +Tag: missing-intermediate-directory +Severity: warning +Check: files/missing +Explanation: The package contains files in the listed directory, but does + not contain the actual directory itself. Some tools do not cope + very well with this case. Notably Lintian prior to 2.5.32 would + crash on such packages. diff --git a/tags/m/missing-license-paragraph-in-dep5-copyright.tag b/tags/m/missing-license-paragraph-in-dep5-copyright.tag new file mode 100644 index 0000000..451e174 --- /dev/null +++ b/tags/m/missing-license-paragraph-in-dep5-copyright.tag @@ -0,0 +1,12 @@ +Tag: missing-license-paragraph-in-dep5-copyright +Severity: warning +Check: debian/copyright/dep5 +Explanation: The <code>Files</code> paragraph in the machine readable copyright file + references a license for which no stand-alone <code>License</code> paragraph + exists. + . + Sometimes this tag appears because of incorrect ordering. Stand-alone + <code>License</code> paragraphs must appear *after* all <code>Files</code> + paragraphs. +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/, + Bug#959067 diff --git a/tags/m/missing-license-text-in-dep5-copyright.tag b/tags/m/missing-license-text-in-dep5-copyright.tag new file mode 100644 index 0000000..20e85b9 --- /dev/null +++ b/tags/m/missing-license-text-in-dep5-copyright.tag @@ -0,0 +1,6 @@ +Tag: missing-license-text-in-dep5-copyright +Severity: warning +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: The standalone โLicenseโ paragraph contains only short license + name, but not the license text. diff --git a/tags/m/missing-manifest.tag b/tags/m/missing-manifest.tag new file mode 100644 index 0000000..2785bbb --- /dev/null +++ b/tags/m/missing-manifest.tag @@ -0,0 +1,5 @@ +Tag: missing-manifest +Severity: info +Check: languages/java +Explanation: The jar file contains .class files but no manifest. This may + indicate a build misconfiguration. diff --git a/tags/m/missing-notice-file-for-apache-license.tag b/tags/m/missing-notice-file-for-apache-license.tag new file mode 100644 index 0000000..56864fc --- /dev/null +++ b/tags/m/missing-notice-file-for-apache-license.tag @@ -0,0 +1,18 @@ +Tag: missing-notice-file-for-apache-license +Severity: error +Check: debian/copyright/apache-notice +Explanation: The package appears to be licensed under the Apache 2.0 license and + a <code>NOTICE</code> file (or similar) exists in the source tree. However, no + files called <code>NOTICE</code> or <code>NOTICE.txt</code> are installed in any + of the binary packages. + . + The Apache 2.0 license requires distributing of such files: + . + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file [..] + . + Please include the file in your package, for example by adding + <code>path/to/NOTICE</code> to a <code>debian/package.docs</code> file. +See-Also: /usr/share/common-licenses/Apache-2.0 diff --git a/tags/m/missing-pkg-php-tools-addon.tag b/tags/m/missing-pkg-php-tools-addon.tag new file mode 100644 index 0000000..dac8919 --- /dev/null +++ b/tags/m/missing-pkg-php-tools-addon.tag @@ -0,0 +1,10 @@ +Tag: missing-pkg-php-tools-addon +Severity: warning +Check: languages/php/pear +Explanation: The package uses pkg-php-tools but dh command is called without + --with phppear or --with phpcomposer. A PECL package should also have + --with php. + . + pkg-php-tools db addons are the recommended tool for building PHP PEAR or + Composer packages. For more information, install it and read the included + README.PEAR or README.Composer. diff --git a/tags/m/missing-pkg-php-tools-buildsystem.tag b/tags/m/missing-pkg-php-tools-buildsystem.tag new file mode 100644 index 0000000..5b488f1 --- /dev/null +++ b/tags/m/missing-pkg-php-tools-buildsystem.tag @@ -0,0 +1,8 @@ +Tag: missing-pkg-php-tools-buildsystem +Severity: warning +Check: languages/php/pear +Explanation: The package uses pkg-php-tools but dh command is called without + --buildsystem=phppear + . + pkg-php-tools build system is the recommended tool for building PHP PEAR + packages. For more information, install it and read the included README.PEAR. diff --git a/tags/m/missing-potfiles-in.tag b/tags/m/missing-potfiles-in.tag new file mode 100644 index 0000000..136e0ba --- /dev/null +++ b/tags/m/missing-potfiles-in.tag @@ -0,0 +1,6 @@ +Tag: missing-potfiles-in +Severity: warning +Check: debian/po-debconf +Explanation: The required file <code>POTFILES.in</code> is missing from + <code>debian/po</code>. +See-Also: po-debconf(7) diff --git a/tags/m/missing-prerequisite-for-gfortran-module.tag b/tags/m/missing-prerequisite-for-gfortran-module.tag new file mode 100644 index 0000000..22dd98d --- /dev/null +++ b/tags/m/missing-prerequisite-for-gfortran-module.tag @@ -0,0 +1,9 @@ +Tag: missing-prerequisite-for-gfortran-module +Severity: warning +Check: languages/fortran/gfortran +Explanation: The installation package ships a GFORTRAN module but does not depend + on gfortran-mod-<n>, where <n> is the module version (e.g. gfortran-mod-14 + for modules built using GCC 5). +See-Also: Bug#796352, + Bug#714730, + https://salsa.debian.org/science-team/dh-fortran-mod/blob/debian/master/dh_fortran_mod.in diff --git a/tags/m/missing-prerequisite-for-pyproject-backend.tag b/tags/m/missing-prerequisite-for-pyproject-backend.tag new file mode 100644 index 0000000..fbeb4b8 --- /dev/null +++ b/tags/m/missing-prerequisite-for-pyproject-backend.tag @@ -0,0 +1,14 @@ +Tag: missing-prerequisite-for-pyproject-backend +Severity: info +Check: languages/python +Explanation: <code>pybuild</code> now supports building with PEP-517 standard + interfaces natively. These sources could be built using <code>pybuild</code>'s + generic <code>pyproject</code> plugin and the named build backend. + . + Please declare both named prerequisites in <code>Build-Depends</code>. You will + need both the generic <code>pybuild-plugin-pyproject</code> as well as the + specific one to the named backend. It is usually <code>python3-${backend}</code>. + . + No changes are required if you are using <code>pybuild</code>'s dedicated + <code>flit</code> plugin, although that plugin will eventually be deprecated in + favor of the generic <code>pyproject</code> plugin mentioned above. diff --git a/tags/m/missing-runtime-test-file.tag b/tags/m/missing-runtime-test-file.tag new file mode 100644 index 0000000..14f4e3e --- /dev/null +++ b/tags/m/missing-runtime-test-file.tag @@ -0,0 +1,6 @@ +Tag: missing-runtime-test-file +Severity: warning +Check: testsuite +Explanation: A test file listed in the debian/tests/control file does not + exist in the package source. +See-Also: https://salsa.debian.org/ci-team/autopkgtest/tree/master/doc/README.package-tests.rst diff --git a/tags/m/missing-separator-between-items.tag b/tags/m/missing-separator-between-items.tag new file mode 100644 index 0000000..a45486a --- /dev/null +++ b/tags/m/missing-separator-between-items.tag @@ -0,0 +1,7 @@ +Tag: missing-separator-between-items +Severity: error +Check: debian/control/field/relation +Explanation: The named field in the <code>debian/control</code> file is supposed to + list items that are separated by commas or pipes. A separator seems to be missing. + . + Needless to say, it can lead to bogus or incomplete package relationships. diff --git a/tags/m/missing-systemd-service-for-init.d-rcS-script.tag b/tags/m/missing-systemd-service-for-init.d-rcS-script.tag new file mode 100644 index 0000000..fd8c466 --- /dev/null +++ b/tags/m/missing-systemd-service-for-init.d-rcS-script.tag @@ -0,0 +1,15 @@ +Tag: missing-systemd-service-for-init.d-rcS-script +Severity: error +Check: systemd +See-Also: https://wiki.debian.org/Teams/pkg-systemd/rcSMigration +Explanation: The rcS init.d script has no systemd equivalent. + . + Systemd has a SysV init.d script compatibility mode. It provides access to + each SysV init.d script as long as there is no native service file with the + same name (e.g. <code>/lib/systemd/system/rsyslog.service</code> corresponds to + <code>/etc/init.d/rsyslog</code>). + . + Services in rcS.d are particularly problematic, because they often cause + dependency loops, as they are ordered very early in the boot sequence. +Renamed-From: + systemd-no-service-for-init-rcS-script diff --git a/tags/m/missing-systemd-service-for-init.d-script.tag b/tags/m/missing-systemd-service-for-init.d-script.tag new file mode 100644 index 0000000..30a8d8f --- /dev/null +++ b/tags/m/missing-systemd-service-for-init.d-script.tag @@ -0,0 +1,11 @@ +Tag: missing-systemd-service-for-init.d-script +Severity: warning +Check: systemd +Explanation: The specified init.d script has no equivalent systemd service. + . + Whilst systemd has a SysV init.d script compatibility mode, providing + native systemd support has many advantages such as being able to specify + security hardening features. Moreover, the systemd SysV generator will be + deprecated in the future. + . + Please provide a suitable .service file for this script. diff --git a/tags/m/missing-systemd-timer-for-cron-script.tag b/tags/m/missing-systemd-timer-for-cron-script.tag new file mode 100644 index 0000000..5da8fdc --- /dev/null +++ b/tags/m/missing-systemd-timer-for-cron-script.tag @@ -0,0 +1,16 @@ +Tag: missing-systemd-timer-for-cron-script +Severity: warning +Check: systemd +Explanation: This package ships the specified cron script but does not ship a + equivalent systemd <code>.timer</code> unit. + . + The "desktop" and "laptop" tasks no longer pull in anacron(8), the + usual solution for desktop installations that are not running all the + time. + . + Please consider shipping an equivalent <code>.timer</code> file for this + script. +See-Also: + systemd.timer(5), + anacron(8), + Bug#1007257 diff --git a/tags/m/missing-templates-pot.tag b/tags/m/missing-templates-pot.tag new file mode 100644 index 0000000..98cb0f4 --- /dev/null +++ b/tags/m/missing-templates-pot.tag @@ -0,0 +1,6 @@ +Tag: missing-templates-pot +Severity: warning +Check: debian/po-debconf +Explanation: The required file <code>templates.pot</code> is missing from + <code>debian/po</code>. +See-Also: po-debconf(7) diff --git a/tags/m/missing-tests-control.tag b/tags/m/missing-tests-control.tag new file mode 100644 index 0000000..cc7ee84 --- /dev/null +++ b/tags/m/missing-tests-control.tag @@ -0,0 +1,11 @@ +Tag: missing-tests-control +Severity: error +Check: testsuite +Renamed-From: + testsuite-autopkgtest-missing +Explanation: The source package declares the generic <code>Testsuite: autopkgtest</code> + field but provides no <code>debian/tests/control</code> file. + . + The control file is not needed when a specialized test suite such as + <code>autopkgtest-pkg-perl</code> is being used. +See-Also: https://salsa.debian.org/ci-team/autopkgtest/tree/master/doc/README.package-tests.rst diff --git a/tags/m/missing-vcs-browser-field.tag b/tags/m/missing-vcs-browser-field.tag new file mode 100644 index 0000000..8cd50b1 --- /dev/null +++ b/tags/m/missing-vcs-browser-field.tag @@ -0,0 +1,10 @@ +Tag: missing-vcs-browser-field +Severity: info +Check: fields/vcs +Explanation: A Vcs-* field in this package is pointing to a repository that + supports browsing of the repository via a web browser. + . + This is typically a nicer user-experience for developers and avoids + unnecessary and time-consuming clones of the repository. + . + Please add a suitable Vcs-Browser field to the package. diff --git a/tags/m/missing-xs-go-import-path-for-golang-package.tag b/tags/m/missing-xs-go-import-path-for-golang-package.tag new file mode 100644 index 0000000..1a0f3cb --- /dev/null +++ b/tags/m/missing-xs-go-import-path-for-golang-package.tag @@ -0,0 +1,21 @@ +Tag: missing-xs-go-import-path-for-golang-package +Severity: info +Check: languages/golang/import-path +Explanation: This Golang source does not declare a <code>XS-Go-Import-Path</code> + field in the <code>debian/control</code> file.. + . + Many tools like <code>dh-make-golang(1)</code> use the field to resolve + prerequisites correctly. It is also used in the Golang team's CI. + . + When using <code>dh-golang</code>, the field's value should be the same as + <code>DH_GOPKG</code> in <code>debian/rules</code>. The + <code>dh-golang</code> build system then automatically sets <code>DH_GOPKG</code> + to the value from <code>XS-Go-Import-Path</code>. + . + For packages that do not use <code>dh-golang</code>, or for packages whose upstream + does not publish the sources in a way compatible with <code>go get</code> (and hence + does not have a canonical import path) you should use a fake import path. Please + contact the Golang team at for more advice. +See-Also: + https://go-team.pages.debian.net, + https://go-team.pages.debian.net/ci.html. diff --git a/tags/m/misspelled-closes-bug.tag b/tags/m/misspelled-closes-bug.tag new file mode 100644 index 0000000..6e943f7 --- /dev/null +++ b/tags/m/misspelled-closes-bug.tag @@ -0,0 +1,6 @@ +Tag: misspelled-closes-bug +Severity: warning +Check: debian/changelog +See-Also: debian-policy 5.6.22 +Explanation: The last changelog entry uses Close: #123456 instead of correct + Closes: #123456 diff --git a/tags/m/mknod-in-maintainer-script.tag b/tags/m/mknod-in-maintainer-script.tag new file mode 100644 index 0000000..1290c72 --- /dev/null +++ b/tags/m/mknod-in-maintainer-script.tag @@ -0,0 +1,10 @@ +Tag: mknod-in-maintainer-script +Severity: error +Check: maintainer-scripts/mknod +Explanation: Maintainer scripts must not create device files directly. They + should call <code>MAKEDEV</code> instead. + . + If <code>mknod</code> is being used to create a FIFO (named pipe), use + <code>mkfifo</code> instead to avoid triggering this tag. +See-Also: + debian-policy 10.6 diff --git a/tags/m/more-than-one-patch-system.tag b/tags/m/more-than-one-patch-system.tag new file mode 100644 index 0000000..77bf019 --- /dev/null +++ b/tags/m/more-than-one-patch-system.tag @@ -0,0 +1,9 @@ +Tag: more-than-one-patch-system +Severity: warning +Check: debian/patches +Explanation: Either the build-dependencies list more than one patch system or the + package uses the <code>3.0 (quilt)</code> source format but also has a + dependency on <code>dpatch</code>. It's unlikely that you need both patch + systems at the same time, and having multiple patch systems in play + simultaneously can make understanding and modifying the source package + unnecessarily complex. diff --git a/tags/m/multi-arch-same-package-calls-pycompile.tag b/tags/m/multi-arch-same-package-calls-pycompile.tag new file mode 100644 index 0000000..7c85f81 --- /dev/null +++ b/tags/m/multi-arch-same-package-calls-pycompile.tag @@ -0,0 +1,24 @@ +Tag: multi-arch-same-package-calls-pycompile +Severity: warning +Check: scripts +Explanation: This <code>Multi-Arch: same</code> package uses <code>pycompile</code> or + <code>py3compile</code> in the specified maintainer script. + . + <code>py{,3}compile</code> are tools used to byte-compile Python source + files. It is typically run on installation of Debian packages that ship + Python modules. However, they do not support installing several + architectures of the same package and this is not Multi-Arch: safe. + . + If the contents of the package is not architecture dependent, it should + usually be made binary-all. + . + If the contents of the package is architecture dependent, it should + usually get a dependency on the Python interpreter for the same + architecture. This is a dependency in the form of <code>python3</code>, not + an architecture-qualified dependency such as <code>python3:any</code> (which + can be fulfilled by the Python interpreter for any architecture). + . + If a dependency on the Python interpreter for the same architecture + exists (usually generated by <code>dh-python</code>), the + <code>Multi-Arch: same</code> has no effect and should be dropped. +See-Also: pycompile(1), py3compile(1), Bug#812228 diff --git a/tags/m/multi-arch-same-package-has-arch-specific-overrides.tag b/tags/m/multi-arch-same-package-has-arch-specific-overrides.tag new file mode 100644 index 0000000..2e509c8 --- /dev/null +++ b/tags/m/multi-arch-same-package-has-arch-specific-overrides.tag @@ -0,0 +1,8 @@ +Tag: multi-arch-same-package-has-arch-specific-overrides +Severity: warning +Check: fields/multi-arch +Explanation: The specified file contains architecture-specific Lintian overrides + but the package is declared as <code>Multi-Arch: same</code>. +See-Also: + lintian-manual 2.4.3, + Bug#787406 diff --git a/tags/m/multiarch-foreign-cmake-file.tag b/tags/m/multiarch-foreign-cmake-file.tag new file mode 100644 index 0000000..3a44f00 --- /dev/null +++ b/tags/m/multiarch-foreign-cmake-file.tag @@ -0,0 +1,10 @@ +Tag: multiarch-foreign-cmake-file +Severity: error +Check: files/multi-arch +Explanation: The package is architecture-dependent, ships a cmake file in a public, + architecture-dependent cmake search path and is marked <code>Multi-Arch: + foreign</code>. CMake will be unable to find this file, unless it is installed + for a matching architecture, but the <code>foreign</code> marking says that the + architecture should not matter. + . + Please remove the <code>Multi-Arch: foreign</code> stanza. diff --git a/tags/m/multiarch-foreign-pkgconfig.tag b/tags/m/multiarch-foreign-pkgconfig.tag new file mode 100644 index 0000000..ee3edc2 --- /dev/null +++ b/tags/m/multiarch-foreign-pkgconfig.tag @@ -0,0 +1,10 @@ +Tag: multiarch-foreign-pkgconfig +Severity: error +Check: files/multi-arch +Explanation: The package is architecture-dependent, ships a pkg-config file in a + public, architecture-dependent pkg-config search path and is marked + <code>Multi-Arch: foreign</code>. pkg-config will be unable to find this file, + unless it is installed for a matching architecture, but the <code>foreign</code> + marking says that the architecture should not matter. + . + Please remove the <code>Multi-Arch: foreign</code> stanza. diff --git a/tags/m/multiarch-foreign-shared-library.tag b/tags/m/multiarch-foreign-shared-library.tag new file mode 100644 index 0000000..ffc8e9a --- /dev/null +++ b/tags/m/multiarch-foreign-shared-library.tag @@ -0,0 +1,11 @@ +Tag: multiarch-foreign-shared-library +Severity: error +Check: files/multi-arch +Explanation: The package is architecture-dependent, ships a shared library in + a public library search path and is marked <code>Multi-Arch: + foreign</code>. Typically, shared libraries are marked <code>Multi-Arch: + same</code> when possible. Sometimes, private shared libraries are put + into the public library search path to accommodate programs in the + same package, but this package does not contain any programs. + . + Please remove the <code>Multi-Arch: foreign</code> stanza. diff --git a/tags/m/multiarch-foreign-static-library.tag b/tags/m/multiarch-foreign-static-library.tag new file mode 100644 index 0000000..d870a86 --- /dev/null +++ b/tags/m/multiarch-foreign-static-library.tag @@ -0,0 +1,10 @@ +Tag: multiarch-foreign-static-library +Severity: error +Check: files/multi-arch +Explanation: The package is architecture-dependent, ships a static library in a + public, architecture-dependent library search path and is marked + <code>Multi-Arch: foreign</code>. A compiler will be unable to find this file, + unless it is installed for a matching architecture, but the <code>foreign</code> + marking says that the architecture should not matter. + . + Please remove the <code>Multi-Arch: foreign</code> stanza. diff --git a/tags/m/multiline-architecture-field.tag b/tags/m/multiline-architecture-field.tag new file mode 100644 index 0000000..6307f0e --- /dev/null +++ b/tags/m/multiline-architecture-field.tag @@ -0,0 +1,8 @@ +Tag: multiline-architecture-field +Severity: error +Check: debian/control/field/architecture/multiline +Explanation: The values in the <code>Architecture</code> field of the + <code>debian/control</code> file may not be separated by anything other + than spaces. The values must be in a single line of text. +See-Also: + debian-policy 5.6.8 diff --git a/tags/m/multiline-field.tag b/tags/m/multiline-field.tag new file mode 100644 index 0000000..66c2ad1 --- /dev/null +++ b/tags/m/multiline-field.tag @@ -0,0 +1,5 @@ +Tag: multiline-field +Severity: error +Check: fields/multi-line +Explanation: Most control fields must have only a single line of data. +See-Also: debian-policy 5.1 diff --git a/tags/m/multiple-debian-watch-file-standards.tag b/tags/m/multiple-debian-watch-file-standards.tag new file mode 100644 index 0000000..5048bc4 --- /dev/null +++ b/tags/m/multiple-debian-watch-file-standards.tag @@ -0,0 +1,9 @@ +Tag: multiple-debian-watch-file-standards +Severity: warning +Check: debian/watch/standard +Renamed-From: + debian-watch-file-declares-multiple-versions +Explanation: The <code>debian/watch</code> file in this package contains multiple + lines starting with <code>version=</code>. There should be only one version + declaration in a watch file, on the first non-comment line of the file. +See-Also: uscan(1) diff --git a/tags/m/multiple-distributions-in-changes-file.tag b/tags/m/multiple-distributions-in-changes-file.tag new file mode 100644 index 0000000..0d42fa9 --- /dev/null +++ b/tags/m/multiple-distributions-in-changes-file.tag @@ -0,0 +1,11 @@ +Tag: multiple-distributions-in-changes-file +Severity: error +Check: fields/distribution +Explanation: You've specified more than one target distribution for your upload + in the <code>*.changes</code> file, probably via the most recent entry in the + <code>debian/changelog</code> file. + . + Although this syntax is valid, it is not accepted by the Debian archive + management software. This may not be a problem if this upload is + targeted at an archive other than Debian's. +See-Also: debian-policy 5.6.14 diff --git a/tags/n/named-copyright-for-single-installable.tag b/tags/n/named-copyright-for-single-installable.tag new file mode 100644 index 0000000..1b939ff --- /dev/null +++ b/tags/n/named-copyright-for-single-installable.tag @@ -0,0 +1,10 @@ +Tag: named-copyright-for-single-installable +Severity: warning +Check: debian/copyright +See-Also: debian-policy 12.5 +Explanation: Every package must include the file <code>/usr/share/doc/*pkg*/copyright</code>. + A copy of this file should be in <code>debian/copyright</code> in the source package. + . + These sources ship a copyright file named according to debhelper convention + <code>debian/$package.copyright</code> but build only one installable. Please move + the copyright file to <code>debian/copyright</code>. diff --git a/tags/n/national-encoding.tag b/tags/n/national-encoding.tag new file mode 100644 index 0000000..40c5eb5 --- /dev/null +++ b/tags/n/national-encoding.tag @@ -0,0 +1,23 @@ +Tag: national-encoding +Severity: warning +Check: files/encoding +Renamed-From: + national-encoding-in-text-file + debian-changelog-file-uses-obsolete-national-encoding + debian-control-file-uses-obsolete-national-encoding + debian-copyright-file-uses-obsolete-national-encoding + debian-news-file-uses-obsolete-national-encoding + debian-tests-control-uses-national-encoding + doc-base-file-uses-obsolete-national-encoding + national-encoding-in-debconf-template + national-encoding-in-manpage +Explanation: A file is not valid UTF-8. + . + Debian has used UTF-8 for many years. Support for national encodings + is being phased out. This file probably appears to users in mangled + characters (also called mojibake). + . + Packaging control files must be encoded in valid UTF-8. + . + Please convert the file to UTF-8 using <code>iconv</code> or a similar + tool. diff --git a/tags/n/native-source-file-without-utf8-name.tag b/tags/n/native-source-file-without-utf8-name.tag new file mode 100644 index 0000000..f40fc4f --- /dev/null +++ b/tags/n/native-source-file-without-utf8-name.tag @@ -0,0 +1,10 @@ +Tag: native-source-file-without-utf8-name +Severity: error +Check: files/names +See-Also: debian-policy 10.10 +Explanation: The file name in the native source tree is not valid UTF-8. + File names must decode as valid UTF-8. Please rename the file. + . + Unlike other file names in Lintian, which are printed in UTF-8, the + attached reference shows the bytes used by the file system. + Unprintable characters may have been replaced. diff --git a/tags/n/needless-dependency-on-jre.tag b/tags/n/needless-dependency-on-jre.tag new file mode 100644 index 0000000..a62caec --- /dev/null +++ b/tags/n/needless-dependency-on-jre.tag @@ -0,0 +1,15 @@ +Tag: needless-dependency-on-jre +Severity: warning +Check: fields/package-relations +Explanation: The package appear to be a Java library and depending on one + or more JRE/JDK packages. As of 05 Apr 2010, the Java Policy no + longer mandates that Java libraries depend on Java Runtimes. + . + If the library package ships executables along with the library, + then please consider making this an application package or move the + binaries to a (new) application package. + . + If there is otherwise a valid reason for this dependency, please override + the tag. +See-Also: https://lists.debian.org/debian-devel-changes/2010/04/msg00774.html, + Bug#227587 diff --git a/tags/n/needless-suggest-recommend-libservlet-java.tag b/tags/n/needless-suggest-recommend-libservlet-java.tag new file mode 100644 index 0000000..601a624 --- /dev/null +++ b/tags/n/needless-suggest-recommend-libservlet-java.tag @@ -0,0 +1,12 @@ +Tag: needless-suggest-recommend-libservlet-java +Severity: warning +Check: fields/package-relations +Explanation: Package should not suggest or recommend libservlet-java + Java servlets are only used in the context of a server (example: Tomcat or + Jetty). This server will have this dependency and will take care of the + loading of this package with the right libservlet. + . + Removing this dependency will fix this warning. + . + If there is otherwise a valid reason for this suggestion or recommendation, + please override the tag. diff --git a/tags/n/needlessly-depends-on-awk.tag b/tags/n/needlessly-depends-on-awk.tag new file mode 100644 index 0000000..87ccc8f --- /dev/null +++ b/tags/n/needlessly-depends-on-awk.tag @@ -0,0 +1,8 @@ +Tag: needlessly-depends-on-awk +Severity: error +Check: fields/package-relations +Explanation: The package seems to declare a relation on awk. awk is a virtual + package, but it is special since it's de facto essential. If you don't + need to depend on a specific version of awk (which wouldn't work anyway, + as dpkg doesn't support versioned provides), you should remove the + dependency on awk. diff --git a/tags/n/nested-examples-directory.tag b/tags/n/nested-examples-directory.tag new file mode 100644 index 0000000..411842d --- /dev/null +++ b/tags/n/nested-examples-directory.tag @@ -0,0 +1,6 @@ +Tag: nested-examples-directory +Severity: error +Check: documentation/examples +Explanation: Package contains a <code>usr/share/doc/something/examples/examples</code> + directory. It was most likely installed by accident, since one examples/ + directory should be enough for everybody(tm). diff --git a/tags/n/new-essential-package.tag b/tags/n/new-essential-package.tag new file mode 100644 index 0000000..6d518bc --- /dev/null +++ b/tags/n/new-essential-package.tag @@ -0,0 +1,7 @@ +Tag: new-essential-package +Severity: error +Check: fields/essential +Explanation: This package has the Essential flag set. New Essential packages + are sufficiently rare that it seems worth warning about. They should + be discussed on debian-devel first. +See-Also: debian-policy 3.8 diff --git a/tags/n/new-package-should-not-package-python2-module.tag b/tags/n/new-package-should-not-package-python2-module.tag new file mode 100644 index 0000000..39fa255 --- /dev/null +++ b/tags/n/new-package-should-not-package-python2-module.tag @@ -0,0 +1,24 @@ +Tag: new-package-should-not-package-python2-module +Severity: warning +Check: languages/python +Explanation: This package appears to be the initial packaging of a new upstream + software package (ie. it contains a single changelog entry). However, it + ships the specified module for Python 2. + . + Python 2.x modules should not be packaged unless strictly necessary (such + as being explicitly requested by an end-user or required as part of a + dependency chain) as the 2.x series of Python is due for deprecation and + will not be maintained by upstream past 2020 and will likely be dropped + after the release of Debian <code>buster</code>. + . + If upstream have not yet moved to Python 3, please be certain that Debian + would benefit from the inclusion, continued maintenance burden and eventual + removal of this package before you upload. + . + This warning can be ignored if the package is not intended for Debian or + if it is a split of an existing Debian package. This warning can also be + ignored if viewed on https://lintian.debian.org/. + . + Please do not override this warning. Instead, add a justification to your + changelog entry. Lintian will detect your comment in the changelog. It ensures + that your rationale is preserved for posterity. diff --git a/tags/n/new-package-uses-date-based-version-number.tag b/tags/n/new-package-uses-date-based-version-number.tag new file mode 100644 index 0000000..8babd9d --- /dev/null +++ b/tags/n/new-package-uses-date-based-version-number.tag @@ -0,0 +1,11 @@ +Tag: new-package-uses-date-based-version-number +Severity: warning +Check: debian/changelog +Explanation: This package appears to be the first packaging of a new upstream + software package (there is only one changelog entry and the Debian + revision is 1) and uses a date-based versioning scheme such as + YYYYMMDD-1. + . + Packages using date-based version numbering should use a "0~" prefix + (eg. 0~20201612-1 or similar) to avoid having to introduce an epoch if + upstream starts tagging releases in a more conventional manner. diff --git a/tags/n/newer-debconf-templates.tag b/tags/n/newer-debconf-templates.tag new file mode 100644 index 0000000..4bc4305 --- /dev/null +++ b/tags/n/newer-debconf-templates.tag @@ -0,0 +1,13 @@ +Tag: newer-debconf-templates +Severity: warning +Check: debian/po-debconf +Explanation: debconf-updatepo has not been run since the last change to your + debconf templates. + . + You should run debconf-updatepo whenever debconf templates files are + changed so that translators can be warned that their files are + outdated. + . + This can be ensured by running debconf-updatepo in the 'clean' target + of <code>debian/rules</code>. PO files will then always be up-to-date when + building the source package. diff --git a/tags/n/newer-standards-version.tag b/tags/n/newer-standards-version.tag new file mode 100644 index 0000000..12d6e19 --- /dev/null +++ b/tags/n/newer-standards-version.tag @@ -0,0 +1,8 @@ +Tag: newer-standards-version +Severity: warning +Check: fields/standards-version +Explanation: The source package refers to a Standards-Version which is + newer than the highest one Lintian is programmed to check. + . + If the source package is correct, please upgrade Lintian to the newest + version. diff --git a/tags/n/nfs-temporary-file-in-package.tag b/tags/n/nfs-temporary-file-in-package.tag new file mode 100644 index 0000000..9a27e15 --- /dev/null +++ b/tags/n/nfs-temporary-file-in-package.tag @@ -0,0 +1,7 @@ +Tag: nfs-temporary-file-in-package +Severity: warning +Check: files/unwanted +Explanation: There is a file in the package whose name matches the format NFS + uses to temporarily save files that were deleted while another process + had them open. It may have been included in the package by accident + while building the package in an NFS filesystem. diff --git a/tags/n/nmu-in-changelog.tag b/tags/n/nmu-in-changelog.tag new file mode 100644 index 0000000..7c4d754 --- /dev/null +++ b/tags/n/nmu-in-changelog.tag @@ -0,0 +1,13 @@ +Tag: nmu-in-changelog +Severity: warning +Check: nmu +Renamed-From: changelog-should-not-mention-nmu +Explanation: The first line of the changelog entry for this package appears to + indicate it is a non-maintainer upload (by including either that string + or the string "NMU" and not saying that it's an acknowledgement), but the + changelog indicates the person making this release is one of the + maintainers. + . + If this was intended to be an NMU, do not add yourself as a maintainer or + uploader. Otherwise, please rephrase your changelog entry to not cause + confusion. diff --git a/tags/n/no-changelog.tag b/tags/n/no-changelog.tag new file mode 100644 index 0000000..3835def --- /dev/null +++ b/tags/n/no-changelog.tag @@ -0,0 +1,18 @@ +Tag: no-changelog +Severity: error +Check: debian/changelog +Renamed-From: + changelog-file-missing-in-native-package + debian-changelog-file-missing +Explanation: A Debian package that provides a <code>/usr/share/doc/*pkg*</code> + directory must install a changelog file. + . + For native packages the best name is + <code>/usr/share/doc/*pkg*/changelog.gz</code>. + . + For non-native packages the best name is + <code>/usr/share/doc/*pkg*/changelog.Debian.gz</code>. + . + This tag may also be emitted when the changelog exists but does not + otherwise resemble a Debian changelog. +See-Also: debian-policy 12.7 diff --git a/tags/n/no-code-sections.tag b/tags/n/no-code-sections.tag new file mode 100644 index 0000000..cfeb6db --- /dev/null +++ b/tags/n/no-code-sections.tag @@ -0,0 +1,11 @@ +Tag: no-code-sections +Severity: error +Check: libraries/static/no-code +Explanation: + The named members of the static library have no usable code sections. + . + It happens when shared objects are built with <code>-flto=auto</code> but + without <code>-ffat-lto-objects</code>. <code>dh_strip</code> strips the + LTO sections but may leave the static library without any usable code. +See-Also: + Bug#977596 diff --git a/tags/n/no-complete-debconf-translation.tag b/tags/n/no-complete-debconf-translation.tag new file mode 100644 index 0000000..521f72a --- /dev/null +++ b/tags/n/no-complete-debconf-translation.tag @@ -0,0 +1,13 @@ +Tag: no-complete-debconf-translation +Severity: info +Check: debian/po-debconf +Explanation: Even though this package provides debconf translation support, there + are no translations or none of the translations are complete. This may + mean that translators weren't properly warned about new strings. + . + Translators may be notified of changes using podebconf-report-po, for + example: + . + podebconf-report-po --call --withtranslators --deadline="+10 days" \ + --languageteam +See-Also: developer-reference 6.5.2.2 diff --git a/tags/n/no-copyright-file.tag b/tags/n/no-copyright-file.tag new file mode 100644 index 0000000..8f46204 --- /dev/null +++ b/tags/n/no-copyright-file.tag @@ -0,0 +1,6 @@ +Tag: no-copyright-file +Severity: error +Check: debian/copyright +Explanation: Each binary package has to include a plain file + /usr/share/doc/*pkg*/copyright +See-Also: debian-policy 12.5 diff --git a/tags/n/no-ctrl-scripts.tag b/tags/n/no-ctrl-scripts.tag new file mode 100644 index 0000000..656f177 --- /dev/null +++ b/tags/n/no-ctrl-scripts.tag @@ -0,0 +1,5 @@ +Tag: no-ctrl-scripts +Severity: classification +Check: control-files +Explanation: The package does not rely on any maintainer scripts (or other + executable control files). diff --git a/tags/n/no-debconf-config.tag b/tags/n/no-debconf-config.tag new file mode 100644 index 0000000..be17ef7 --- /dev/null +++ b/tags/n/no-debconf-config.tag @@ -0,0 +1,6 @@ +Tag: no-debconf-config +Severity: error +Check: debian/debconf +Explanation: The package contains a "templates" file in its control area but has no + corresponding "config" script. This is occasionally OK, but is usually an + error. diff --git a/tags/n/no-debconf-templates.tag b/tags/n/no-debconf-templates.tag new file mode 100644 index 0000000..2657b25 --- /dev/null +++ b/tags/n/no-debconf-templates.tag @@ -0,0 +1,6 @@ +Tag: no-debconf-templates +Severity: warning +Check: debian/debconf +Explanation: The package contains a "config" script in its control area but has no + corresponding "templates" file. This is occasionally OK, but is usually an + error. diff --git a/tags/n/no-debian-changes.tag b/tags/n/no-debian-changes.tag new file mode 100644 index 0000000..61b84c0 --- /dev/null +++ b/tags/n/no-debian-changes.tag @@ -0,0 +1,19 @@ +Tag: no-debian-changes +Severity: warning +Check: files/artifact +Renamed-From: + empty-debian-diff +Explanation: This non-native package makes no changes to the upstream sources + in the Debian-related files. + . + Maybe a mistake was made when the upstream tarball was created, or maybe this + package is really a native package but was built non-native by mistake. + . + Debian packaging is sometimes maintained as part of upstream, but that is not + recommended as best practice. Please make this package native, if the software + is only for Debian. Otherwise, please remove the <code>debian</code> directory + from upstream releases and add it in the Debian packaging. + . + Format 1.0 packages are subject to the restriction that the diff cannot remove + files from the <code>debian</code> directory. For Format 3.0 packages, the + <code>debian</code> directory is automatically purged during unpacking. diff --git a/tags/n/no-debian-copyright-in-source.tag b/tags/n/no-debian-copyright-in-source.tag new file mode 100644 index 0000000..4be0876 --- /dev/null +++ b/tags/n/no-debian-copyright-in-source.tag @@ -0,0 +1,7 @@ +Tag: no-debian-copyright-in-source +Severity: warning +Check: debian/copyright +Renamed-From: no-debian-copyright +See-Also: debian-policy 12.5 +Explanation: Every package must include the file <code>/usr/share/doc/*pkg*/copyright</code>. + A copy of this file should be in <code>debian/copyright</code> in the source package. diff --git a/tags/n/no-dep5-copyright.tag b/tags/n/no-dep5-copyright.tag new file mode 100644 index 0000000..b16c56e --- /dev/null +++ b/tags/n/no-dep5-copyright.tag @@ -0,0 +1,8 @@ +Tag: no-dep5-copyright +Severity: pedantic +Check: debian/copyright/dep5 +Explanation: This package does not use a machine-readable debian/copyright file. + . + This format makes it easier to review licenses and can be easily parsed + by Lintian. +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ diff --git a/tags/n/no-dh-sequencer.tag b/tags/n/no-dh-sequencer.tag new file mode 100644 index 0000000..900a60e --- /dev/null +++ b/tags/n/no-dh-sequencer.tag @@ -0,0 +1,10 @@ +Tag: no-dh-sequencer +Severity: info +Check: debian/rules/dh-sequencer +Explanation: This package does not use the <code>dh</code> sequencer in <code>debian/rules</code>. + . + While maintainers may use a variety of build systems, this one + is by far the most popular. + . + Maintainers are strongly encouraged to use the <code>dh</code> sequencer + in new packages and convert existing ones when appropriate. diff --git a/tags/n/no-english-manual-page.tag b/tags/n/no-english-manual-page.tag new file mode 100644 index 0000000..6b9ce09 --- /dev/null +++ b/tags/n/no-english-manual-page.tag @@ -0,0 +1,10 @@ +Tag: no-english-manual-page +Severity: warning +Check: documentation/manual +Renamed-From: binary-without-english-manpage +Explanation: Each binary in <code>/usr/bin</code>, <code>/usr/sbin</code>, <code>/bin</code>, + <code>/sbin</code> or <code>/usr/games</code> should have a manual page. You do + not provide an English manual page, but only a translated one. + . + Since the English language serves as a fallback option, the lack of an + English page leaves most users without any kind of manual page at all. diff --git a/tags/n/no-homepage-field.tag b/tags/n/no-homepage-field.tag new file mode 100644 index 0000000..2c034ab --- /dev/null +++ b/tags/n/no-homepage-field.tag @@ -0,0 +1,8 @@ +Tag: no-homepage-field +Severity: pedantic +Check: fields/homepage +Explanation: This non-native package lacks a <code>Homepage</code> field. If the + package has an upstream home page that contains useful information or + resources for the end user, consider adding a <code>Homepage</code> control + field to <code>debian/control</code>. +See-Also: debian-policy 5.6.23 diff --git a/tags/n/no-human-maintainers.tag b/tags/n/no-human-maintainers.tag new file mode 100644 index 0000000..e252a33 --- /dev/null +++ b/tags/n/no-human-maintainers.tag @@ -0,0 +1,7 @@ +Tag: no-human-maintainers +Severity: error +Check: fields/maintainer +Explanation: The Maintainer address for this package is a mailing list and there + are no Uploaders listed. Team-maintained packages must list the human + maintainers in the Uploaders field. +See-Also: debian-policy 3.3, developer-reference 5.12 diff --git a/tags/n/no-manual-page.tag b/tags/n/no-manual-page.tag new file mode 100644 index 0000000..c540ef8 --- /dev/null +++ b/tags/n/no-manual-page.tag @@ -0,0 +1,23 @@ +Tag: no-manual-page +Severity: warning +Check: documentation/manual +Renamed-From: binary-without-manpage +Explanation: Each binary in <code>/usr/bin</code>, <code>/usr/sbin</code>, <code>/bin</code>, + <code>/sbin</code> or <code>/usr/games</code> should have a manual page + . + Note that though the <code>man</code> program has the capability to check for + several program names in the NAMES section, each of these programs + should have its own manual page (a symbolic link to the appropriate + manual page is sufficient) because other manual page viewers such as + xman or tkman don't support this. + . + If the name of the manual page differs from the binary by case, <code>man</code> + may be able to find it anyway; however, it is still best practice to match + the exact capitalization of the executable in the manual page. + . + If the manual pages are provided by another package on which this package + depends, Lintian may not be able to determine that manual pages are + available. In this case, after confirming that all binaries do have + manual pages after this package and its dependencies are installed, please + add a Lintian override. +See-Also: debian-policy 12.1 diff --git a/tags/n/no-md5sums-control-file.tag b/tags/n/no-md5sums-control-file.tag new file mode 100644 index 0000000..b342b37 --- /dev/null +++ b/tags/n/no-md5sums-control-file.tag @@ -0,0 +1,12 @@ +Tag: no-md5sums-control-file +Severity: info +Check: md5sums +Explanation: This package does not contain an md5sums control file. This control + file listing the MD5 checksums of the contents of the package is not + required, but if present debsums can use it to verify that no files + shipped with your package have been modified. Providing it is + recommended. + . + If you are using debhelper to create your package, just add a call to + <code>dh_md5sums</code> at the end of your binary-indep or binary-arch + target, right before <code>dh_builddeb</code>. diff --git a/tags/n/no-newline-at-end.tag b/tags/n/no-newline-at-end.tag new file mode 100644 index 0000000..b2fa29d --- /dev/null +++ b/tags/n/no-newline-at-end.tag @@ -0,0 +1,7 @@ +Tag: no-newline-at-end +Severity: warning +Check: debian/trailing-whitespace +Explanation: The named text file does not end with a newline. + . + Git considers it a whitespace error. Emacs will offer to add it. + It is usually a good idea to do so. diff --git a/tags/n/no-nmu-in-changelog.tag b/tags/n/no-nmu-in-changelog.tag new file mode 100644 index 0000000..5ea5d55 --- /dev/null +++ b/tags/n/no-nmu-in-changelog.tag @@ -0,0 +1,15 @@ +Tag: no-nmu-in-changelog +Severity: warning +Check: nmu +Renamed-From: changelog-should-mention-nmu +Explanation: When you NMU a package, that fact should be mentioned on the first line + in the changelog entry. Use the words "NMU" or "Non-maintainer upload" + (case insensitive). + . + Maybe you didn't intend this upload to be a NMU, in that case, please + double-check that the most recent entry in the changelog is byte-for-byte + identical to the maintainer or one of the uploaders. If this is a local + package (not intended for Debian), you can suppress this warning by + putting "local" in the version number or "local package" on the first + line of the changelog entry. +See-Also: developer-reference 5.11.3 diff --git a/tags/n/no-op-testsuite.tag b/tags/n/no-op-testsuite.tag new file mode 100644 index 0000000..82fec57 --- /dev/null +++ b/tags/n/no-op-testsuite.tag @@ -0,0 +1,15 @@ +Tag: no-op-testsuite +Severity: warning +Check: testsuite +Explanation: This package declares a single autopkgtest which will always + pass as it uses a "no-op" command such as <code>/bin/true</code>. + . + As the results of autopkgtests influence migration from unstable + to testing this is undesirable and could be even considered an + unfair or unwarranted "advantage". Installability of packages is + better tested with piuparts which is also used to influence + testing migration. + . + Please update your autopkgtest to actually test the binary package(s) + when installed. +See-Also: https://ci.debian.net/doc/ diff --git a/tags/n/no-phrase.tag b/tags/n/no-phrase.tag new file mode 100644 index 0000000..2ec8f47 --- /dev/null +++ b/tags/n/no-phrase.tag @@ -0,0 +1,13 @@ +Tag: no-phrase +Severity: error +Check: fields/mail-address +Renamed-From: + maintainer-name-missing + changed-by-name-missing +Explanation: The named contact includes an email address, but no name + (which email folks call the *phrase*). + . + The contact information must contain both a name and a mail address. +See-Also: debian-policy 5.6.2, + debian-policy 5.6.3, + debian-policy 5.6.4 diff --git a/tags/n/no-qa-in-changelog.tag b/tags/n/no-qa-in-changelog.tag new file mode 100644 index 0000000..3e78559 --- /dev/null +++ b/tags/n/no-qa-in-changelog.tag @@ -0,0 +1,7 @@ +Tag: no-qa-in-changelog +Severity: warning +Check: nmu +Renamed-From: changelog-should-mention-qa +Explanation: If this upload is to orphan this package, please mention this fact on + the first line of the changelog. If this is a QA upload, please mention "QA + (group) upload" there. diff --git a/tags/n/no-shlibs.tag b/tags/n/no-shlibs.tag new file mode 100644 index 0000000..ed10b1b --- /dev/null +++ b/tags/n/no-shlibs.tag @@ -0,0 +1,9 @@ +Tag: no-shlibs +Severity: error +Check: debian/shlibs +Renamed-From: + no-shlibs-control-file +Explanation: Although the package includes a shared library, the package does not + have a shlibs control file. If this is intentional, please override this + error. +See-Also: debian-policy 8.6 diff --git a/tags/n/no-source-section.tag b/tags/n/no-source-section.tag new file mode 100644 index 0000000..fe018fa --- /dev/null +++ b/tags/n/no-source-section.tag @@ -0,0 +1,5 @@ +Tag: no-source-section +Severity: classification +Check: debian/control/field/section +Explanation: The <code>debian/control</code> file does not declare a + <code>Section</code> field in the source stanza. diff --git a/tags/n/no-strong-digests-in-dsc.tag b/tags/n/no-strong-digests-in-dsc.tag new file mode 100644 index 0000000..375f1a3 --- /dev/null +++ b/tags/n/no-strong-digests-in-dsc.tag @@ -0,0 +1,15 @@ +Tag: no-strong-digests-in-dsc +Severity: error +Check: fields/checksums +Explanation: This <code>.dsc</code> file contains no + <code>Checksum-Sha256</code> field and hence only weak digests. + . + This tag should show up only for source packages built with + <code>dpkg-source</code> older than version 1.14.17 (from March 2008). + It will probably not show up when you run Lintian locally but may be + seen on + https://lintian.debian.org/ for legacy source packages in the archive. + . + This tags can be fixed by rebuilding the source package + with a more recent version of <code>dpkg-source</code>, i.e. by making + a new upload. diff --git a/tags/n/no-symbols-control-file.tag b/tags/n/no-symbols-control-file.tag new file mode 100644 index 0000000..9910b44 --- /dev/null +++ b/tags/n/no-symbols-control-file.tag @@ -0,0 +1,10 @@ +Tag: no-symbols-control-file +Severity: info +Check: debian/shlibs +Explanation: Although the package includes a shared library, the package does not + have a symbols control file. + . + dpkg can use symbols files in order to generate more accurate library + dependencies for applications, based on the symbols from the library that + are actually used by the application. +See-Also: dpkg-gensymbols(1), https://wiki.debian.org/UsingSymbolsFiles diff --git a/tags/n/no-template-description.tag b/tags/n/no-template-description.tag new file mode 100644 index 0000000..ac79ff3 --- /dev/null +++ b/tags/n/no-template-description.tag @@ -0,0 +1,8 @@ +Tag: no-template-description +Severity: error +Check: debian/debconf +Explanation: The templates file contains a template without a + <code>Description</code> field. +See-Also: + debconf-specification 3, + debconf-devel(7) diff --git a/tags/n/no-template-name.tag b/tags/n/no-template-name.tag new file mode 100644 index 0000000..e784df0 --- /dev/null +++ b/tags/n/no-template-name.tag @@ -0,0 +1,4 @@ +Tag: no-template-name +Severity: error +Check: debian/debconf +Explanation: The templates file contains a template without a "Template:" field. diff --git a/tags/n/no-template-type.tag b/tags/n/no-template-type.tag new file mode 100644 index 0000000..9d1f4ae --- /dev/null +++ b/tags/n/no-template-type.tag @@ -0,0 +1,4 @@ +Tag: no-template-type +Severity: error +Check: debian/debconf +Explanation: The templates file contains a template without a "Type:" field. diff --git a/tags/n/no-tests.tag b/tags/n/no-tests.tag new file mode 100644 index 0000000..9145e2f --- /dev/null +++ b/tags/n/no-tests.tag @@ -0,0 +1,7 @@ +Tag: no-tests +Severity: warning +Check: testsuite +Explanation: The autopackage test suite does not define any tests via + either the <code>Tests</code> field or the <code>Test-Command</code> + field. +See-Also: https://salsa.debian.org/ci-team/autopkgtest/tree/master/doc/README.package-tests.rst diff --git a/tags/n/no-versioned-debhelper-prerequisite.tag b/tags/n/no-versioned-debhelper-prerequisite.tag new file mode 100644 index 0000000..90dfa9d --- /dev/null +++ b/tags/n/no-versioned-debhelper-prerequisite.tag @@ -0,0 +1,28 @@ +Tag: no-versioned-debhelper-prerequisite +Severity: warning +Check: debhelper +Renamed-From: + package-needs-versioned-debhelper-build-depends + package-lacks-versioned-build-depends-on-debhelper +Explanation: The package either doesn't declare a versioned build dependency on + debhelper or does not declare a versioned build dependency on a new + enough version of debhelper to satisfy the declared compatibility level. + . + The required version of debhelper is not guaranteed to be satisfied + in all supported releases of Debian and therefore this may lead to + a build failure. + . + The recommended practice is to always declare an explicit versioned + dependency on debhelper equal to or greater than the compatibility level + used by the package, even if the versioned dependency isn't strictly + necessary. Having a versioned dependency also helps with backports to + older releases and correct builds on partially updated systems. + . + Packages not using an experimental or beta compatibility level may + alternatively Build-Depend on the debhelper-compat virtual package, for + example: + . + Build-Depends: debhelper-compat (= 13) + . + Note if you are using a compat level marked as experimental (such as + compat 12 in debhelper 11.4~) please explicitly override this tag. diff --git a/tags/n/node-package-install-in-nodejs-rootdir.tag b/tags/n/node-package-install-in-nodejs-rootdir.tag new file mode 100644 index 0000000..804998a --- /dev/null +++ b/tags/n/node-package-install-in-nodejs-rootdir.tag @@ -0,0 +1,5 @@ +Tag: node-package-install-in-nodejs-rootdir +Severity: error +Check: languages/javascript/nodejs +Explanation: This package contains a file under /usr/*/nodejs + instead of /usr/*/nodejs/${package}. diff --git a/tags/n/nodejs-lock-file.tag b/tags/n/nodejs-lock-file.tag new file mode 100644 index 0000000..105eda7 --- /dev/null +++ b/tags/n/nodejs-lock-file.tag @@ -0,0 +1,16 @@ +Tag: nodejs-lock-file +Severity: error +Check: languages/javascript/nodejs +Explanation: package-lock.json is automatically generated for any operations where + npm modifies either the node_modules tree, or package.json. It + describes the exact tree that was generated, such that subsequent + installs are able to generate identical trees, regardless of + intermediate dependency updates. + . + These information are useless from a debian point of view, because + version are managed by dpkg. + . + Moreover, package-lock.json feature to pin to some version + dependencies is a anti feature of the debian way of managing package, + and could lead to security problems in the likely case of debian + solving security problems by patching instead of upgrading. diff --git a/tags/n/nodejs-missing-version-override.tag b/tags/n/nodejs-missing-version-override.tag new file mode 100644 index 0000000..3987570 --- /dev/null +++ b/tags/n/nodejs-missing-version-override.tag @@ -0,0 +1,6 @@ +Tag: nodejs-missing-version-override +Severity: error +Check: languages/javascript/nodejs +Explanation: This package installs the specified nodejs module with a + wrong version. Upstream probably uses semantic-release to publish its + module. You must override this version field in related package.json. diff --git a/tags/n/nodejs-module-installed-in-bad-directory.tag b/tags/n/nodejs-module-installed-in-bad-directory.tag new file mode 100644 index 0000000..3c0847f --- /dev/null +++ b/tags/n/nodejs-module-installed-in-bad-directory.tag @@ -0,0 +1,9 @@ +Tag: nodejs-module-installed-in-bad-directory +Severity: warning +Check: languages/javascript/nodejs +Explanation: This package installs the specified nodejs module in a location that + does not match its name declared in package.json. This renders this module + unusable using a simple <code>require()</code>. + . + You can use pkg-js-tools auto installer to avoid this, see + <code>/usr/share/doc/pkg-js-tools/README.md.gz</code> diff --git a/tags/n/nodejs-module-installed-in-usr-lib.tag b/tags/n/nodejs-module-installed-in-usr-lib.tag new file mode 100644 index 0000000..3585495 --- /dev/null +++ b/tags/n/nodejs-module-installed-in-usr-lib.tag @@ -0,0 +1,11 @@ +Tag: nodejs-module-installed-in-usr-lib +Severity: warning +Check: languages/javascript/nodejs +Explanation: This package installs the specified file under <code>/usr/lib/nodejs</code>. + Since the release of Buster, these files should be installed under + <code>/usr/share/nodejs</code> (for arch *independent* modules) or + <code>/usr/lib/$DEB_HOST_MULTIARCH/nodejs</code> (for arch *dependent* modules) + instead. + . + You can use pkg-js-tools auto installer to avoid this, see + <code>/usr/share/doc/pkg-js-tools/README.md.gz</code> diff --git a/tags/n/nodejs-module-not-declared.tag b/tags/n/nodejs-module-not-declared.tag new file mode 100644 index 0000000..a15c0a1 --- /dev/null +++ b/tags/n/nodejs-module-not-declared.tag @@ -0,0 +1,8 @@ +Tag: nodejs-module-not-declared +Severity: warning +Check: languages/javascript/nodejs +Explanation: This package installs the specified nodejs module in a nodejs root + directory without declaring it in "Provides:" field in debian/control. + . + You can use <code>Provides: ${nodejs:Provides}</code> provided by pkg-js-tools + to fix this. See <code>/usr/share/doc/pkg-js-tools/README.md.gz</code> for more. diff --git a/tags/n/nodejs-module.tag b/tags/n/nodejs-module.tag new file mode 100644 index 0000000..76a28f5 --- /dev/null +++ b/tags/n/nodejs-module.tag @@ -0,0 +1,4 @@ +Tag: nodejs-module +Severity: classification +Check: languages/javascript/nodejs +Explanation: Display nodejs module name, version and path diff --git a/tags/n/non-conf-file-in-modprobe.d.tag b/tags/n/non-conf-file-in-modprobe.d.tag new file mode 100644 index 0000000..887d75d --- /dev/null +++ b/tags/n/non-conf-file-in-modprobe.d.tag @@ -0,0 +1,11 @@ +Tag: non-conf-file-in-modprobe.d +Severity: error +Check: modprobe +See-Also: https://lists.debian.org/debian-devel/2009/03/msg00119.html +Explanation: Files in <code>/etc/modprobe.d</code> should use filenames ending in + <code>.conf</code>. modprobe silently ignores all files which do not match + this convention. + . + If the file is an example containing only comments, consider installing + it in another location as files in <code>/etc/modprobe.d</code> are + read each time modprobe is run (which is often at boot time). diff --git a/tags/n/non-consecutive-debian-revision.tag b/tags/n/non-consecutive-debian-revision.tag new file mode 100644 index 0000000..08d73a6 --- /dev/null +++ b/tags/n/non-consecutive-debian-revision.tag @@ -0,0 +1,8 @@ +Tag: non-consecutive-debian-revision +Severity: pedantic +Check: debian/changelog +Experimental: yes +Explanation: The latest changelog entry refers to a Debian revision (eg. + <code>1.2-3</code>) that is not consecutive to the previous changelog entry + (eg. <code>1.2-2</code>). Please use a consecutive Debian revision or use a + UNRELEASED version instead. diff --git a/tags/n/non-debug-file-in-debug-package.tag b/tags/n/non-debug-file-in-debug-package.tag new file mode 100644 index 0000000..aded7d5 --- /dev/null +++ b/tags/n/non-debug-file-in-debug-package.tag @@ -0,0 +1,9 @@ +Tag: non-debug-file-in-debug-package +Severity: error +Check: files/debug-packages +Explanation: This auto-generated package (eg. <code>-dbgsym</code>) contains the + specified file that is not a <code>.debug</code> file. + . + This may be due to the upstream build system miscalculating + installation paths. +See-Also: Bug#958945 diff --git a/tags/n/non-empty-dependency_libs-in-la-file.tag b/tags/n/non-empty-dependency_libs-in-la-file.tag new file mode 100644 index 0000000..988f774 --- /dev/null +++ b/tags/n/non-empty-dependency_libs-in-la-file.tag @@ -0,0 +1,15 @@ +Tag: non-empty-dependency_libs-in-la-file +Severity: error +Check: build-systems/libtool/la-file +Explanation: The dependency_libs field in the .la file has not been cleared. It has + long been a release goal to get rid of unneeded .la files and clearing the + dependency_libs field from the rest of them. + . + A non-empty dependency_libs field will also stall the Multi-Arch + conversion. + . + The .la file in itself may be useful if the library is loaded dynamically + via libltdl. +See-Also: https://wiki.debian.org/ReleaseGoals/LAFileRemoval, + https://lists.debian.org/debian-devel/2011/05/msg01003.html, + https://lists.debian.org/debian-devel/2011/05/msg01146.html diff --git a/tags/n/non-etc-file-marked-as-conffile.tag b/tags/n/non-etc-file-marked-as-conffile.tag new file mode 100644 index 0000000..4744f8d --- /dev/null +++ b/tags/n/non-etc-file-marked-as-conffile.tag @@ -0,0 +1,7 @@ +Tag: non-etc-file-marked-as-conffile +Severity: error +Check: conffiles +Explanation: A file installed in some other directory than <code>/etc</code> + is marked as conffile. A conffile typically implies a configuration + file, and Policy mandates such files to be in <code>/etc</code>. +See-Also: debian-policy 10.7.2 diff --git a/tags/n/non-free-flash.tag b/tags/n/non-free-flash.tag new file mode 100644 index 0000000..777da0c --- /dev/null +++ b/tags/n/non-free-flash.tag @@ -0,0 +1,5 @@ +Tag: non-free-flash +Severity: error +Check: files/non-free +Explanation: The given Flash file has a filename which suggests that it may be + one of a number of known Flash files with non-free content. diff --git a/tags/n/non-multi-arch-lib-dir.tag b/tags/n/non-multi-arch-lib-dir.tag new file mode 100644 index 0000000..382f48b --- /dev/null +++ b/tags/n/non-multi-arch-lib-dir.tag @@ -0,0 +1,7 @@ +Tag: non-multi-arch-lib-dir +Severity: warning +Check: files/hierarchy/standard +Explanation: The following library use an old path (like /lib64 or /lib32) + instead of using multi-arch path (like for instance + /lib/x86_64-linux-gnu/ or /lib/i386-linux-gnu/). +See-Also: https://wiki.debian.org/Multiarch diff --git a/tags/n/non-standard-apache2-configuration-name.tag b/tags/n/non-standard-apache2-configuration-name.tag new file mode 100644 index 0000000..46e1ad2 --- /dev/null +++ b/tags/n/non-standard-apache2-configuration-name.tag @@ -0,0 +1,7 @@ +Tag: non-standard-apache2-configuration-name +Severity: warning +Check: apache2 +Explanation: The package appears to be a web application which is installing a + configuration file for the Apache2 HTTPD server. To avoid name clashes, any file + installed to <code>/etc/apache2/{sites,conf}-available</code> should match the binary package + name and must not start with <code>local-</code>. diff --git a/tags/n/non-standard-apache2-module-package-name.tag b/tags/n/non-standard-apache2-module-package-name.tag new file mode 100644 index 0000000..4a87400 --- /dev/null +++ b/tags/n/non-standard-apache2-module-package-name.tag @@ -0,0 +1,7 @@ +Tag: non-standard-apache2-module-package-name +Severity: warning +Check: apache2 +Explanation: The package appears to be an Apache2 HTTPD server module but it + does not follow the module naming scheme. Apache2 HTTPD modules should + be called <code>libapache2-mod-name</code> with <code>mod-name</code> being the + actual <code>mod_name.so</code> equivalent. diff --git a/tags/n/non-standard-dir-in-usr.tag b/tags/n/non-standard-dir-in-usr.tag new file mode 100644 index 0000000..c87390e --- /dev/null +++ b/tags/n/non-standard-dir-in-usr.tag @@ -0,0 +1,8 @@ +Tag: non-standard-dir-in-usr +Severity: warning +Check: files/hierarchy/standard +Explanation: The FHS says "No large software packages should use a direct + subdirectory under the <code>/usr</code> hierarchy". This package contains + a directory in <code>/usr</code> that is not mentioned in the Filesystem + Hierarchy Standard. +See-Also: filesystem-hierarchy theusrhierarchy diff --git a/tags/n/non-standard-dir-in-var.tag b/tags/n/non-standard-dir-in-var.tag new file mode 100644 index 0000000..bfa3543 --- /dev/null +++ b/tags/n/non-standard-dir-in-var.tag @@ -0,0 +1,8 @@ +Tag: non-standard-dir-in-var +Severity: error +Check: files/hierarchy/standard +Explanation: The FHS says "Applications should generally not add directories to + the top level of <code>/var</code>. Such directories should only be added + if they have some system-wide implication, and in consultation with the + FHS mailing list." +See-Also: filesystem-hierarchy thevarhierarchy diff --git a/tags/n/non-standard-dir-perm.tag b/tags/n/non-standard-dir-perm.tag new file mode 100644 index 0000000..013aa82 --- /dev/null +++ b/tags/n/non-standard-dir-perm.tag @@ -0,0 +1,6 @@ +Tag: non-standard-dir-perm +Severity: warning +Check: files/permissions +Explanation: The directory has a mode different from 0755, and it's not one of the + known exceptions. +See-Also: debian-policy 10.9 diff --git a/tags/n/non-standard-executable-perm.tag b/tags/n/non-standard-executable-perm.tag new file mode 100644 index 0000000..119271f --- /dev/null +++ b/tags/n/non-standard-executable-perm.tag @@ -0,0 +1,8 @@ +Tag: non-standard-executable-perm +Severity: warning +Check: files/permissions +Explanation: Executables that are not setuid or setgid should always have a mode + of 0755. Since anyone can obtain the executable by downloading the + Debian package and extracting it, restricting access serves little + purpose. +See-Also: debian-policy 10.9 diff --git a/tags/n/non-standard-file-perm.tag b/tags/n/non-standard-file-perm.tag new file mode 100644 index 0000000..72465a6 --- /dev/null +++ b/tags/n/non-standard-file-perm.tag @@ -0,0 +1,32 @@ +Tag: non-standard-file-perm +Severity: warning +Check: files/permissions +Explanation: The file has a mode different from 0644. In some cases this is + intentional, but in other cases this is a bug. +See-Also: debian-policy 10.9 + +Screen: toolchain/gnat/ali-read-only +Advocates: Nicolas Boulenguez <nicolas@debian.org> +Reason: In GNAT, the compiler also deals with dependencies and rebuild order. + The <code>.ali</code> files contain the dependency information required to detect + if a <code>.o</code> is more recent than the closure of all sources it depends + upon, or if it should be rebuilt. + . + By convention, a read-only <code>.ali</code> file tells <code>GNAT</code> to fail if + the <code>.o</code> is obsolete or unavailable, instead of attempting to rebuild. + This is recommended for packaged libraries (the <code>.so</code> or <code>.a</code> + are available but not the <code>.o</code> files). + . + This convention may seem bizarre according to modern standards, but it + has been in use for 25 years, so Adacore would probably need a + compelling reason to break it. + . + See also Debian Policy 8.4, which explicitly requires this: + . + If the package provides Ada Library Information (<code>*.ali</code>) files for use + with <code>GNAT</code>, these files must be installed read-only (mode 0444) so that + <code>GNAT</code> will not attempt to recompile them. This overrides the normal + file mode requirements given in "Permissions and owners." +See-Also: + debian-policy 8.4, + Bug#986400 diff --git a/tags/n/non-standard-file-permissions-for-etc-init.d-script.tag b/tags/n/non-standard-file-permissions-for-etc-init.d-script.tag new file mode 100644 index 0000000..ed449d9 --- /dev/null +++ b/tags/n/non-standard-file-permissions-for-etc-init.d-script.tag @@ -0,0 +1,5 @@ +Tag: non-standard-file-permissions-for-etc-init.d-script +Severity: error +Check: files/init +Explanation: Usually, scripts in the <code>/etc/init.d</code> directory should have + mode 0755. diff --git a/tags/n/non-standard-game-executable-perm.tag b/tags/n/non-standard-game-executable-perm.tag new file mode 100644 index 0000000..f113c7a --- /dev/null +++ b/tags/n/non-standard-game-executable-perm.tag @@ -0,0 +1,8 @@ +Tag: non-standard-game-executable-perm +Severity: warning +Check: files/permissions +Explanation: The file is owned by the games group but is not mode 2755. If a + game does not have to be setgid games, it should be owned by the root + group like any other executable. This executable is either owned by the + wrong group or is not setgid when it should be. +See-Also: debian-policy 11.11 diff --git a/tags/n/non-standard-setuid-executable-perm.tag b/tags/n/non-standard-setuid-executable-perm.tag new file mode 100644 index 0000000..57c42d0 --- /dev/null +++ b/tags/n/non-standard-setuid-executable-perm.tag @@ -0,0 +1,10 @@ +Tag: non-standard-setuid-executable-perm +Severity: warning +Check: files/permissions +Explanation: The file is setuid or setgid and has a mode different from any of + 2755, 4755, 4754, or 6755. Any other permissions on setuid executables + is probably a bug. In particular, removing root write privileges serves + no purpose, group-writable setuid or setgid executables are probably bad + ideas, and setgid executables that are not world-executable serve little + purpose. +See-Also: debian-policy 10.9 diff --git a/tags/n/non-standard-toplevel-dir.tag b/tags/n/non-standard-toplevel-dir.tag new file mode 100644 index 0000000..5db8e4c --- /dev/null +++ b/tags/n/non-standard-toplevel-dir.tag @@ -0,0 +1,6 @@ +Tag: non-standard-toplevel-dir +Severity: error +Check: files/hierarchy/standard +Explanation: The Filesystem Hierarchy Standard forbids the installation of new + files or directories in the root directory. +See-Also: filesystem-hierarchy therootfilesystem diff --git a/tags/n/non-virtual-facility-in-initd-script.tag b/tags/n/non-virtual-facility-in-initd-script.tag new file mode 100644 index 0000000..bf1a4b4 --- /dev/null +++ b/tags/n/non-virtual-facility-in-initd-script.tag @@ -0,0 +1,14 @@ +Tag: non-virtual-facility-in-initd-script +Severity: error +Check: init-d +Renamed-From: init.d-script-should-depend-on-virtual-facility +Explanation: The given <code>/etc/init.d</code> script depends on a non-virtual + facility that should probably be replaced by a virtual facility. For + example, init scripts should depend on the virtual facility + <code>$network</code> rather than the facility <code>networking</code>, and the + virtual facility <code>$named</code> rather than the specific facility + <code>bind9</code>. + . + Properly using virtual facilities allows multiple implementations of the + same facility and accommodates systems where that specific facility may + not be enough to provide everything the script expects. diff --git a/tags/n/non-wm-in-windowmanager-menu-section.tag b/tags/n/non-wm-in-windowmanager-menu-section.tag new file mode 100644 index 0000000..8c27d27 --- /dev/null +++ b/tags/n/non-wm-in-windowmanager-menu-section.tag @@ -0,0 +1,8 @@ +Tag: non-wm-in-windowmanager-menu-section +Severity: error +Check: menu-format +Explanation: The <code>menu</code> item is in the <code>Window Manager</code> + section but does not specify <code>needs=wm</code>. + . + If the application is a window manager, it should specify <code>needs=wm</code>. + Otherwise, it should be moved to another section. diff --git a/tags/n/non-wm-module-in-wm-modules-menu-section.tag b/tags/n/non-wm-module-in-wm-modules-menu-section.tag new file mode 100644 index 0000000..8ffa83b --- /dev/null +++ b/tags/n/non-wm-module-in-wm-modules-menu-section.tag @@ -0,0 +1,10 @@ +Tag: non-wm-module-in-wm-modules-menu-section +Severity: error +Check: menu-format +Explanation: The <code>menu</code> item is in the section for <code>FVWM Modules</code> + or <code>Window Maker</code> but a window manager as a prerequisite via the + <code>needs</code> key in the <code>menu</code> file. + . + Modules for Fvwm should list <code>needs="fvwmmodule"</code>. + . + Modules for WindowMaker should list <code>needs="wmmaker"</code>. diff --git a/tags/n/not-allowed-control-file.tag b/tags/n/not-allowed-control-file.tag new file mode 100644 index 0000000..89056ce --- /dev/null +++ b/tags/n/not-allowed-control-file.tag @@ -0,0 +1,7 @@ +Tag: not-allowed-control-file +Severity: error +Check: control-files +Explanation: The package contains a control file that is not allowed in this + type of package. Some control files are only allowed in either .deb + or .udeb packages and must not be included in packages of the other + type. You should probably just remove the file. diff --git a/tags/n/not-binnmuable-all-depends-any.tag b/tags/n/not-binnmuable-all-depends-any.tag new file mode 100644 index 0000000..32ee806 --- /dev/null +++ b/tags/n/not-binnmuable-all-depends-any.tag @@ -0,0 +1,14 @@ +Tag: not-binnmuable-all-depends-any +Severity: error +Check: debian/version-substvars +Explanation: The package is not safely binNMUable because an arch:all package + depends on an arch:any package with a strict (= ${source:Version}), or + similar, relationship. + . + It is not possible for arch:all packages to depend so strictly on + arch:any packages while having the package binNMUable, so please use + one of these, whichever is more appropriate: + . + Depends: arch_any (>= ${source:Version}) + Depends: arch_any (>= ${source:Version}), + arch_any (<< ${source:Version}.1~) diff --git a/tags/n/not-binnmuable-any-depends-all.tag b/tags/n/not-binnmuable-any-depends-all.tag new file mode 100644 index 0000000..41c53ce --- /dev/null +++ b/tags/n/not-binnmuable-any-depends-all.tag @@ -0,0 +1,9 @@ +Tag: not-binnmuable-any-depends-all +Severity: error +Check: debian/version-substvars +Explanation: The package is not safely binNMUable because an arch:any package + depends on an arch:all package with a (= ${binary:Version}) + relationship. Please use (= ${source:Version}) instead. + . + Note this is also triggered if the dependency uses (>= ${var}), + since that has the same issue. diff --git a/tags/n/not-binnmuable-any-depends-any.tag b/tags/n/not-binnmuable-any-depends-any.tag new file mode 100644 index 0000000..60b202b --- /dev/null +++ b/tags/n/not-binnmuable-any-depends-any.tag @@ -0,0 +1,6 @@ +Tag: not-binnmuable-any-depends-any +Severity: error +Check: debian/version-substvars +Explanation: The package is not safely binNMUable because an arch:any package + depends on another arch:any package with a (= ${source:Version}) + relationship. Please use (= ${binary:Version}) instead. diff --git a/tags/n/not-using-po-debconf.tag b/tags/n/not-using-po-debconf.tag new file mode 100644 index 0000000..d620dda --- /dev/null +++ b/tags/n/not-using-po-debconf.tag @@ -0,0 +1,8 @@ +Tag: not-using-po-debconf +Severity: error +Check: debian/po-debconf +Explanation: This package seems to be using debconf templates, but it does not + use po-debconf to make translations possible (<code>debian/po</code> doesn't + exist). Debian Policy requires that all packages using debconf use a + gettext-based translation system. +See-Also: debian-policy 3.9.1 diff --git a/tags/n/number-of-patches.tag b/tags/n/number-of-patches.tag new file mode 100644 index 0000000..2402b4b --- /dev/null +++ b/tags/n/number-of-patches.tag @@ -0,0 +1,5 @@ +Tag: number-of-patches +Severity: classification +Check: debian/patches/count +Explanation: The number of patches according to the + <code>debian/patches/series</code> file. diff --git a/tags/o/obsolete-command-in-modprobe.d-file.tag b/tags/o/obsolete-command-in-modprobe.d-file.tag new file mode 100644 index 0000000..6bba4c1 --- /dev/null +++ b/tags/o/obsolete-command-in-modprobe.d-file.tag @@ -0,0 +1,6 @@ +Tag: obsolete-command-in-modprobe.d-file +Severity: warning +Check: modprobe +Explanation: Use of 'install' and 'remove' commands in module files in + <code>/etc/modprobe.d</code> and <code>/etc/modules-load.d</code> is + deprecated and should be replaced with 'softdep' commands. diff --git a/tags/o/obsolete-comments-style-in-php-ini.tag b/tags/o/obsolete-comments-style-in-php-ini.tag new file mode 100644 index 0000000..015582e --- /dev/null +++ b/tags/o/obsolete-comments-style-in-php-ini.tag @@ -0,0 +1,9 @@ +Tag: obsolete-comments-style-in-php-ini +Severity: warning +Check: languages/php +Explanation: This package ships a <code>.ini</code> file used to configure php but + it has comments using the old-style comment separator <code>#</code>. + Instead, the <code>;</code> separator should be used. + . + Since version 5.3, the PHP interpreter warns about the use of the + old style of comment separator. diff --git a/tags/o/obsolete-crypt-alias.tag b/tags/o/obsolete-crypt-alias.tag new file mode 100644 index 0000000..26809ff --- /dev/null +++ b/tags/o/obsolete-crypt-alias.tag @@ -0,0 +1,15 @@ +Tag: obsolete-crypt-alias +Severity: error +Check: binaries/obsolete/crypt +Explanation: The listed ELF binary appears to use the C library function + <code>fcrypt</code>, which is a less-portable alias for <code>crypt</code>. + Programs that use this function cannot be linked against the + <code>libcrypt.so</code> provided by glibc 2.28 and higher. + . + The program should be changed to use <code>crypt</code> instead. + . + A false positive for this check is possible if the binary expects + the definition of <code>fcrypt</code> to come from some shared library + other than <code>libcrypt.so</code>, *and* that shared library + defines this function to do something other than hash passphrases. + If this is the case it is appropriate to override this tag. diff --git a/tags/o/obsolete-debian-watch-file-standard.tag b/tags/o/obsolete-debian-watch-file-standard.tag new file mode 100644 index 0000000..96aab6b --- /dev/null +++ b/tags/o/obsolete-debian-watch-file-standard.tag @@ -0,0 +1,6 @@ +Tag: obsolete-debian-watch-file-standard +Severity: warning +Check: debian/watch/standard +Explanation: The <code>version=</code> line in the <code>debian/watch</code> file in this + package declares an obsolete version. Please upgrade to more current version. +See-Also: uscan(1) diff --git a/tags/o/obsolete-des-encryption.tag b/tags/o/obsolete-des-encryption.tag new file mode 100644 index 0000000..8e8dc77 --- /dev/null +++ b/tags/o/obsolete-des-encryption.tag @@ -0,0 +1,28 @@ +Tag: obsolete-des-encryption +Severity: error +Check: binaries/obsolete/crypt +Explanation: The listed ELF binary appears to use a C library function that + performs DES encryption and/or decryption (<code>encrypt</code>, + <code>encrypt_r</code>, <code>setkey</code>, and/or <code>setkey_r</code>). + The DES block cipher can be broken by brute force on modern hardware, + which makes any use of these functions insecure. Also, programs that + use these functions cannot be linked against the <code>libcrypt.so</code> + provided by glibc 2.28 and higher. + . + The program will need to be revised to use modern cryptographic + primitives and protocols. Depending on how the program uses these + functions, it may be necessary to continue using DES under some + circumstances (e.g. for protocol compatibility, or to retain the + ability to decrypt old data on disk) but this should be done using + the DES functions in a modern cryptographic *library* + (e.g. <code>libgcrypt</code>). + . + This is almost certainly an upstream bug, and should be addressed + in coordination with the upstream maintainers of the software. + . + A false positive for this check is possible if the binary expects the + definition of <code>encrypt</code>, <code>encrypt_r</code>, <code>setkey</code>, + and/or <code>setkey_r</code> to come from some shared library other than + <code>libcrypt.so</code>, *and* that shared library defines these + functions to do something other than perform DES encryption. If this + is the case it is appropriate to override this tag. diff --git a/tags/o/obsolete-field-in-dep5-copyright.tag b/tags/o/obsolete-field-in-dep5-copyright.tag new file mode 100644 index 0000000..cad7fe3 --- /dev/null +++ b/tags/o/obsolete-field-in-dep5-copyright.tag @@ -0,0 +1,12 @@ +Tag: obsolete-field-in-dep5-copyright +Severity: warning +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: The machine-readable copyright file uses a field, that used to be defined + by the specification, but has been renamed since then. + . + Please use Format instead of Format-Specification. + . + Please use Upstream-Contact instead of Contact, Maintainer or Upstream-Maintainer. + . + Please use Upstream-Name instead of Name. diff --git a/tags/o/obsolete-relation-form-in-source.tag b/tags/o/obsolete-relation-form-in-source.tag new file mode 100644 index 0000000..79455c1 --- /dev/null +++ b/tags/o/obsolete-relation-form-in-source.tag @@ -0,0 +1,11 @@ +Tag: obsolete-relation-form-in-source +Severity: error +Check: debian/control/field/relation +Explanation: The short version restrictions <code><</code> and <code>></code> + actually mean <code><=</code> and <code>>=</code> (and not <code><<</code> + or <code>>></code>, as one might expect). + . + The short forms are obsolete and no longer allowed. Please use the longer forms + in the parentheses instead. +See-Also: + debian-policy 7.1 diff --git a/tags/o/obsolete-relation-form.tag b/tags/o/obsolete-relation-form.tag new file mode 100644 index 0000000..352a94e --- /dev/null +++ b/tags/o/obsolete-relation-form.tag @@ -0,0 +1,11 @@ +Tag: obsolete-relation-form +Severity: warning +Check: fields/package-relations +Explanation: The short version restrictions <code><</code> and <code>></code> + actually mean <code><=</code> and <code>>=</code> (and not <code><<</code> + or <code>>></code>, as one might expect). + . + The short forms are obsolete and should no longer be used. Please use the longer forms + in the parentheses instead. +See-Also: + debian-policy 7.1 diff --git a/tags/o/obsolete-runtime-tests-restriction.tag b/tags/o/obsolete-runtime-tests-restriction.tag new file mode 100644 index 0000000..038ee65 --- /dev/null +++ b/tags/o/obsolete-runtime-tests-restriction.tag @@ -0,0 +1,8 @@ +Tag: obsolete-runtime-tests-restriction +Severity: warning +Check: testsuite +Explanation: A paragraph in debian/tests/control mentions an obsolete + value for the Restrictions field. Though still allowed, this will + become unsupported in the future and the whole paragraph will be + ignored. +See-Also: https://salsa.debian.org/ci-team/autopkgtest/tree/master/doc/README.package-tests.rst diff --git a/tags/o/obsolete-url-in-packaging.tag b/tags/o/obsolete-url-in-packaging.tag new file mode 100644 index 0000000..d0f94e3 --- /dev/null +++ b/tags/o/obsolete-url-in-packaging.tag @@ -0,0 +1,14 @@ +Tag: obsolete-url-in-packaging +Severity: warning +Check: obsolete-sites +Explanation: One of the package's packaging files points to a website or code + hoster known to have frozen contents, to be closed soon or to have + already closed. + . + Please look for the new upstream home of the package and update the + packaging accordingly. + . + Sites previously hosted on code.google.com and codeplex.com were offered a + migration to github.com, sites previously on gitorious.org were offered a + migration to gitlab.com, sites previously hosted on fedorahosted.org were + offered a migration to pagure.io. You might want to look there first. diff --git a/tags/o/obsolete-vim-addon-manager.tag b/tags/o/obsolete-vim-addon-manager.tag new file mode 100644 index 0000000..a0be75e --- /dev/null +++ b/tags/o/obsolete-vim-addon-manager.tag @@ -0,0 +1,12 @@ +Tag: obsolete-vim-addon-manager +Severity: info +Check: vim/addons +Explanation: The package depends on <code>vim-addon-manager</code>. It + is not needed anymore, if you use <code>debhelper</code>. + . + Please use <code>dh-vim-addon</code> instead. It will install + <code>vim</code> files in the appropriate locations for you via + the <code>:packadd</code> function available in <code>vim</code> + version 8. +See-Also: + dh_vim-addon(1) diff --git a/tags/o/ocaml-custom-executable.tag b/tags/o/ocaml-custom-executable.tag new file mode 100644 index 0000000..c0846c6 --- /dev/null +++ b/tags/o/ocaml-custom-executable.tag @@ -0,0 +1,9 @@ +Tag: ocaml-custom-executable +Severity: warning +Check: languages/ocaml/custom-executable +Explanation: This OCaml package ships a byte code executable that was linked + with a custom runtime. + . + Such executables cannot be stripped and require special care. Their usage is + deprecated in favour of shared libraries for C stubs with names like + <code>dll*.so</code>. diff --git a/tags/o/ocaml-dangling-cmi.tag b/tags/o/ocaml-dangling-cmi.tag new file mode 100644 index 0000000..f1e5df4 --- /dev/null +++ b/tags/o/ocaml-dangling-cmi.tag @@ -0,0 +1,9 @@ +Tag: ocaml-dangling-cmi +Severity: info +Check: languages/ocaml/byte-code/interface +Explanation: This OCaml package ships a byte code interface file <code>*.cmi</code> + without the text version in a <code>*.mli</code> file. + . + The text version should be shipped for documentation. If the module does not have + a <code>*.mli</code> file, the source code in a <code>*.ml</code> file + should be shipped instead. diff --git a/tags/o/ocaml-dangling-cmx.tag b/tags/o/ocaml-dangling-cmx.tag new file mode 100644 index 0000000..b6dca9a --- /dev/null +++ b/tags/o/ocaml-dangling-cmx.tag @@ -0,0 +1,8 @@ +Tag: ocaml-dangling-cmx +Severity: error +Check: languages/ocaml/byte-code/compiled +Explanation: This OCaml package ships a <code>*.cmx</code> byte code module + without the associated implementation. + . + The implementation is shipped in a <code>*.o</code> object file, which can be + a member in a <code>*.a</code> static library in the same directory. diff --git a/tags/o/ocaml-dangling-cmxa.tag b/tags/o/ocaml-dangling-cmxa.tag new file mode 100644 index 0000000..d4f8329 --- /dev/null +++ b/tags/o/ocaml-dangling-cmxa.tag @@ -0,0 +1,6 @@ +Tag: ocaml-dangling-cmxa +Severity: error +Check: languages/ocaml/byte-code/library +Explanation: This OCaml package ships a compiled <code>*.cmxa</code> byte code + library without the associated implementation in a <code>*.a</code> static + library. diff --git a/tags/o/ocaml-dangling-cmxs.tag b/tags/o/ocaml-dangling-cmxs.tag new file mode 100644 index 0000000..9f48c09 --- /dev/null +++ b/tags/o/ocaml-dangling-cmxs.tag @@ -0,0 +1,9 @@ +Tag: ocaml-dangling-cmxs +Severity: warning +Check: languages/ocaml/byte-code/plugin +Explanation: This OCaml package provides a native plugin with a name like + <code>*.cmxs</code> but does not ship the associated byte code. + . + If the plugin is meant to be used inside other plugins, the package should also + ship the byte code in a similarly-named file, such as <code>*cma</code> or + <code>*.cmo</code>. diff --git a/tags/o/ocaml-dev-file-in-nondev-package.tag b/tags/o/ocaml-dev-file-in-nondev-package.tag new file mode 100644 index 0000000..903ca4e --- /dev/null +++ b/tags/o/ocaml-dev-file-in-nondev-package.tag @@ -0,0 +1,8 @@ +Tag: ocaml-dev-file-in-nondev-package +Severity: pedantic +Check: languages/ocaml/byte-code/misplaced/package +Explanation: This OCaml package ships development files such as <code>*.cmi</code>, + <code>*.cmx</code> or <code>*.cmxa</code> but does not appear to be a + development package. + . + The files should be moved to a development package. diff --git a/tags/o/ocaml-dev-file-not-in-usr-lib-ocaml.tag b/tags/o/ocaml-dev-file-not-in-usr-lib-ocaml.tag new file mode 100644 index 0000000..216f416 --- /dev/null +++ b/tags/o/ocaml-dev-file-not-in-usr-lib-ocaml.tag @@ -0,0 +1,9 @@ +Tag: ocaml-dev-file-not-in-usr-lib-ocaml +Severity: pedantic +Check: languages/ocaml/byte-code/misplaced/path +Explanation: This OCaml package ships development files like <code>*.cmi</code>, + <code>*.cmx</code> or <code>*.cmxa</code> outside of the standard folder + <code>/usr/lib/ocaml</code>. + . + Those files are used only for compilation and should be placed in a subfolder of + the standard OCaml library path. diff --git a/tags/o/ocaml-meta-without-suggesting-findlib.tag b/tags/o/ocaml-meta-without-suggesting-findlib.tag new file mode 100644 index 0000000..e32adc0 --- /dev/null +++ b/tags/o/ocaml-meta-without-suggesting-findlib.tag @@ -0,0 +1,9 @@ +Tag: ocaml-meta-without-suggesting-findlib +Severity: pedantic +Check: languages/ocaml/meta +Explanation: This OCaml package installs a <code>META</code> file but does not + declare <code> ocaml-findlib</code> as a prerequisite. + . + Ocaml libraries with a <code>META</code> file are easier to use with + <code>findlib</code>. The package should, at a minimum, suggest + <code>ocaml-findlib</code>. diff --git a/tags/o/ocaml-stray-cmo.tag b/tags/o/ocaml-stray-cmo.tag new file mode 100644 index 0000000..31f6c93 --- /dev/null +++ b/tags/o/ocaml-stray-cmo.tag @@ -0,0 +1,10 @@ +Tag: ocaml-stray-cmo +Severity: info +Check: languages/ocaml/byte-code/library +Explanation: This OCaml package installs a <code>*.cma</code> byte code + library together with a separate <code>*.cmo</code> byte code file, with + both having the same base name. + . + The module provided by the <code>*.cmo</code> file is usually an archive + member in the <code>*.cma</code> library, so there is no need for the + <code>*.cmo</code> file. diff --git a/tags/o/odd-historical-debian-changelog-version.tag b/tags/o/odd-historical-debian-changelog-version.tag new file mode 100644 index 0000000..0ef39a8 --- /dev/null +++ b/tags/o/odd-historical-debian-changelog-version.tag @@ -0,0 +1,16 @@ +Tag: odd-historical-debian-changelog-version +Severity: warning +Check: debian/changelog +Explanation: The version string in a historical changelog entry was not parsed + correctly. Usually, that means it does not conform to policy. + . + It can also happen when a package changes from native to non-native + (or the other way around). Historical entries are then in a nonconforming + format. + . + As a side note, Lintian cannot tell whether a package changed from + naive to non-native, or the other way around. It can only say whether + the historical changelog entries comply with the current nativeness of a + package. +See-Also: + debian-policy 5.6.12 diff --git a/tags/o/odd-mark-in-description.tag b/tags/o/odd-mark-in-description.tag new file mode 100644 index 0000000..d00ce1c --- /dev/null +++ b/tags/o/odd-mark-in-description.tag @@ -0,0 +1,8 @@ +Tag: odd-mark-in-description +Severity: pedantic +Check: fields/description +Explanation: A punction mark was placed oddly in the description. + . + This tag is currently only issued for a comma that is not followed by a + whitespace character or a number (eg. for "300,000"). +See-Also: Bug#591665, Bug#591664 diff --git a/tags/o/odd-permissions-on-shared-library.tag b/tags/o/odd-permissions-on-shared-library.tag new file mode 100644 index 0000000..ceac223 --- /dev/null +++ b/tags/o/odd-permissions-on-shared-library.tag @@ -0,0 +1,8 @@ +Tag: odd-permissions-on-shared-library +Severity: warning +Check: libraries/shared/file-permissions +Renamed-From: + shlib-with-bad-permissions +Explanation: Shared libraries should be mode 0644. +See-Also: + debian-policy 8.1 diff --git a/tags/o/odd-place-for-manual-page.tag b/tags/o/odd-place-for-manual-page.tag new file mode 100644 index 0000000..d3369d3 --- /dev/null +++ b/tags/o/odd-place-for-manual-page.tag @@ -0,0 +1,11 @@ +Tag: odd-place-for-manual-page +Severity: error +Check: documentation/manual +Renamed-From: manpage-in-wrong-directory +Explanation: The manual page should be installed in the correct directory below + <code>/usr/share/man/</code> or <code>/usr/share/man/*locale*</code>. + Only sections 1 through 9 should be used. + . + The section number in the filename should correspond with the section + number in the directory name. +See-Also: debian-policy 12.1 diff --git a/tags/o/odd-static-library-name.tag b/tags/o/odd-static-library-name.tag new file mode 100644 index 0000000..04b8f53 --- /dev/null +++ b/tags/o/odd-static-library-name.tag @@ -0,0 +1,12 @@ +Tag: odd-static-library-name +Severity: warning +Check: libraries/static/name +Explanation: The package installs a static library under a strange name. + . + Some naming schemes make it harder to switch from static + to dynamic building. On such example is to install archives with + a name suffix such as <code>libyajl_s.a</code>. + . + Please reconsider the choice of the file name. +See-Also: + Bug#698398 diff --git a/tags/o/old-devhelp-standard.tag b/tags/o/old-devhelp-standard.tag new file mode 100644 index 0000000..6ff966d --- /dev/null +++ b/tags/o/old-devhelp-standard.tag @@ -0,0 +1,9 @@ +Tag: old-devhelp-standard +Severity: warning +Check: documentation/devhelp/standard +Explanation: The named file uses the Devhelp index file format version 1, but it + is deprecated. Future versions of Devhelp may remove the support for that format. + . + Please port the index file to the Devhelp index file format version 2. + . + The detection of the condition was based solely on the file name. diff --git a/tags/o/old-fsf-address-in-copyright-file.tag b/tags/o/old-fsf-address-in-copyright-file.tag new file mode 100644 index 0000000..6ee0d9f --- /dev/null +++ b/tags/o/old-fsf-address-in-copyright-file.tag @@ -0,0 +1,8 @@ +Tag: old-fsf-address-in-copyright-file +Severity: warning +Check: debian/copyright +Explanation: The /usr/share/doc/*pkg*/copyright file refers to the old postal + address of the Free Software Foundation (FSF). The new address is: + . + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301, USA. diff --git a/tags/o/old-python-version-field.tag b/tags/o/old-python-version-field.tag new file mode 100644 index 0000000..117bd47 --- /dev/null +++ b/tags/o/old-python-version-field.tag @@ -0,0 +1,15 @@ +Tag: old-python-version-field +Severity: pedantic +Check: languages/python +See-Also: python-policy 3.4 +Explanation: The specified Python-Version or Python3-Version field is used to + specify the version(s) of Python the package supports. However, the + associated Python version is satisfied by the current "stable" + distribution of Debian and may be unnecessary. + . + Please remove or update the reference. This warning should be ignored + if you wish to support "sloppy" backports. If removing, please also check + for the use of <code>py3versions -r</code> in <code>debian/rules</code>, and + <code>debian/tests/</code>. Without an operative <code>Python3-Version</code> + field <code>py3versions</code> will fall back to all supported versions + which may not be appropriate. diff --git a/tags/o/old-source-override-location.tag b/tags/o/old-source-override-location.tag new file mode 100644 index 0000000..40a86a4 --- /dev/null +++ b/tags/o/old-source-override-location.tag @@ -0,0 +1,12 @@ +Tag: old-source-override-location +Severity: pedantic +Check: debian/lintian-overrides +Renamed-From: package-uses-deprecated-source-override-location +Explanation: This Debian package ships Lintian source-level overrides in the + <code>debian/source.lintian-overrides</code> file. + . + Please use <code>debian/source/lintian-overrides</code> instead; the + <code>debian/source</code> directory is preferred to hold "source"-specific + files. +See-Also: + lintian-manual 2.4 diff --git a/tags/o/old-style-config-script-multiarch-path-arch-all.tag b/tags/o/old-style-config-script-multiarch-path-arch-all.tag new file mode 100644 index 0000000..c4774af --- /dev/null +++ b/tags/o/old-style-config-script-multiarch-path-arch-all.tag @@ -0,0 +1,11 @@ +Tag: old-style-config-script-multiarch-path-arch-all +Severity: error +Check: files/config-scripts +Explanation: The following file is an old style config file, + used to retrieve information about installed libraries in the system. + It is typically used to compile and link against one or more libraries. + . + This old style config file contains a multi-arch path and the package + is arch: all. + . + You should change the package to arch: any. diff --git a/tags/o/old-style-config-script-multiarch-path.tag b/tags/o/old-style-config-script-multiarch-path.tag new file mode 100644 index 0000000..9ab8644 --- /dev/null +++ b/tags/o/old-style-config-script-multiarch-path.tag @@ -0,0 +1,9 @@ +Tag: old-style-config-script-multiarch-path +Severity: error +Check: files/config-scripts +Explanation: The following file is an old style config file, used + to retrieve information about installed libraries in the system. + It is typically used to compile and link against one or more libraries. + . + This old style config file contains a multi-arch path and the package + is declared Multi-arch. diff --git a/tags/o/old-style-config-script.tag b/tags/o/old-style-config-script.tag new file mode 100644 index 0000000..efcf1fe --- /dev/null +++ b/tags/o/old-style-config-script.tag @@ -0,0 +1,26 @@ +Tag: old-style-config-script +Severity: pedantic +Check: files/config-scripts +Explanation: The following file is an old style config file, + used to retrieve information about installed libraries in the system. + It is typically used to compile and link against one or more libraries. + . + Using this kind of system to pass compile file is obsolete and + will likely introduce bugs in a multi-arch system. Particularly, + this kind of script could only belong to a package that is not + Multi-Arch. + . + You should consider to move to pkg-config file and + warn your user to not use this script, and open a bug upstream. + . + You should also consider to implement this file as a compatibility + wrapper over pkg-config. + . + After fixing every reverse depends of your package and use + pkg-config reverse depends makefile, you should + consider to put this script, as a temporary convenience of your users, + under /usr/lib/$DEB_HOST_MULTIARCH/$PACKAGE/bin where + $DEB_HOST_MULTIARCH is the multi-arch triplet and $PACKAGE is the + package name. You should also consider to add a NEWS.Debian entry. +See-Also: pkg-config(1), + http://sources.debian.net/src/imagemagick/8:6.8.9.9-6/debian/NEWS/ diff --git a/tags/o/older-debian-watch-file-standard.tag b/tags/o/older-debian-watch-file-standard.tag new file mode 100644 index 0000000..7af7d44 --- /dev/null +++ b/tags/o/older-debian-watch-file-standard.tag @@ -0,0 +1,6 @@ +Tag: older-debian-watch-file-standard +Severity: info +Check: debian/watch/standard +Explanation: The <code>version=</code> line in the <code>debian/watch</code> file in this + package declares an older version. Please upgrade when you have a chance. +See-Also: uscan(1) diff --git a/tags/o/older-source-format.tag b/tags/o/older-source-format.tag new file mode 100644 index 0000000..cc0a288 --- /dev/null +++ b/tags/o/older-source-format.tag @@ -0,0 +1,15 @@ +Tag: older-source-format +Severity: info +Check: debian/source-dir +Explanation: + This package uses an older source format. Please consider migrating + to a more modern format. + . + The 3.x series of source formats have a number of advantages including + superior compression formats, native patch handling, binary file + support, multiple upstream tarballs, etc. + . + More information is available here: + . + https://wiki.debian.org/Projects/DebSrc3.0 +See-Also: Bug#884498, dpkg-source(1) diff --git a/tags/o/omitted-systemd-service-for-init.d-script.tag b/tags/o/omitted-systemd-service-for-init.d-script.tag new file mode 100644 index 0000000..805cfe1 --- /dev/null +++ b/tags/o/omitted-systemd-service-for-init.d-script.tag @@ -0,0 +1,16 @@ +Tag: omitted-systemd-service-for-init.d-script +Severity: error +Check: systemd +Explanation: The specified init.d script has no systemd equivalent and the + package ships other units. + . + This typically occurs when a maintainer missed script when adding + systemd integration, or a new init script was added in a new upstream + version. + . + Systemd has a SysV init.d script compatibility mode. It provides access to + each SysV init.d script as long as there is no native service file with the + same name (e.g. <code>/lib/systemd/system/rsyslog.service</code> corresponds to + <code>/etc/init.d/rsyslog</code>). +Renamed-From: + systemd-no-service-for-init-script diff --git a/tags/o/openpgp-file-has-implementation-specific-extension.tag b/tags/o/openpgp-file-has-implementation-specific-extension.tag new file mode 100644 index 0000000..854e702 --- /dev/null +++ b/tags/o/openpgp-file-has-implementation-specific-extension.tag @@ -0,0 +1,20 @@ +Tag: openpgp-file-has-implementation-specific-extension +Severity: pedantic +Check: files/openpgp +Explanation: The package includes an OpenPGP file with an implementation + specific extension such as <code>.gpg</code>, instead of the more correct + and neutral <code>.pgp</code>. + . + The specification for this format is called OpenPGP, and the extension name + that is short and considered implementation neutral is <code>.pgp</code>. + While currently the GnuPG project is widely used and one of the most known + OpenPGP implementations, using an extension after its name is detrimental + to other alternative implementations, when a better more neutral name can + be used instead. + . + Note that many of these files are referenced externally, and as such should + be considered an interface. Make sure to create backward compatibility + symlinks for a smooth transition. +See-Also: + https://www.openpgp.org/, + https://www.rfc-editor.org/rfc/rfc4880 diff --git a/tags/o/opentype-font-prohibits-installable-embedding.tag b/tags/o/opentype-font-prohibits-installable-embedding.tag new file mode 100644 index 0000000..e2c233a --- /dev/null +++ b/tags/o/opentype-font-prohibits-installable-embedding.tag @@ -0,0 +1,7 @@ +Tag: opentype-font-prohibits-installable-embedding +Severity: warning +Check: fonts/opentype +Explanation: This package installs an OpenType font with restrictive license + terms. The font does not permit installable embedding, as defined by + the OpenType standard. +See-Also: https://docs.microsoft.com/en-us/typography/opentype/spec/os2#fstype diff --git a/tags/o/opentype-font-wrong-filename.tag b/tags/o/opentype-font-wrong-filename.tag new file mode 100644 index 0000000..b515506 --- /dev/null +++ b/tags/o/opentype-font-wrong-filename.tag @@ -0,0 +1,5 @@ +Tag: opentype-font-wrong-filename +Severity: warning +Check: fonts/opentype +Explanation: This package installs an OpenType font with an extension other than + <code>.otf</code>. The check is case-insensitive. diff --git a/tags/o/ored-build-depends-on-obsolete-package.tag b/tags/o/ored-build-depends-on-obsolete-package.tag new file mode 100644 index 0000000..be958cd --- /dev/null +++ b/tags/o/ored-build-depends-on-obsolete-package.tag @@ -0,0 +1,5 @@ +Tag: ored-build-depends-on-obsolete-package +Severity: info +Check: fields/package-relations +Explanation: The package build-depends on an ORed group of packages which includes + a package that has been superseded. diff --git a/tags/o/ored-depends-on-obsolete-package.tag b/tags/o/ored-depends-on-obsolete-package.tag new file mode 100644 index 0000000..bf6157a --- /dev/null +++ b/tags/o/ored-depends-on-obsolete-package.tag @@ -0,0 +1,5 @@ +Tag: ored-depends-on-obsolete-package +Severity: info +Check: fields/package-relations +Explanation: The package depends on an ORed group of packages which includes + a package that has been superseded. diff --git a/tags/o/orig-tarball-missing-upstream-signature.tag b/tags/o/orig-tarball-missing-upstream-signature.tag new file mode 100644 index 0000000..0632f88 --- /dev/null +++ b/tags/o/orig-tarball-missing-upstream-signature.tag @@ -0,0 +1,23 @@ +Tag: orig-tarball-missing-upstream-signature +Severity: warning +Check: upstream-signature +Explanation: The packaging includes an upstream signing key but the corresponding + <code>.asc</code> signature for one or more source tarballs are not included + in your .changes file. + . + Please ensure a + <code><package>_<version>.orig.tar.<ext>.asc</code> file + exists in the same directory as your + <code><package>_<version>.orig.tar.<ext></code> tarball prior + to <code>dpkg-source --build</code> being called. + . + If you are repackaging your source tarballs for Debian Free Software + Guidelines compliance reasons, ensure that your package version includes + <code>dfsg</code> or similar. + . + Sometimes, an upstream signature must be added for an <code>orig.tar.gz</code> + that is already present in the archive. Please include the upstream sources + again with <code>dpkg-genchanges -sa</code> while the signature is also present. + Your upload will be accepted as long as the new <code>orig.tar.gz</code> file + is identical to the old one. +See-Also: Bug#954743, Bug#872864 diff --git a/tags/o/orphaned-diversion.tag b/tags/o/orphaned-diversion.tag new file mode 100644 index 0000000..47737cf --- /dev/null +++ b/tags/o/orphaned-diversion.tag @@ -0,0 +1,6 @@ +Tag: orphaned-diversion +Severity: error +Check: maintainer-scripts/diversion +Explanation: A diversion is being added for the named file, but then not removed. + It means the system will be left in a different state when the package is + installed and then removed. diff --git a/tags/o/orphaned-package-maintained-in-private-space.tag b/tags/o/orphaned-package-maintained-in-private-space.tag new file mode 100644 index 0000000..b47c279 --- /dev/null +++ b/tags/o/orphaned-package-maintained-in-private-space.tag @@ -0,0 +1,13 @@ +Tag: orphaned-package-maintained-in-private-space +Severity: warning +Check: fields/vcs +Explanation: + This package is orphaned and the specified VCS field points to a private + space in the *.debian.org infrastructure. The sources are probably not + accessible to the Quality Assurance (QA) Team, which prepares uploads + in the interim. + . + Please move the source repository to a location in + <code>https://salsa.debian.org/debian/</code> or <code>https://git.dgit.debian.org/</code> + or update the specified VCS field if the information is incorrect. +See-Also: Bug#947671 diff --git a/tags/o/orphaned-package-not-maintained-in-debian-infrastructure.tag b/tags/o/orphaned-package-not-maintained-in-debian-infrastructure.tag new file mode 100644 index 0000000..6a32f2f --- /dev/null +++ b/tags/o/orphaned-package-not-maintained-in-debian-infrastructure.tag @@ -0,0 +1,12 @@ +Tag: orphaned-package-not-maintained-in-debian-infrastructure +Severity: warning +Check: fields/vcs +Explanation: + This package is orphaned but the specified VCS field does not point to + an area within the *.debian.org infrastructure + . + This prevents other developers and external contributors to collaborate + on its maintenance. + . + Please move the packaging to under the *.debian.org umbrella or update + the specified VCS field if it is otherwise wrong. diff --git a/tags/o/out-of-date-copyright-format-uri.tag b/tags/o/out-of-date-copyright-format-uri.tag new file mode 100644 index 0000000..ab1edc9 --- /dev/null +++ b/tags/o/out-of-date-copyright-format-uri.tag @@ -0,0 +1,8 @@ +Tag: out-of-date-copyright-format-uri +Severity: pedantic +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: A newer version of the machine-readable copyright file specification, + than the one referenced by the copyright file, is available. + . + This problem may have prevented Lintian from performing other checks. diff --git a/tags/o/out-of-date-standards-version.tag b/tags/o/out-of-date-standards-version.tag new file mode 100644 index 0000000..dbf3f6b --- /dev/null +++ b/tags/o/out-of-date-standards-version.tag @@ -0,0 +1,18 @@ +Tag: out-of-date-standards-version +Severity: info +Check: fields/standards-version +See-Also: https://www.debian.org/doc/debian-policy/upgrading-checklist.html +Explanation: The source package refers to a Standards-Version older than the one + that was current at the time the package was created (according to the + timestamp of the latest <code>debian/changelog</code> entry). Please + consider updating the package to current Policy and setting this control + field appropriately. + . + If the package is already compliant with the current standards, you don't + have to re-upload the package just to adjust the Standards-Version + control field. However, please remember to update this field next time + you upload the package. + . + See <code>/usr/share/doc/debian-policy/upgrading-checklist.txt.gz</code> in + the debian-policy package for a summary of changes in newer versions of + Policy. diff --git a/tags/o/outdated-relation-in-shlibs.tag b/tags/o/outdated-relation-in-shlibs.tag new file mode 100644 index 0000000..279c920 --- /dev/null +++ b/tags/o/outdated-relation-in-shlibs.tag @@ -0,0 +1,10 @@ +Tag: outdated-relation-in-shlibs +Severity: warning +Check: debian/shlibs +Renamed-From: + shlibs-uses-obsolete-relation +Explanation: The forms "<" and ">" mean "<=" and ">=", not "<<" + and ">>" as one might expect. For that reason these forms are + obsolete, and should not be used in new packages. Use the longer forms + instead. +See-Also: debian-policy 7.1 diff --git a/tags/o/output-of-updaterc.d-not-redirected-to-dev-null.tag b/tags/o/output-of-updaterc.d-not-redirected-to-dev-null.tag new file mode 100644 index 0000000..b72dfab --- /dev/null +++ b/tags/o/output-of-updaterc.d-not-redirected-to-dev-null.tag @@ -0,0 +1,6 @@ +Tag: output-of-updaterc.d-not-redirected-to-dev-null +Severity: info +Check: init-d +Explanation: The output messages of the <code>update-rc.d</code> command should be + redirected to <code>/dev/null</code> because it is currently very chatty + per default. diff --git a/tags/o/override-file-in-wrong-location.tag b/tags/o/override-file-in-wrong-location.tag new file mode 100644 index 0000000..1332189 --- /dev/null +++ b/tags/o/override-file-in-wrong-location.tag @@ -0,0 +1,9 @@ +Tag: override-file-in-wrong-location +Severity: error +Check: debian/lintian-overrides +Explanation: Lintian overrides should be put in a regular file named + <code>/usr/share/lintian/overrides/<em>package</em></code>. They should + not be in a subdirectory named like the package or in any location under + <code>/usr/share/doc</code>, which is obsolete. +See-Also: + lintian-manual 2.4 diff --git a/tags/o/override-file-in-wrong-package.tag b/tags/o/override-file-in-wrong-package.tag new file mode 100644 index 0000000..6d51fe9 --- /dev/null +++ b/tags/o/override-file-in-wrong-package.tag @@ -0,0 +1,8 @@ +Tag: override-file-in-wrong-package +Severity: error +Check: debian/lintian-overrides +Explanation: This package includes Lintian overrides intended for another package. + Lintian overrides should be put in a regular file named + <code>/usr/share/lintian/overrides/<em>package</em></code> +See-Also: + lintian-manual 2.4 diff --git a/tags/o/override_dh_auto_test-does-not-check-DEB_BUILD_OPTIONS.tag b/tags/o/override_dh_auto_test-does-not-check-DEB_BUILD_OPTIONS.tag new file mode 100644 index 0000000..80143a0 --- /dev/null +++ b/tags/o/override_dh_auto_test-does-not-check-DEB_BUILD_OPTIONS.tag @@ -0,0 +1,29 @@ +Tag: override_dh_auto_test-does-not-check-DEB_BUILD_OPTIONS +Severity: info +Check: debian/rules +Explanation: The <code>debian/rules</code> file for this package has an + <code>override_dh_auto_test</code> target that does not appear to + check <code>DEB_BUILD_OPTIONS</code> against <code>nocheck</code>. + . + As this check is not automatically performed by debhelper(1), the + specified testsuite is run regardless of another maintainer using + the <code>nocheck</code> build option. + . + Please add a check such as: + . + override_dh_auto_test: + ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS))) + ./run-upstream-testsuite + endif + . + Lintian will ignore comments and other lines such as: + . + # Disabled + : Disabled + echo "Disabled" + mkdir foo/ + ENV=var dh_auto_test -- ARG=value + . + This check is not required in Debhelper compat level 13 or greater + (see Bug#568897). +See-Also: debian-policy 4.9.1, https://wiki.debian.org/BuildProfileSpec#Registered_profile_names diff --git a/tags/o/override_dh_clean-does-not-call-dh_clean.tag b/tags/o/override_dh_clean-does-not-call-dh_clean.tag new file mode 100644 index 0000000..ccc162b --- /dev/null +++ b/tags/o/override_dh_clean-does-not-call-dh_clean.tag @@ -0,0 +1,11 @@ +Tag: override_dh_clean-does-not-call-dh_clean +Severity: warning +Check: debian/rules +Explanation: The <code>debian/rules</code> file for this package has an + <code>override_dh_clean</code> target that does not reference <code>dh_clean</code>. + . + This can result in packages not cleaning up properly via <code>debian/rules + clean</code>. + . + Please add a call to <code>dh_clean</code>. +See-Also: Bug#884419, Bug#884815 diff --git a/tags/o/override_dh_fixperms-does-not-call-dh_fixperms.tag b/tags/o/override_dh_fixperms-does-not-call-dh_fixperms.tag new file mode 100644 index 0000000..5263562 --- /dev/null +++ b/tags/o/override_dh_fixperms-does-not-call-dh_fixperms.tag @@ -0,0 +1,12 @@ +Tag: override_dh_fixperms-does-not-call-dh_fixperms +Severity: warning +Check: debian/rules +Explanation: The <code>debian/rules</code> file for this package has an + <code>override_dh_fixperms</code> target that does not reference + <code>dh_fixperms</code>. + . + This can result in packages inheriting the <code>umask(2)</code> of the build + process, rendering the package unreproducible. + . + Please add a call to <code>dh_fixperms</code>. +See-Also: Bug#885909 diff --git a/tags/p/package-builds-dbg-and-dbgsym-variants.tag b/tags/p/package-builds-dbg-and-dbgsym-variants.tag new file mode 100644 index 0000000..45f7aac --- /dev/null +++ b/tags/p/package-builds-dbg-and-dbgsym-variants.tag @@ -0,0 +1,10 @@ +Tag: package-builds-dbg-and-dbgsym-variants +Severity: warning +Check: changes-file +See-Also: dh_strip(1), https://wiki.debian.org/AutomaticDebugPackages +Explanation: This package appears to build both -dbg and -dbgsym variants of a + package. Only one package should contain the debug symbols + . + Usually the -dbg should be dropped in favour of the -dbgsym. However, + in some cases (e.g. Python modules) the -dbg contains more than just + the debug symbols. In these cases the -dbgsym should not be built. diff --git a/tags/p/package-contains-ancient-file.tag b/tags/p/package-contains-ancient-file.tag new file mode 100644 index 0000000..aac9a01 --- /dev/null +++ b/tags/p/package-contains-ancient-file.tag @@ -0,0 +1,7 @@ +Tag: package-contains-ancient-file +Severity: error +Check: files/date +Explanation: Your package contains a file that claims to have been generated + more than 20 years ago. This is most probably an error. Your package + will be rejected by the Debian archive scripts if it contains a file + with such a timestamp. diff --git a/tags/p/package-contains-broken-symlink-wildcard.tag b/tags/p/package-contains-broken-symlink-wildcard.tag new file mode 100644 index 0000000..7ebb7f6 --- /dev/null +++ b/tags/p/package-contains-broken-symlink-wildcard.tag @@ -0,0 +1,7 @@ +Tag: package-contains-broken-symlink-wildcard +Severity: warning +Check: files/symbolic-links/broken +Explanation: The package contains a symlink with a target that + appears to be a "failed" wildcard expansion. Furthermore + the target does not exists in the package or any of its + direct dependencies (built from the same source package). diff --git a/tags/p/package-contains-bts-control-dir.tag b/tags/p/package-contains-bts-control-dir.tag new file mode 100644 index 0000000..0d854e7 --- /dev/null +++ b/tags/p/package-contains-bts-control-dir.tag @@ -0,0 +1,6 @@ +Tag: package-contains-bts-control-dir +Severity: warning +Check: files/bugs +Explanation: The package contains a control directory for a bug tracking system. + It was most likely installed by accident, since bug tracking directories + usually don't belong in packages. diff --git a/tags/p/package-contains-cmake-private-file.tag b/tags/p/package-contains-cmake-private-file.tag new file mode 100644 index 0000000..af6a00c --- /dev/null +++ b/tags/p/package-contains-cmake-private-file.tag @@ -0,0 +1,13 @@ +Tag: package-contains-cmake-private-file +Severity: error +Check: build-systems/cmake +Explanation: The package ships a file in a location reserved for <code>CMake</code>. + It usually means you shipped a <code>Find</code> module. + . + Libraries should not ship Find modules Config files. Config files should + be installed in the unversioned path + <code>usr/(lib/<arch>|lib|share)/cmake/<name>*/</code> + . + When CMake Config files are installed in an unversioned path, your + package will continue to work when a new version of CMake is uploaded. +See-Also: https://wiki.debian.org/CMake, https://cmake.org/cmake/help/v3.10/manual/cmake-packages.7.html#config-file-packages diff --git a/tags/p/package-contains-compiled-font-file.tag b/tags/p/package-contains-compiled-font-file.tag new file mode 100644 index 0000000..15b04ef --- /dev/null +++ b/tags/p/package-contains-compiled-font-file.tag @@ -0,0 +1,6 @@ +Tag: package-contains-compiled-font-file +Severity: error +Check: desktop/x11 +Explanation: This package appears to contain a compiled font file. These files + should be generated automatically by triggers and it must not be shipped + in any package. diff --git a/tags/p/package-contains-compiled-glib-schema.tag b/tags/p/package-contains-compiled-glib-schema.tag new file mode 100644 index 0000000..1c70c5b --- /dev/null +++ b/tags/p/package-contains-compiled-glib-schema.tag @@ -0,0 +1,7 @@ +Tag: package-contains-compiled-glib-schema +Severity: error +Check: files/names +Explanation: This package contains a file named <code>gschemas.compiled</code>. This + file is generated automatically by triggers and it must not be shipped in + any package. +See-Also: Bug#883801 diff --git a/tags/p/package-contains-documentation-outside-usr-share-doc.tag b/tags/p/package-contains-documentation-outside-usr-share-doc.tag new file mode 100644 index 0000000..09fabca --- /dev/null +++ b/tags/p/package-contains-documentation-outside-usr-share-doc.tag @@ -0,0 +1,25 @@ +Tag: package-contains-documentation-outside-usr-share-doc +Severity: info +Check: documentation +Explanation: This package ships a documentation file outside /usr/share/doc + Documentation files are normally installed inside <code>/usr/share/doc</code>. + . + If this file doesn't describe the contents or purpose of the directory + it is in, please consider moving this file to <code>/usr/share/doc/</code> + or maybe even removing it. If this file does describe the contents + or purpose of the directory it is in, please add a lintian override. + +Screen: python/egg/metadata +Advocates: Scott Kitterman <debian@kitterman.com> +Reason: The folders <code>XXX.dist-info/</code> and <code>XXX.egg-info/</code> + hold metadata for Python modules. Those files are not documentation even though + some of their names carry the <code>.txt</code> file extension. + . + Python modules can be both public and private. +See-Also: + https://www.python.org/dev/peps/pep-0427/#the-dist-info-directory, + https://www.python.org/dev/peps/pep-0376/#id16, + https://www.python.org/dev/peps/pep-0610/, + https://www.python.org/dev/peps/pep-0639/, + https://setuptools.pypa.io/en/latest/deprecated/python_eggs.html, + Bug#1003913 diff --git a/tags/p/package-contains-empty-directory.tag b/tags/p/package-contains-empty-directory.tag new file mode 100644 index 0000000..6ef9072 --- /dev/null +++ b/tags/p/package-contains-empty-directory.tag @@ -0,0 +1,10 @@ +Tag: package-contains-empty-directory +Severity: info +Check: files/empty-directories +Explanation: This package installs an empty directory. This might be intentional + but it's normally a mistake. If it is intentional, add a Lintian override. + . + If a package ships with or installs empty directories, you can remove them + in debian/rules by calling: + . + $ find path/to/base/dir -type d -empty -delete diff --git a/tags/p/package-contains-eslint-config-file.tag b/tags/p/package-contains-eslint-config-file.tag new file mode 100644 index 0000000..430db18 --- /dev/null +++ b/tags/p/package-contains-eslint-config-file.tag @@ -0,0 +1,11 @@ +Tag: package-contains-eslint-config-file +Severity: error +Check: files/names +Explanation: This package ships an ESLint config file. This file is + a configuration file for the ESLint pluggable linting utility + for JavaScript. + . + Even if these files are useful for modifying the source, + they do not belong in installed packages. + . + Please remove this file from your package. diff --git a/tags/p/package-contains-file-in-etc-skel.tag b/tags/p/package-contains-file-in-etc-skel.tag new file mode 100644 index 0000000..f47f468 --- /dev/null +++ b/tags/p/package-contains-file-in-etc-skel.tag @@ -0,0 +1,13 @@ +Tag: package-contains-file-in-etc-skel +Severity: error +Check: files/names +Explanation: This package ships the specified file under <code>/etc/skel</code>. Files + in this directory are copied into new user accounts by <code>adduser(8)</code>. + . + However, <code>/etc/skel</code> should be empty as possible as there is no + mechanism for ensuring files are copied into the accounts of existing + users when the package is installed. + . + Please remove the installation of this file, ensuring this package + can automatically create them or can otherwise function without them. +See-Also: debian-policy 10.7.5 diff --git a/tags/p/package-contains-file-in-usr-share-hal.tag b/tags/p/package-contains-file-in-usr-share-hal.tag new file mode 100644 index 0000000..6f5605b --- /dev/null +++ b/tags/p/package-contains-file-in-usr-share-hal.tag @@ -0,0 +1,9 @@ +Tag: package-contains-file-in-usr-share-hal +Severity: warning +Check: files/names +Explanation: This package installs the specified file under + <code>/usr/share/hal/</code> but this directory is no longer looked at + by any package in Debian since the removal of the <code>hal</code> package + in 2014. + . + Please remove or otherwise prevent the installation of this file. diff --git a/tags/p/package-contains-hardlink.tag b/tags/p/package-contains-hardlink.tag new file mode 100644 index 0000000..5539e58 --- /dev/null +++ b/tags/p/package-contains-hardlink.tag @@ -0,0 +1,14 @@ +Tag: package-contains-hardlink +Severity: warning +Check: files/hard-links +Explanation: The package contains a hardlink in <code>/etc</code> or across different + directories. This might not work at all if directories are on different + filesystems (which can happen anytime as the system administrator sees fit), + certain filesystems such as AFS don't even support cross-directory hardlinks + at all. + . + For configuration files, certain editors might break hardlinks, and so + does dpkg in certain cases. + . + A better solution might be using symlinks here. +See-Also: debian-policy 10.7.3 diff --git a/tags/p/package-contains-icon-cache-in-generic-dir.tag b/tags/p/package-contains-icon-cache-in-generic-dir.tag new file mode 100644 index 0000000..04efa6c --- /dev/null +++ b/tags/p/package-contains-icon-cache-in-generic-dir.tag @@ -0,0 +1,8 @@ +Tag: package-contains-icon-cache-in-generic-dir +Severity: warning +Check: files/names +Explanation: This package installs the specified icon cache in a generic + location such as <code>/usr/share/icons/hicolor</code> which will + invariably clash with other packages. + . + Please remove or otherwise prevent the installation of this file. diff --git a/tags/p/package-contains-info-dir-file.tag b/tags/p/package-contains-info-dir-file.tag new file mode 100644 index 0000000..7354361 --- /dev/null +++ b/tags/p/package-contains-info-dir-file.tag @@ -0,0 +1,10 @@ +Tag: package-contains-info-dir-file +Severity: error +Check: documentation +Explanation: This package contains a file named <code>dir</code> or <code>dir.old</code>, + possibly compressed, in <code>/usr/share/info</code>. This is the directory + (or backup) of info pages and is generated automatically by install-info + when a package containing info documentation is installed. Some upstream + build systems create it automatically, but it must not be included in a + package since it needs to be generated dynamically based on the installed + info files on the system. diff --git a/tags/p/package-contains-linda-override.tag b/tags/p/package-contains-linda-override.tag new file mode 100644 index 0000000..6e4cc37 --- /dev/null +++ b/tags/p/package-contains-linda-override.tag @@ -0,0 +1,7 @@ +Tag: package-contains-linda-override +Severity: warning +Check: linda +Explanation: This package contains a linda override file in + <code>/usr/share/linda/overrides</code>. Linda is obsolete and has been + removed from the archive as of 2008-03-04. Linda overrides should + probably be dropped from packages. diff --git a/tags/p/package-contains-mime-cache-file.tag b/tags/p/package-contains-mime-cache-file.tag new file mode 100644 index 0000000..3165e3b --- /dev/null +++ b/tags/p/package-contains-mime-cache-file.tag @@ -0,0 +1,9 @@ +Tag: package-contains-mime-cache-file +Severity: error +Check: mimeinfo +Explanation: This package contains a cache file generated automatically by + update-mime-database when a package containing MIME-Info Database + files is installed. Some upstream build systems create them + automatically, but they must not be included in a package since they need + to be generated dynamically based on the installed MIME-Info Database + files on the system. diff --git a/tags/p/package-contains-mime-file-outside-package-dir.tag b/tags/p/package-contains-mime-file-outside-package-dir.tag new file mode 100644 index 0000000..f56c274 --- /dev/null +++ b/tags/p/package-contains-mime-file-outside-package-dir.tag @@ -0,0 +1,10 @@ +Tag: package-contains-mime-file-outside-package-dir +Severity: error +Check: mimeinfo +See-Also: Bug#761649, /usr/share/doc/shared-mime-info/ +Explanation: This package contains a file in a path reserved solely for + mime cache file. + . + /usr/share/mime/ files are cache generated from + /usr/share/mime/packages/. Thus file under /usr/share/mime/ + should not be installed diff --git a/tags/p/package-contains-mimeinfo.cache-file.tag b/tags/p/package-contains-mimeinfo.cache-file.tag new file mode 100644 index 0000000..fbc4e98 --- /dev/null +++ b/tags/p/package-contains-mimeinfo.cache-file.tag @@ -0,0 +1,10 @@ +Tag: package-contains-mimeinfo.cache-file +Severity: error +Check: mimeinfo +Explanation: This package contains a file named <code>mimeinfo.cache</code>, + possibly compressed, in <code>/usr/share/applications</code>. This file is + generated automatically by update-desktop-database when a package + containing <code>.desktop</code> files associated to MIME types is installed. + Some upstream build systems create it automatically, but it must not be + included in a package since it needs to be generated dynamically based on + the installed .desktop files on the system. diff --git a/tags/p/package-contains-multiple-dpi-fonts.tag b/tags/p/package-contains-multiple-dpi-fonts.tag new file mode 100644 index 0000000..9c342a8 --- /dev/null +++ b/tags/p/package-contains-multiple-dpi-fonts.tag @@ -0,0 +1,9 @@ +Tag: package-contains-multiple-dpi-fonts +Severity: warning +Check: desktop/x11 +See-Also: debian-policy 11.8.5 +Explanation: This package contains both 100dpi and 75dpi bitmapped fonts. Both + versions should not be included in a single package. If both resolutions + are available, they should be provided in separate binary packages with + <code>-75dpi</code> or <code>-100dpi</code> appended to the package name for the + corresponding fonts. diff --git a/tags/p/package-contains-no-arch-dependent-files.tag b/tags/p/package-contains-no-arch-dependent-files.tag new file mode 100644 index 0000000..2c9a8a0 --- /dev/null +++ b/tags/p/package-contains-no-arch-dependent-files.tag @@ -0,0 +1,9 @@ +Tag: package-contains-no-arch-dependent-files +Severity: info +Check: files/architecture +Experimental: yes +Explanation: All files in this package are architecture-independent, + but the package is not marked <code>Architecture: all</code>. + . + The package should probably be marked <code>Architecture: all</code>. +See-Also: debian-policy 5.6.8 diff --git a/tags/p/package-contains-npm-ignore-file.tag b/tags/p/package-contains-npm-ignore-file.tag new file mode 100644 index 0000000..723ac4f --- /dev/null +++ b/tags/p/package-contains-npm-ignore-file.tag @@ -0,0 +1,9 @@ +Tag: package-contains-npm-ignore-file +Severity: error +Check: files/names +Explanation: The package ships an <code>.npmignore</code> file. It is a + configuration file for the <code>Node.js</code> package manager. + It is not needed in a Debian package. + . + The file tells the <code>npm</code> command to keep files out of + a <code>node</code> package. Please remove it from your package. diff --git a/tags/p/package-contains-python-coverage-file.tag b/tags/p/package-contains-python-coverage-file.tag new file mode 100644 index 0000000..0bafff0 --- /dev/null +++ b/tags/p/package-contains-python-coverage-file.tag @@ -0,0 +1,11 @@ +Tag: package-contains-python-coverage-file +Severity: warning +Check: files/names +Explanation: The package contains a file that looks like output from the Python + coverage.py tool. These are generated by python{,3}-coverage during a test + run, noting which parts of the code have been executed. They can then be + subsequently analyzed to identify code that could have been executed but was + not. + . + As they are unlikely to be of utility to end-users, these files should not + be shipped in the final binary package. diff --git a/tags/p/package-contains-python-doctree-file.tag b/tags/p/package-contains-python-doctree-file.tag new file mode 100644 index 0000000..cd77238 --- /dev/null +++ b/tags/p/package-contains-python-doctree-file.tag @@ -0,0 +1,29 @@ +Tag: package-contains-python-doctree-file +Severity: warning +Check: files/names +Explanation: This package appears to contain a pickled cache of reStructuredText + (*.rst) documentation in a <code>.doctree</code> file. + . + These are not needed to display the documentation correctly and as they can + contain absolute build paths can affect the reproducibility of the package. + . + The easiest way to prevent this is to use the <code>--with=sphinxdoc</code> + debhelper sequence or to add an explicit call to + <code>dh_sphinxdoc</code>. This will then require a dependency on + <code>${sphinxdoc:Depends}</code> for the relevant binary package. + . + Either prevent the installation of the <code>.doctree</code> file (or parent + <code>doctrees</code> directory if there is one) or pass the <code>-d</code> + option to <code>sphinx-build(1)</code> to create the caches elsewhere. + . + For example: + . + override_dh_auto_build: + dh_auto_build + PYTHONPATH=. sphinx-build -bman docs/ -d debian/doctrees docs/build/html + PYTHONPATH=. sphinx-build -bhtml docs/ -d debian/doctrees docs/build/html + . + override_dh_auto_clean: + dh_auto_clean + rm -rf debian/doctrees +See-Also: http://sphinx-doc.org/invocation.html#cmdoption-sphinx-build-d diff --git a/tags/p/package-contains-python-dot-directory.tag b/tags/p/package-contains-python-dot-directory.tag new file mode 100644 index 0000000..727c761 --- /dev/null +++ b/tags/p/package-contains-python-dot-directory.tag @@ -0,0 +1,12 @@ +Tag: package-contains-python-dot-directory +Severity: warning +Check: files/names +Explanation: The package contains files left over from a Python build + process, such as cached output from <code>pytest</code>. + . + Users of your package probably do not need the files. Please rebuild + your package with a newer version of <code>pybuild/dh-python</code>. + Many of the files will disappear. + . + Usually, the files contain time-stamped data. They will prevent your + package from being reproducible. diff --git a/tags/p/package-contains-python-header-in-incorrect-directory.tag b/tags/p/package-contains-python-header-in-incorrect-directory.tag new file mode 100644 index 0000000..50bc667 --- /dev/null +++ b/tags/p/package-contains-python-header-in-incorrect-directory.tag @@ -0,0 +1,14 @@ +Tag: package-contains-python-header-in-incorrect-directory +Severity: error +Check: files/names +Explanation: This package ships a header file such as + <code>/usr/include/python3.7/foo/bar.h</code>. However, + <code>/usr/include/python3.7</code> is a symlink to <code>python3.7m</code> in + <code>libpython3.7-dev</code>. + . + This may result in silent file overwrites or, depending on the unpacking + order (if <code>/usr/include/python3.7</code> is a directory), separating + the headers into two independent trees. + . + These header files should be shipped in + <code>/usr/include/python3.7m</code> instead. diff --git a/tags/p/package-contains-python-hypothesis-example.tag b/tags/p/package-contains-python-hypothesis-example.tag new file mode 100644 index 0000000..44a8ae0 --- /dev/null +++ b/tags/p/package-contains-python-hypothesis-example.tag @@ -0,0 +1,17 @@ +Tag: package-contains-python-hypothesis-example +Severity: warning +Check: files/names +Explanation: This package appears to contain the output of running a Python + "Hypothesis" testsuite. + . + These are not useful in the binary package or to end-users. In addition, + as they contain random/non-determinstic contents, they can affect the + reproducibility of the package. + . + You can disable generation of these files by, for example: + . + export HYPOTHESIS_DATABASE_FILE = $(CURDIR)/debian/hypothesis + . + override_dh_auto_clean: + dh_auto_clean + rm -rf $(CURDIR)/debian/hypothesis diff --git a/tags/p/package-contains-python-tests-in-global-namespace.tag b/tags/p/package-contains-python-tests-in-global-namespace.tag new file mode 100644 index 0000000..eec3327 --- /dev/null +++ b/tags/p/package-contains-python-tests-in-global-namespace.tag @@ -0,0 +1,12 @@ +Tag: package-contains-python-tests-in-global-namespace +Severity: warning +Check: files/names +Explanation: This package appears to contain Python test files such as + <code>test_foo.py</code> or <code>test_foo/</code> in the global module + namespace. + . + Whilst the tests may be useful in the binary package, it is probably a + mistake to pollute the "top-level" namespace in this way. + . + Please install them to a subdirectory of the module being tested + instead or simply omit from the binary package entirely. diff --git a/tags/p/package-contains-readme-for-other-platform-or-distro.tag b/tags/p/package-contains-readme-for-other-platform-or-distro.tag new file mode 100644 index 0000000..c29fe8d --- /dev/null +++ b/tags/p/package-contains-readme-for-other-platform-or-distro.tag @@ -0,0 +1,8 @@ +Tag: package-contains-readme-for-other-platform-or-distro +Severity: warning +Check: documentation +Explanation: package contains a README.(platform) file that contains instructions + specific to a platform or distribution other than Debian and thus can + most likely be removed. If it contains information that pertains to + Debian, please consider renaming it, or including it in an already + existing README file. diff --git a/tags/p/package-contains-sass-cache-directory.tag b/tags/p/package-contains-sass-cache-directory.tag new file mode 100644 index 0000000..02a5733 --- /dev/null +++ b/tags/p/package-contains-sass-cache-directory.tag @@ -0,0 +1,17 @@ +Tag: package-contains-sass-cache-directory +Severity: warning +Check: files/names +Explanation: This package appears to ship a <code>.sass-cache/</code> directory, + the result of running a the "Sass" utility that compiles CSS from SASS + or SCSS files. + . + These are not useful in the binary package or to end-users. In + addition, as they contain random/non-determinstic contents or + filenames they can affect the reproducibility of the package. + . + Please ensure they are removed prior to final package build. For + example, with: + . + override_dh_install: + dh_install -X.sass-cache +See-Also: https://reproducible-builds.org/, Bug#920595 diff --git a/tags/p/package-contains-thumbnails-dir.tag b/tags/p/package-contains-thumbnails-dir.tag new file mode 100644 index 0000000..2ebe714 --- /dev/null +++ b/tags/p/package-contains-thumbnails-dir.tag @@ -0,0 +1,6 @@ +Tag: package-contains-thumbnails-dir +Severity: error +Check: images/thumbnails +Explanation: Package contains a .thumbnails directory. It was most likely installed by + accident, since thumbnails usually don't belong in packages. +See-Also: https://specifications.freedesktop.org/thumbnail-spec/thumbnail-spec-latest.html diff --git a/tags/p/package-contains-timestamped-gzip.tag b/tags/p/package-contains-timestamped-gzip.tag new file mode 100644 index 0000000..93f4094 --- /dev/null +++ b/tags/p/package-contains-timestamped-gzip.tag @@ -0,0 +1,9 @@ +Tag: package-contains-timestamped-gzip +Severity: warning +Check: files/compressed/gz +Explanation: The package contains a gzip-compressed file that has timestamps. + Such files make the packages unreproducible, because their + contents depend on the time when the package was built. + . + Please consider passing the "-n" flag to gzip to avoid this. +See-Also: https://wiki.debian.org/ReproducibleBuilds diff --git a/tags/p/package-contains-unsafe-symlink.tag b/tags/p/package-contains-unsafe-symlink.tag new file mode 100644 index 0000000..72f11d6 --- /dev/null +++ b/tags/p/package-contains-unsafe-symlink.tag @@ -0,0 +1,6 @@ +Tag: package-contains-unsafe-symlink +Severity: error +Check: files/symbolic-links/broken +Explanation: The package contains an unsafe symlink. If followed, + the link will escape the package root. +See-Also: debian-policy 10.5 diff --git a/tags/p/package-contains-upstream-installation-documentation.tag b/tags/p/package-contains-upstream-installation-documentation.tag new file mode 100644 index 0000000..1e13fdb --- /dev/null +++ b/tags/p/package-contains-upstream-installation-documentation.tag @@ -0,0 +1,8 @@ +Tag: package-contains-upstream-installation-documentation +Severity: warning +Check: documentation +See-Also: debian-policy 12.3 +Explanation: Binary packages do not need to contain the instructions for building + and installing the package as this info is not needed by package users. + If the info contained is important for configuration perhaps it could be + summarized in README.Debian, otherwise an override may be added. diff --git a/tags/p/package-contains-usr-unmerged-pathnames.tag b/tags/p/package-contains-usr-unmerged-pathnames.tag new file mode 100644 index 0000000..68c9f9d --- /dev/null +++ b/tags/p/package-contains-usr-unmerged-pathnames.tag @@ -0,0 +1,17 @@ +Tag: package-contains-usr-unmerged-pathnames +Severity: classification +Check: files/usr-merge +Explanation: The package installs the listed file to a directory in / (the + filesystem root) rather than to the corresponding directory inside /usr. + . + Debian requires systems to mount /usr prior to invoking init (using an + initramfs if necessary) so any executables, libraries, or other files + placed in / for use by early portions of the system init no longer need + to do so. + . + Moving a file from / to /usr (especially an executable in /bin or + /sbin) will often require a compatibility symlink to the new location, + as other software may invoke it by absolute path. + . + A compatibility symlink to the corresponding file in /usr will not + trigger this warning but a symlink to anywhere else will. diff --git a/tags/p/package-contains-vcs-control-dir.tag b/tags/p/package-contains-vcs-control-dir.tag new file mode 100644 index 0000000..a6ad53b --- /dev/null +++ b/tags/p/package-contains-vcs-control-dir.tag @@ -0,0 +1,6 @@ +Tag: package-contains-vcs-control-dir +Severity: warning +Check: files/vcs +Explanation: The package contains a control directory for a version control system. + It was most likely installed by accident, since version control directories + usually don't belong in packages. diff --git a/tags/p/package-contains-vcs-control-file.tag b/tags/p/package-contains-vcs-control-file.tag new file mode 100644 index 0000000..47f5a36 --- /dev/null +++ b/tags/p/package-contains-vcs-control-file.tag @@ -0,0 +1,8 @@ +Tag: package-contains-vcs-control-file +Severity: warning +Check: files/vcs +Explanation: The package contains a VCS control file such as .(cvs|git|hg)ignore. + Files such as these are used by revision control systems to, for example, + specify untracked files it should ignore or inventory files. This file + is generally useless in an installed package and was probably installed + by accident. diff --git a/tags/p/package-contains-xvpics-dir.tag b/tags/p/package-contains-xvpics-dir.tag new file mode 100644 index 0000000..2b68ecb --- /dev/null +++ b/tags/p/package-contains-xvpics-dir.tag @@ -0,0 +1,5 @@ +Tag: package-contains-xvpics-dir +Severity: error +Check: images/thumbnails +Explanation: Package contains a .xvpics directory. It was most likely installed by + accident, since thumbnails usually don't belong in packages. diff --git a/tags/p/package-depends-on-an-x-font-package.tag b/tags/p/package-depends-on-an-x-font-package.tag new file mode 100644 index 0000000..7291d85 --- /dev/null +++ b/tags/p/package-depends-on-an-x-font-package.tag @@ -0,0 +1,10 @@ +Tag: package-depends-on-an-x-font-package +Severity: error +Check: fields/package-relations +Explanation: Packages must not depend on X Window System font packages. + . + If one or more of the fonts so packaged are necessary for proper operation + of the package with which they are associated the font package may be + Recommended; if the fonts merely provide an enhancement, a Suggests + relationship may be used. +See-Also: debian-policy 11.8.5 diff --git a/tags/p/package-depends-on-hardcoded-libc.tag b/tags/p/package-depends-on-hardcoded-libc.tag new file mode 100644 index 0000000..f3fe4f5 --- /dev/null +++ b/tags/p/package-depends-on-hardcoded-libc.tag @@ -0,0 +1,6 @@ +Tag: package-depends-on-hardcoded-libc +Severity: warning +Check: substvars/libc +Explanation: The package depends directly on <code>libc</code>. Please use + only the substitution variables <code>${shlibs:Depends}</code> in the relevant + stanza in the <code>debian/control</code> file. diff --git a/tags/p/package-depends-on-multiple-libpng-versions.tag b/tags/p/package-depends-on-multiple-libpng-versions.tag new file mode 100644 index 0000000..f187e3d --- /dev/null +++ b/tags/p/package-depends-on-multiple-libpng-versions.tag @@ -0,0 +1,6 @@ +Tag: package-depends-on-multiple-libpng-versions +Severity: error +Check: fields/package-relations +Explanation: The package seems to declare several relations to a libpng version. + This is not only sloppy but in the case of libraries, it may well break + the runtime execution of programs. diff --git a/tags/p/package-depends-on-multiple-libstdc-versions.tag b/tags/p/package-depends-on-multiple-libstdc-versions.tag new file mode 100644 index 0000000..3136857 --- /dev/null +++ b/tags/p/package-depends-on-multiple-libstdc-versions.tag @@ -0,0 +1,6 @@ +Tag: package-depends-on-multiple-libstdc-versions +Severity: error +Check: fields/package-relations +Explanation: The package seems to declare several relations to a libstdc version. + This is not only sloppy but in the case of libraries, it may well break + the runtime execution of programs. diff --git a/tags/p/package-depends-on-multiple-tcl-versions.tag b/tags/p/package-depends-on-multiple-tcl-versions.tag new file mode 100644 index 0000000..13ee51f --- /dev/null +++ b/tags/p/package-depends-on-multiple-tcl-versions.tag @@ -0,0 +1,6 @@ +Tag: package-depends-on-multiple-tcl-versions +Severity: error +Check: fields/package-relations +Explanation: The package seems to declare several relations to a tcl version. + This is not only sloppy but in the case of libraries, it may well break + the runtime execution of programs. diff --git a/tags/p/package-depends-on-multiple-tclx-versions.tag b/tags/p/package-depends-on-multiple-tclx-versions.tag new file mode 100644 index 0000000..bb01a6e --- /dev/null +++ b/tags/p/package-depends-on-multiple-tclx-versions.tag @@ -0,0 +1,6 @@ +Tag: package-depends-on-multiple-tclx-versions +Severity: error +Check: fields/package-relations +Explanation: The package seems to declare several relations to a tclx version. + This is not only sloppy but in the case of libraries, it may well break + the runtime execution of programs. diff --git a/tags/p/package-depends-on-multiple-tk-versions.tag b/tags/p/package-depends-on-multiple-tk-versions.tag new file mode 100644 index 0000000..24a9075 --- /dev/null +++ b/tags/p/package-depends-on-multiple-tk-versions.tag @@ -0,0 +1,6 @@ +Tag: package-depends-on-multiple-tk-versions +Severity: error +Check: fields/package-relations +Explanation: The package seems to declare several relations to a tk version. + This is not only sloppy but in the case of libraries, it may well break + the runtime execution of programs. diff --git a/tags/p/package-does-not-install-examples.tag b/tags/p/package-does-not-install-examples.tag new file mode 100644 index 0000000..01b43d9 --- /dev/null +++ b/tags/p/package-does-not-install-examples.tag @@ -0,0 +1,25 @@ +Tag: package-does-not-install-examples +Severity: pedantic +Check: examples +Explanation: The original source tarball contains the specified examples + directory. However, no examples are installed in any binary packages. + . + Please use <code>dh_installexamples</code> to install these to the most + relevant package, for example by adding the directory name followed + by a wildcard to a <code>debian/pkgname.examples</code> file. + . + Lintian looks for any directory called <code>examples</code> under + <code>/usr/share/doc</code> in all binary packages. +See-Also: + dh_installexamples(1) + +Screen: examples/in-tests +Advocates: Scott Kitterman <debian@kitterman.com> +Reason: + Some sources like python-tomlkit trigger this tag for tests because of files + in ./tests/examples/. They are not examples for tomlkit, however. They are + examples of TOML files used in the tests. + . + Overall, the check is probably better off not looking in test directories. +See-Also: + Bug#1005184 diff --git a/tags/p/package-does-not-use-debhelper-or-cdbs.tag b/tags/p/package-does-not-use-debhelper-or-cdbs.tag new file mode 100644 index 0000000..4f43b57 --- /dev/null +++ b/tags/p/package-does-not-use-debhelper-or-cdbs.tag @@ -0,0 +1,11 @@ +Tag: package-does-not-use-debhelper-or-cdbs +Severity: pedantic +Check: debhelper +Explanation: This package does not appear to use a build system helper such as + debhelper or cdbs. + . + It is recommended that packages use such tools as they avoid a large + number of common errors and tedious boilerplate as well as permit + distribution-wide changes to packages and reduce the "bus factor" & + barriers to entry from external contributors. +See-Also: debhelper(7), dh(1), https://build-common.alioth.debian.org/ diff --git a/tags/p/package-file-is-executable.tag b/tags/p/package-file-is-executable.tag new file mode 100644 index 0000000..94429c1 --- /dev/null +++ b/tags/p/package-file-is-executable.tag @@ -0,0 +1,10 @@ +Tag: package-file-is-executable +Severity: warning +Check: debhelper +Explanation: The named packaging file is executable. + . + There is no reason to make the <code>control</code>, <code>changelog</code> + or <code>copyright</code> files executable. + . + You will also see this tag for a Debhelper-related packaging file that is + marked executable while using a <code>compat</code> level below 9. diff --git a/tags/p/package-has-long-file-name.tag b/tags/p/package-has-long-file-name.tag new file mode 100644 index 0000000..2e92178 --- /dev/null +++ b/tags/p/package-has-long-file-name.tag @@ -0,0 +1,12 @@ +Tag: package-has-long-file-name +Severity: warning +Check: archive/file/name/length +Explanation: The package has a very long filename. This may complicate + shipping the package on some media that put restrictions on the + length of the filenames (such as CDs). + . + For architecture dependent packages, the tag is emitted based on the + length of the longest architecture name rather than the name of the + current architecture. +See-Also: + https://lists.debian.org/debian-devel/2011/03/msg00943.html diff --git a/tags/p/package-has-unnecessary-activation-of-ldconfig-trigger.tag b/tags/p/package-has-unnecessary-activation-of-ldconfig-trigger.tag new file mode 100644 index 0000000..edd531c --- /dev/null +++ b/tags/p/package-has-unnecessary-activation-of-ldconfig-trigger.tag @@ -0,0 +1,12 @@ +Tag: package-has-unnecessary-activation-of-ldconfig-trigger +Severity: warning +Check: libraries/shared/trigger/ldconfig +Explanation: The package activates the ldconfig trigger even though no shared + libraries are installed in a directory controlled by the dynamic + library loader. + . + Note this may be triggered by a bug in debhelper, that causes it to + auto-generate an ldconfig trigger for packages that do not need it. +See-Also: + debian-policy 8.1.1, + Bug#204975 diff --git a/tags/p/package-installs-apt-keyring.tag b/tags/p/package-installs-apt-keyring.tag new file mode 100644 index 0000000..fe4b439 --- /dev/null +++ b/tags/p/package-installs-apt-keyring.tag @@ -0,0 +1,13 @@ +Tag: package-installs-apt-keyring +Severity: error +Check: apt +See-Also: apt-key(8) +Explanation: Debian packages should not install files under + <code>/etc/apt/trusted.gpg.d/</code> or install an + <code>/etc/apt/trusted.gpg</code> file. + . + Trusted keyrings are under the control of the local administrator and + packages should not override local administrator choices. + . + Packages whose names end in <code>-apt-source</code> or + <code>-archive-keyring</code> are permitted to install such files. diff --git a/tags/p/package-installs-apt-preferences.tag b/tags/p/package-installs-apt-preferences.tag new file mode 100644 index 0000000..433b0f8 --- /dev/null +++ b/tags/p/package-installs-apt-preferences.tag @@ -0,0 +1,10 @@ +Tag: package-installs-apt-preferences +Severity: error +Check: apt +See-Also: apt_preferences(5) +Explanation: Debian packages should not install files under <code>/etc/apt/preferences.d/</code> or install an /etc/apt/preferences file. + This directory is under the control of the local administrator. + . + Package should not override local administrator choices. +Renamed-From: + package-install-apt-preferences diff --git a/tags/p/package-installs-apt-sources.tag b/tags/p/package-installs-apt-sources.tag new file mode 100644 index 0000000..464438a --- /dev/null +++ b/tags/p/package-installs-apt-sources.tag @@ -0,0 +1,17 @@ +Tag: package-installs-apt-sources +Severity: error +Check: apt +See-Also: sources.list(5) +Explanation: Debian packages should not install files under + <code>/etc/apt/sources.list.d/</code> or install an + <code>/etc/apt/sources.list</code> file. + . + The selection of installation sources is under the control of the + local administrator. Packages are generally not allowed to change + the administrator's choices. + . + As a limited exception for the convenience of administrators, + packages whose names end in the clearly named + <code>-apt-source</code> are permitted to install such files. +Renamed-From: + package-install-apt-sources diff --git a/tags/p/package-installs-deprecated-upstart-configuration.tag b/tags/p/package-installs-deprecated-upstart-configuration.tag new file mode 100644 index 0000000..c2ab7cf --- /dev/null +++ b/tags/p/package-installs-deprecated-upstart-configuration.tag @@ -0,0 +1,9 @@ +Tag: package-installs-deprecated-upstart-configuration +Severity: warning +Check: files/init +Explanation: The package installs files into the <code>/etc/init</code> + directory which is used by Upstart, a replacement for the <code>/sbin/init</code> + daemon which handles starting of tasks and services during boot, etc. + . + However, Upstart was removed in Debian "stretch" and these files are thus no + longer useful and should be removed. diff --git a/tags/p/package-installs-file-to-usr-x11r6.tag b/tags/p/package-installs-file-to-usr-x11r6.tag new file mode 100644 index 0000000..3712741 --- /dev/null +++ b/tags/p/package-installs-file-to-usr-x11r6.tag @@ -0,0 +1,12 @@ +Tag: package-installs-file-to-usr-x11r6 +Severity: error +Check: desktop/x11 +Explanation: Packages using the X Window System should not be configured to install + files under the /usr/X11R6/ directory. Debian has switched to the modular + X tree which now uses regular FHS paths and all packages should follow. + . + Programs that use GNU autoconf and automake are usually easily configured + at compile time to use /usr/ instead of /usr/X11R6/. Packages that use + imake must build-depend on xutils-dev (>= 1:1.0.2-2) for the correct + paths. +See-Also: debian-policy 11.8.7 diff --git a/tags/p/package-installs-ieee-data.tag b/tags/p/package-installs-ieee-data.tag new file mode 100644 index 0000000..ca9344d --- /dev/null +++ b/tags/p/package-installs-ieee-data.tag @@ -0,0 +1,13 @@ +Tag: package-installs-ieee-data +Severity: error +Check: files/ieee-data +See-Also: Bug#785662 +Explanation: Debian package should not install ieee oui.txt or iab.txt file + These files are shipped in the package ieee-data and package should + depends on the ieee-data instead of shipping these files. + . + Package should symlinks to /usr/share/ieee-data/iab.txt or + /usr/share/ieee-data/oui.txt. Moreover, you should also + depends on ieee-data package. +Renamed-From: + package-install-ieee-data diff --git a/tags/p/package-installs-into-etc-gconf-schemas.tag b/tags/p/package-installs-into-etc-gconf-schemas.tag new file mode 100644 index 0000000..f54e248 --- /dev/null +++ b/tags/p/package-installs-into-etc-gconf-schemas.tag @@ -0,0 +1,7 @@ +Tag: package-installs-into-etc-gconf-schemas +Severity: warning +Check: desktop/gnome +Explanation: The package installs files into the <code>/etc/gconf/schemas</code> + directory. No package should do this; this directory is reserved for + local overrides. Instead, schemas should be installed into + <code>/usr/share/gconf/schemas</code>. diff --git a/tags/p/package-installs-into-etc-rc.boot.tag b/tags/p/package-installs-into-etc-rc.boot.tag new file mode 100644 index 0000000..9a6c841 --- /dev/null +++ b/tags/p/package-installs-into-etc-rc.boot.tag @@ -0,0 +1,6 @@ +Tag: package-installs-into-etc-rc.boot +Severity: error +Check: files/init +Explanation: The package installs files in the <code>/etc/rc.boot</code> directory, + which is obsolete. +See-Also: debian-policy 9.3.4 diff --git a/tags/p/package-installs-into-etc-rc.d.tag b/tags/p/package-installs-into-etc-rc.d.tag new file mode 100644 index 0000000..f36734c --- /dev/null +++ b/tags/p/package-installs-into-etc-rc.d.tag @@ -0,0 +1,6 @@ +Tag: package-installs-into-etc-rc.d +Severity: error +Check: files/init +Explanation: The package installs files into the <code>/etc/rc.d</code> or + <code>/etc/rc?.d</code> which is not allowed. +See-Also: debian-policy 9.3.3 diff --git a/tags/p/package-installs-into-obsolete-dir.tag b/tags/p/package-installs-into-obsolete-dir.tag new file mode 100644 index 0000000..d30d16f --- /dev/null +++ b/tags/p/package-installs-into-obsolete-dir.tag @@ -0,0 +1,7 @@ +Tag: package-installs-into-obsolete-dir +Severity: warning +Check: files/obsolete-paths +Explanation: The package installs files to an obsolete directory. + Please use a newer path. +Renamed-From: + package-install-into-obsolete-dir diff --git a/tags/p/package-installs-java-bytecode.tag b/tags/p/package-installs-java-bytecode.tag new file mode 100644 index 0000000..0fbb752 --- /dev/null +++ b/tags/p/package-installs-java-bytecode.tag @@ -0,0 +1,8 @@ +Tag: package-installs-java-bytecode +Severity: warning +Check: languages/java/bytecode +See-Also: java-policy 2 +Explanation: Compiled Java source files must not be included in the package. + This is likely due to a packaging mistake. These files should be + removed from the installed package or included in <code>.jar</code> + archives to save space. diff --git a/tags/p/package-installs-nonbinary-perl-in-usr-lib-perl5.tag b/tags/p/package-installs-nonbinary-perl-in-usr-lib-perl5.tag new file mode 100644 index 0000000..0061d3f --- /dev/null +++ b/tags/p/package-installs-nonbinary-perl-in-usr-lib-perl5.tag @@ -0,0 +1,8 @@ +Tag: package-installs-nonbinary-perl-in-usr-lib-perl5 +Severity: warning +Check: languages/perl +Explanation: Architecture-independent Perl code should be placed in + <code>/usr/share/perl5</code>, not <code>/usr/lib/.../perl5</code> + unless there is at least one architecture-dependent file + in the module. +See-Also: perl-policy 2.3 diff --git a/tags/p/package-installs-packlist.tag b/tags/p/package-installs-packlist.tag new file mode 100644 index 0000000..3eb3043 --- /dev/null +++ b/tags/p/package-installs-packlist.tag @@ -0,0 +1,16 @@ +Tag: package-installs-packlist +Severity: error +Check: languages/perl +Explanation: Packages built using the perl MakeMaker package will have a file + named .packlist in them. Those files are useless, and (in some cases) + have the additional problem of creating an architecture-specific + directory name in an architecture-independent package. + . + They can be suppressed by adding the following to <code>debian/rules</code>: + . + find debian/*pkg* -type f -name .packlist -delete + . + or by telling MakeMaker to use vendor install dirs; consult a recent + version of Perl policy. Perl 5.6.0-12 or higher supports this. +See-Also: + perl-policy 4.1 diff --git a/tags/p/package-installs-perllocal-pod.tag b/tags/p/package-installs-perllocal-pod.tag new file mode 100644 index 0000000..fc36f77 --- /dev/null +++ b/tags/p/package-installs-perllocal-pod.tag @@ -0,0 +1,8 @@ +Tag: package-installs-perllocal-pod +Severity: warning +Check: languages/perl +Explanation: This package installs a file <code>perllocal.pod</code>. Since that + file is intended for local documentation, it is not likely that it is + a good place for documentation supplied by a Debian package. In fact, + installing this package will wipe out whatever local documentation + existed there. diff --git a/tags/p/package-installs-python-bytecode.tag b/tags/p/package-installs-python-bytecode.tag new file mode 100644 index 0000000..65e5325 --- /dev/null +++ b/tags/p/package-installs-python-bytecode.tag @@ -0,0 +1,7 @@ +Tag: package-installs-python-bytecode +Severity: error +Check: languages/python +See-Also: python-policy 3.7 +Explanation: Compiled Python source files must not be included in the package. + These files should be removed from the package and created at package + installation time in the postinst. diff --git a/tags/p/package-installs-python-egg.tag b/tags/p/package-installs-python-egg.tag new file mode 100644 index 0000000..dc8435b --- /dev/null +++ b/tags/p/package-installs-python-egg.tag @@ -0,0 +1,8 @@ +Tag: package-installs-python-egg +Severity: error +Check: languages/python +See-Also: python-policy 3.7 +Explanation: Python eggs should not be installed, since the Debian package is + supposed to do the required steps for installing the Python code. + . + The egg may contain pre-compiled Python bytecode or shared libraries. diff --git a/tags/p/package-installs-python-pycache-dir.tag b/tags/p/package-installs-python-pycache-dir.tag new file mode 100644 index 0000000..b15c91e --- /dev/null +++ b/tags/p/package-installs-python-pycache-dir.tag @@ -0,0 +1,11 @@ +Tag: package-installs-python-pycache-dir +Severity: error +Check: languages/python +See-Also: python-policy 3.7 +Explanation: The package installs a __pycache__ + directory, which is normally + only used to store compiled Python source files. Compiled Python + source files must not be included in the package, instead they + should be generated at installation time in the postinst. + . + Note this tag is issues even if the directory is empty. diff --git a/tags/p/package-is-co-maintained.tag b/tags/p/package-is-co-maintained.tag new file mode 100644 index 0000000..abf00e9 --- /dev/null +++ b/tags/p/package-is-co-maintained.tag @@ -0,0 +1,6 @@ +Tag: package-is-co-maintained +Severity: classification +Check: fields/vcs +Explanation: The package is co-maintained but not team-maintained + according to the maintainer/uploaders fields in the + <code>debian/control</code> file. diff --git a/tags/p/package-is-maintained-by-individual.tag b/tags/p/package-is-maintained-by-individual.tag new file mode 100644 index 0000000..6155564 --- /dev/null +++ b/tags/p/package-is-maintained-by-individual.tag @@ -0,0 +1,5 @@ +Tag: package-is-maintained-by-individual +Severity: classification +Check: fields/vcs +Explanation: The package is maintained by an individual according to the + maintainer/uploaders fields in the <code>debian/control</code> file. diff --git a/tags/p/package-is-team-maintained.tag b/tags/p/package-is-team-maintained.tag new file mode 100644 index 0000000..f07de42 --- /dev/null +++ b/tags/p/package-is-team-maintained.tag @@ -0,0 +1,5 @@ +Tag: package-is-team-maintained +Severity: classification +Check: fields/vcs +Explanation: The package is team-maintained according to the + maintainer/uploaders fields in the <code>debian/control</code> file. diff --git a/tags/p/package-mixes-misc-and-dpi-fonts.tag b/tags/p/package-mixes-misc-and-dpi-fonts.tag new file mode 100644 index 0000000..532f75c --- /dev/null +++ b/tags/p/package-mixes-misc-and-dpi-fonts.tag @@ -0,0 +1,8 @@ +Tag: package-mixes-misc-and-dpi-fonts +Severity: warning +Check: desktop/x11 +See-Also: debian-policy 11.8.5 +Explanation: This package contains both bitmapped fonts for a specific DPI + (100dpi or 75dpi) and misc bitmapped fonts. These should not be combined + in the same package. Instead, the misc bitmapped fonts should be + provided in a separate package with <code>-misc</code> appended to its name. diff --git a/tags/p/package-modifies-ld.so-search-path.tag b/tags/p/package-modifies-ld.so-search-path.tag new file mode 100644 index 0000000..18774c6 --- /dev/null +++ b/tags/p/package-modifies-ld.so-search-path.tag @@ -0,0 +1,15 @@ +Tag: package-modifies-ld.so-search-path +Severity: error +Check: files/ld-so +Explanation: The package changes the search path for the runtime linker, but is + not part of <code>libc</code>. The offending file is in + <code>/etc/ld.so.conf.d</code>. + . + It is not okay to install libraries in a different directory and then + modify the run-time link path. Shared libraries should go into + <code>/usr/lib</code>. Alternatively, they can require binaries to set the + <code>RPATH</code> to find the library. + . + Without this precaution, conflicting libraries may trigger segmentation + faults for what should have been a conflict in the package manager. +See-Also: debian-policy 10.2 diff --git a/tags/p/package-name-defined-in-config-h.tag b/tags/p/package-name-defined-in-config-h.tag new file mode 100644 index 0000000..0723a54 --- /dev/null +++ b/tags/p/package-name-defined-in-config-h.tag @@ -0,0 +1,9 @@ +Tag: package-name-defined-in-config-h +Severity: warning +Check: includes/config-h +Explanation: This package installs a header file named <code>config.h</code> that + uses the identifier PACKAGE_NAME. It is probably incompatible with + packages using autoconf. + . + Please remove the file or rename the identifier. +See-Also: Bug#733598 diff --git a/tags/p/package-name-doesnt-match-sonames.tag b/tags/p/package-name-doesnt-match-sonames.tag new file mode 100644 index 0000000..bb89de8 --- /dev/null +++ b/tags/p/package-name-doesnt-match-sonames.tag @@ -0,0 +1,9 @@ +Tag: package-name-doesnt-match-sonames +Severity: warning +Check: libraries/shared/soname +Explanation: The package name of a library package should usually reflect + the soname of the included library. The package name can determined + from the library file name with the following code snippet: + . + $ objdump -p /path/to/libfoo-bar.so.1.2.3 | sed -n -e's/^[[:space:]]*SONAME[[:space:]]*//p' | \ + sed -r -e's/([0-9])\.so\./\1-/; s/\.so(\.|$)//; y/_/-/; s/(.*)/\L&/' diff --git a/tags/p/package-not-lowercase.tag b/tags/p/package-not-lowercase.tag new file mode 100644 index 0000000..9f39264 --- /dev/null +++ b/tags/p/package-not-lowercase.tag @@ -0,0 +1,5 @@ +Tag: package-not-lowercase +Severity: error +Check: fields/package +Explanation: New packages should not use uppercase characters in their names. +See-Also: debian-policy 5.6.7 diff --git a/tags/p/package-placeholder-in-symbols-file.tag b/tags/p/package-placeholder-in-symbols-file.tag new file mode 100644 index 0000000..52fa2c6 --- /dev/null +++ b/tags/p/package-placeholder-in-symbols-file.tag @@ -0,0 +1,17 @@ +Tag: package-placeholder-in-symbols-file +Severity: warning +Check: debian/symbols +Explanation: The symbols file contains the placeholder <code>#PACKAGE#</code> + in the <code>Build-Depends-Package</code> field. During the build process, it + will be replaced with the wrong value. There is no placeholder that works. + . + The development package for your shared library must be stated explicitly. + . + With the information, <code>dpkg-shlibdeps(1)</code> can calculate the + installation prerequisites for your package from the build prerequisites. +See-Also: + debian-policy 8.6.3.2, + deb-symbols(5), + dpkg-shlibdeps(1), + https://www.debian.org/doc/manuals/maint-guide/advanced.en.html#librarysymbols, + Bug#944047 diff --git a/tags/p/package-relation-with-perl-modules.tag b/tags/p/package-relation-with-perl-modules.tag new file mode 100644 index 0000000..774792b --- /dev/null +++ b/tags/p/package-relation-with-perl-modules.tag @@ -0,0 +1,8 @@ +# Imported from pkg-perl-tools (named depends-on-perl-modules there) +Tag: package-relation-with-perl-modules +Severity: error +Check: fields/package-relations +Explanation: No package should (build-) depend on 'perl-modules'. Instead, a + suitable dependency on 'perl' should be used. The existence of the + perl-modules package is an implementation detail of the perl + packaging. diff --git a/tags/p/package-relation-with-self.tag b/tags/p/package-relation-with-self.tag new file mode 100644 index 0000000..287f49f --- /dev/null +++ b/tags/p/package-relation-with-self.tag @@ -0,0 +1,6 @@ +Tag: package-relation-with-self +Severity: warning +Check: fields/package-relations +Explanation: The package declares a relationship with itself. This is not very + useful except in the case of a package Conflicting with itself if its + package name doubles as a virtual package. diff --git a/tags/p/package-section-games-but-contains-no-game.tag b/tags/p/package-section-games-but-contains-no-game.tag new file mode 100644 index 0000000..ac06b1a --- /dev/null +++ b/tags/p/package-section-games-but-contains-no-game.tag @@ -0,0 +1,7 @@ +Tag: package-section-games-but-contains-no-game +Severity: error +Check: games +See-Also: debian-policy 11.11 +Explanation: This package is marked as part of the section games, but doesn't + contain files in <code>/usr/games</code>. Binaries of games must be installed + in <code>/usr/games</code>. diff --git a/tags/p/package-section-games-but-has-usr-bin.tag b/tags/p/package-section-games-but-has-usr-bin.tag new file mode 100644 index 0000000..674f4c3 --- /dev/null +++ b/tags/p/package-section-games-but-has-usr-bin.tag @@ -0,0 +1,7 @@ +Tag: package-section-games-but-has-usr-bin +Severity: warning +Check: games +See-Also: debian-policy 11.11 +Explanation: This package is marked as part of the section games, but contains + executables in <code>/bin</code> or <code>/usr/bin/</code>. This can be intentional, + but is usually a mistake. diff --git a/tags/p/package-superseded-by-perl.tag b/tags/p/package-superseded-by-perl.tag new file mode 100644 index 0000000..95d2f58 --- /dev/null +++ b/tags/p/package-superseded-by-perl.tag @@ -0,0 +1,12 @@ +Tag: package-superseded-by-perl +Severity: warning +Check: languages/perl/core/provides +Explanation: This package is provided by one of the Perl core packages + (i.e. <code>perl</code>, <code>perl-base</code>, <code>perl-modules</code>). + The version in the core is at least as new as this one. + . + The package should be upgraded to a newer upstream version or be dropped from + the archive. + . + The Perl installable in Debian <code>Provides</code> this package. There is no + longer a need to modify consuming packages. diff --git a/tags/p/package-uses-debhelper-but-lacks-build-depends.tag b/tags/p/package-uses-debhelper-but-lacks-build-depends.tag new file mode 100644 index 0000000..f3f0656 --- /dev/null +++ b/tags/p/package-uses-debhelper-but-lacks-build-depends.tag @@ -0,0 +1,9 @@ +Tag: package-uses-debhelper-but-lacks-build-depends +Severity: error +Check: debhelper +Explanation: If a package uses debhelper, it must declare a Build-Depends + on debhelper or on the debhelper-compat virtual package. For example: + . + Build-Depends: debhelper (>= 13~) + . + Build-Depends: debhelper-compat (= 13) diff --git a/tags/p/package-uses-deprecated-debhelper-compat-version.tag b/tags/p/package-uses-deprecated-debhelper-compat-version.tag new file mode 100644 index 0000000..9c201e5 --- /dev/null +++ b/tags/p/package-uses-deprecated-debhelper-compat-version.tag @@ -0,0 +1,14 @@ +Tag: package-uses-deprecated-debhelper-compat-version +Severity: warning +Check: debhelper +See-Also: debhelper(7) +Explanation: The debhelper compatibility version used by this package is marked + as deprecated by the debhelper developer. You should really consider + using a newer compatibility version. + . + The compatibility version can be set by specifying + <code>debhelper-compat (= 12)</code> in your package's + <code>Build-Depends</code>, by the legacy <code>debian/compat</code> file or + even by setting and exporting DH_COMPAT in <code>debian/rules</code>. If it + is not set in either place, debhelper defaults to the deprecated + compatibility version 1. diff --git a/tags/p/package-uses-deprecated-dpatch-patch-system.tag b/tags/p/package-uses-deprecated-dpatch-patch-system.tag new file mode 100644 index 0000000..a21814d --- /dev/null +++ b/tags/p/package-uses-deprecated-dpatch-patch-system.tag @@ -0,0 +1,9 @@ +Tag: package-uses-deprecated-dpatch-patch-system +Severity: pedantic +Check: debian/patches/dpatch +Explanation: The dpatch patch system has been deprecated and superseded by the + "3.0 (quilt)" source format. + . + Please migrate the patches in the <code>debian/patches</code> directory and + the <code>00list</code> file to use this source format. +See-Also: dpatch(1), dpkg-source(1) diff --git a/tags/p/package-uses-dh-exec-but-lacks-build-depends.tag b/tags/p/package-uses-dh-exec-but-lacks-build-depends.tag new file mode 100644 index 0000000..260848c --- /dev/null +++ b/tags/p/package-uses-dh-exec-but-lacks-build-depends.tag @@ -0,0 +1,5 @@ +Tag: package-uses-dh-exec-but-lacks-build-depends +Severity: error +Check: debhelper +Explanation: If a package uses dh-exec, it must declare a Build-Depends + on it. diff --git a/tags/p/package-uses-dh-runit-but-lacks-breaks-substvar.tag b/tags/p/package-uses-dh-runit-but-lacks-breaks-substvar.tag new file mode 100644 index 0000000..bcee50c --- /dev/null +++ b/tags/p/package-uses-dh-runit-but-lacks-breaks-substvar.tag @@ -0,0 +1,12 @@ +Tag: package-uses-dh-runit-but-lacks-breaks-substvar +Severity: warning +Check: debhelper +Explanation: This source package appears to use <code>dh_runit(1)</code> but the + specified binary package does not define a <code>Breaks:</code> including + the <code>${runit:Breaks}</code> substitution variable. + . + <code>dh_runit(1)</code> may generate scripts that make assumptions about + the version of <code>runit</code> in use. + . + Please add the corresponding <code>Breaks</code> relation. +See-Also: dh_runit(1) diff --git a/tags/p/package-uses-experimental-debhelper-compat-version.tag b/tags/p/package-uses-experimental-debhelper-compat-version.tag new file mode 100644 index 0000000..b5b3016 --- /dev/null +++ b/tags/p/package-uses-experimental-debhelper-compat-version.tag @@ -0,0 +1,14 @@ +Tag: package-uses-experimental-debhelper-compat-version +Severity: pedantic +Check: debhelper +See-Also: debhelper(7) +Explanation: The debhelper compatibility version used by this package is marked + as experimental by the debhelper developer. You should consider using a + stable compatibility version instead. + . + The compatibility version can be set by specifying + <code>debhelper-compat (= 12)</code> in your package's + <code>Build-Depends</code>, by the legacy <code>debian/compat</code> file or + even by setting and exporting DH_COMPAT in <code>debian/rules</code>. If it + is not set in either place, debhelper defaults to the deprecated + compatibility version 1. diff --git a/tags/p/package-uses-local-diversion.tag b/tags/p/package-uses-local-diversion.tag new file mode 100644 index 0000000..5729a57 --- /dev/null +++ b/tags/p/package-uses-local-diversion.tag @@ -0,0 +1,8 @@ +Tag: package-uses-local-diversion +Severity: error +Check: maintainer-scripts/diversion +Explanation: The named maintainer script calls <code>dpkg-divert</code> with + <code>--local</code> or without <code>--package</code>. Those usages are + reserved for local administrators and must not be used by a Debian package. +See-Also: + debian-policy 3.9 diff --git a/tags/p/package-uses-old-debhelper-compat-version.tag b/tags/p/package-uses-old-debhelper-compat-version.tag new file mode 100644 index 0000000..77db29e --- /dev/null +++ b/tags/p/package-uses-old-debhelper-compat-version.tag @@ -0,0 +1,13 @@ +Tag: package-uses-old-debhelper-compat-version +Severity: pedantic +Check: debhelper +Explanation: This package uses a debhelper compatibility level that is no + longer recommended. Please consider using the recommended level. + . + For most packages, the best way to set the compatibility level is + to specify <code>debhelper-compat (= X)</code> as a <code>Build-Depends</code> + in <code>debian/control</code>. You can also use the <code>debian/compat</code> + file or export DH_COMPAT in <code>debian/rules</code>. + . + If no level is selected debhelper defaults to level 1, which is deprecated. +See-Also: debhelper(7) diff --git a/tags/p/package-uses-vendor-specific-patch-series.tag b/tags/p/package-uses-vendor-specific-patch-series.tag new file mode 100644 index 0000000..0ebf3d3 --- /dev/null +++ b/tags/p/package-uses-vendor-specific-patch-series.tag @@ -0,0 +1,25 @@ +Tag: package-uses-vendor-specific-patch-series +Severity: error +Check: debian/patches/quilt +Explanation: The specified series file for patches is vendor-specific. + . + Source packages may contain vendor (i.e. distribution) specific patches, + but such packages must not be uploaded to the Debian archive if they + are used in conjunction with vendor-specific series files. + . + Vendor specific series files were carefully implemented as a <code>dpkg</code> + feature. Unfortunately, they currently conflict with some workflow goals + in Debian. They are presently disallowed in Debian. + . + The preferred approach for distributions other than Debian is now to + apply such patches programmatically via <code>debian/rules</code>. You can + also create multiple, vendor-specific sources and upload them separately + for each distribution. + . + The decision to prohibit the use of that particular <code>dpkg</code> feature + in Debian was made by the project's technical committee in consideration of + other planned workflow modifications, and may be revisited. + . + You should only see this tag in Debian or other distributions when + targeting an upload for Debian. +See-Also: Bug#904302, Bug#922531, https://lists.debian.org/debian-devel-announce/2018/11/msg00004.html diff --git a/tags/p/patch-file-present-but-not-mentioned-in-series.tag b/tags/p/patch-file-present-but-not-mentioned-in-series.tag new file mode 100644 index 0000000..5bfc582 --- /dev/null +++ b/tags/p/patch-file-present-but-not-mentioned-in-series.tag @@ -0,0 +1,14 @@ +Tag: patch-file-present-but-not-mentioned-in-series +Severity: warning +Check: debian/patches/quilt +Explanation: The specified patch is present under the <code>debian/patches</code> + directory but is not mentioned in any "series" or "00list" file. + . + This may mean that a patch was created with the intention of modifying + the package but is not being applied. + . + Please either add the filename to the series file, or ensure it is + commented-out in a form that Lintian can recognise, for example: + . + 0001_fix-foo.patch + # 0002_fix-bar.patch diff --git a/tags/p/patch-modifying-debian-files.tag b/tags/p/patch-modifying-debian-files.tag new file mode 100644 index 0000000..c4dd4c7 --- /dev/null +++ b/tags/p/patch-modifying-debian-files.tag @@ -0,0 +1,10 @@ +Tag: patch-modifying-debian-files +Severity: error +Check: debian/patches/quilt +Explanation: A patch stored in <code>debian/patches/</code> modifies or creates files + in the <code>debian</code> folder, but that folder is already under the + maintainer's exclusive control. + . + It may be more appropriate to patch or create files in the upstream + directory hierarchy, but often it is easier to place a copy in the + <code>debian</code> folder. diff --git a/tags/p/patch-not-forwarded-upstream.tag b/tags/p/patch-not-forwarded-upstream.tag new file mode 100644 index 0000000..c762bf5 --- /dev/null +++ b/tags/p/patch-not-forwarded-upstream.tag @@ -0,0 +1,15 @@ +Tag: patch-not-forwarded-upstream +Severity: info +Check: debian/patches/dep3 +Renamed-From: send-patch +Explanation: According to the DEP-3 headers, this patch has not been forwarded + upstream. + . + Please forward the patch and try to have it included in upstream's version + control system. If the patch is not suitable for that, please mention + <code>not-needed</code> in the <code>Forwarded</code> field of the patch + header. +See-Also: social contract item 2, + developer-reference 3.1.4, + debian-policy 4.3, + Bug#755153 diff --git a/tags/p/patch-system-but-direct-changes-in-diff.tag b/tags/p/patch-system-but-direct-changes-in-diff.tag new file mode 100644 index 0000000..74a4f15 --- /dev/null +++ b/tags/p/patch-system-but-direct-changes-in-diff.tag @@ -0,0 +1,10 @@ +Tag: patch-system-but-direct-changes-in-diff +Severity: warning +Check: debian/patches +Explanation: The package uses a patch system, but the Debian diff.gz contains + changes to files or creation of additional files outside of the + <code>debian</code> directory. This often indicates accidental changes that + weren't meant to be in the package or changes that were supposed to be + separated out into a patch. The package will also more easily support + possible future source package formats if all changes outside the + <code>debian</code> directory are stored as patches. diff --git a/tags/p/patch-system-but-no-source-readme.tag b/tags/p/patch-system-but-no-source-readme.tag new file mode 100644 index 0000000..60fa334 --- /dev/null +++ b/tags/p/patch-system-but-no-source-readme.tag @@ -0,0 +1,13 @@ +Tag: patch-system-but-no-source-readme +Severity: warning +Check: debian/patches +Explanation: This package build-depends on a patch system such as dpatch or + quilt, but there is no <code>debian/README.source</code> file. This file is + recommended for any package where <code>dpkg-source -x</code> does not result + in the preferred form for making modifications to the package. + . + If you are using quilt and the package needs no other special handling + instructions, you may want to add a <code>debian/README.source</code> + referring to <code>/usr/share/doc/quilt/README.source</code>. Similarly, you + can refer to <code>/usr/share/doc/dpatch/README.source.gz</code> for dpatch. +See-Also: debian-policy 4.14 diff --git a/tags/p/patch-system.tag b/tags/p/patch-system.tag new file mode 100644 index 0000000..c2e905b --- /dev/null +++ b/tags/p/patch-system.tag @@ -0,0 +1,5 @@ +Tag: patch-system +Severity: classification +Check: debian/patches +Explanation: This package uses the specified patch system (eg. "quilt" or + "dpatch"). diff --git a/tags/p/patched-file-without-utf8-name.tag b/tags/p/patched-file-without-utf8-name.tag new file mode 100644 index 0000000..2fff4d9 --- /dev/null +++ b/tags/p/patched-file-without-utf8-name.tag @@ -0,0 +1,12 @@ +Tag: patched-file-without-utf8-name +Severity: error +Check: files/names +See-Also: debian-policy 10.10 +Explanation: The file name in the patched source tree is not valid UTF-8. + The file does not appear in the upstream files. Its appearance is + considered the responsibility of the package maintainer. Please + rename the file. + . + Unlike other file names in Lintian, which are printed in UTF-8, the + attached reference shows the bytes used by the file system. + Unprintable characters may have been replaced. diff --git a/tags/p/pear-channel-without-pkg-php-tools-builddep.tag b/tags/p/pear-channel-without-pkg-php-tools-builddep.tag new file mode 100644 index 0000000..3273e23 --- /dev/null +++ b/tags/p/pear-channel-without-pkg-php-tools-builddep.tag @@ -0,0 +1,8 @@ +Tag: pear-channel-without-pkg-php-tools-builddep +Severity: warning +Check: languages/php/pear +Explanation: The package contains a channel.xml file but doesn't build-depend on + pkg-php-tools. + . + pkg-php-tools is the recommended tool for building PEAR and PECL packages. For + more information, install it and read the included README.PEAR. diff --git a/tags/p/pear-package-but-missing-dependency.tag b/tags/p/pear-package-but-missing-dependency.tag new file mode 100644 index 0000000..fafada5 --- /dev/null +++ b/tags/p/pear-package-but-missing-dependency.tag @@ -0,0 +1,5 @@ +Tag: pear-package-but-missing-dependency +Severity: warning +Check: languages/php/pear +Explanation: The package is a PEAR package but its control file doesn't have + ${phppear:Debian-Depends} in Depends or ${phppear:Debian-Recommends}. diff --git a/tags/p/pear-package-not-using-substvar.tag b/tags/p/pear-package-not-using-substvar.tag new file mode 100644 index 0000000..bc72f47 --- /dev/null +++ b/tags/p/pear-package-not-using-substvar.tag @@ -0,0 +1,9 @@ +Tag: pear-package-not-using-substvar +Severity: info +Check: languages/php/pear +Explanation: The package is a PEAR package but the control file does not use + ${phppear:summary} or ${phppear:description} in its description fields. + . + The substitution variables should be used when the description in the + PEAR package is suitable and respects best packaging practices. +See-Also: https://www.debian.org/doc/manuals/developers-reference/best-pkging-practices.html#bpp-desc-basics diff --git a/tags/p/pear-package-without-pkg-php-tools-builddep.tag b/tags/p/pear-package-without-pkg-php-tools-builddep.tag new file mode 100644 index 0000000..bd8df0c --- /dev/null +++ b/tags/p/pear-package-without-pkg-php-tools-builddep.tag @@ -0,0 +1,8 @@ +Tag: pear-package-without-pkg-php-tools-builddep +Severity: warning +Check: languages/php/pear +Explanation: The package contains a package.xml or package2.xml file but doesn't + build-depend on pkg-php-tools. + . + pkg-php-tools is the recommended tool for building PEAR and PECL packages. For + more information, install it and read the included README.PEAR. diff --git a/tags/p/pecl-package-requires-build-dependency.tag b/tags/p/pecl-package-requires-build-dependency.tag new file mode 100644 index 0000000..40abf2b --- /dev/null +++ b/tags/p/pecl-package-requires-build-dependency.tag @@ -0,0 +1,5 @@ +Tag: pecl-package-requires-build-dependency +Severity: warning +Check: languages/php/pear +Explanation: The package is a PECL package but its control file doesn't have + php-dev or dh-php as a build dependency. diff --git a/tags/p/perl-module-in-core-directory.tag b/tags/p/perl-module-in-core-directory.tag new file mode 100644 index 0000000..13e654f --- /dev/null +++ b/tags/p/perl-module-in-core-directory.tag @@ -0,0 +1,7 @@ +Tag: perl-module-in-core-directory +Severity: error +Check: languages/perl +Explanation: Packaged modules must not be installed into the core perl + directories as those directories change with each upstream perl + revision. The vendor directories are provided for this purpose. +See-Also: perl-policy 3.1 diff --git a/tags/p/perl-module-name-not-mentioned-in-description.tag b/tags/p/perl-module-name-not-mentioned-in-description.tag new file mode 100644 index 0000000..a45fcbd --- /dev/null +++ b/tags/p/perl-module-name-not-mentioned-in-description.tag @@ -0,0 +1,8 @@ +# Imported from pkg-perl-tools (named no-module-name-in-description there) +Tag: perl-module-name-not-mentioned-in-description +Severity: warning +Check: fields/description +Experimental: yes +Explanation: Debian users are likely to look for perl modules by their name, e.g. + Foo::Bar, not by package name (libfoo-bar-perl). To make this easier, the main + module name should be present in the long package description. diff --git a/tags/p/perl-module-uses-perl4-libs-without-dep.tag b/tags/p/perl-module-uses-perl4-libs-without-dep.tag new file mode 100644 index 0000000..0fc630e --- /dev/null +++ b/tags/p/perl-module-uses-perl4-libs-without-dep.tag @@ -0,0 +1,8 @@ +Tag: perl-module-uses-perl4-libs-without-dep +Severity: warning +Check: languages/perl +Explanation: This package includes perl modules using obsoleted perl 4-era + libraries. These libraries have been deprecated in perl in 5.14, and + are likely to be removed from the core in perl 5.16. Please either + remove references to these libraries, or add a dependency on + <code>libperl4-corelibs-perl | perl (<< 5.12.3-7)</code> to this package. diff --git a/tags/p/php-script-but-no-php-cli-dep.tag b/tags/p/php-script-but-no-php-cli-dep.tag new file mode 100644 index 0000000..1b834d2 --- /dev/null +++ b/tags/p/php-script-but-no-php-cli-dep.tag @@ -0,0 +1,10 @@ +Tag: php-script-but-no-php-cli-dep +Severity: error +Check: scripts +Explanation: Packages with PHP scripts must depend on the php-cli package. + Note that a dependency on a php-cgi package (such as php-cgi or php7.0-cgi) + is needlessly strict and forces the user to install a package that isn't + needed. + . + In some cases a weaker relationship, such as Suggests or Recommends, will + be more appropriate. diff --git a/tags/p/php-script-with-unusual-interpreter.tag b/tags/p/php-script-with-unusual-interpreter.tag new file mode 100644 index 0000000..68d4d9b --- /dev/null +++ b/tags/p/php-script-with-unusual-interpreter.tag @@ -0,0 +1,6 @@ +Tag: php-script-with-unusual-interpreter +Severity: warning +Check: scripts +Explanation: This package contains a php script using an unusual interpreter in the + shebang line. The recommended shebang line is either <code>#!/usr/bin/php</code> + or <code>#!/usr/bin/env php</code> without any version number. diff --git a/tags/p/pipe-symbol-used-as-license-disjunction.tag b/tags/p/pipe-symbol-used-as-license-disjunction.tag new file mode 100644 index 0000000..674c6ab --- /dev/null +++ b/tags/p/pipe-symbol-used-as-license-disjunction.tag @@ -0,0 +1,9 @@ +Tag: pipe-symbol-used-as-license-disjunction +Severity: warning +Check: debian/copyright/dep5 +Explanation: A vertical bar &vert (also known as a pipe symbol) does not stand for + a logical OR relationship in <code>debian/copyright</code>. + . + To describe dual licensing, please use the word "or" between license + names. +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ diff --git a/tags/p/pkg-config-bad-directive.tag b/tags/p/pkg-config-bad-directive.tag new file mode 100644 index 0000000..fe7a3b0 --- /dev/null +++ b/tags/p/pkg-config-bad-directive.tag @@ -0,0 +1,7 @@ +Tag: pkg-config-bad-directive +Severity: error +Check: files/pkgconfig +Explanation: The pkg-config file contains a wrong directive. + . + The following file includes a wrong directive. This could lead to + FTBFS or leak private compile flags to another package. diff --git a/tags/p/pkg-config-multi-arch-wrong-dir.tag b/tags/p/pkg-config-multi-arch-wrong-dir.tag new file mode 100644 index 0000000..e41da35 --- /dev/null +++ b/tags/p/pkg-config-multi-arch-wrong-dir.tag @@ -0,0 +1,15 @@ +Tag: pkg-config-multi-arch-wrong-dir +Severity: error +Check: files/pkgconfig +Explanation: The arch all pkg-config file contains a reference to a multi-arch path. + . + This can be usually be fixed by moving this file to a multi-arch path. + . + Another likely cause is using debhelper 9 or newer (thus enabling + multi-arch paths by default) on a package without multi-arch support. + The usual cure in this case is to update it for multi-arch. + . + Last but not least, this file could contain a reference to a cross + architecture (like for instance an x86_64-linux-gnu pkg-config file + referencing an i386-linux-gnu file). In this case the usual cure is to + fix this path. diff --git a/tags/p/pkg-config-unavailable-for-cross-compilation.tag b/tags/p/pkg-config-unavailable-for-cross-compilation.tag new file mode 100644 index 0000000..6e7cd83 --- /dev/null +++ b/tags/p/pkg-config-unavailable-for-cross-compilation.tag @@ -0,0 +1,14 @@ +Tag: pkg-config-unavailable-for-cross-compilation +Severity: warning +Check: files/pkgconfig +Explanation: The specified pkg-config(1) file is installed to + <code>/usr/lib/pkgconfig</code>. As the cross-compilation wrapper of pkg-config + does not search this directory the file is unavailable under + cross-compilation. + . + Please install the file to <code>/usr/lib/${DEB_HOST_MULTIARCH}/pkgconfig</code> + instead. + . + For projects that use GNU Autotools, a simple method is moving to a debhelper + compat level of 9 or higher. In the rare case that this file is architecture + independent it can be installed to <code>/usr/share/pkgconfig</code> instead. diff --git a/tags/p/pkg-js-autopkgtest-file-does-not-exist.tag b/tags/p/pkg-js-autopkgtest-file-does-not-exist.tag new file mode 100644 index 0000000..917d59a --- /dev/null +++ b/tags/p/pkg-js-autopkgtest-file-does-not-exist.tag @@ -0,0 +1,8 @@ +Tag: pkg-js-autopkgtest-file-does-not-exist +Severity: error +Check: languages/javascript/nodejs +Explanation: One of the files referenced the specified file does not exist in sources + and thus <code>pkg-js-autopkgtest</code> will likely fail. + . + Please update the <code>debian/tests/pkg-fs/files</code> file + (see <code>/usr/share/doc/pkg-js-autopkgtest/README.md</code>). diff --git a/tags/p/pkg-js-autopkgtest-test-is-empty.tag b/tags/p/pkg-js-autopkgtest-test-is-empty.tag new file mode 100644 index 0000000..009d354 --- /dev/null +++ b/tags/p/pkg-js-autopkgtest-test-is-empty.tag @@ -0,0 +1,8 @@ +Tag: pkg-js-autopkgtest-test-is-empty +Severity: error +Check: languages/javascript/nodejs +Explanation: The specified file is empty. This will produce erroneous autopkgtest + success reports. + . + Please set a significant test in this file + (see <code>/usr/share/doc/pkg-js-autopkgtest/README.md</code>). diff --git a/tags/p/pkg-js-autopkgtest-test-is-missing.tag b/tags/p/pkg-js-autopkgtest-test-is-missing.tag new file mode 100644 index 0000000..024c4c7 --- /dev/null +++ b/tags/p/pkg-js-autopkgtest-test-is-missing.tag @@ -0,0 +1,11 @@ +Tag: pkg-js-autopkgtest-test-is-missing +Severity: warning +Check: languages/javascript/nodejs +Explanation: The <code>Testsuite:</code> field for this package points to + <code>autopkgtest-pkg-nodejs</code> which attempts to execute + the specified file during autopkgtests. + . + When this file is missing, only a simple <code>node require("<module + name>")</code> is launched. This may be insufficient to really test this + nodejs module + (see <code>/usr/share/doc/pkg-js-autopkgtest/README.md</code>). diff --git a/tags/p/pkg-js-tools-test-is-empty.tag b/tags/p/pkg-js-tools-test-is-empty.tag new file mode 100644 index 0000000..457840f --- /dev/null +++ b/tags/p/pkg-js-tools-test-is-empty.tag @@ -0,0 +1,8 @@ +Tag: pkg-js-tools-test-is-empty +Severity: warning +Check: languages/javascript/nodejs +Explanation: The specified file is empty. This means that no test is played during + build. + . + Please set a significant test in this file + (see <code>/usr/share/doc/pkg-js-tools/README.md.gz</code>). diff --git a/tags/p/pkg-js-tools-test-is-missing.tag b/tags/p/pkg-js-tools-test-is-missing.tag new file mode 100644 index 0000000..2efe4df --- /dev/null +++ b/tags/p/pkg-js-tools-test-is-missing.tag @@ -0,0 +1,13 @@ +Tag: pkg-js-tools-test-is-missing +Severity: warning +Check: languages/javascript/nodejs +Explanation: The <code>debian/rules</code> file for this package uses <code>--with + nodejs</code> which attempts to execute the specified file when running + autopkgtests. + . + When this file is missing, only a simple <code>node require(".")</code> is + launched which may be insufficient to really test this nodejs module. + . + Please specify the upstream testsuite (or a custom one) in + <code>debian/tests/pkg-js/test</code> + (see <code>/usr/share/doc/pkg-js-tools/README.md.gz</code>). diff --git a/tags/p/pkg-not-in-package-test.tag b/tags/p/pkg-not-in-package-test.tag new file mode 100644 index 0000000..7a6e156 --- /dev/null +++ b/tags/p/pkg-not-in-package-test.tag @@ -0,0 +1,17 @@ +Tag: pkg-not-in-package-test +Severity: warning +Check: menu-format +Explanation: The given <code>menu</code> item does not check if the package that + ships the application is installed. + . + Each <code>menu</code> item should begin with a check that the required packages + are installed. At a minimum, the condition should check that the package that + ships the application is installed. + . + Menu items are normally shiiped in the same package that also provides the + application the <code>menu</code> item is for. + . + Sometimes this issue arises the package name was mespelled in the <code>menu</code> + entry, or an entry was copied from another package but not properly adjusted. +See-Also: + menu-manual 3.2 diff --git a/tags/p/pod-conversion-message.tag b/tags/p/pod-conversion-message.tag new file mode 100644 index 0000000..e0075be --- /dev/null +++ b/tags/p/pod-conversion-message.tag @@ -0,0 +1,9 @@ +Tag: pod-conversion-message +Severity: warning +Check: documentation/manual +Renamed-From: manpage-has-errors-from-pod2man +Explanation: A manual page contains a section <code>POD ERRORS</code>. This tag show + the contents. + . + The section was generated by <code>pod2man</code>. It shows any errors that + were found in the <code>POD</code> documentation when the page was generated. diff --git a/tags/p/poor-compression-in-manual-page.tag b/tags/p/poor-compression-in-manual-page.tag new file mode 100644 index 0000000..8a2ec71 --- /dev/null +++ b/tags/p/poor-compression-in-manual-page.tag @@ -0,0 +1,7 @@ +Tag: poor-compression-in-manual-page +Severity: error +Check: documentation/manual +Renamed-From: manpage-not-compressed-with-max-compression +Explanation: Manual pages should be compressed with <code>gzip -9n</code>. It + selects the highest compression available. +See-Also: debian-policy 12.1 diff --git a/tags/p/portable-executable-missing-security-features.tag b/tags/p/portable-executable-missing-security-features.tag new file mode 100644 index 0000000..5e89c1c --- /dev/null +++ b/tags/p/portable-executable-missing-security-features.tag @@ -0,0 +1,40 @@ +Tag: portable-executable-missing-security-features +Severity: pedantic +Check: pe +Experimental: yes +Explanation: A portable executable (PE32+) file lacks security features. + . + Due to changes in <code>binutils-mingw-w64</code> the historical + advice is incorrect. Current tools do not create safe binaries, + and advertising such settings with <code>genpeimg</code> is pointless. + . + In short, the flags alone do nothing unless a binary is built + specifically to support a missing flag. Merely setting the flag, + as recommended below, can actually make a file less secure. + . + More information can be found via the link in the references. + . + The following advice is historical. PLEASE DO NOT FOLLOW IT. + . + The package ships a Microsoft Windows Portable Executable (PE) file + that appears to be lacking security hardening features. You can see + which are missing using the <code>pesec</code> tool from the + <code>pev</code> package. + . + EFI binaries also often trigger this tag. The security flags are + probably meaningless for them, but the flags are easily changed + using the <code>genpeimg</code> tool from the <code>mingw-w64-tools</code> + package. + . + $ genpeimg -d +d -d +n -d +s $file + . + Then, to verify that it worked: + . + $ genpeimg -x $file + ... + Optional Characteristics: + dynamic-base nx-compatible no-SEH + . + Please change the flags, if possible, instead of overriding the tag. + . +See-Also: https://www.kb.cert.org/vuls/id/307144/, Bug#953212 diff --git a/tags/p/possible-bashism-in-maintainer-script.tag b/tags/p/possible-bashism-in-maintainer-script.tag new file mode 100644 index 0000000..e4644b0 --- /dev/null +++ b/tags/p/possible-bashism-in-maintainer-script.tag @@ -0,0 +1,19 @@ +Tag: possible-bashism-in-maintainer-script +Severity: warning +Check: shell/non-posix/bash-centric +Explanation: This script is marked as running under <code>/bin/sh</code>, but it seems + to use a feature found in bash but not in the SUSv3 or POSIX shell + specification. + . + Some examples are: + . + - <code>==</code> in a test, it should use <code>=</code> instead + - <code>read</code> without a variable in the argument + - <code>function</code> to define a function + - <code>source</code> instead of <code>.</code> + - <code>. command args</code>, passing arguments to commands via <code>source</code> is not supported + - <code>{foo,bar}</code> instead of <code>foo bar</code> + - <code>[[ test ]]</code> instead of <code>[ test ]</code> (requires a Korn shell) + - <code>type</code> instead of <code>which</code> or <code>command -v</code> +See-Also: + debian-policy 10.4 diff --git a/tags/p/possible-debconf-note-abuse.tag b/tags/p/possible-debconf-note-abuse.tag new file mode 100644 index 0000000..4064d49 --- /dev/null +++ b/tags/p/possible-debconf-note-abuse.tag @@ -0,0 +1,18 @@ +Tag: possible-debconf-note-abuse +Severity: warning +Check: debian/debconf +Explanation: Debconf notes should be used only for important notes that the + user really should see, since debconf will go to great pains to make + sure the user sees it. + . + Displaying a note with a low priority is conflicting with this statement, + since using a low or medium priority shows that the note is not + important. + . + The right fix is NOT to increase the priority of the note, but to move + it somewhere else in the inline documentation, for example in a + README.Debian file for notes about package usability or NEWS.Debian for + changes in the package behavior, or to simply drop it if it is not + needed (e.g. "welcome" notes). Changing the templates type to "error" + can also be appropriate, such as for input validation errors. +See-Also: debian-policy 3.9.1 diff --git a/tags/p/possible-documentation-but-no-doc-base-registration.tag b/tags/p/possible-documentation-but-no-doc-base-registration.tag new file mode 100644 index 0000000..ec6eaa3 --- /dev/null +++ b/tags/p/possible-documentation-but-no-doc-base-registration.tag @@ -0,0 +1,10 @@ +Tag: possible-documentation-but-no-doc-base-registration +Severity: info +Check: menus +Explanation: The package ships a <code>.html</code> or <code>.pdf</code> file under + <code>/usr/share/doc/</code>. Those files are usually documentation, but no files + are registered in <code>doc-base</code>. + . + Files in folders named <code>examples</code> are exempt from this tag. +See-Also: + debian-policy 9.10 diff --git a/tags/p/possible-gpl-code-linked-with-openssl.tag b/tags/p/possible-gpl-code-linked-with-openssl.tag new file mode 100644 index 0000000..bb007d5 --- /dev/null +++ b/tags/p/possible-gpl-code-linked-with-openssl.tag @@ -0,0 +1,17 @@ +Tag: possible-gpl-code-linked-with-openssl +Severity: classification +Check: debian/copyright +Explanation: This package appears to be covered by the GNU GPL but depends on + the OpenSSL libssl package and does not mention a license exemption or + exception for OpenSSL in its copyright file. The GPL (including version + 3) is incompatible with some terms of the OpenSSL license, and therefore + Debian does not allow GPL-licensed code linked with OpenSSL libraries + unless there is a license exception explicitly permitting this. + . + If only the Debian packaging, or some other part of the package not + linked with OpenSSL, is covered by the GNU GPL, please add a Lintian + override for this tag. Lintian currently has no good way of + distinguishing between that case and problematic packages. +See-Also: + Bug#972181, + http://meetbot.debian.net/debian-ftp/2020/debian-ftp.2020-03-13-20.02.html diff --git a/tags/p/possible-missing-colon-in-closes.tag b/tags/p/possible-missing-colon-in-closes.tag new file mode 100644 index 0000000..0844483 --- /dev/null +++ b/tags/p/possible-missing-colon-in-closes.tag @@ -0,0 +1,7 @@ +Tag: possible-missing-colon-in-closes +Severity: error +Check: debian/changelog +Explanation: To close a bug in the Debian changelog, the word "closes" must be + followed by a colon. This entry looked like it was intended to close a + bug, but there's no colon after "closes". +See-Also: debian-policy 4.4 diff --git a/tags/p/possible-new-upstream-release-without-new-version.tag b/tags/p/possible-new-upstream-release-without-new-version.tag new file mode 100644 index 0000000..f50501d --- /dev/null +++ b/tags/p/possible-new-upstream-release-without-new-version.tag @@ -0,0 +1,9 @@ +Tag: possible-new-upstream-release-without-new-version +Severity: warning +Check: debian/changelog +Explanation: The most recent changelog entry contains an entry that appears to + say this is a new upstream release (a comment similar to "new upstream + release," possibly with a word between "upstream" and "release"), but the + upstream portion of the package version number didn't change. This may + indicate that the package version was not updated properly in + <code>debian/changelog</code>. diff --git a/tags/p/possible-unindented-list-in-extended-description.tag b/tags/p/possible-unindented-list-in-extended-description.tag new file mode 100644 index 0000000..fcefea3 --- /dev/null +++ b/tags/p/possible-unindented-list-in-extended-description.tag @@ -0,0 +1,8 @@ +Tag: possible-unindented-list-in-extended-description +Severity: warning +Check: fields/description +Explanation: The package "Description:" contains an unindented line which + starts with a dash (-) or asterisk (*). If this was meant to be a + list of items these lines need to be indented (dselect would + word-wrap these lines otherwise). +See-Also: debian-policy 5.6.13 diff --git a/tags/p/possibly-insecure-handling-of-tmp-files-in-maintainer-script.tag b/tags/p/possibly-insecure-handling-of-tmp-files-in-maintainer-script.tag new file mode 100644 index 0000000..17a7fb7 --- /dev/null +++ b/tags/p/possibly-insecure-handling-of-tmp-files-in-maintainer-script.tag @@ -0,0 +1,12 @@ +Tag: possibly-insecure-handling-of-tmp-files-in-maintainer-script +Severity: warning +Check: maintainer-scripts/temporary-files +Explanation: The named maintainer script appears to access a file or a directory in + <code>/tmp</code> or a similar folder for temporary data. Working directly in such + folders, which are usually world-writable, can easily lead to serious security or + privacy bugs. + . + Please consider using the <code>mktemp</code> utility from the <code>coreutils</code> + package when creating temporary files or directories. +See-Also: + debian-policy 10.4 diff --git a/tags/p/postinst-does-not-call-updatemenus.tag b/tags/p/postinst-does-not-call-updatemenus.tag new file mode 100644 index 0000000..b8cb401 --- /dev/null +++ b/tags/p/postinst-does-not-call-updatemenus.tag @@ -0,0 +1,15 @@ +Tag: postinst-does-not-call-updatemenus +Severity: error +Check: menus +Explanation: The package installs a file into <code>/etc/menu-methods</code>, + <code>/usr/share/menu</code>, or <code>/usr/lib/menu</code>, but does not + call the <code>update-menus</code> command in the <code>postinst</code> + maintainer script. + . + For example, you ca use the following code in your maintainer script: + . + if which update-menus > /dev/null; then + update-menus + fi +See-Also: + menu-manual 4.2 diff --git a/tags/p/postinst-does-not-load-confmodule.tag b/tags/p/postinst-does-not-load-confmodule.tag new file mode 100644 index 0000000..bf09480 --- /dev/null +++ b/tags/p/postinst-does-not-load-confmodule.tag @@ -0,0 +1,6 @@ +Tag: postinst-does-not-load-confmodule +Severity: warning +Check: debian/debconf +Explanation: Even if your postinst does not involve debconf, you currently need to + make sure it loads one of the debconf libraries. This will be changed in + the future. diff --git a/tags/p/postinst-has-useless-call-to-install-docs.tag b/tags/p/postinst-has-useless-call-to-install-docs.tag new file mode 100644 index 0000000..3f8f5e0 --- /dev/null +++ b/tags/p/postinst-has-useless-call-to-install-docs.tag @@ -0,0 +1,9 @@ +Tag: postinst-has-useless-call-to-install-docs +Severity: warning +Check: menus +Explanation: It is no longer necessary to call <code>install-docs</code> + in <code>postinst</code>. The processing of <code>doc-base</code> files is + now handled by triggers. + . + If the <code>install-docs</code> call was added by Debhelper, the issue can + be fixed by rebuilding the package with Debhelper version 7.2.3 or later. diff --git a/tags/p/postinst-has-useless-call-to-update-menus.tag b/tags/p/postinst-has-useless-call-to-update-menus.tag new file mode 100644 index 0000000..217b5f5 --- /dev/null +++ b/tags/p/postinst-has-useless-call-to-update-menus.tag @@ -0,0 +1,7 @@ +Tag: postinst-has-useless-call-to-update-menus +Severity: warning +Check: menus +Explanation: The <code>postinst</code> maintainer script calls the + <code>update-menus</code> program, but no files are being installed into + <code>/etc/menu-methods</code>, <code>/usr/share/menu</code>, + or <code>/usr/lib/menu</code>. diff --git a/tags/p/postinst-uses-db-input.tag b/tags/p/postinst-uses-db-input.tag new file mode 100644 index 0000000..7dbf579 --- /dev/null +++ b/tags/p/postinst-uses-db-input.tag @@ -0,0 +1,7 @@ +Tag: postinst-uses-db-input +Severity: warning +Check: debian/debconf +Explanation: It is generally not a good idea for postinst scripts to use debconf + commands like <code>db_input</code>. Typically, they should restrict themselves + to <code>db_get</code> to request previously acquired information, and have the + config script do the actual prompting. diff --git a/tags/p/postrm-calls-installdocs.tag b/tags/p/postrm-calls-installdocs.tag new file mode 100644 index 0000000..851c400 --- /dev/null +++ b/tags/p/postrm-calls-installdocs.tag @@ -0,0 +1,7 @@ +Tag: postrm-calls-installdocs +Severity: error +Check: menus +Explanation: The <code>postrm</code> maintainer script calls the + <code>install-docs</code> command. + . + The command is usually called from the <code>prerm</code> script. diff --git a/tags/p/postrm-contains-additional-updaterc.d-calls.tag b/tags/p/postrm-contains-additional-updaterc.d-calls.tag new file mode 100644 index 0000000..0537585 --- /dev/null +++ b/tags/p/postrm-contains-additional-updaterc.d-calls.tag @@ -0,0 +1,5 @@ +Tag: postrm-contains-additional-updaterc.d-calls +Severity: error +Check: init-d +Explanation: The <code>postrm</code> de-registers an <code>/etc/init.d</code> script which + has not been registered in the <code>postinst</code> script before. diff --git a/tags/p/postrm-does-not-call-updatemenus.tag b/tags/p/postrm-does-not-call-updatemenus.tag new file mode 100644 index 0000000..655743e --- /dev/null +++ b/tags/p/postrm-does-not-call-updatemenus.tag @@ -0,0 +1,15 @@ +Tag: postrm-does-not-call-updatemenus +Severity: error +Check: menus +Explanation: The package installs a file in <code>/etc/menu-methods</code>, + <code>/usr/share/menu</code>, or <code>/usr/lib/menu</code>, but does not + call the <code>update-menus</code> command in the <code>postrm</code> + script. + . + For example, you use the following code in your maintainer script: + . + if which update-menus > /dev/null; then + update-menus + fi +See-Also: + menu-manual 4.2 diff --git a/tags/p/postrm-does-not-call-updaterc.d-for-init.d-script.tag b/tags/p/postrm-does-not-call-updaterc.d-for-init.d-script.tag new file mode 100644 index 0000000..cde1b39 --- /dev/null +++ b/tags/p/postrm-does-not-call-updaterc.d-for-init.d-script.tag @@ -0,0 +1,7 @@ +Tag: postrm-does-not-call-updaterc.d-for-init.d-script +Severity: error +Check: init-d +Explanation: An <code>/etc/init.d</code> script which has been registered in the + <code>postinst</code> script is not de-registered in the + <code>postrm</code> script. +See-Also: debian-policy 9.3.3.1 diff --git a/tags/p/postrm-does-not-purge-debconf.tag b/tags/p/postrm-does-not-purge-debconf.tag new file mode 100644 index 0000000..c9eeb9b --- /dev/null +++ b/tags/p/postrm-does-not-purge-debconf.tag @@ -0,0 +1,6 @@ +Tag: postrm-does-not-purge-debconf +Severity: warning +Check: debian/debconf +Explanation: Packages using debconf should call <code>db_purge</code> or its equivalent + in their postrm. If the package uses debhelper, dh_installdebconf(1) should + take care of this. diff --git a/tags/p/postrm-has-useless-call-to-update-menus.tag b/tags/p/postrm-has-useless-call-to-update-menus.tag new file mode 100644 index 0000000..b89dcaa --- /dev/null +++ b/tags/p/postrm-has-useless-call-to-update-menus.tag @@ -0,0 +1,7 @@ +Tag: postrm-has-useless-call-to-update-menus +Severity: warning +Check: menus +Explanation: The <code>postrm</code> maintainer script calls the + <code>update-menus</code> command, but no files are being + installed into <code>/etc/menu-methods</code>, + <code>/usr/share/menu</code>, or <code>/usr/lib/menu</code>. diff --git a/tags/p/postrm-removes-alternative.tag b/tags/p/postrm-removes-alternative.tag new file mode 100644 index 0000000..4f2c5db --- /dev/null +++ b/tags/p/postrm-removes-alternative.tag @@ -0,0 +1,25 @@ +Tag: postrm-removes-alternative +Severity: warning +Check: scripts +Renamed-From: + maintainer-script-should-not-use-update-alternatives-remove +Explanation: <code>update-alternatives --remove <alternative> foo</code> is + called in the <code>postrm</code> maintainer script. + . + Instead, <code>update-alternatives --remove</code> should be called in + <code>prerm</code>. + . + Th present command will not work as intended. When <code>postrm</code> runs, + <code>foo</code> was already deleted. <code>update-alternatives</code> will + then ignore the program while constructing the list of available alternatives. + . + If the symbolic link in <code>/etc/alternatives</code> then still points at + <code>foo</code>, <code>update-alternatives</code> will not recognize it. It + will then mark the link as site-specific. + . + Going forward, the symbolic link will no longer be updated automatically. It will be + left dangling until <code>update-alternatives --auto <alternative></code> + is run by hand. +See-Also: + debian-policy appendix-6, + update-alternatives(8) diff --git a/tags/p/prefer-uscan-symlink.tag b/tags/p/prefer-uscan-symlink.tag new file mode 100644 index 0000000..ca55a21 --- /dev/null +++ b/tags/p/prefer-uscan-symlink.tag @@ -0,0 +1,13 @@ +Tag: prefer-uscan-symlink +Severity: pedantic +Experimental: yes +Check: debian/watch +Explanation: Please consider setting <code>USCAN_SYMLINK=rename</code> in your + <code>~/.devscripts</code> configuration file instead of using the option + <code>filenamemangle</code> in <code>debian/watch</code>. + . + Please check with your team before making changes to sources you maintain + together. There are circumstances when the <code>filenamemangle</code> option + is better. +See-Also: + uscan(1) diff --git a/tags/p/preinst-calls-installdocs.tag b/tags/p/preinst-calls-installdocs.tag new file mode 100644 index 0000000..cbf9a68 --- /dev/null +++ b/tags/p/preinst-calls-installdocs.tag @@ -0,0 +1,8 @@ +Tag: preinst-calls-installdocs +Severity: error +Check: menus +Explanation: The <code>preinst</code> maintainer script calls the + <code>install-docs</code> command. + . + That command is usually called from the <code>postinst</code> maintainer + script. diff --git a/tags/p/preinst-calls-updatemenus.tag b/tags/p/preinst-calls-updatemenus.tag new file mode 100644 index 0000000..75b8a28 --- /dev/null +++ b/tags/p/preinst-calls-updatemenus.tag @@ -0,0 +1,7 @@ +Tag: preinst-calls-updatemenus +Severity: error +Check: menus +Explanation: The <code>preinst</code> maintainer script calls the + <code>update-menus</code> command. + . + The command is usually called in the <code>postinst</code> script. diff --git a/tags/p/preinst-calls-updaterc.d.tag b/tags/p/preinst-calls-updaterc.d.tag new file mode 100644 index 0000000..4a4d7a3 --- /dev/null +++ b/tags/p/preinst-calls-updaterc.d.tag @@ -0,0 +1,6 @@ +Tag: preinst-calls-updaterc.d +Severity: error +Check: init-d +Explanation: The <code>preinst</code> package calls <code>update-rc.d</code>. Instead, + you should call it in the <code>postinst</code> script. +See-Also: debian-policy 9.3.3.1 diff --git a/tags/p/prerm-calls-updatemenus.tag b/tags/p/prerm-calls-updatemenus.tag new file mode 100644 index 0000000..6be5a33 --- /dev/null +++ b/tags/p/prerm-calls-updatemenus.tag @@ -0,0 +1,8 @@ +Tag: prerm-calls-updatemenus +Severity: error +Check: menus +Explanation: The <code>prerm</code> maintainer script calls the + <code>update-menus</code> command. + . + Usually, this command should be called from the <code>postrm</code> + maintainer script. diff --git a/tags/p/prerm-calls-updaterc.d.tag b/tags/p/prerm-calls-updaterc.d.tag new file mode 100644 index 0000000..acd432e --- /dev/null +++ b/tags/p/prerm-calls-updaterc.d.tag @@ -0,0 +1,6 @@ +Tag: prerm-calls-updaterc.d +Severity: error +Check: init-d +Explanation: The <code>prerm</code> package calls <code>update-rc.d</code>. Instead, + you should call it in the <code>postrm</code> script. +See-Also: debian-policy 9.3.3.1 diff --git a/tags/p/prerm-has-useless-call-to-install-docs.tag b/tags/p/prerm-has-useless-call-to-install-docs.tag new file mode 100644 index 0000000..753759e --- /dev/null +++ b/tags/p/prerm-has-useless-call-to-install-docs.tag @@ -0,0 +1,10 @@ +Tag: prerm-has-useless-call-to-install-docs +Severity: warning +Check: menus +Explanation: It is no longer necessary to call <code>install-docs</code> in + the <code>prerm</code> maintainer script. The processing of + <code>doc-base</code> files is now handled by triggers. + . + If the <code>install-docs</code> call was added by Debhelper, the issue + can be fixed by rebuilding the package with Debhelper version 7.2.3 or + later. diff --git a/tags/p/priority-extra-is-replaced-by-priority-optional.tag b/tags/p/priority-extra-is-replaced-by-priority-optional.tag new file mode 100644 index 0000000..798444a --- /dev/null +++ b/tags/p/priority-extra-is-replaced-by-priority-optional.tag @@ -0,0 +1,9 @@ +Tag: priority-extra-is-replaced-by-priority-optional +Severity: warning +Check: fields/priority +Explanation: Since Debian Policy version 4.0.1, the priority <code>extra</code> + has been deprecated. + . + Please update <code>debian/control</code> and replace all instances of + <code>Priority: extra</code> with <code>Priority: optional</code>. +See-Also: debian-policy 2.5 diff --git a/tags/p/privacy-breach-donation.tag b/tags/p/privacy-breach-donation.tag new file mode 100644 index 0000000..1a22725 --- /dev/null +++ b/tags/p/privacy-breach-donation.tag @@ -0,0 +1,16 @@ +Tag: privacy-breach-donation +Severity: error +Check: files/privacy-breach +See-Also: https://wiki.debian.org/UpstreamMetadata +Explanation: This package create a potential privacy breach by fetching data + from a donation website at runtime. + . + Please remove this privacy problem and add a note to the + debian/upstream/metadata file using the donation field. + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-facebook.tag b/tags/p/privacy-breach-facebook.tag new file mode 100644 index 0000000..b6ec556 --- /dev/null +++ b/tags/p/privacy-breach-facebook.tag @@ -0,0 +1,12 @@ +Tag: privacy-breach-facebook +Severity: error +Check: files/privacy-breach +Explanation: This package creates a privacy breach by exchanging data with + Facebook at runtime via plugins such as "Share" or "Like" buttons. + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-generic.tag b/tags/p/privacy-breach-generic.tag new file mode 100644 index 0000000..2fb425a --- /dev/null +++ b/tags/p/privacy-breach-generic.tag @@ -0,0 +1,13 @@ +Tag: privacy-breach-generic +Severity: warning +Check: files/privacy-breach +Explanation: This package creates a potential privacy breach by fetching data + from an external website at runtime. Please remove these scripts or + external HTML resources. + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-google-adsense.tag b/tags/p/privacy-breach-google-adsense.tag new file mode 100644 index 0000000..c65c6cc --- /dev/null +++ b/tags/p/privacy-breach-google-adsense.tag @@ -0,0 +1,21 @@ +Tag: privacy-breach-google-adsense +Severity: error +Check: files/privacy-breach +Explanation: This package creates a privacy breach by using Google AdSense. + Google AdSense is a service run by Google that allows publishers + of websites to automatically serve advertisements. Unfortunately, it + requires tracking and breaching the privacy of web users. + . + This tag can also indicate the use of the related obsolete privacy + breaching software, Urchin WebAnalytics. + . + Note that using Google AdSense in a local copy of a page is a violation of + the Google AdSense terms of use. This violation renders this package not + distributable in Debian, and is thus a serious bug. + . + Please replace any scripts, images or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-google-cse.tag b/tags/p/privacy-breach-google-cse.tag new file mode 100644 index 0000000..afa833d --- /dev/null +++ b/tags/p/privacy-breach-google-cse.tag @@ -0,0 +1,13 @@ +Tag: privacy-breach-google-cse +Severity: error +Check: files/privacy-breach +Explanation: This package creates a potential privacy breach by fetching + data from Google at runtime, and may feed private data to Google via + Custom Search Engine queries. + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-google-plus.tag b/tags/p/privacy-breach-google-plus.tag new file mode 100644 index 0000000..34e8989 --- /dev/null +++ b/tags/p/privacy-breach-google-plus.tag @@ -0,0 +1,13 @@ +Tag: privacy-breach-google-plus +Severity: error +Check: files/privacy-breach +Explanation: This package creates a potential privacy breach by + exchanging data with Google+ at runtime via plugins such + as "+1" buttons. + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-logo.tag b/tags/p/privacy-breach-logo.tag new file mode 100644 index 0000000..348c3b6 --- /dev/null +++ b/tags/p/privacy-breach-logo.tag @@ -0,0 +1,17 @@ +Tag: privacy-breach-logo +Severity: error +Check: files/privacy-breach +Explanation: This package creates a potential privacy breach by fetching a + logo at runtime. + . + Before using a local copy you should check that the logo is suitable + for main. You can get help with determining this by posting a link to + the logo and a copy of, or a link to, the logo copyright and license + information to the debian-legal mailing list. + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-piwik.tag b/tags/p/privacy-breach-piwik.tag new file mode 100644 index 0000000..ce42df1 --- /dev/null +++ b/tags/p/privacy-breach-piwik.tag @@ -0,0 +1,19 @@ +Tag: privacy-breach-piwik +Severity: error +Check: files/privacy-breach +Explanation: This package creates a privacy breach by using an online + Piwik module. + . + Piwik is a free and open source web analytics application, designed to + allow publishers of websites to track visitors. + . + Even though Piwik is free and respects the "Do Not Track" browser + option, it is nevertheless breaches the privacy of local users + by fetching data from internet. + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-statistics-website.tag b/tags/p/privacy-breach-statistics-website.tag new file mode 100644 index 0000000..f2597bd --- /dev/null +++ b/tags/p/privacy-breach-statistics-website.tag @@ -0,0 +1,25 @@ +Tag: privacy-breach-statistics-website +Severity: error +Check: files/privacy-breach +Explanation: This package creates a privacy breach by fetching data from + an external website in order to compile visitor statistics. + . + Please ask upstream to use the free software web analytics engine + Piwik, which respects the "Do Not Track" browser option. + . + This tag covers the following websites: + . + - cruel-carlota.pagodabox.com + - linkexchange.com (defunct) + - nedstatbasic.net + - onestat.com + - statcounter.com + - sitemeter.com + - webstats.motigo.com + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-twitter.tag b/tags/p/privacy-breach-twitter.tag new file mode 100644 index 0000000..7eff11e --- /dev/null +++ b/tags/p/privacy-breach-twitter.tag @@ -0,0 +1,12 @@ +Tag: privacy-breach-twitter +Severity: error +Check: files/privacy-breach +Explanation: This package creates a potential privacy breach by + exchanging data with Twitter at runtime via plugins. + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-uses-embedded-file.tag b/tags/p/privacy-breach-uses-embedded-file.tag new file mode 100644 index 0000000..3e0e021 --- /dev/null +++ b/tags/p/privacy-breach-uses-embedded-file.tag @@ -0,0 +1,11 @@ +Tag: privacy-breach-uses-embedded-file +Severity: error +Check: files/privacy-breach +Explanation: This package creates a potential privacy breach by fetching data + from an external website at runtime. Please remove these scripts or + external HTML resources. + . + Instead you can use the Debian package indicated in the context if it + is compatible. +Renamed-From: + privacy-breach-may-use-debian-package diff --git a/tags/p/privacy-breach-w3c-valid-html.tag b/tags/p/privacy-breach-w3c-valid-html.tag new file mode 100644 index 0000000..e16d083 --- /dev/null +++ b/tags/p/privacy-breach-w3c-valid-html.tag @@ -0,0 +1,15 @@ +Tag: privacy-breach-w3c-valid-html +Severity: error +Check: files/privacy-breach +See-Also: http://validator.w3.org/docs/help.html#icon, + http://www.w3.org/Consortium/Legal/logo-usage-20000308 +Explanation: This package creates a potential privacy breach by fetching W3C + validation icons. + . + These badges may be displayed to tell readers that care has been + taken to make a page compliant with W3C standards. Unfortunately, + downloading the image from www.w3.org might expose the reader's IP + address to potential tracking. + . + Note that these icons are non-free and must not be copied into the + package. You could safely delete this W3C validation badge. diff --git a/tags/p/program-not-linked-against-libc.tag b/tags/p/program-not-linked-against-libc.tag new file mode 100644 index 0000000..2ee582e --- /dev/null +++ b/tags/p/program-not-linked-against-libc.tag @@ -0,0 +1,11 @@ +Tag: program-not-linked-against-libc +Severity: error +Check: binaries/prerequisites +Explanation: The package installs a binary which is not dynamically linked + against libc. + . + It is theoretically possible to have a program which doesn't use any + symbols from libc, but it is far more likely that this binary simply + isn't linked correctly. +See-Also: + Bug#698720 diff --git a/tags/p/public-upstream-key-in-native-package.tag b/tags/p/public-upstream-key-in-native-package.tag new file mode 100644 index 0000000..1cff49a --- /dev/null +++ b/tags/p/public-upstream-key-in-native-package.tag @@ -0,0 +1,8 @@ +Tag: public-upstream-key-in-native-package +Severity: info +Check: debian/upstream/signing-key +See-Also: uscan(1) +Explanation: The source package contains a public upstream signing key even + though there is no upstream as the package is native. + . + Please remove the key. diff --git a/tags/p/public-upstream-key-not-minimal.tag b/tags/p/public-upstream-key-not-minimal.tag new file mode 100644 index 0000000..3aa6c8f --- /dev/null +++ b/tags/p/public-upstream-key-not-minimal.tag @@ -0,0 +1,13 @@ +Tag: public-upstream-key-not-minimal +Severity: info +Check: debian/upstream/signing-key +See-Also: uscan(1) +Explanation: The package contains a public upstream signing key with extra + signatures. The signatures are unnecessary and take up space in + the archive. + . + Please export the upstream key again with the command: + . + $ gpg --armor --export --export-options export-minimal,export-clean + . + and use that key instead of the key currently in the source package. diff --git a/tags/p/public-upstream-key-unusable.tag b/tags/p/public-upstream-key-unusable.tag new file mode 100644 index 0000000..ec78188 --- /dev/null +++ b/tags/p/public-upstream-key-unusable.tag @@ -0,0 +1,8 @@ +Tag: public-upstream-key-unusable +Severity: info +Check: debian/upstream/signing-key +See-Also: uscan(1) +Explanation: The source package contains a public upstream signing key that + contains bogus, unexpected or unsuitable data. + . + Please obtain the correct key from upstream. diff --git a/tags/p/public-upstream-keys-in-multiple-locations.tag b/tags/p/public-upstream-keys-in-multiple-locations.tag new file mode 100644 index 0000000..522d81f --- /dev/null +++ b/tags/p/public-upstream-keys-in-multiple-locations.tag @@ -0,0 +1,11 @@ +Tag: public-upstream-keys-in-multiple-locations +Severity: info +Check: debian/upstream/signing-key +See-Also: uscan(1) +Explanation: The source package contains public upstream signing keys + (or keyrings) in multiple locations. This situation is potentially + confusing for uscan(1) or any other tool hoping to verify the + integrity and authenticity of upstream sources. + . + Please remove all keys (or keyrings) except one at the recommended + location <code>debian/upstream/signing-key.asc</code>. diff --git a/tags/p/pypi-homepage.tag b/tags/p/pypi-homepage.tag new file mode 100644 index 0000000..10dd1b4 --- /dev/null +++ b/tags/p/pypi-homepage.tag @@ -0,0 +1,14 @@ +Tag: pypi-homepage +Severity: warning +Check: languages/python/homepage +Explanation: The <code>Homepage</code> field in this package's + control file refers to the Python Package Index (PyPI), and + not to the true upstream. + . + Debian packages should point at the upstream's homepage, but + PyPI is just another packaging system. You may be able to + find the correct information in the <code>Homepage</code> link + on the corresponding PyPI web page (under the "Project details" + tab). +See-Also: + Bug#981932 diff --git a/tags/p/python-debug-in-wrong-location.tag b/tags/p/python-debug-in-wrong-location.tag new file mode 100644 index 0000000..593a9d0 --- /dev/null +++ b/tags/p/python-debug-in-wrong-location.tag @@ -0,0 +1,9 @@ +Tag: python-debug-in-wrong-location +Severity: warning +Check: languages/python +See-Also: Bug#576014 +Explanation: The package appears to be installing debug modules in + /usr/lib/debug/usr/lib/pyshared/pythonX.Y/. However, gdb(1) + will not look for it there, making it less useful. The file + should be installed in /usr/lib/debug/usr/lib/pymodules/pythonX.Y/ + instead. diff --git a/tags/p/python-depends-but-no-python-helper.tag b/tags/p/python-depends-but-no-python-helper.tag new file mode 100644 index 0000000..85cc050 --- /dev/null +++ b/tags/p/python-depends-but-no-python-helper.tag @@ -0,0 +1,10 @@ +Tag: python-depends-but-no-python-helper +Severity: error +Check: debhelper +Explanation: The source package declares a dependency on <code>${python:Depends}</code> + in the given binary package's <code>debian/control</code> entry. However, + <code>debian/rules</code> doesn't call any helper that would generate this + substitution variable. + . + The source package probably needs a call to <code>dh_python2</code> (possibly via the + Python2 debhelper add-on) in the <code>debian/rules</code> file. diff --git a/tags/p/python-foo-but-no-python3-foo.tag b/tags/p/python-foo-but-no-python3-foo.tag new file mode 100644 index 0000000..3f982ca --- /dev/null +++ b/tags/p/python-foo-but-no-python3-foo.tag @@ -0,0 +1,16 @@ +Tag: python-foo-but-no-python3-foo +Severity: warning +Check: languages/python +Explanation: This source package appears to generate the specified Python 2 package + without creating a variant for Python 3. + . + The 2.x series of Python is due for deprecation and will not be maintained + by upstream past 2020 and will likely be dropped after the release of + Debian "buster". + . + If upstream have not moved or have no intention to move to Python 3, please + be certain that Debian would benefit from the continued inclusion of this + package and, if not, consider removing it. + . + Alternatively, ensure that the corresponding package specifies the + <code>${python3:Depends}</code> substvar in its binary dependencies. diff --git a/tags/p/python-module-has-overly-generic-name.tag b/tags/p/python-module-has-overly-generic-name.tag new file mode 100644 index 0000000..0123955 --- /dev/null +++ b/tags/p/python-module-has-overly-generic-name.tag @@ -0,0 +1,8 @@ +Tag: python-module-has-overly-generic-name +Severity: error +Check: languages/python +Explanation: This package installs a Python module with an overly generic name to + a global namespace. + . + This was either a mistake and/or likely to cause conflicts with other + packages. diff --git a/tags/p/python-module-in-wrong-location.tag b/tags/p/python-module-in-wrong-location.tag new file mode 100644 index 0000000..e8fd426 --- /dev/null +++ b/tags/p/python-module-in-wrong-location.tag @@ -0,0 +1,8 @@ +Tag: python-module-in-wrong-location +Severity: warning +Check: languages/python +See-Also: python-policy 2.5, Bug#576012 +Explanation: The package installs a Python module or debug information for a Python + module in the wrong location for the given version of Python. + . + dh_python3 can be used to fix this for Python 3 modules. diff --git a/tags/p/python-package-depends-on-package-from-other-python-variant.tag b/tags/p/python-package-depends-on-package-from-other-python-variant.tag new file mode 100644 index 0000000..9513846 --- /dev/null +++ b/tags/p/python-package-depends-on-package-from-other-python-variant.tag @@ -0,0 +1,10 @@ +Tag: python-package-depends-on-package-from-other-python-variant +Severity: warning +Check: languages/python +Explanation: Either the specified Python 3.x package declares a dependency on a + Python 2.x package, or the specified Python 2.x package depends on a Python + 3.x package. + . + This is likely a typo in <code>debian/control</code> or due to misconfigured + calls to, for example, <code>dh_installdocs --link-doc=PKG</code>. +See-Also: Bug#884692 diff --git a/tags/p/python-package-missing-depends-on-python.tag b/tags/p/python-package-missing-depends-on-python.tag new file mode 100644 index 0000000..524f182 --- /dev/null +++ b/tags/p/python-package-missing-depends-on-python.tag @@ -0,0 +1,8 @@ +Tag: python-package-missing-depends-on-python +Severity: error +Check: languages/python +Explanation: The specified Python package ships Python modules under + <code>/usr/lib</code> but does not specify any dependency on Python. + . + This is likely an omission, the result of a typo in + <code>debian/control</code> or the file should not be installed. diff --git a/tags/p/python-traceback-in-manpage.tag b/tags/p/python-traceback-in-manpage.tag new file mode 100644 index 0000000..a8e762d --- /dev/null +++ b/tags/p/python-traceback-in-manpage.tag @@ -0,0 +1,15 @@ +Tag: python-traceback-in-manpage +Severity: error +Check: documentation/manual +Explanation: The specified manual page contains a Python traceback. + . + This was probably caused by a call to <code>help2man</code> failing to + correctly execute, likely due to an missing or incorrect + <code>PYTHONPATH</code> environment variable. + . + Note that calls to generate manpages from binaries may succeed if the package + being built is already installed in the build environment as might locate + potentially old copy of the program under <code>/usr/lib/python3</code>. This + is fairly common on maintainers' machines, for example. However, in + environments where the package is not installed (such as most buildds), + generating the manpage may fail and inject a traceback into the manual page. diff --git a/tags/p/python-version-current-is-deprecated.tag b/tags/p/python-version-current-is-deprecated.tag new file mode 100644 index 0000000..de684b5 --- /dev/null +++ b/tags/p/python-version-current-is-deprecated.tag @@ -0,0 +1,6 @@ +Tag: python-version-current-is-deprecated +Severity: warning +Check: languages/python +Explanation: The use of "current" in the Python-Version or Python3-Version + field is deprecated. +See-Also: python-policy 3.4 diff --git a/tags/p/python2-script-but-no-python2-dep.tag b/tags/p/python2-script-but-no-python2-dep.tag new file mode 100644 index 0000000..7ec086a --- /dev/null +++ b/tags/p/python2-script-but-no-python2-dep.tag @@ -0,0 +1,21 @@ +Tag: python2-script-but-no-python2-dep +Severity: error +Check: scripts +Explanation: Packages with Python2 scripts should depend on the package + <code>python2</code>. Those with scripts that specify a specific version of + Python2 must depend, recommend or suggest on that version of Python2 + (exactly). + . + For example, if a script in the package uses <code>#!/usr/bin/python2</code>, + the package needs a dependency on <code>python2</code>. If a script uses + <code>#!/usr/bin/python2.7</code>, the package needs a dependency on + <code>python2.7</code>. A dependency on <code>python (>= 2.7)</code> is not + correct, since later versions of Python2 may not provide the + <code>/usr/bin/python2.7</code> binary. + . + If you are using debhelper, adding <code>${python2:Depends}</code> to the + Depends field and ensuring dh_python2 is run during the build should + take care of adding the correct dependency. + . + In some cases a weaker relationship, such as Suggests or Recommends, will + be more appropriate. diff --git a/tags/p/python3-depends-but-no-python3-helper.tag b/tags/p/python3-depends-but-no-python3-helper.tag new file mode 100644 index 0000000..50630fe --- /dev/null +++ b/tags/p/python3-depends-but-no-python3-helper.tag @@ -0,0 +1,6 @@ +Tag: python3-depends-but-no-python3-helper +Severity: error +Check: debhelper +Explanation: The source package declares a dependency on ${python3:Depends} in the + given binary package's debian/control entry. However, debian/rules doesn't + call any helper that would generate this substitution variable. diff --git a/tags/p/python3-script-but-no-python3-dep.tag b/tags/p/python3-script-but-no-python3-dep.tag new file mode 100644 index 0000000..f60d9f3 --- /dev/null +++ b/tags/p/python3-script-but-no-python3-dep.tag @@ -0,0 +1,21 @@ +Tag: python3-script-but-no-python3-dep +Severity: error +Check: scripts +Explanation: Packages with Python3 scripts should depend on the package + <code>python3</code>. Those with scripts that specify a specific version of + Python3 must depend, recommend or suggest on that version of Python3 + (exactly). + . + For example, if a script in the package uses <code>#!/usr/bin/python3</code>, + the package needs a dependency on <code>python3</code>. If a script uses + <code>#!/usr/bin/python3.8</code>, the package needs a dependency on + <code>python3.8</code>. A dependency on <code>python (>= 3.8)</code> is not + correct, since later versions of Python may not provide the + <code>/usr/bin/python3.8</code> binary. + . + If you are using debhelper, adding <code>${python3:Depends}</code> to the + Depends field and ensuring dh_python3 is run during the build should + take care of adding the correct dependency. + . + In some cases a weaker relationship, such as Suggests or Recommends, will + be more appropriate. diff --git a/tags/q/qa-upload-has-incorrect-version-number.tag b/tags/q/qa-upload-has-incorrect-version-number.tag new file mode 100644 index 0000000..ee36d38 --- /dev/null +++ b/tags/q/qa-upload-has-incorrect-version-number.tag @@ -0,0 +1,5 @@ +Tag: qa-upload-has-incorrect-version-number +Severity: warning +Check: nmu +Explanation: A QA upload (uploading an orphaned package without adopting it) is + always a maintainer upload: it should not get a NMU revision number. diff --git a/tags/q/quilt-build-dep-but-no-series-file.tag b/tags/q/quilt-build-dep-but-no-series-file.tag new file mode 100644 index 0000000..d454ba9 --- /dev/null +++ b/tags/q/quilt-build-dep-but-no-series-file.tag @@ -0,0 +1,11 @@ +Tag: quilt-build-dep-but-no-series-file +Severity: warning +Check: debian/patches/quilt +Explanation: Using quilt requires you to explicitly list all patches you want + to apply in debian/patches/series. This package build-depends on quilt, + but does not provide a patch list. You should either remove the quilt + build dependency or add a series file. + . + Note that an empty file cannot be represented in the Debian diff, so an + empty series file will disappear in the source package. If you intended + for the series file to be empty, add a comment line. diff --git a/tags/q/quilt-patch-missing-description.tag b/tags/q/quilt-patch-missing-description.tag new file mode 100644 index 0000000..de81917 --- /dev/null +++ b/tags/q/quilt-patch-missing-description.tag @@ -0,0 +1,16 @@ +Tag: quilt-patch-missing-description +Severity: info +Check: debian/patches/quilt +Explanation: quilt patch files should start with a description of patch. All + lines before the start of the patch itself are considered part of the + description. You can edit the description with <code>quilt header -e</code> + when the patch is at the top of the stack. + . + As well as a description of the purpose and function of the patch, the + description should ideally contain author information, a URL for the bug + report (if any), Debian or upstream bugs fixed by it, upstream status, + the Debian version and date the patch was first included, and any other + information that would be useful if someone were investigating the + patch and underlying problem. Please consider using the DEP 3 format for + this information. +See-Also: https://dep-team.pages.debian.net/deps/dep3/ diff --git a/tags/q/quilt-patch-using-template-description.tag b/tags/q/quilt-patch-using-template-description.tag new file mode 100644 index 0000000..fbf5b35 --- /dev/null +++ b/tags/q/quilt-patch-using-template-description.tag @@ -0,0 +1,10 @@ +Tag: quilt-patch-using-template-description +Severity: info +Check: debian/patches/quilt +Explanation: The patch contains a standard DEP 3 template description + included by dpkg-source(1). Please consider replacing the template + with a real description. You can edit the description by using + <code>quilt header -e</code> when the patch is at the top of the stack. + Alternatively, editing the patch in most text editors should work + as well. +See-Also: https://dep-team.pages.debian.net/deps/dep3/ diff --git a/tags/q/quilt-patch-with-non-standard-options.tag b/tags/q/quilt-patch-with-non-standard-options.tag new file mode 100644 index 0000000..0ae81d2 --- /dev/null +++ b/tags/q/quilt-patch-with-non-standard-options.tag @@ -0,0 +1,12 @@ +Tag: quilt-patch-with-non-standard-options +Severity: warning +Check: debian/patches/quilt +Explanation: The quilt series file contains non-standard options to apply some of + the listed patches. Quilt uses '-p1' by default if nothing is specified + after the name of the patch and the current series file specify something + else for some of the patches listed. + . + For compatibility with the source "3.0 (quilt)" source package format, + you should avoid using any option at all and make sure that your patches + apply with "-p1". This can be done by refreshing all patches like this: + quilt pop -a; while quilt push; do quilt refresh -pab; done diff --git a/tags/q/quilt-series-but-no-build-dep.tag b/tags/q/quilt-series-but-no-build-dep.tag new file mode 100644 index 0000000..3e2b6dd --- /dev/null +++ b/tags/q/quilt-series-but-no-build-dep.tag @@ -0,0 +1,13 @@ +Tag: quilt-series-but-no-build-dep +Severity: warning +Check: debian/patches/quilt +Explanation: The package contains a debian/patches/series file usually used by + quilt to apply patches at build time, but quilt is not listed in the + build dependencies. + . + You should either remove the series file if it's effectively not useful + or add quilt to the build-dependencies if quilt is used during the build + process. + . + If you don't need quilt during build but only during maintenance work, + then you can override this warning. diff --git a/tags/q/quilt-series-references-non-existent-patch.tag b/tags/q/quilt-series-references-non-existent-patch.tag new file mode 100644 index 0000000..a048355 --- /dev/null +++ b/tags/q/quilt-series-references-non-existent-patch.tag @@ -0,0 +1,5 @@ +Tag: quilt-series-references-non-existent-patch +Severity: error +Check: debian/patches/quilt +Explanation: In the series file listing all your quilt patches, you referenced a + file that does not exist. This will lead to a fatal error when calling quilt. diff --git a/tags/q/quilt-series-without-trailing-newline.tag b/tags/q/quilt-series-without-trailing-newline.tag new file mode 100644 index 0000000..e49e31d --- /dev/null +++ b/tags/q/quilt-series-without-trailing-newline.tag @@ -0,0 +1,7 @@ +Tag: quilt-series-without-trailing-newline +Severity: error +Check: debian/patches/quilt +Explanation: The package contains a debian/patches/series file + that doesn't end with a newline. dpkg-source may silently + corrupt this file. +See-Also: Bug#584233 diff --git a/tags/q/quoted-placeholder-in-mailcap-entry.tag b/tags/q/quoted-placeholder-in-mailcap-entry.tag new file mode 100644 index 0000000..89a1f79 --- /dev/null +++ b/tags/q/quoted-placeholder-in-mailcap-entry.tag @@ -0,0 +1,14 @@ +Tag: quoted-placeholder-in-mailcap-entry +Severity: warning +Check: mailcap +Explanation: The <code>%s</code> placeholder in a mailcap entry is quoted. That is + considered unsafe. Proper escaping should be left to the programs using + the entry. + . + Please remove the single or double quotes around <code>%s</code>. +See-Also: Bug#33486, + Bug#90483, + Bug#745141, + https://tools.ietf.org/rfc/rfc1524.txt, + http://bugs.debian.org/745141#17, + https://lists.debian.org/debian-user/2005/04/msg01185.html diff --git a/tags/r/r-data-without-readme-source.tag b/tags/r/r-data-without-readme-source.tag new file mode 100644 index 0000000..80d3754 --- /dev/null +++ b/tags/r/r-data-without-readme-source.tag @@ -0,0 +1,11 @@ +Tag: r-data-without-readme-source +Severity: error +Check: languages/r +Explanation: Many modules packaged for the R Project for Statistical Computing contain + data files with names as *.rda, *.Rda, *.rdata, *.Rdata, etc. + . + When such files exist, the FTP masters expect them to be explained in + debian/README.source, which this package is missing. + . + Please add a README.source documenting the origins of these files. +See-Also: https://lists.debian.org/debian-devel/2013/09/msg00332.html diff --git a/tags/r/r-package-not-arch-all.tag b/tags/r/r-package-not-arch-all.tag new file mode 100644 index 0000000..12659a0 --- /dev/null +++ b/tags/r/r-package-not-arch-all.tag @@ -0,0 +1,10 @@ +Tag: r-package-not-arch-all +Severity: warning +Check: languages/r/architecture +Explanation: The package for an <code>R</code> language package ships a + <code>DESCRIPTION</code> file that states <code>NeedsCompilation: No</code> + but is not marked <code>Architecture: all</code>. + . + The package does not require compilation and should be + architecture-independent. +See-Also: https://cran.r-project.org/doc/manuals/r-devel/R-exts.html diff --git a/tags/r/raster-image-in-scalable-directory.tag b/tags/r/raster-image-in-scalable-directory.tag new file mode 100644 index 0000000..589d82c --- /dev/null +++ b/tags/r/raster-image-in-scalable-directory.tag @@ -0,0 +1,5 @@ +Tag: raster-image-in-scalable-directory +Severity: warning +Check: desktop/icons +Explanation: The given raster image was installed into a "scalable" icon directory. + Only vector graphics (e.g. SVG) should be installed into those directories. diff --git a/tags/r/rc-version-greater-than-expected-version.tag b/tags/r/rc-version-greater-than-expected-version.tag new file mode 100644 index 0000000..5c47662 --- /dev/null +++ b/tags/r/rc-version-greater-than-expected-version.tag @@ -0,0 +1,9 @@ +Tag: rc-version-greater-than-expected-version +Severity: warning +Check: debian/changelog +See-Also: debian-policy 5.6.12 +Explanation: The package appears to be a release candidate or preview release, but + the version sorts higher than the expected final release. + . + For non-native packages, the check examines the upstream version. + For native packages, it looks at the Debian maintainer's revision. diff --git a/tags/r/read-in-maintainer-script.tag b/tags/r/read-in-maintainer-script.tag new file mode 100644 index 0000000..1127ec4 --- /dev/null +++ b/tags/r/read-in-maintainer-script.tag @@ -0,0 +1,14 @@ +Tag: read-in-maintainer-script +Severity: error +Check: scripts +Explanation: The given maintainer script appears to use <code>read</code> to + get information from the user. Prompting in maintainer scripts must be done + by communicating through a utility that conforms to the Debian configuration + management specification, version 2 or higher. The <code>debconf</code> + program is a popular choice. + . + With this tag, there is a potential for false positives. For example, + <code>read</code> could be used in a block with redirection, in a function + in a pipe, or when standard input is provided in an unusual way. +See-Also: + debian-policy 3.9.1 diff --git a/tags/r/readme-debian-contains-debmake-template.tag b/tags/r/readme-debian-contains-debmake-template.tag new file mode 100644 index 0000000..2d2538a --- /dev/null +++ b/tags/r/readme-debian-contains-debmake-template.tag @@ -0,0 +1,14 @@ +Tag: readme-debian-contains-debmake-template +Severity: warning +Check: debian/readme +Explanation: The README.Debian file installed by this package contains one of the + template phrases from the README.Debian provided by deb-make or dh_make: + . + Comments regarding the package + So far nothing to say + <possible notes regarding this package - if none, delete this file> + Automatically generated by debmake + . + If there is real information in the file, please delete any generic + template phrases. If there is nothing to say in the file, it is best + removed. diff --git a/tags/r/readme-debian-contains-invalid-email-address.tag b/tags/r/readme-debian-contains-invalid-email-address.tag new file mode 100644 index 0000000..f00ec57 --- /dev/null +++ b/tags/r/readme-debian-contains-invalid-email-address.tag @@ -0,0 +1,5 @@ +Tag: readme-debian-contains-invalid-email-address +Severity: warning +Check: debian/readme +Explanation: The README.Debian file contains an invalid email address: the domain + needs at least one dot. This looks like a mistake. diff --git a/tags/r/readme-debian-mentions-usr-doc.tag b/tags/r/readme-debian-mentions-usr-doc.tag new file mode 100644 index 0000000..f281c77 --- /dev/null +++ b/tags/r/readme-debian-mentions-usr-doc.tag @@ -0,0 +1,7 @@ +Tag: readme-debian-mentions-usr-doc +Severity: warning +Check: debian/readme +Explanation: The README.Debian file installed by this package apparently points + users at /usr/doc. /usr/doc has been retired and all documentation + migrated to /usr/share/doc. This reference should probably also be + updated. diff --git a/tags/r/readme-source-is-dh_make-template.tag b/tags/r/readme-source-is-dh_make-template.tag new file mode 100644 index 0000000..55e4303 --- /dev/null +++ b/tags/r/readme-source-is-dh_make-template.tag @@ -0,0 +1,8 @@ +Tag: readme-source-is-dh_make-template +Severity: error +Check: dh-make +Explanation: The debian/README.source file appears to be an unmodified or insufficiently + modified copy of the dh_make template. + . + Please double-check the README.source page and replace it with information + about this source package or simply remove the file completely. diff --git a/tags/r/recommended-field.tag b/tags/r/recommended-field.tag new file mode 100644 index 0000000..df83679 --- /dev/null +++ b/tags/r/recommended-field.tag @@ -0,0 +1,14 @@ +Tag: recommended-field +Severity: warning +Check: fields/recommended +Renamed-From: + no-priority-field + no-section-field-for-source + no-section-field + no-urgency-in-changes-file +Explanation: The named field is recommended by policy but not present in the + package's primary control file. +See-Also: + debian-policy 5.2, + debian-policy 5.3, + debian-policy 5.5 diff --git a/tags/r/recursive-privilege-change.tag b/tags/r/recursive-privilege-change.tag new file mode 100644 index 0000000..f844611 --- /dev/null +++ b/tags/r/recursive-privilege-change.tag @@ -0,0 +1,27 @@ +Tag: recursive-privilege-change +Severity: warning +Check: scripts +Renamed-From: maintainer-script-should-not-use-recursive-chown-or-chmod +Explanation: The named maintainer script appears to call <code>chmod</code> or + <code>chown</code> with a <code>--recursive</code>/<code>-R</code> argument, or + it uses <code>find(1)</code> with similar intent. + . + All such uses are vulnerable to hardlink attacks on mainline (i.e. + non-Debian) kernels that do not set <code>fs.protected_hardlinks=1</code>. + . + The security risk arises when a non-privileged user set links to + files they do not own, such as such as <code>/etc/shadow</code> or + files in <code>/var/lib/dpkg/</code>. A superuser's recursive call to + <code>chown</code> or <code>chmod</code> on behalf of a role user account + would then modify the non-owned files in ways that allow the + non-privileged user to manipulate them later. + . + There are several ways to mitigate the issue in maintainer scripts: + . + - For a static role user, please call <code>chown</code> at build time + and not during the installation. + - If that is too complicated, use <code>runuser(1)</code> in the + relevant build parts to create files with correct ownership. + - Given a static list of files to change, use non-recursive calls + for each file. (Please do not generate the list with <code>find</code>.) +See-Also: Bug#895597, Bug#889060, Bug#889488, runuser(1) diff --git a/tags/r/redundant-bugs-field.tag b/tags/r/redundant-bugs-field.tag new file mode 100644 index 0000000..ffa8b21 --- /dev/null +++ b/tags/r/redundant-bugs-field.tag @@ -0,0 +1,6 @@ +Tag: redundant-bugs-field +Severity: warning +Check: fields/bugs +Explanation: You use the Bugs field though the field value is the default + (debbugs://bugs.debian.org/). In this case the field is redundant and + should be removed. diff --git a/tags/r/redundant-build-prerequisites.tag b/tags/r/redundant-build-prerequisites.tag new file mode 100644 index 0000000..ddb3aec --- /dev/null +++ b/tags/r/redundant-build-prerequisites.tag @@ -0,0 +1,11 @@ +Tag: redundant-build-prerequisites +Severity: warning +Check: fields/package-relations +Renamed-From: + package-has-a-duplicate-build-relation +Explanation: The source declares a variety of build prerequisites + in <code>Build-Depends</code>, <code>Build-Depends-Indep</code>, + or <code>Build-Depends-Arch</code> but the fields work together. + The given set contains redundant information. + . + Please simplify the build prerequisites. diff --git a/tags/r/redundant-control-relation.tag b/tags/r/redundant-control-relation.tag new file mode 100644 index 0000000..1893d52 --- /dev/null +++ b/tags/r/redundant-control-relation.tag @@ -0,0 +1,11 @@ +Tag: redundant-control-relation +Severity: pedantic +Check: debian/control/field/relation +Renamed-From: + duplicate-in-relation-field +Explanation: The named field in the <code>debian/control</code> file lists + multiple package relationships when one would be sufficient. + . + The less restrictive declaration can be removed. The tools <code>dpkg-source</code> + and <code>dpkg-gencontrol</code> do that automatically, so it does not affect the + package generated from this source. diff --git a/tags/r/redundant-globbing-patterns.tag b/tags/r/redundant-globbing-patterns.tag new file mode 100644 index 0000000..a8ce986 --- /dev/null +++ b/tags/r/redundant-globbing-patterns.tag @@ -0,0 +1,12 @@ +Tag: redundant-globbing-patterns +Severity: pedantic +Check: debian/copyright/dep5 +Explanation: Two globbing patterns in the same <code>Files</code> section in + debian/copyright match the same file. + . + This situation can occur when a narrow pattern should apply the same license + as a broader pattern. Please create another <code>Files</code> section for the + narrow pattern and place it below other patterns that compete for the same + files. +See-Also: Bug#905747, + https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ diff --git a/tags/r/redundant-installation-prerequisite.tag b/tags/r/redundant-installation-prerequisite.tag new file mode 100644 index 0000000..c165196 --- /dev/null +++ b/tags/r/redundant-installation-prerequisite.tag @@ -0,0 +1,19 @@ +Tag: redundant-installation-prerequisite +Severity: warning +Check: debian/control/prerequisite/redundant +Renamed-From: + stronger-dependency-implies-weaker +Explanation: A stronger field for prerequisites in the <code>debian/control</code> + file satisfies the named condition stated in a weaker field. + . + For example, you would see this tag when the <code>Depends</code> field + already requires that a package which is also listed in <code>Recommends</code> + or <code>Suggests</code> is installed. Or, a package could be listed in both + <code>Recommends</code> as well as <code>Suggests</code>. + . + Current versions of <code>dpkg-gencontrol</code> will silently ignore the + weaker field, but like anything unexpected it could indicate another oversight, + such as a misspelling or having forgotten to remove the stronger prereguisite + when the intent was to move it to a weaker field. +See-Also: + debian-policy 7.2 diff --git a/tags/r/redundant-origin-field.tag b/tags/r/redundant-origin-field.tag new file mode 100644 index 0000000..319031b --- /dev/null +++ b/tags/r/redundant-origin-field.tag @@ -0,0 +1,5 @@ +Tag: redundant-origin-field +Severity: warning +Check: fields/origin +Explanation: You use the Origin field though the field value is the default (Debian). + In this case the field is redundant and should be removed. diff --git a/tags/r/relative-conffile.tag b/tags/r/relative-conffile.tag new file mode 100644 index 0000000..7cb353a --- /dev/null +++ b/tags/r/relative-conffile.tag @@ -0,0 +1,7 @@ +Tag: relative-conffile +Severity: error +Check: conffiles +Explanation: All entries in the <code>debian/conffiles</code> control file should + have an absolute path specification. +See-Also: + debian-policy appendix-5.1 diff --git a/tags/r/relative-library-search-path.tag b/tags/r/relative-library-search-path.tag new file mode 100644 index 0000000..a2b6918 --- /dev/null +++ b/tags/r/relative-library-search-path.tag @@ -0,0 +1,31 @@ +Tag: relative-library-search-path +Severity: error +Check: binaries/rpath +Explanation: The binary or shared library sets RPATH or RUNPATH. This + overrides the normal library search path, possibly interfering with + local policy and causing problems for multilib, among other issues. + . + As an aggravating factor, this search path is relative! It is probably + not what you wanted. + . + The only time a binary or shared library in a Debian package should + set RPATH or RUNPATH is if it is linked to private shared libraries + in the same package. In that case, place those private shared + libraries in <code>/usr/lib/*package*</code>. Libraries used by + binaries in other packages should be placed in <code>/lib</code> or + <code>/usr/lib</code> as appropriate, with a proper SONAME, in which case + RPATH/RUNPATH is unnecessary. + . + To fix this problem, look for link lines like: + . + <code>gcc test.o -o test -Wl,--rpath,/usr/local/lib</code> + or + <code>gcc test.o -o test -R/usr/local/lib</code> + . + and remove the <code>-Wl,--rpath</code> or <code>-R</code> argument. + . + You can also use the <code>chrpath</code> utility to remove the RPATH. +See-Also: + https://wiki.debian.org/RpathIssue, + Bug#732682, + Bug#732674 diff --git a/tags/r/relative-symlink.tag b/tags/r/relative-symlink.tag new file mode 100644 index 0000000..be4f4dd --- /dev/null +++ b/tags/r/relative-symlink.tag @@ -0,0 +1,10 @@ +Tag: relative-symlink +Severity: error +Check: files/symbolic-links +Renamed-From: symlink-should-be-absolute +Explanation: Symbolic links between different top-level directories should be + absolute. + . + If you use debhelper, running dh_link after creating the package structure + will fix this problem for you. +See-Also: debian-policy 10.5 diff --git a/tags/r/remove-of-unknown-diversion.tag b/tags/r/remove-of-unknown-diversion.tag new file mode 100644 index 0000000..5a43a46 --- /dev/null +++ b/tags/r/remove-of-unknown-diversion.tag @@ -0,0 +1,9 @@ +Tag: remove-of-unknown-diversion +Severity: error +Check: maintainer-scripts/diversion +Explanation: The named maintainer script removes a diversion that it did not + add. + . + When cleaning up unnecessary diversions from old versions of the package, + please remove them in <code>preinst</code> or <code>postinst</code>. Do + not use <code>postrm</code> for that purpose. diff --git a/tags/r/renamed-tag.tag b/tags/r/renamed-tag.tag new file mode 100644 index 0000000..356305a --- /dev/null +++ b/tags/r/renamed-tag.tag @@ -0,0 +1,9 @@ +Tag: renamed-tag +Severity: pedantic +Show-Always: yes +Check: debian/lintian-overrides/mystery +Explanation: The package has an override for a tag that was renamed. + Lintian tag are sometime renamed in order to improve their name. + . + Override file is dynamically translated by Lintian. Nevertheless + please replace the old name by the new name. diff --git a/tags/r/repackaged-source-not-advertised.tag b/tags/r/repackaged-source-not-advertised.tag new file mode 100644 index 0000000..5bd64be --- /dev/null +++ b/tags/r/repackaged-source-not-advertised.tag @@ -0,0 +1,26 @@ +Tag: repackaged-source-not-advertised +Severity: info +Check: debian/copyright/dep5 +Explanation: The <code>debian/copyright</code> file mentions <code>Files-Excluded</code> + but the source version has no repack suffix. + . + Repackaged sources are expected to indicate in their version number + that they are different from the upstream release. It is commonly + done by adding a repack suffix to the upstream version. + . + The choice of repack suffix depends on the reason for repackaging. + When some files were excluded because licensing was a concern, the + suffix <code>+dfsg</code> may be appropriate. In more generic cases, one + could chose <code>+ds</code>. + . + Upstream sources are sometimes repackaged by accident when using old + versions of <code>dh_make</code>. It can also happen when a maintainer + invokes the dh_make option <code>--createorig</code> even though it is + not needed. + . + According to the Debian Developer's Reference 6.7.8.2, the repack + suffix is not required. + . + Please include such a suffix in the changelog version number to avoid + this warning. +See-Also: Bug#471537, https://www.debian.org/doc/manuals/developers-reference/best-pkging-practices.html diff --git a/tags/r/repeated-path-segment.tag b/tags/r/repeated-path-segment.tag new file mode 100644 index 0000000..8da58b3 --- /dev/null +++ b/tags/r/repeated-path-segment.tag @@ -0,0 +1,9 @@ +Tag: repeated-path-segment +Severity: pedantic +Check: files/hierarchy/path-segments +Explanation: The file is installed into a location that repeats the given + path segment. An example would be <code>/usr/lib/lib</code> or + <code>/usr/share/myprogram/share</code>. + . + More often than not this is unintended. +See-Also: Bug#950052, Bug#950027 diff --git a/tags/r/repeated-trigger-name.tag b/tags/r/repeated-trigger-name.tag new file mode 100644 index 0000000..8ebae1a --- /dev/null +++ b/tags/r/repeated-trigger-name.tag @@ -0,0 +1,18 @@ +Tag: repeated-trigger-name +Severity: error +Check: triggers +Explanation: The package repeats the same trigger. There should be no reason to + do this and it may lead to confusing results or errors. + . + For the same "base" type of trigger (e.g. two <code>interest</code>-type triggers) + the last declaration will be the effective one. + . + This tag is also triggered if the package has an <code>activate</code> trigger + for something on which it also declares an <code>interest</code>. The only (but + rather unlikely) reason to do this is if another package *also* + declares an <code>interest</code> and this package needs to activate that + other package. If the package is using it for this exact purpose, then + please use a Lintian override to state this. + . + Please remove any duplicate definitions. +See-Also: deb-triggers(5), Bug#698723 diff --git a/tags/r/required-field.tag b/tags/r/required-field.tag new file mode 100644 index 0000000..d3bb384 --- /dev/null +++ b/tags/r/required-field.tag @@ -0,0 +1,17 @@ +Tag: required-field +Severity: error +Check: fields/required +Renamed-From: + no-maintainer-field + no-architecture-field + no-description-in-changes-file + no-package-name + no-standards-version-field + no-version-field + package-has-no-description +Explanation: The named field is required by policy but not present in the + package's primary control file. +See-Also: + debian-policy 5.3, + debian-policy 5.5, + debian-policy 5.6.11 diff --git a/tags/r/requires-r-api.tag b/tags/r/requires-r-api.tag new file mode 100644 index 0000000..e8e55e3 --- /dev/null +++ b/tags/r/requires-r-api.tag @@ -0,0 +1,13 @@ +Tag: requires-r-api +Severity: error +Check: languages/r/site-library +Explanation: This package ships a site library for the <code>R</code> + programming language package but does not declare the + <code>R</code> API <code>r-api-*N*</code> as a package + prerequisite. + . + With the dh sequencer, please use <code>--buildsystem=R</code> in + <code>debian/rules</code> and add the substitution variable + <code>${R:Depends}</code> to the <code>Depends</code> field in + <code>debian/control</code>. +See-Also: https://wiki.debian.org/Teams/r-pkg-team diff --git a/tags/r/root-in-contact.tag b/tags/r/root-in-contact.tag new file mode 100644 index 0000000..cbc61e6 --- /dev/null +++ b/tags/r/root-in-contact.tag @@ -0,0 +1,11 @@ +Tag: root-in-contact +Severity: error +Check: fields/mail-address +Renamed-From: + maintainer-address-is-root-user + uploader-address-is-root-user + changed-by-address-is-root-user +Explanation: The named contact includes root as a name or as part of + the mail address, which is invalid. + . + The package may not have been built in a sane environment. diff --git a/tags/r/ruby-interpreter-is-deprecated.tag b/tags/r/ruby-interpreter-is-deprecated.tag new file mode 100644 index 0000000..3fdb763 --- /dev/null +++ b/tags/r/ruby-interpreter-is-deprecated.tag @@ -0,0 +1,12 @@ +Tag: ruby-interpreter-is-deprecated +Severity: warning +Check: languages/ruby +Explanation: Starting with ruby2.3, Ruby interpreter packages stopped + providing the <code>ruby-interpreter</code> virtual package. It should + no longer be used as a prerequisite. + . + In packages using <code>gem2deb</code>, please consider using + <code>${ruby:Depends}</code>. It will expand automatically to the + prerequisites the package needs (including the interpreter as well + as the libraries) and can replace all other Ruby-related dependency + declarations. diff --git a/tags/r/ruby-script-but-no-ruby-dep.tag b/tags/r/ruby-script-but-no-ruby-dep.tag new file mode 100644 index 0000000..2e12ce3 --- /dev/null +++ b/tags/r/ruby-script-but-no-ruby-dep.tag @@ -0,0 +1,9 @@ +Tag: ruby-script-but-no-ruby-dep +Severity: error +Check: scripts +Explanation: Packages with Ruby scripts must depend on a valid Ruby interpreter. + If any script uses <code>#!/usr/bin/ruby</code>, the package + should declare <code>ruby</code> as a prerequisite. + . + In some cases, a weaker relationship like <code>Suggests</code> or + <code>Recommends</code> is more appropriate. diff --git a/tags/r/rubygem-homepage.tag b/tags/r/rubygem-homepage.tag new file mode 100644 index 0000000..1cc1523 --- /dev/null +++ b/tags/r/rubygem-homepage.tag @@ -0,0 +1,12 @@ +Tag: rubygem-homepage +Severity: warning +Check: languages/ruby +Explanation: The <code>Homepage</code> field in this package's + control file refers to Rubygems, and not to the true upstream. + . + Debian packages should point at the upstream's homepage, but + Rubygems is just another packaging system. You may be able to + find the correct information in the <code>Homepage</code> link + of the corresponding Rubygems package. +See-Also: + Bug#981935 diff --git a/tags/r/rules-do-not-require-root.tag b/tags/r/rules-do-not-require-root.tag new file mode 100644 index 0000000..05297b1 --- /dev/null +++ b/tags/r/rules-do-not-require-root.tag @@ -0,0 +1,11 @@ +Tag: rules-do-not-require-root +Severity: classification +Check: debian/control/field/rules-requires-root +Renamed-From: + rules-does-not-require-root +Explanation: The sources can build the installation packages without using + <code>fakeroot(1)</code> or similar. +See-Also: + /usr/share/doc/dpkg/spec/rootless-builds.txt, + debian-policy 4.9.2, + debian-policy 5.6.31 diff --git a/tags/r/rules-require-build-prerequisite.tag b/tags/r/rules-require-build-prerequisite.tag new file mode 100644 index 0000000..2e8f98e --- /dev/null +++ b/tags/r/rules-require-build-prerequisite.tag @@ -0,0 +1,25 @@ +Tag: rules-require-build-prerequisite +Severity: error +Check: debian/rules +Renamed-From: + missing-build-dependency + missing-python-build-dependency +Explanation: + The code in <code>debian/rules</code> requires a prerequisite + that is not presently listed in the package's <code>Build-Depends</code>. + . + In the special case of Python, affected packages should <code>Build-Depend</code> + on one of <code>python3</code>, <code>python3-all</code>, <code>python3-dev</code>, + or <code>python3-all-dev</code>. Which one depends on whether a package supports + multiple Python versions, and also whether the package builds Python modules + or uses Python only as part of the build process. + . + Packages that depend on a specific Python version may build-depend + on any appropriate <code>pythonX.Y</code> or <code>pythonX.Y-dev</code> package + instead. + . + The condition you see in the context is not a recommendation on what to add. If + you see a list, more than likely only one member is needed to make this tag go + away. You probably also do not need the <code>:any</code> multiarch qualifier, + if you see one. +See-Also: debian-policy 4.2 diff --git a/tags/r/rules-require-root-explicitly.tag b/tags/r/rules-require-root-explicitly.tag new file mode 100644 index 0000000..ae49e3d --- /dev/null +++ b/tags/r/rules-require-root-explicitly.tag @@ -0,0 +1,13 @@ +Tag: rules-require-root-explicitly +Severity: classification +Check: debian/control/field/rules-requires-root +Renamed-From: + rules-requires-root-explicitly +Explanation: The sources require <code>fakeroot(1)</code> or similar to build + the installation packages and also explicitly declare that need via the field + <code>Rules-Requires-Root</code> in the source stanza of the file + <code>debian/control</code>. +See-Also: + /usr/share/doc/dpkg/spec/rootless-builds.txt, + debian-policy 4.9.2, + debian-policy 5.6.31 diff --git a/tags/r/rules-silently-require-root.tag b/tags/r/rules-silently-require-root.tag new file mode 100644 index 0000000..43c109d --- /dev/null +++ b/tags/r/rules-silently-require-root.tag @@ -0,0 +1,24 @@ +Tag: rules-silently-require-root +Severity: info +Check: debian/control/field/rules-requires-root +Renamed-From: + should-specify-rules-requires-root +Explanation: These sources require <code>fakeroot(1)</code> or similar to build + the installation packages, but the field <code>Rules-Requires-Root</code> is + empty or missing. + . + At least the shown path in the indicated installation package is owned by user + (or a group) other than <code>root:root</code>. + . + Over time, Debian has successively narrowed the steps for which elevated privileges + are required. It speeds up the building of installation packages in the archive. + . + Please declare whether the sources require root privileges. Eventually, Debian will + switch the default archive-wide behaviour to expedite the build process. + . + You can use the field <code>Rules-Requires-Root</code> in the source stanza of + <code>debian/control</code> to declare the required build privileges. +See-Also: + /usr/share/doc/dpkg/spec/rootless-builds.txt, + debian-policy 4.9.2, + debian-policy 5.6.31 diff --git a/tags/r/run-parts-cron-filename-contains-illegal-chars.tag b/tags/r/run-parts-cron-filename-contains-illegal-chars.tag new file mode 100644 index 0000000..4075a10 --- /dev/null +++ b/tags/r/run-parts-cron-filename-contains-illegal-chars.tag @@ -0,0 +1,8 @@ +Tag: run-parts-cron-filename-contains-illegal-chars +Severity: warning +Check: cron +Explanation: The script in /etc/cron.<time-interval> will not be executed by + run-parts(8) because the filename contains a "." (full stop) or "+" (plus). + . + It is recommended to use "_" (underscores) instead of these symbols. +See-Also: run-parts(8), debian-policy 9.5.1 diff --git a/tags/r/runtime-test-file-is-not-a-regular-file.tag b/tags/r/runtime-test-file-is-not-a-regular-file.tag new file mode 100644 index 0000000..721cf73 --- /dev/null +++ b/tags/r/runtime-test-file-is-not-a-regular-file.tag @@ -0,0 +1,7 @@ +Tag: runtime-test-file-is-not-a-regular-file +Severity: info +Check: testsuite +Explanation: A runtime test listed by debian/tests/control is not a regular + file or a relative symbolic link to a regular file in the source + package. +See-Also: https://salsa.debian.org/ci-team/autopkgtest/tree/master/doc/README.package-tests.rst diff --git a/tags/r/runtime-test-file-uses-installed-python-versions.tag b/tags/r/runtime-test-file-uses-installed-python-versions.tag new file mode 100644 index 0000000..3b7c0f2 --- /dev/null +++ b/tags/r/runtime-test-file-uses-installed-python-versions.tag @@ -0,0 +1,17 @@ +Tag: runtime-test-file-uses-installed-python-versions +Severity: warning +Check: testsuite +Explanation: The specified file appears to use <code>py3versions -i</code> + to determine the "installed" Python versions. + . + However, this can cause issues if a Python transition is in progress + as the <code>-minimal</code> variant of the previous version + (eg. <code>python3.X-minimal</code>) remains installed in many environments. + This variant then provides enough of an interpreter to count as being + "installed" but not enough for the tests themselves to succeed in most + cases. This then prevents the overall transition from taking place. + . + Please replace this will a call to all "supported" packages instead + (eg. <code>py3versions -s</code> and ensure <code>python3-all</code> is listed + in the test dependencies. +See-Also: https://lists.debian.org/debian-devel/2020/03/msg00280.html diff --git a/tags/r/runtime-test-file-uses-supported-python-versions-without-test-depends.tag b/tags/r/runtime-test-file-uses-supported-python-versions-without-test-depends.tag new file mode 100644 index 0000000..f23e167 --- /dev/null +++ b/tags/r/runtime-test-file-uses-supported-python-versions-without-test-depends.tag @@ -0,0 +1,15 @@ +Tag: runtime-test-file-uses-supported-python-versions-without-test-depends +Severity: warning +Check: testsuite +Renamed-From: + runtime-test-file-uses-supported-python-versions-without-python-all-build-depends +Explanation: The specified file appears to use <code>py3versions -s</code> to + determine the "supported" Python versions without specifying + <code>python3-all</code> (or equivalent) as a test prerequisite. + . + With only the default version of Python installed, the autopkgtests may + pass but the package subsequently fails at runtime when another, + non-default, Python version is present. + . + Please add <code>python3-all</code> as a test prerequisite via <code>Depends</code> + in <code>debian/tests/control</code>. diff --git a/tags/r/rust-boilerplate.tag b/tags/r/rust-boilerplate.tag new file mode 100644 index 0000000..8e06c7e --- /dev/null +++ b/tags/r/rust-boilerplate.tag @@ -0,0 +1,21 @@ +Tag: rust-boilerplate +Severity: warning +Check: languages/rust +Explanation: The description for the named installable was created by + a template in the Rust toolchain but not subsequently modified. + . + Please amend the default description provided by <code>debcargo</code> + in <code>debian/control</code>. + . + Within the Rust toolchain you can also conveniently add something like + the following example to <code>debian/debcargo.toml</code>: + . + [packages.bin] + summary = "Command-line benchmarking tool" + description = """ + Hyperfine is a benchmarking tool similar to 'time' that offers + many additional features. One can easily arrange repeated runs + and export results in formats like CSV or JSON. + """ +See-Also: + https://wiki.debian.org/Teams/RustPackaging diff --git a/tags/s/script-in-etc-init.d-not-registered-via-update-rc.d.tag b/tags/s/script-in-etc-init.d-not-registered-via-update-rc.d.tag new file mode 100644 index 0000000..99a3a51 --- /dev/null +++ b/tags/s/script-in-etc-init.d-not-registered-via-update-rc.d.tag @@ -0,0 +1,7 @@ +Tag: script-in-etc-init.d-not-registered-via-update-rc.d +Severity: warning +Check: init-d +Explanation: The package installs an <code>/etc/init.d</code> script which is + not registered in the <code>postinst</code> script. This is usually a bug + (such as omitting the <code>#DEBHELPER#</code> token) unless you omit the links + intentionally for some reason or create the links some other way. diff --git a/tags/s/script-in-usr-share-doc.tag b/tags/s/script-in-usr-share-doc.tag new file mode 100644 index 0000000..fba5eb1 --- /dev/null +++ b/tags/s/script-in-usr-share-doc.tag @@ -0,0 +1,6 @@ +Tag: script-in-usr-share-doc +Severity: info +Check: documentation +Explanation: Scripts are usually not documentation files, unless they are + examples, in which case they should be in the + <code>/usr/share/doc/*pkg*/examples</code> directory. diff --git a/tags/s/script-not-executable.tag b/tags/s/script-not-executable.tag new file mode 100644 index 0000000..2507a30 --- /dev/null +++ b/tags/s/script-not-executable.tag @@ -0,0 +1,9 @@ +Tag: script-not-executable +Severity: warning +Check: scripts +Explanation: This file starts with the #! sequence that marks interpreted scripts, + but it is not executable. + . + There has been some discussion to allow such files in paths other than + <code>/usr/bin</code> but there was ultimately no broad support for it. +See-Also: Bug#368792 diff --git a/tags/s/script-uses-bin-env.tag b/tags/s/script-uses-bin-env.tag new file mode 100644 index 0000000..656ac5f --- /dev/null +++ b/tags/s/script-uses-bin-env.tag @@ -0,0 +1,7 @@ +Tag: script-uses-bin-env +Severity: warning +Check: scripts +Explanation: This script uses /bin/env as its interpreter (used to find the + actual interpreter on the user's path). There is no /bin/env on Debian + systems; env is instead installed as /usr/bin/env. Usually, the path to + env in the script should be changed. diff --git a/tags/s/script-uses-deprecated-nodejs-location.tag b/tags/s/script-uses-deprecated-nodejs-location.tag new file mode 100644 index 0000000..0e2c4bc --- /dev/null +++ b/tags/s/script-uses-deprecated-nodejs-location.tag @@ -0,0 +1,14 @@ +Tag: script-uses-deprecated-nodejs-location +Severity: warning +Check: scripts +Explanation: You used <code>/usr/bin/nodejs</code> or <code>/usr/bin/env nodejs</code> as an + interpreter for a script. + . + The <code>/usr/bin/node</code> binary was previously provided by + <code>ax25-node</code> and packages were required to use <code>/usr/bin/nodejs</code> + instead. <code>ax25-node</code> has since been removed from the archive and the + <code>nodejs</code> package now ships the <code>/usr/bin/node</code> binary to match + the rest of the Node.js ecosystem. + . + Please update your package to use the <code>node</code> variant. +See-Also: Bug#614907, Bug#862051 diff --git a/tags/s/script-uses-perl4-libs-without-dep.tag b/tags/s/script-uses-perl4-libs-without-dep.tag new file mode 100644 index 0000000..df85e0d --- /dev/null +++ b/tags/s/script-uses-perl4-libs-without-dep.tag @@ -0,0 +1,10 @@ +Tag: script-uses-perl4-libs-without-dep +Severity: warning +Check: languages/perl/perl4/prerequisites +Explanation: The named Perl script uses the named perl 4-era module, + which is obsolete. Those libraries were deprecated in perl in 5.14, + and will probably be removed from the core in perl 5.16. + . + Please remove the references to the module or add the prerequisite + <code>libperl4-corelibs-perl | perl (<< 5.12.3-7)</code> to + your package. diff --git a/tags/s/script-uses-unversioned-python-in-shebang.tag b/tags/s/script-uses-unversioned-python-in-shebang.tag new file mode 100644 index 0000000..7ae27f2 --- /dev/null +++ b/tags/s/script-uses-unversioned-python-in-shebang.tag @@ -0,0 +1,12 @@ +Tag: script-uses-unversioned-python-in-shebang +Severity: error +Check: languages/python/scripts +Explanation: This package contains a script with unversioned Python shebang. + . + This package contains a script with unversioned Python shebang and thus + defaults to using Python 2. The 2.x series of Python is deprecated and apart + from rare cases, will not be supported in Debian Bullseye. + . + If the script in question is compatible with Python 3, please modify it to use + <code>/usr/bin/python3</code> instead. If it only is Python 2 compatible, + please modify it to use <code>/usr/bin/python2</code>. diff --git a/tags/s/script-with-language-extension.tag b/tags/s/script-with-language-extension.tag new file mode 100644 index 0000000..5b3f92b --- /dev/null +++ b/tags/s/script-with-language-extension.tag @@ -0,0 +1,10 @@ +Tag: script-with-language-extension +Severity: warning +Check: files/scripts +Explanation: When scripts are installed into a directory in the system PATH, the + script name should not include an extension such as <code>.sh</code> or + <code>.pl</code> that denotes the scripting language currently used to + implement it. The implementation language may change; if it does, + leaving the name the same would be confusing and changing it would be + disruptive. +See-Also: debian-policy 10.4 diff --git a/tags/s/script-without-interpreter.tag b/tags/s/script-without-interpreter.tag new file mode 100644 index 0000000..b864087 --- /dev/null +++ b/tags/s/script-without-interpreter.tag @@ -0,0 +1,5 @@ +Tag: script-without-interpreter +Severity: error +Check: scripts +Explanation: This file starts with the #! sequence that identifies scripts, but + it does not name an interpreter. diff --git a/tags/s/section-is-dh_make-template.tag b/tags/s/section-is-dh_make-template.tag new file mode 100644 index 0000000..629f03d --- /dev/null +++ b/tags/s/section-is-dh_make-template.tag @@ -0,0 +1,8 @@ +Tag: section-is-dh_make-template +Severity: error +Check: fields/section +Explanation: The "Section:" field in this package's control file is set to + unknown. This is not a valid section, and usually means a dh_make + template control file was used and never modified to set the correct + section. +See-Also: debian-policy 2.4 diff --git a/tags/s/select-with-boolean-choices.tag b/tags/s/select-with-boolean-choices.tag new file mode 100644 index 0000000..0e4a855 --- /dev/null +++ b/tags/s/select-with-boolean-choices.tag @@ -0,0 +1,6 @@ +Tag: select-with-boolean-choices +Severity: warning +Check: debian/debconf +Explanation: Select templates with only yes and no choices should use the boolean + type instead. +See-Also: debconf-devel(7) diff --git a/tags/s/select-without-choices.tag b/tags/s/select-without-choices.tag new file mode 100644 index 0000000..9607070 --- /dev/null +++ b/tags/s/select-without-choices.tag @@ -0,0 +1,9 @@ +Tag: select-without-choices +Severity: error +Check: debian/debconf +Explanation: Templates using the <code>select</code> or <code>multiselect</code> + data types must provide a <code>Choices:</code> field that lists all possible + values. +See-Also: + debconf-specification 3.1, + debconf-devel(7) diff --git a/tags/s/service-file-is-not-a-file.tag b/tags/s/service-file-is-not-a-file.tag new file mode 100644 index 0000000..570548d --- /dev/null +++ b/tags/s/service-file-is-not-a-file.tag @@ -0,0 +1,5 @@ +Tag: service-file-is-not-a-file +Severity: error +Check: systemd +Explanation: The package contains a service file that is not a regular file or + resolvable symlink. diff --git a/tags/s/shared-library-is-executable.tag b/tags/s/shared-library-is-executable.tag new file mode 100644 index 0000000..1c01db1 --- /dev/null +++ b/tags/s/shared-library-is-executable.tag @@ -0,0 +1,8 @@ +Tag: shared-library-is-executable +Severity: error +Check: libraries/shared/file-permissions +Renamed-From: + shlib-with-executable-bit +Explanation: Shared libraries should be mode 0644. +See-Also: + debian-policy 8.1 diff --git a/tags/s/shared-library-is-multi-arch-foreign.tag b/tags/s/shared-library-is-multi-arch-foreign.tag new file mode 100644 index 0000000..410c69f --- /dev/null +++ b/tags/s/shared-library-is-multi-arch-foreign.tag @@ -0,0 +1,9 @@ +Tag: shared-library-is-multi-arch-foreign +Severity: error +Check: libraries/shared/multi-arch +Renamed-From: + shlib-in-multi-arch-foreign-package +Explanation: The package is marked as Multi-Arch: foreign, but it includes a shared + library in a public library directory. +See-Also: + https://wiki.ubuntu.com/MultiarchSpec diff --git a/tags/s/shared-library-lacks-prerequisites.tag b/tags/s/shared-library-lacks-prerequisites.tag new file mode 100644 index 0000000..f1684e1 --- /dev/null +++ b/tags/s/shared-library-lacks-prerequisites.tag @@ -0,0 +1,23 @@ +Tag: shared-library-lacks-prerequisites +Severity: warning +Check: binaries/prerequisites +Renamed-From: + shared-lib-without-dependency-information +Explanation: The listed shared library doesn't include information about the + other libraries against which it was linked. + . + More specifically, "<code>ldd foo.so</code>" should report such other + libraries. In your case, it reports "statically linked". + . + The fix is to specify the libraries. One way to do so is to add + something like "-lc" to the command-line options for "ld". + +Screen: coq/cmxs/prerequisites +Advocates: Julien Puydt <julien.puydt@gmail.com> +Reason: The Coq project comes with a kind of compiler that generates files + which are ELF shared objects. Unfortunately, they contain many undefined + symbols, but those are expected. + . + There are a lot of false positives. +See-Also: + Bug#999602 diff --git a/tags/s/shared-library-lacks-stack-section.tag b/tags/s/shared-library-lacks-stack-section.tag new file mode 100644 index 0000000..453fbd7 --- /dev/null +++ b/tags/s/shared-library-lacks-stack-section.tag @@ -0,0 +1,13 @@ +Tag: shared-library-lacks-stack-section +Severity: error +Check: libraries/shared/stack +Renamed-From: + shlib-without-PT_GNU_STACK-section +Explanation: The listed shared library lacks a PT_GNU_STACK section. This forces + the dynamic linker to make the stack executable. + . + The shared lib is linked either with a non-GNU linker or a linker which is + very old. This problem can be fixed with a rebuild. + . + To see whether a shared library has this section, run <code>readelf -l</code> + on it and look for a program header of type GNU_STACK. diff --git a/tags/s/shared-library-lacks-version.tag b/tags/s/shared-library-lacks-version.tag new file mode 100644 index 0000000..aebb8c6 --- /dev/null +++ b/tags/s/shared-library-lacks-version.tag @@ -0,0 +1,24 @@ +Tag: shared-library-lacks-version +Severity: warning +Check: debian/shlibs +Renamed-From: + shlib-without-versioned-soname +Explanation: The listed shared library in a public library directory has an + SONAME that does not contain any versioning information, either after the + <code>.so</code> or before it and set off by a hyphen. It cannot therefore + be represented in the shlibs system, and if linked by binaries its + interface cannot safely change. There is no backward-compatible way to + migrate programs linked against it to a new ABI. + . + Normally, this means the shared library is a private library for a + particular application and is not meant for general use. Policy + recommends that such libraries be installed in a subdirectory of + <code>/usr/lib</code> rather than in a public shared library directory. + . + To view the SONAME of a shared library, run <code>readelf -d</code> on the + shared library and look for the tag of type SONAME. + . + There are some special stub libraries or special-purpose shared objects + for which an ABI version is not meaningful. If this is one of those + cases, please add an override. +See-Also: debian-policy 10.2, debian-policy 8.6 diff --git a/tags/s/shared-library-not-shipped.tag b/tags/s/shared-library-not-shipped.tag new file mode 100644 index 0000000..0ad8bb7 --- /dev/null +++ b/tags/s/shared-library-not-shipped.tag @@ -0,0 +1,8 @@ +Tag: shared-library-not-shipped +Severity: warning +Check: debian/shlibs +Renamed-From: + unused-shlib-entry-in-control-file +Explanation: The shlibs control file contains an entry for a shared library that + is not installed by this package. +See-Also: debian-policy 8.6 diff --git a/tags/s/shared-library-symbols-not-tracked.tag b/tags/s/shared-library-symbols-not-tracked.tag new file mode 100644 index 0000000..0603165 --- /dev/null +++ b/tags/s/shared-library-symbols-not-tracked.tag @@ -0,0 +1,8 @@ +Tag: shared-library-symbols-not-tracked +Severity: warning +Check: debian/shlibs +Renamed-From: + shlib-missing-in-symbols-control-file +Explanation: The package contains a shared library that is not listed in the + symbols control file. This may not be a problem if, for example, + the library is a C++ library. diff --git a/tags/s/sharedobject-in-library-directory-missing-soname.tag b/tags/s/sharedobject-in-library-directory-missing-soname.tag new file mode 100644 index 0000000..82e4121 --- /dev/null +++ b/tags/s/sharedobject-in-library-directory-missing-soname.tag @@ -0,0 +1,13 @@ +Tag: sharedobject-in-library-directory-missing-soname +Severity: error +Check: libraries/shared/soname/missing +Explanation: A shared object was identified in a library directory (a directory + in the standard linker path) which doesn't have a SONAME. This is + usually an error. + . + SONAMEs are set with something like <code>gcc -Wl,-soname,libfoo.so.0</code>, + where 0 is the major version of the library. If your package uses libtool, + then libtool invoked with the right options should be doing this. + . + To view the SONAME of a shared library, run <code>readelf -d</code> on the + shared library and look for the tag of type SONAME. diff --git a/tags/s/shell-script-fails-syntax-check.tag b/tags/s/shell-script-fails-syntax-check.tag new file mode 100644 index 0000000..da2836c --- /dev/null +++ b/tags/s/shell-script-fails-syntax-check.tag @@ -0,0 +1,12 @@ +Tag: shell-script-fails-syntax-check +Severity: error +Check: script/syntax +Explanation: Running this shell script with the shell's -n option set fails, + which means that the script has syntax errors. The most common cause of + this problem is a script expecting <code>/bin/sh</code> to be bash checked on + a system using dash as <code>/bin/sh</code>. + . + Run e.g. <code>sh -n yourscript</code> to see the errors yourself. + . + Note this can have false-positives, for an example with bash scripts + using "extglob". diff --git a/tags/s/shipped-file-without-utf8-name.tag b/tags/s/shipped-file-without-utf8-name.tag new file mode 100644 index 0000000..f080955 --- /dev/null +++ b/tags/s/shipped-file-without-utf8-name.tag @@ -0,0 +1,13 @@ +Tag: shipped-file-without-utf8-name +Severity: error +Check: files/names +See-Also: debian-policy 10.10 +Explanation: The file name in the installed tree is not valid UTF-8. + As a shipped file in an installation package, the name of this file is + considered the responsibility of the package maintainer. Please + rename the file. + . + Unlike other file names in Lintian, which are printed in UTF-8, the + attached reference shows the bytes used by the file system. + Unprintable characters may have been replaced. +Renamed-From: file-name-is-not-valid-UTF-8 diff --git a/tags/s/ships-r-site-library.tag b/tags/s/ships-r-site-library.tag new file mode 100644 index 0000000..e882114 --- /dev/null +++ b/tags/s/ships-r-site-library.tag @@ -0,0 +1,6 @@ +Tag: ships-r-site-library +Severity: classification +Check: languages/r/site-library +Explanation: This package ships the named <code>R</code> programming + language site library. +See-Also: https://wiki.debian.org/Teams/r-pkg-team diff --git a/tags/s/ships-undeclared-shared-library.tag b/tags/s/ships-undeclared-shared-library.tag new file mode 100644 index 0000000..61b2f8f --- /dev/null +++ b/tags/s/ships-undeclared-shared-library.tag @@ -0,0 +1,8 @@ +Tag: ships-undeclared-shared-library +Severity: error +Check: debian/shlibs +Renamed-From: + shlib-missing-in-control-file +Explanation: The package contains a shared library that is not listed in the + shlibs control file. If this is intentional, please override this error. +See-Also: debian-policy 8.6 diff --git a/tags/s/silent-on-rules-requiring-root.tag b/tags/s/silent-on-rules-requiring-root.tag new file mode 100644 index 0000000..a80353f --- /dev/null +++ b/tags/s/silent-on-rules-requiring-root.tag @@ -0,0 +1,21 @@ +Tag: silent-on-rules-requiring-root +Severity: pedantic +Check: debian/control/field/rules-requires-root +Renamed-From: + rules-requires-root-missing +Explanation: The field <code>Rules-Requires-Root</code> is missing from the file + <code>debian/control</code>. + . + Over time, Debian has successively narrowed the steps for which elevated privileges + are required. It speeds up the building of installation packages in the archive. + Eventually, Debian will switch the default archive-wide behaviour to expedite the + build process further. + . + Please declare explicitly that the sources do not require root privileges. You can + use the setting <code>Rules-Requires-Root: no</code> in the source stanza of + <code>debian/control</code>, but please verify with <code>diffoscope(1)</code> that + the installation packages produced are in fact identical. +See-Also: + /usr/share/doc/dpkg/spec/rootless-builds.txt, + debian-policy 4.9.2, + debian-policy 5.6.31 diff --git a/tags/s/skip-systemd-native-flag-missing-pre-depends.tag b/tags/s/skip-systemd-native-flag-missing-pre-depends.tag new file mode 100644 index 0000000..d68ff26 --- /dev/null +++ b/tags/s/skip-systemd-native-flag-missing-pre-depends.tag @@ -0,0 +1,15 @@ +Tag: skip-systemd-native-flag-missing-pre-depends +Severity: warning +Check: systemd/native/prerequisites +Explanation: The named maintainer script uses the <code>--skip-systemd-native</code> + option to <code>invoke-rc.d</code> but does not declare a <code>Pre-Depends</code> + prerequisite on <code>init-system-helpers</code>. + . + The flag helps to defer <code>systemd</code> actions until + <code>deb-systemd-invoke(1p)</code> is called. + . + Please add <code>Pre-Depends: ${misc:Pre-Depends}</code> to your + <code>debian/control</code> file. +See-Also: + invoke-rc.d(8), + deb-systemd-invoke(1p) diff --git a/tags/s/source-contains-arch-control-dir.tag b/tags/s/source-contains-arch-control-dir.tag new file mode 100644 index 0000000..b672e6d --- /dev/null +++ b/tags/s/source-contains-arch-control-dir.tag @@ -0,0 +1,9 @@ +Tag: source-contains-arch-control-dir +Severity: pedantic +Check: files/artifact +Explanation: The upstream source contains an {arch} or .arch-ids directory or a + directory starting with <code>,,</code> (used by baz for debugging traces). + It was most likely included by accident since Arch version control + directories usually don't belong in releases. If an upstream release + tarball contains these directories, you should usually report this as a + bug upstream. diff --git a/tags/s/source-contains-arch-inventory-file.tag b/tags/s/source-contains-arch-inventory-file.tag new file mode 100644 index 0000000..ced8df4 --- /dev/null +++ b/tags/s/source-contains-arch-inventory-file.tag @@ -0,0 +1,6 @@ +Tag: source-contains-arch-inventory-file +Severity: pedantic +Check: files/artifact +Explanation: The upstream source contains an <code>.arch-inventory</code> file. This + is Arch metadata that should normally not be distributed. You may want + to report this as an upstream bug. diff --git a/tags/s/source-contains-autogenerated-gperf-data.tag b/tags/s/source-contains-autogenerated-gperf-data.tag new file mode 100644 index 0000000..4e1d881 --- /dev/null +++ b/tags/s/source-contains-autogenerated-gperf-data.tag @@ -0,0 +1,11 @@ +Tag: source-contains-autogenerated-gperf-data +Severity: pedantic +Check: cruft +Explanation: The following file is autogenerated by gperf + . + They are usually provided for the convenience of users. These files + usually just take up space in the tarball. + . + Check if upstream also provides source-only tarballs that you can use as + the upstream distribution instead. If not, you may want to ask upstream + to provide source-only tarballs. diff --git a/tags/s/source-contains-autogenerated-visual-c++-file.tag b/tags/s/source-contains-autogenerated-visual-c++-file.tag new file mode 100644 index 0000000..aede334 --- /dev/null +++ b/tags/s/source-contains-autogenerated-visual-c++-file.tag @@ -0,0 +1,11 @@ +Tag: source-contains-autogenerated-visual-c++-file +Severity: pedantic +Check: cruft +Explanation: The following file is autogenerated by Microsoft Visual C++. + . + They are usually provided for the convenience of users. These files + usually just take up space in the tarball and are of no use in Debian. + . + Check if upstream also provides source-only tarballs that you can use as + the upstream distribution instead. If not, you may want to ask upstream + to provide source-only tarballs. diff --git a/tags/s/source-contains-browserified-javascript.tag b/tags/s/source-contains-browserified-javascript.tag new file mode 100644 index 0000000..1482290 --- /dev/null +++ b/tags/s/source-contains-browserified-javascript.tag @@ -0,0 +1,9 @@ +Tag: source-contains-browserified-javascript +Severity: pedantic +Check: cruft +Explanation: The following file contains javascript built from browserify + . + This file may contain javascript that is build with the help of browserify + or webpack tools. + . + You should rebuilt this file from source. diff --git a/tags/s/source-contains-bts-control-dir.tag b/tags/s/source-contains-bts-control-dir.tag new file mode 100644 index 0000000..35c6906 --- /dev/null +++ b/tags/s/source-contains-bts-control-dir.tag @@ -0,0 +1,6 @@ +Tag: source-contains-bts-control-dir +Severity: pedantic +Check: files/artifact +Explanation: The upstream source contains a directory used by a bug tracking + system. It was most likely included by accident since bug tracking system + directories usually don't belong in releases. diff --git a/tags/s/source-contains-bzr-control-dir.tag b/tags/s/source-contains-bzr-control-dir.tag new file mode 100644 index 0000000..6d5a72e --- /dev/null +++ b/tags/s/source-contains-bzr-control-dir.tag @@ -0,0 +1,9 @@ +Tag: source-contains-bzr-control-dir +Severity: pedantic +Check: files/artifact +Explanation: The upstream source contains a .bzr directory. It was most likely + included by accident since bazaar-ng version control directories usually + don't belong in releases and may contain the entire repository. When + packaging a bzr snapshot, use bzr export to create a clean tree. If an + upstream release tarball contains .bzr directories, you should usually + report this as a bug upstream. diff --git a/tags/s/source-contains-cmake-cache-file.tag b/tags/s/source-contains-cmake-cache-file.tag new file mode 100644 index 0000000..fff5f27 --- /dev/null +++ b/tags/s/source-contains-cmake-cache-file.tag @@ -0,0 +1,14 @@ +Tag: source-contains-cmake-cache-file +Severity: error +Check: build-systems/cmake +Renamed-From: + diff-contains-cmake-cache-file +Explanation: This package ships a CMake cache file. + . + These files embed source paths from when they were built. They will cause + build failures when the source is subsequently built under different paths. + . + They always cause errors on the buildds. + . + The file was probably included by accident. If it came with the upstream + sources, please delete it before building in <code>debian/rules</code>. diff --git a/tags/s/source-contains-cvs-conflict-copy.tag b/tags/s/source-contains-cvs-conflict-copy.tag new file mode 100644 index 0000000..9a7b5c5 --- /dev/null +++ b/tags/s/source-contains-cvs-conflict-copy.tag @@ -0,0 +1,9 @@ +Tag: source-contains-cvs-conflict-copy +Severity: pedantic +Check: files/artifact +Explanation: The upstream source contains a CVS conflict copy. These have file + names like <code>.#file.version</code> and are generated by CVS when a + conflict was detected when merging local changes with updates from a + source repository. They're useful only while resolving the conflict and + were probably included by accident. You may want to report this as an + upstream bug. diff --git a/tags/s/source-contains-cvs-control-dir.tag b/tags/s/source-contains-cvs-control-dir.tag new file mode 100644 index 0000000..abd5dfe --- /dev/null +++ b/tags/s/source-contains-cvs-control-dir.tag @@ -0,0 +1,8 @@ +Tag: source-contains-cvs-control-dir +Severity: pedantic +Check: files/artifact +Explanation: The upstream source contains a CVS directory. It was most likely + included by accident since CVS directories usually don't belong in + releases. When packaging a CVS snapshot, export from CVS rather than use + a checkout. If an upstream release tarball contains CVS directories, you + usually should report this as a bug to upstream. diff --git a/tags/s/source-contains-data-from-ieee-data-oui-db.tag b/tags/s/source-contains-data-from-ieee-data-oui-db.tag new file mode 100644 index 0000000..4e9c48f --- /dev/null +++ b/tags/s/source-contains-data-from-ieee-data-oui-db.tag @@ -0,0 +1,9 @@ +Tag: source-contains-data-from-ieee-data-oui-db +Severity: pedantic +Check: cruft +Explanation: The following file contains data from the OUI database + . + This file contains a likely outdated copy of + Organizationally Unique Identifier (OUI) database from IEEE. + . + Please use the files from ieee-data package instead. diff --git a/tags/s/source-contains-debian-substvars.tag b/tags/s/source-contains-debian-substvars.tag new file mode 100644 index 0000000..bbf7406 --- /dev/null +++ b/tags/s/source-contains-debian-substvars.tag @@ -0,0 +1,10 @@ +Tag: source-contains-debian-substvars +Severity: warning +Check: debian/substvars +Renamed-From: + diff-contains-substvars +Explanation: Lintian found a substvars file in the Debian diff for this source + package. The debian/substvars (or debian/<code>package</code>.substvars) file + is usually generated and modified dynamically by debian/rules targets, in + which case it must be removed by the clean target. +See-Also: debian-policy 4.10 diff --git a/tags/s/source-contains-editor-backup-file.tag b/tags/s/source-contains-editor-backup-file.tag new file mode 100644 index 0000000..d3a6f33 --- /dev/null +++ b/tags/s/source-contains-editor-backup-file.tag @@ -0,0 +1,9 @@ +Tag: source-contains-editor-backup-file +Severity: warning +Check: files/artifact +Explanation: The Debian diff or native package contains a file ending in + <code>~</code> or of the form <code>.xxx.swp</code>, which is normally either an + Emacs or vim backup file or a backup file created by programs such as + <code>autoheader</code> or <code>debconf-updatepo</code>. This usually causes no + harm, but it's messy and bloats the size of the Debian diff to no useful + purpose. diff --git a/tags/s/source-contains-git-control-dir.tag b/tags/s/source-contains-git-control-dir.tag new file mode 100644 index 0000000..95172e8 --- /dev/null +++ b/tags/s/source-contains-git-control-dir.tag @@ -0,0 +1,8 @@ +Tag: source-contains-git-control-dir +Severity: pedantic +Check: files/artifact +Explanation: The upstream source contains a .git directory. It was most likely + included by accident since git version control directories usually don't + belong in releases and may contain a complete copy of the repository. If + an upstream release tarball contains .git directories, you should usually + report this as a bug upstream. diff --git a/tags/s/source-contains-hg-control-dir.tag b/tags/s/source-contains-hg-control-dir.tag new file mode 100644 index 0000000..b94c07c --- /dev/null +++ b/tags/s/source-contains-hg-control-dir.tag @@ -0,0 +1,8 @@ +Tag: source-contains-hg-control-dir +Severity: pedantic +Check: files/artifact +Explanation: The upstream source contains a .hg directory. It was most likely + included by accident since hg version control directories usually don't + belong in releases and may contain a complete copy of the repository. If + an upstream release tarball contains .hg directories, you should usually + report this as a bug upstream. diff --git a/tags/s/source-contains-hg-tags-file.tag b/tags/s/source-contains-hg-tags-file.tag new file mode 100644 index 0000000..b20c2c4 --- /dev/null +++ b/tags/s/source-contains-hg-tags-file.tag @@ -0,0 +1,8 @@ +Tag: source-contains-hg-tags-file +Severity: pedantic +Check: files/artifact +Explanation: The upstream source contains an <code>.hgtags</code> file. This file is + Mercurial metadata that should normally not be distributed. It stores + hashes of tagged commits in a Mercurial repository and isn't therefore + useful without the repository. You may want to report this as an + upstream bug. diff --git a/tags/s/source-contains-patch-failure-file.tag b/tags/s/source-contains-patch-failure-file.tag new file mode 100644 index 0000000..0aee47b --- /dev/null +++ b/tags/s/source-contains-patch-failure-file.tag @@ -0,0 +1,8 @@ +Tag: source-contains-patch-failure-file +Severity: warning +Check: files/artifact +Explanation: The Debian diff or native package contains a file that looks like + the files left behind by the <code>patch</code> utility when it cannot + completely apply a diff. This may be left over from a patch applied by + the maintainer. Normally such files should not be included in the + package. diff --git a/tags/s/source-contains-prebuilt-binary.tag b/tags/s/source-contains-prebuilt-binary.tag new file mode 100644 index 0000000..124ec16 --- /dev/null +++ b/tags/s/source-contains-prebuilt-binary.tag @@ -0,0 +1,7 @@ +Tag: source-contains-prebuilt-binary +Severity: pedantic +Check: files/source-missing +Explanation: The source tarball contains a prebuilt ELF object. They are usually + left by mistake when generating the tarball by not cleaning the source + directory first. You may want to report this as an upstream bug, in case + there is no sign that this was intended. diff --git a/tags/s/source-contains-prebuilt-doxygen-documentation.tag b/tags/s/source-contains-prebuilt-doxygen-documentation.tag new file mode 100644 index 0000000..80182a2 --- /dev/null +++ b/tags/s/source-contains-prebuilt-doxygen-documentation.tag @@ -0,0 +1,9 @@ +Tag: source-contains-prebuilt-doxygen-documentation +Severity: pedantic +Check: documentation/doxygen +Explanation: The source tarball contains prebuilt doxygen documentation. + This is usually left by mistake when generating the tarball without + first cleaning the source directory. You may want to report this as + an upstream bug if there is no sign that this was intended. + . + It is preferable to rebuild documentation directly from source. diff --git a/tags/s/source-contains-prebuilt-flash-object.tag b/tags/s/source-contains-prebuilt-flash-object.tag new file mode 100644 index 0000000..207fb90 --- /dev/null +++ b/tags/s/source-contains-prebuilt-flash-object.tag @@ -0,0 +1,15 @@ +Tag: source-contains-prebuilt-flash-object +Severity: pedantic +Check: files/source-missing +Explanation: The source tarball contains a prebuilt file in the Shockwave Flash (SWF) + or Flash Video (FLV) format. These are often included by mistake when + developers generate a tarball without cleaning the source directory + first. An exception is simple video files, which are their own + source. + . + If there is no sign this was intended, consider reporting it as an + upstream bug. + . + If the Flash file is not meant to be modified directly, please make + sure the package includes the source for the file and that the + packaging rebuilds it. diff --git a/tags/s/source-contains-prebuilt-flash-project.tag b/tags/s/source-contains-prebuilt-flash-project.tag new file mode 100644 index 0000000..74279a0 --- /dev/null +++ b/tags/s/source-contains-prebuilt-flash-project.tag @@ -0,0 +1,14 @@ +Tag: source-contains-prebuilt-flash-project +Severity: pedantic +Check: files/source-missing +Explanation: The source tarball contains a prebuilt file in the Shockwave Flash + project (FLA) format. These are often included by mistake when + developers generate a tarball without cleaning the source directory + first. + . + If there is no sign this was intended, consider reporting it as an + upstream bug. + . + If the Flash file is not meant to be modified directly, please make + sure the package includes the source for the file and that the + packaging rebuilds it. diff --git a/tags/s/source-contains-prebuilt-java-object.tag b/tags/s/source-contains-prebuilt-java-object.tag new file mode 100644 index 0000000..2a6eff6 --- /dev/null +++ b/tags/s/source-contains-prebuilt-java-object.tag @@ -0,0 +1,7 @@ +Tag: source-contains-prebuilt-java-object +Severity: pedantic +Check: languages/java +Explanation: The source tarball contains a prebuilt Java class file. These are often + included by mistake when developers generate a tarball without cleaning + the source directory first. If there is no sign this was intended, + consider reporting it as an upstream bug as it may be a DFSG violation. diff --git a/tags/s/source-contains-prebuilt-javascript-object.tag b/tags/s/source-contains-prebuilt-javascript-object.tag new file mode 100644 index 0000000..8ecac62 --- /dev/null +++ b/tags/s/source-contains-prebuilt-javascript-object.tag @@ -0,0 +1,7 @@ +Tag: source-contains-prebuilt-javascript-object +Severity: pedantic +Check: files/source-missing +Explanation: The source tarball contains a prebuilt (minified) JavaScript object. + They are usually left by mistake when generating the tarball by not + cleaning the source directory first. You may want to report this as + an upstream bug, in case there is no sign that this was intended. diff --git a/tags/s/source-contains-prebuilt-ms-help-file.tag b/tags/s/source-contains-prebuilt-ms-help-file.tag new file mode 100644 index 0000000..14c38f5 --- /dev/null +++ b/tags/s/source-contains-prebuilt-ms-help-file.tag @@ -0,0 +1,17 @@ +Tag: source-contains-prebuilt-ms-help-file +Severity: error +Check: files/banned/compiled-help +Explanation: The source tarball contains a prebuilt Microsoft precompiled help + file (CHM file). These are often included by mistake when developers generate + a tarball without cleaning the source directory first. + . + CHM files are mainly produced by proprietary, Windows-specific software. + They are also mainly consumed by the Microsoft HTML Help Workshop. + . + Whilst there is free software to read and write them, any + examples existing in source packages are likely to be created + by the proprietary Microsoft software and are probably missing + the source HTML and associated files. + . + If there is no sign this was intended, consider reporting it as + an upstream bug. diff --git a/tags/s/source-contains-prebuilt-pandoc-documentation.tag b/tags/s/source-contains-prebuilt-pandoc-documentation.tag new file mode 100644 index 0000000..382e0cd --- /dev/null +++ b/tags/s/source-contains-prebuilt-pandoc-documentation.tag @@ -0,0 +1,9 @@ +Tag: source-contains-prebuilt-pandoc-documentation +Severity: pedantic +Check: cruft +Explanation: The source tarball contains prebuilt pandoc documentation. + This is usually left by mistake when generating the tarball without + first cleaning the source directory. You may want to report this as + an upstream bug if there is no sign that this was intended. + . + It is preferable to rebuild documentation directly from source. diff --git a/tags/s/source-contains-prebuilt-python-object.tag b/tags/s/source-contains-prebuilt-python-object.tag new file mode 100644 index 0000000..b6f4242 --- /dev/null +++ b/tags/s/source-contains-prebuilt-python-object.tag @@ -0,0 +1,7 @@ +Tag: source-contains-prebuilt-python-object +Severity: pedantic +Check: files/source-missing +Explanation: The source tarball contains a prebuilt Python object. They are + usually left by mistake when generating the tarball by not cleaning the + source directory first. You may want to report this as an upstream bug, + in case there is no sign that this was intended. diff --git a/tags/s/source-contains-prebuilt-silverlight-object.tag b/tags/s/source-contains-prebuilt-silverlight-object.tag new file mode 100644 index 0000000..c135a7d --- /dev/null +++ b/tags/s/source-contains-prebuilt-silverlight-object.tag @@ -0,0 +1,7 @@ +Tag: source-contains-prebuilt-silverlight-object +Severity: error +Check: files/source-missing +Explanation: The source tarball contains a prebuilt Silverlight control. + Unfortunately, the tools used to build such files have non-free + dependencies and are not present in Debian. This file must be + completely removed. diff --git a/tags/s/source-contains-prebuilt-sphinx-documentation.tag b/tags/s/source-contains-prebuilt-sphinx-documentation.tag new file mode 100644 index 0000000..e7f2062 --- /dev/null +++ b/tags/s/source-contains-prebuilt-sphinx-documentation.tag @@ -0,0 +1,9 @@ +Tag: source-contains-prebuilt-sphinx-documentation +Severity: pedantic +Check: cruft +Explanation: The source tarball contains prebuilt Sphinx documentation. + This is usually left by mistake when generating the tarball without + first cleaning the source directory. You may want to report this as + an upstream bug if there is no sign that this was intended. + . + It is preferable to rebuild documentation directly from source. diff --git a/tags/s/source-contains-prebuilt-wasm-binary.tag b/tags/s/source-contains-prebuilt-wasm-binary.tag new file mode 100644 index 0000000..29e49e2 --- /dev/null +++ b/tags/s/source-contains-prebuilt-wasm-binary.tag @@ -0,0 +1,11 @@ +Tag: source-contains-prebuilt-wasm-binary +Severity: pedantic +Check: files/source-missing +Explanation: The source tarball contains a prebuilt binary wasm object. + They are usually provided for the convenience of users. These files + usually just take up space in the tarball and need to be rebuilt from + source. + . + Check if upstream also provides source-only tarballs that you can use as + the upstream distribution instead. If not, you may want to ask upstream + to provide source-only tarballs. diff --git a/tags/s/source-contains-prebuilt-windows-binary.tag b/tags/s/source-contains-prebuilt-windows-binary.tag new file mode 100644 index 0000000..20b7190 --- /dev/null +++ b/tags/s/source-contains-prebuilt-windows-binary.tag @@ -0,0 +1,13 @@ +Tag: source-contains-prebuilt-windows-binary +Severity: warning +Check: files/source-missing +Explanation: The source tarball contains a prebuilt binary for Microsoft Windows. + They are usually provided for the convenience of users. These files + usually just take up space in the tarball. + . + However, they may be a DFSG violation in that the corresponding source + and build system are not available. + . + Check if upstream also provides source-only tarballs that you can use as + the upstream distribution instead. If not, you may want to ask upstream + to provide source-only tarballs. diff --git a/tags/s/source-contains-prebuilt-yapp-parser.tag b/tags/s/source-contains-prebuilt-yapp-parser.tag new file mode 100644 index 0000000..eaeb0d0 --- /dev/null +++ b/tags/s/source-contains-prebuilt-yapp-parser.tag @@ -0,0 +1,10 @@ +Tag: source-contains-prebuilt-yapp-parser +Severity: pedantic +Check: languages/perl/yapp +Explanation: The source tarball contains a prebuilt Parse::Yapp parser. + This is usually left by mistake when generating the tarball without + first cleaning the source directory. You may want to report this as + an upstream bug if there is no sign that this was intended. + . + Please build the parser from source. +See-Also: Bug#921080 diff --git a/tags/s/source-contains-quilt-control-dir.tag b/tags/s/source-contains-quilt-control-dir.tag new file mode 100644 index 0000000..fc759c5 --- /dev/null +++ b/tags/s/source-contains-quilt-control-dir.tag @@ -0,0 +1,10 @@ +Tag: source-contains-quilt-control-dir +Severity: warning +Check: files/artifact +Explanation: The patched sources contains files in a directory + used by quilt, which are not useful in a diff or native package. + <code>dpkg-source</code> will automatically exclude these if it is passed + <code>-I</code> or <code>-i</code> for native and non-native packages + respectively. +See-Also: + dpkg-source(1) diff --git a/tags/s/source-contains-svk-commit-file.tag b/tags/s/source-contains-svk-commit-file.tag new file mode 100644 index 0000000..bab5a1d --- /dev/null +++ b/tags/s/source-contains-svk-commit-file.tag @@ -0,0 +1,6 @@ +Tag: source-contains-svk-commit-file +Severity: pedantic +Check: files/artifact +Explanation: The upstream source contains an <code>svk-commitNNN.tmp</code>, + almost certainly a left-over from a failed Subversion commit. You may + want to report this as an upstream bug. diff --git a/tags/s/source-contains-svn-commit-file.tag b/tags/s/source-contains-svn-commit-file.tag new file mode 100644 index 0000000..30cf964 --- /dev/null +++ b/tags/s/source-contains-svn-commit-file.tag @@ -0,0 +1,6 @@ +Tag: source-contains-svn-commit-file +Severity: pedantic +Check: files/artifact +Explanation: The upstream source contains an <code>svn-commit(.NNN).tmp</code>, + almost certainly a left-over from a failed Subversion commit. You may + want to report this as an upstream bug. diff --git a/tags/s/source-contains-svn-conflict-file.tag b/tags/s/source-contains-svn-conflict-file.tag new file mode 100644 index 0000000..1fc6659 --- /dev/null +++ b/tags/s/source-contains-svn-conflict-file.tag @@ -0,0 +1,9 @@ +Tag: source-contains-svn-conflict-file +Severity: pedantic +Check: files/artifact +Explanation: The upstream source contains a file that looks like a Subversion + conflict file. These are generated by Subversion when a conflict was + detected while merging local changes with updates from a source + repository. They're useful only while resolving the conflict and + were probably included by accident. You may want to report this as an + upstream bug. diff --git a/tags/s/source-contains-svn-control-dir.tag b/tags/s/source-contains-svn-control-dir.tag new file mode 100644 index 0000000..6069769 --- /dev/null +++ b/tags/s/source-contains-svn-control-dir.tag @@ -0,0 +1,9 @@ +Tag: source-contains-svn-control-dir +Severity: pedantic +Check: files/artifact +Explanation: The upstream source contains an .svn directory. It was most likely + included by accident since Subversion version control directories + usually don't belong in releases. When packaging a Subversion snapshot, + export from Subversion rather than checkout. If an upstream release + tarball contains .svn directories, this should be reported as a bug to + upstream since it can double the size of the tarball to no purpose. diff --git a/tags/s/source-contains-waf-binary.tag b/tags/s/source-contains-waf-binary.tag new file mode 100644 index 0000000..f339b95 --- /dev/null +++ b/tags/s/source-contains-waf-binary.tag @@ -0,0 +1,14 @@ +Tag: source-contains-waf-binary +Severity: error +Check: build-systems/waf +Explanation: The source tarball contains a waf binary. This file is a Python + script with an embedded bzip2 archive, which is uncompressed and unpacked + at runtime. + . + Although corresponding sources can be easily extracted, FTP Team does not + consider waf binary as the preferred form of modification; it should be + provided unpacked instead, or completely removed, if possible. + . + You might want to follow these guidelines to obtain an unpacked waf: + https://wiki.debian.org/UnpackWaf +See-Also: https://wiki.debian.org/UnpackWaf, Bug#654523 diff --git a/tags/s/source-field-malformed.tag b/tags/s/source-field-malformed.tag new file mode 100644 index 0000000..19ca1e5 --- /dev/null +++ b/tags/s/source-field-malformed.tag @@ -0,0 +1,12 @@ +Tag: source-field-malformed +Severity: error +Check: fields/source +Explanation: In <code>debian/control</code> or a <code>.dsc</code> file, the Source field + must contain only the name of the source package. In a binary package, + the Source field may also optionally contain the version number of the + corresponding source package in parentheses. + . + Source package names must consist only of lowercase letters, digits, + plus and minus signs, and periods. They must be at least two characters + long and must start with an alphanumeric character. +See-Also: debian-policy 5.6.1 diff --git a/tags/s/source-format.tag b/tags/s/source-format.tag new file mode 100644 index 0000000..a3108eb --- /dev/null +++ b/tags/s/source-format.tag @@ -0,0 +1,4 @@ +Tag: source-format +Severity: classification +Check: debian/source-dir +Explanation: This is the source format declared in the package. diff --git a/tags/s/source-is-missing.tag b/tags/s/source-is-missing.tag new file mode 100644 index 0000000..5a93f62 --- /dev/null +++ b/tags/s/source-is-missing.tag @@ -0,0 +1,12 @@ +Tag: source-is-missing +Severity: error +Check: files/source-missing +Explanation: The source of the following file is missing. Lintian checked a few + possible paths to find the source, and did not find it. + . + Please repack your package to include the source or add it to + "debian/missing-sources" directory. + . + Please note, that very-long-line-length-in-source-file tagged files + are likely tagged source-is-missing. It is a feature not + a bug. diff --git a/tags/s/source-nmu-has-incorrect-version-number.tag b/tags/s/source-nmu-has-incorrect-version-number.tag new file mode 100644 index 0000000..36e600d --- /dev/null +++ b/tags/s/source-nmu-has-incorrect-version-number.tag @@ -0,0 +1,14 @@ +Tag: source-nmu-has-incorrect-version-number +Severity: warning +Check: nmu +Explanation: A source NMU should have a Debian revision of "-x.x" (or "+nmuX" for a + native package). This is to prevent stealing version numbers from the + maintainer. + . + Maybe you didn't intend this upload to be a NMU, in that case, please + double-check that the most recent entry in the changelog is byte-for-byte + identical to the maintainer or one of the uploaders. If this is a local + package (not intended for Debian), you can suppress this warning by + putting "local" in the version number or "local package" on the first + line of the changelog entry. +See-Also: developer-reference 5.11.2 diff --git a/tags/s/source-only-upload-to-non-free-without-autobuild.tag b/tags/s/source-only-upload-to-non-free-without-autobuild.tag new file mode 100644 index 0000000..66b5ebe --- /dev/null +++ b/tags/s/source-only-upload-to-non-free-without-autobuild.tag @@ -0,0 +1,13 @@ +Tag: source-only-upload-to-non-free-without-autobuild +Severity: error +Check: archive/non-free/autobuild +Explanation: For licensing reasons, packages in the non-free section are by default + not built automatically. This source-upload to non-free will never result in built + packages appearing in the archive. + . + Please perform an upload that includes installable packages. After checking the + license, you can alternatively add <code>XS-Autobuild: yes</code> to the source + paragraph of <code>debian/control</code> and ask for the source to be added to the + <code>autobuild</code> whitelist. +See-Also: + developer-reference 5.10.5 diff --git a/tags/s/source-package-component-has-long-file-name.tag b/tags/s/source-package-component-has-long-file-name.tag new file mode 100644 index 0000000..a962c02 --- /dev/null +++ b/tags/s/source-package-component-has-long-file-name.tag @@ -0,0 +1,8 @@ +Tag: source-package-component-has-long-file-name +Severity: warning +Check: archive/file/name/length +Explanation: The source package has a component with a very long filename. + This may complicate shipping the package on some media that put + restrictions on the length of the filenames (such as CDs). +See-Also: + https://lists.debian.org/debian-devel/2011/03/msg00943.html diff --git a/tags/s/source-package-encodes-python-version.tag b/tags/s/source-package-encodes-python-version.tag new file mode 100644 index 0000000..35461f5 --- /dev/null +++ b/tags/s/source-package-encodes-python-version.tag @@ -0,0 +1,12 @@ +Tag: source-package-encodes-python-version +Severity: warning +Check: languages/python +Explanation: This source package encodes a Python version in its name such + as <code>python2-foo</code> or <code>python3-bar</code>. + . + This could result in a misleading future situation where this source + package supports multiple versions as well unnecessary given that the + binary package names will typically encode the supported versions. + . + Please override this tag with a suitably-commented override if + there is no single upstream codebase that supports both versions. diff --git a/tags/s/source-ships-excluded-file.tag b/tags/s/source-ships-excluded-file.tag new file mode 100644 index 0000000..15a5b8a --- /dev/null +++ b/tags/s/source-ships-excluded-file.tag @@ -0,0 +1,14 @@ +Tag: source-ships-excluded-file +Severity: error +Check: debian/copyright/dep5 +Renamed-From: + source-includes-file-in-files-excluded +Explanation: A file specified in the <code>Files-Excluded</code> field in + debian/copyright exists in the source tree. + . + This might be a DFSG violation, the referenced files are probably not + attributed in <code>debian/copyright</code>, or the upstream tarball was simply + not repacked as intended. Alternatively, the field is simply out of date. + . + mk-origtargz(1) is typically responsible for removing such files. Support + in <code>git-buildpackage</code> is being tracked in Bug#812721. diff --git a/tags/s/space-in-std-shortname-in-dep5-copyright.tag b/tags/s/space-in-std-shortname-in-dep5-copyright.tag new file mode 100644 index 0000000..2e7d8d9 --- /dev/null +++ b/tags/s/space-in-std-shortname-in-dep5-copyright.tag @@ -0,0 +1,6 @@ +Tag: space-in-std-shortname-in-dep5-copyright +Severity: warning +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: The โLicenseโ field contains a short name with a space, which + does not conform to the specification. diff --git a/tags/s/spare-manual-page.tag b/tags/s/spare-manual-page.tag new file mode 100644 index 0000000..982354f --- /dev/null +++ b/tags/s/spare-manual-page.tag @@ -0,0 +1,11 @@ +Tag: spare-manual-page +Severity: info +Check: documentation/manual +Renamed-From: manpage-without-executable +Explanation: Each manual page in <code>/usr/share/man</code> should have a reason to be + there. This manual page does not appear to have a valid reason to be shipped. + . + For manual pages in sections 1 and 8, an executable (or a link to one) should + exist. This check currently considers all installation packages created + by the same sources, as long as they are present. +See-Also: debian-policy 12.1, Bug#583125 diff --git a/tags/s/special-file.tag b/tags/s/special-file.tag new file mode 100644 index 0000000..edffb07 --- /dev/null +++ b/tags/s/special-file.tag @@ -0,0 +1,10 @@ +Tag: special-file +Severity: error +Check: files/special +Explanation: The package contains a so-called special file, like a device file. + That is forbidden by policy. + . + If your program needs the device file, you should create it by calling + <code>makedev</code> from the <code>postinst</code> maintainer script. +See-Also: + debian-policy 10.6 diff --git a/tags/s/specific-address-in-shared-library.tag b/tags/s/specific-address-in-shared-library.tag new file mode 100644 index 0000000..316fadf --- /dev/null +++ b/tags/s/specific-address-in-shared-library.tag @@ -0,0 +1,21 @@ +Tag: specific-address-in-shared-library +Severity: error +Check: libraries/shared/relocation +Renamed-From: + shlib-with-non-pic-code +Explanation: The listed shared libraries contain object code that was compiled + without -fPIC. All object code in shared libraries should be recompiled + separately from the static libraries with the -fPIC option. + . + Another common mistake that causes this problem is linking with + <code>gcc -Wl,-shared</code> instead of <code>gcc -shared</code>. + . + In some cases, exceptions to this rule are warranted. If this is such a + case, follow the procedure outlined in Policy and then please document + the exception by adding a Lintian override to this package. + . + To check whether a shared library has this problem, run <code>readelf + -d</code> on the shared library. If a tag of type TEXTREL is present, the + shared library contains non-PIC code. +See-Also: + debian-policy 10.2 diff --git a/tags/s/spelling-error-in-binary.tag b/tags/s/spelling-error-in-binary.tag new file mode 100644 index 0000000..f44b2f9 --- /dev/null +++ b/tags/s/spelling-error-in-binary.tag @@ -0,0 +1,19 @@ +Tag: spelling-error-in-binary +Severity: info +Check: binaries/spelling +Explanation: Lintian found a spelling error in the given binary. Lintian has a + list of common misspellings that it looks for. It does not have a + dictionary like a spelling checker does. + . + If the string containing the spelling error is translated with the help + of gettext or a similar tool, please fix the error in the translations as + well as the English text to avoid making the translations fuzzy. With + gettext, for example, this means you should also fix the spelling mistake + in the corresponding msgids in the *.po files. + . + You can often find the word in the source code by running: + . + grep -rw <word> <source-tree> + . + This tag may produce false positives for words that contain non-ASCII + characters due to limitations in <code>strings</code>. diff --git a/tags/s/spelling-error-in-changelog.tag b/tags/s/spelling-error-in-changelog.tag new file mode 100644 index 0000000..799de85 --- /dev/null +++ b/tags/s/spelling-error-in-changelog.tag @@ -0,0 +1,10 @@ +Tag: spelling-error-in-changelog +Severity: warning +Check: debian/changelog +Explanation: Lintian found a spelling error in the latest entry of the Debian + changelog. Lintian has a list of common misspellings that it looks for. + It does not have a dictionary like a spelling checker does. + . + When writing a changelog entry for a spelling fix that includes the + misspelling, ensure the word "spelling" is on the same line as the + misspelled word to avoid triggering this warning. diff --git a/tags/s/spelling-error-in-copyright.tag b/tags/s/spelling-error-in-copyright.tag new file mode 100644 index 0000000..8083e90 --- /dev/null +++ b/tags/s/spelling-error-in-copyright.tag @@ -0,0 +1,8 @@ +Tag: spelling-error-in-copyright +Severity: pedantic +Check: debian/copyright +Explanation: Lintian found a spelling error in the copyright file. Lintian has a + list of common misspellings that it looks for. It does not have a + dictionary like a spelling checker does. If this is a spelling error in + the upstream license, in supporting email messages, or a case of Lintian + being confused by non-English text, add an override. diff --git a/tags/s/spelling-error-in-description-synopsis.tag b/tags/s/spelling-error-in-description-synopsis.tag new file mode 100644 index 0000000..efe82bd --- /dev/null +++ b/tags/s/spelling-error-in-description-synopsis.tag @@ -0,0 +1,8 @@ +Tag: spelling-error-in-description-synopsis +Severity: info +Check: fields/description +Explanation: Lintian found a spelling error in the package synopsis. Lintian + has a list of common misspellings that it looks for. It does not have a + dictionary like a spelling checker does. It is particularly picky about + spelling and capitalization in package descriptions since they're very + visible to end users. diff --git a/tags/s/spelling-error-in-description.tag b/tags/s/spelling-error-in-description.tag new file mode 100644 index 0000000..7bd525c --- /dev/null +++ b/tags/s/spelling-error-in-description.tag @@ -0,0 +1,8 @@ +Tag: spelling-error-in-description +Severity: info +Check: fields/description +Explanation: Lintian found a spelling error in the package description. Lintian + has a list of common misspellings that it looks for. It does not have a + dictionary like a spelling checker does. It is particularly picky about + spelling and capitalization in package descriptions since they're very + visible to end users. diff --git a/tags/s/spelling-error-in-doc-base-abstract-field.tag b/tags/s/spelling-error-in-doc-base-abstract-field.tag new file mode 100644 index 0000000..df5ae00 --- /dev/null +++ b/tags/s/spelling-error-in-doc-base-abstract-field.tag @@ -0,0 +1,7 @@ +Tag: spelling-error-in-doc-base-abstract-field +Severity: pedantic +Check: menus +Explanation: Lintian found a spelling, grammar or capitalization error in the + <code>Abstract</code> field of the given <code>doc-base</code> control file. + . + Lintian looks for a list of common misspellings. It does not have a dictionary. diff --git a/tags/s/spelling-error-in-doc-base-title-field.tag b/tags/s/spelling-error-in-doc-base-title-field.tag new file mode 100644 index 0000000..9f83885 --- /dev/null +++ b/tags/s/spelling-error-in-doc-base-title-field.tag @@ -0,0 +1,7 @@ +Tag: spelling-error-in-doc-base-title-field +Severity: pedantic +Check: menus +Explanation: Lintian found a spelling, grammar or capitalization error in the + <code>Title</code> field of the given <code>doc-base</code> control file. + . + Lintian looks for a list of common misspellings. It does not have a dictionary. diff --git a/tags/s/spelling-error-in-news-debian.tag b/tags/s/spelling-error-in-news-debian.tag new file mode 100644 index 0000000..47e6ed7 --- /dev/null +++ b/tags/s/spelling-error-in-news-debian.tag @@ -0,0 +1,6 @@ +Tag: spelling-error-in-news-debian +Severity: pedantic +Check: debian/changelog +Explanation: Lintian found a spelling error in the latest entry of the + NEWS.Debian file. Lintian has a list of common misspellings that it + looks for. It does not have a dictionary like a spelling checker does. diff --git a/tags/s/spelling-error-in-patch-description.tag b/tags/s/spelling-error-in-patch-description.tag new file mode 100644 index 0000000..2cb3409 --- /dev/null +++ b/tags/s/spelling-error-in-patch-description.tag @@ -0,0 +1,10 @@ +Tag: spelling-error-in-patch-description +Severity: pedantic +Check: debian/patches/quilt +Explanation: Lintian found a spelling, grammar or capitalization error in the + description for this patch. Lintian has a list of common misspellings + that it looks for. It does not have a dictionary like a spelling checker + does. + . + Patch filenames or descriptions that refer to "spelling" or "typo" (or + similar) are ignored by Lintian. diff --git a/tags/s/spelling-error-in-readme-debian.tag b/tags/s/spelling-error-in-readme-debian.tag new file mode 100644 index 0000000..3c19576 --- /dev/null +++ b/tags/s/spelling-error-in-readme-debian.tag @@ -0,0 +1,6 @@ +Tag: spelling-error-in-readme-debian +Severity: pedantic +Check: debian/readme +Explanation: Lintian found a spelling error in the README.Debian file. Lintian + has a list of common misspellings that it looks for. It does not have a + dictionary like a spelling checker does. diff --git a/tags/s/spelling-error-in-rules-requires-root.tag b/tags/s/spelling-error-in-rules-requires-root.tag new file mode 100644 index 0000000..f9e0ad7 --- /dev/null +++ b/tags/s/spelling-error-in-rules-requires-root.tag @@ -0,0 +1,10 @@ +Tag: spelling-error-in-rules-requires-root +Severity: warning +Check: debian/control/field/rules-requires-root +Explanation: The sources attempt to declare a <code>Rules-Requires-Root</code> field + but the field name is misspelled. + . + This tag was necessary because Debian uses a non-standard grammar. The field should + be named <code>Rules-Require-Root</code> (with the verb in the singular). + . + For now, please rename the field to <code>Rules-Requires-Root</code>. diff --git a/tags/s/spelling-in-override-comment.tag b/tags/s/spelling-in-override-comment.tag new file mode 100644 index 0000000..52b4c52 --- /dev/null +++ b/tags/s/spelling-in-override-comment.tag @@ -0,0 +1,7 @@ +Tag: spelling-in-override-comment +Severity: pedantic +Check: debian/lintian-overrides/comments +Explanation: The comment attached to a Lintian override contains a spelling + error. + . + Lintian looks for common misspelling. It does not have a dictionary. diff --git a/tags/s/sphinxdoc-but-no-sphinxdoc-depends.tag b/tags/s/sphinxdoc-but-no-sphinxdoc-depends.tag new file mode 100644 index 0000000..1ad7690 --- /dev/null +++ b/tags/s/sphinxdoc-but-no-sphinxdoc-depends.tag @@ -0,0 +1,14 @@ +Tag: sphinxdoc-but-no-sphinxdoc-depends +Severity: warning +Check: debhelper +See-Also: dh_sphinxdoc(1) +Explanation: The source package uses Sphinx via <code>--with sphinxdoc</code> or + <code>dh_sphinxdoc</code> but no binary package specifies + <code>${sphinxdoc:Depends}</code> as a dependency. + . + The <code>sphinxdoc</code> helper is being used to make links to various + common files from other binary packages that are injected via the + <code>${sphinxdoc:Depends}</code> substitution variable. + . + Please add <code>${sphinxdoc:Depends}</code> to the relevant binary + package. diff --git a/tags/s/spurious-fields-in-upstream-signature.tag b/tags/s/spurious-fields-in-upstream-signature.tag new file mode 100644 index 0000000..deb3389 --- /dev/null +++ b/tags/s/spurious-fields-in-upstream-signature.tag @@ -0,0 +1,10 @@ +Tag: spurious-fields-in-upstream-signature +Severity: info +Check: upstream-signature +Explanation: The packaging includes a detached upstream signature file that contains + spurious fields like <code>Comment:</code> or <code>Version:</code>. They are + sometimes added by <code>gpg --enarmor</code>, especially if you have an older + version. Modern versions only add a <code>Comment:</code> field. + . + Please generate the signature with <code>gpg --armor --detach-sig</code> using a + modern version instead. diff --git a/tags/s/standards-version.tag b/tags/s/standards-version.tag new file mode 100644 index 0000000..2f993d8 --- /dev/null +++ b/tags/s/standards-version.tag @@ -0,0 +1,5 @@ +Tag: standards-version +Severity: classification +Check: fields/standards-version +Explanation: The standards version of the package according to + Standards-Version field in the <code>debian/control</code> file. diff --git a/tags/s/star-file.tag b/tags/s/star-file.tag new file mode 100644 index 0000000..fd8d5fb --- /dev/null +++ b/tags/s/star-file.tag @@ -0,0 +1,6 @@ +Tag: star-file +Severity: error +Check: files/names +Explanation: The given file is literally installed as <code>*</code> (star + symbol). Normally this indicates a mistake in the installation + process of the package either when creating symlinks or renaming files. diff --git a/tags/s/static-library-has-unneeded-sections.tag b/tags/s/static-library-has-unneeded-sections.tag new file mode 100644 index 0000000..b419e70 --- /dev/null +++ b/tags/s/static-library-has-unneeded-sections.tag @@ -0,0 +1,13 @@ +Tag: static-library-has-unneeded-sections +Severity: info +Check: libraries/static +Renamed-From: + static-library-has-unneeded-section +Explanation: The static library is stripped, but still contains a section + that is not useful. You should call strip with + <code>--remove-section=.comment --remove-section=.note</code> to remove the + <code>.note</code> and <code>.comment</code> sections. + . + <code>dh_strip</code> (after debhelper/9.20150811) will do this + automatically for you, but <code>install -s</code> will not because it calls + strip without any arguments. diff --git a/tags/s/static-link-time-optimization.tag b/tags/s/static-link-time-optimization.tag new file mode 100644 index 0000000..714bf12 --- /dev/null +++ b/tags/s/static-link-time-optimization.tag @@ -0,0 +1,18 @@ +Tag: static-link-time-optimization +Severity: info +Check: libraries/static/link-time-optimization +Explanation: + The named member of the static library ships ELF sections that indicate the + use of link-time-optimization (LTO). The use of LTO in static objects is + usually a bug. + . + In the milder case, the library will work but is larger than needed. The more + serious case is indicated by the distinct tag <code>no-code-sections</code>. + Those libraries cannot work in Debian. + . + An object file shown here was usually built with the command-line option + <code>-flto=auto</code>. +See-Also: + https://gcc.gnu.org/wiki/LinkTimeOptimization, + http://hubicka.blogspot.com/2014/04/linktime-optimization-in-gcc-2-firefox.html, + Bug#963057 diff --git a/tags/s/statically-linked-binary.tag b/tags/s/statically-linked-binary.tag new file mode 100644 index 0000000..60d3977 --- /dev/null +++ b/tags/s/statically-linked-binary.tag @@ -0,0 +1,8 @@ +Tag: statically-linked-binary +Severity: error +Check: binaries/static +Explanation: The package installs a statically linked binary or object file. + . + Usually this is a bug. Otherwise, please add an override if your package + is an exception. Binaries named *-static and *.static are automatically + excluded, as are any binaries in packages named *-static. diff --git a/tags/s/stray-devhelp-documentation.tag b/tags/s/stray-devhelp-documentation.tag new file mode 100644 index 0000000..3c5217b --- /dev/null +++ b/tags/s/stray-devhelp-documentation.tag @@ -0,0 +1,21 @@ +Tag: stray-devhelp-documentation +Severity: warning +Check: documentation/devhelp +Renamed-From: + package-contains-devhelp-file-without-symlink +Explanation: The named file is not in the Devhelp search path + (<code>/usr/share/devhelp/books</code> or <code>/usr/share/gtk-doc/html</code>) + and also not located in a directory that is accessible via a symbolic link from + that search path. Devhelp cannot find that file. + . + For Devhelp documentation installed outside the search path (such as + <code>/usr/share/doc</code>), create a symbolic link in + <code>/usr/share/gtk-doc/html</code> that points to the documentation directory. +See-Also: + https://apps.gnome.org/app/org.gnome.Devhelp/ + +Screen: examples/ship/devhelp +Advocates: Lintian Maintainers <lintian-maint@debian.org> +Reason: + Any Devhelp files shipped in the examples are not expected to be discoverable by + the Devhelp browsing tool. diff --git a/tags/s/stray-folder-in-manual.tag b/tags/s/stray-folder-in-manual.tag new file mode 100644 index 0000000..41c438d --- /dev/null +++ b/tags/s/stray-folder-in-manual.tag @@ -0,0 +1,7 @@ +Tag: stray-folder-in-manual +Severity: error +Check: documentation/manual +Renamed-Tag: stray-directory-in-manpage-directory +Explanation: This package installs a directory under <code>/usr/share/man</code> + that is not a manual section directory or locale directory. +See-Also: filesystem-hierarchy usrsharemanmanualpages diff --git a/tags/s/stray-translated-debconf-templates.tag b/tags/s/stray-translated-debconf-templates.tag new file mode 100644 index 0000000..3bda1c1 --- /dev/null +++ b/tags/s/stray-translated-debconf-templates.tag @@ -0,0 +1,8 @@ +Tag: stray-translated-debconf-templates +Severity: warning +Check: debian/po-debconf +Explanation: This package contains a file named *templates.XX or + *templates.XX_XX. This was the naming convention for the translated + templates merged using debconf-mergetemplate. Since the package is using + po-debconf, these files should be replaced by language-specific files in + the <code>debian/po</code> directory and should no longer be needed. diff --git a/tags/s/stripped-library.tag b/tags/s/stripped-library.tag new file mode 100644 index 0000000..bdb8c94 --- /dev/null +++ b/tags/s/stripped-library.tag @@ -0,0 +1,8 @@ +Tag: stripped-library +Severity: error +Check: libraries/debug-symbols +Renamed-From: + library-in-debug-or-profile-should-not-be-stripped +Explanation: Libraries in <code>.../lib/debug</code> or in + <code>.../lib/profile</code> must not be stripped; this defeats the whole + point of the separate library. diff --git a/tags/s/su-to-root-with-usr-sbin.tag b/tags/s/su-to-root-with-usr-sbin.tag new file mode 100644 index 0000000..acb4e5c --- /dev/null +++ b/tags/s/su-to-root-with-usr-sbin.tag @@ -0,0 +1,12 @@ +Tag: su-to-root-with-usr-sbin +Severity: warning +Check: menu-format +Explanation: The command in a <code>menu</code> item or in a Desktop file uses + refers to the full path <code>/usr/sbin/su-to-root</code>. + . + Since the sarge release (Debian 3.1) <code>su-to-root</code> is located in + <code>/usr/bin</code>. The location <code>/usr/sbin/su-to-root</code> is a + symbolic link to ensure compatibility. It may be dropped in the future. + . + Since <code>su-to-root</code> is now available in <code>/usr/bin</code> you + can use it without an absolute path. diff --git a/tags/s/su-wrapper-not-su-to-root.tag b/tags/s/su-wrapper-not-su-to-root.tag new file mode 100644 index 0000000..ec19bee --- /dev/null +++ b/tags/s/su-wrapper-not-su-to-root.tag @@ -0,0 +1,14 @@ +Tag: su-wrapper-not-su-to-root +Severity: warning +Check: menu-format +Explanation: The command in a <code>menu</code> item or in a Desktop file uses + a <code>su</code> wrapper other than <code>su-to-root</code>. + . + On Debian systems, please use <code>su-to-root -X</code>. That will pick the + best wrapper depending on which software is installed and which desktop + environment is being used. + . + Using <code>su-to-root</code> is especially important for Live CD systems. + They need to use <code>sudo</code> rather than <code>su</code>. The + <code>su-to-root</code> command can be configured to invoke only + <code>sudo</code>. diff --git a/tags/s/su-wrapper-without--c.tag b/tags/s/su-wrapper-without--c.tag new file mode 100644 index 0000000..a76bd24 --- /dev/null +++ b/tags/s/su-wrapper-without--c.tag @@ -0,0 +1,8 @@ +Tag: su-wrapper-without--c +Severity: error +Check: menu-format +Explanation: The command in a <code>menu</code> item or in a Desktop file uses + a <code>su</code> wrapper like <code>su-to-root</code> without the + <code>-c</code> flag. That is a syntax error. +See-Also: + su-to-root(1) diff --git a/tags/s/subdir-in-bin.tag b/tags/s/subdir-in-bin.tag new file mode 100644 index 0000000..c87fb16 --- /dev/null +++ b/tags/s/subdir-in-bin.tag @@ -0,0 +1,6 @@ +Tag: subdir-in-bin +Severity: error +Check: files/hierarchy/standard +Explanation: The Filesystem Hierarchy Standard forbids the installation of new + directories in <code>/bin</code>. +See-Also: filesystem-hierarchy binessentialusercommandbinaries diff --git a/tags/s/subdir-in-usr-bin.tag b/tags/s/subdir-in-usr-bin.tag new file mode 100644 index 0000000..17ff334 --- /dev/null +++ b/tags/s/subdir-in-usr-bin.tag @@ -0,0 +1,6 @@ +Tag: subdir-in-usr-bin +Severity: error +Check: files/hierarchy/standard +Explanation: The Filesystem Hierarchy Standard forbids the installation of new + directories in <code>/usr/bin</code> other than <code>/usr/bin/mh</code>. +See-Also: filesystem-hierarchy usrbinmostusercommands diff --git a/tags/s/substvar-source-version-is-deprecated.tag b/tags/s/substvar-source-version-is-deprecated.tag new file mode 100644 index 0000000..b010ab9 --- /dev/null +++ b/tags/s/substvar-source-version-is-deprecated.tag @@ -0,0 +1,8 @@ +Tag: substvar-source-version-is-deprecated +Severity: warning +Check: debian/version-substvars +Explanation: The package uses the now deprecated ${Source-Version} substvar, + which has misleading semantics. Please switch to ${binary:Version} or + ${source:Version} as appropriate (introduced in dpkg 1.13.19, released + with etch). Support for ${Source-Version} may be removed from dpkg-dev + in the future. diff --git a/tags/s/superficial-tests.tag b/tags/s/superficial-tests.tag new file mode 100644 index 0000000..83f4088 --- /dev/null +++ b/tags/s/superficial-tests.tag @@ -0,0 +1,12 @@ +Tag: superficial-tests +Severity: info +Check: testsuite +Explanation: The source package declares tests in the + <code>debian/tests/control</code> file but provides only tests + with a <code>superficial</code> restriction. + . + Please provide more meaningful tests. +See-Also: + https://lists.debian.org/debian-devel-announce/2019/08/msg00003.html, + Bug#932870, + https://salsa.debian.org/ci-team/autopkgtest/tree/master/doc/README.package-tests.rst diff --git a/tags/s/superfluous-clutter-in-homepage.tag b/tags/s/superfluous-clutter-in-homepage.tag new file mode 100644 index 0000000..644f414 --- /dev/null +++ b/tags/s/superfluous-clutter-in-homepage.tag @@ -0,0 +1,7 @@ +Tag: superfluous-clutter-in-homepage +Severity: warning +Check: fields/homepage +Explanation: The "Homepage:" field in this package's control file contains + superfluous markup around the URL, like enclosing < and >. + This is unnecessary and needlessly complicates using this information. +See-Also: debian-policy 5.6.23 diff --git a/tags/s/superfluous-file-pattern.tag b/tags/s/superfluous-file-pattern.tag new file mode 100644 index 0000000..1efd4d2 --- /dev/null +++ b/tags/s/superfluous-file-pattern.tag @@ -0,0 +1,12 @@ +Tag: superfluous-file-pattern +Severity: warning +Check: debian/copyright/dep5 +Rename-from: + wildcard-matches-nothing-in-dep5-copyright +Explanation: The wildcard that was specified matches no file in the source tree. + This either indicates that you should fix the wildcard so that it matches + the intended file or that you can remove the wildcard. Notice that in + contrast to shell globs, the "*" (star or asterisk) matches slashes and + leading dots. +See-Also: + https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ diff --git a/tags/s/surplus-shared-library-symbols.tag b/tags/s/surplus-shared-library-symbols.tag new file mode 100644 index 0000000..f209ddd --- /dev/null +++ b/tags/s/surplus-shared-library-symbols.tag @@ -0,0 +1,7 @@ +Tag: surplus-shared-library-symbols +Severity: warning +Check: debian/shlibs +Renamed-From: + unused-shlib-entry-in-symbols-control-file +Explanation: The symbols control file contains an entry for a shared library that + is not installed by this package. diff --git a/tags/s/svk-commit-file-in-package.tag b/tags/s/svk-commit-file-in-package.tag new file mode 100644 index 0000000..0d7e92c --- /dev/null +++ b/tags/s/svk-commit-file-in-package.tag @@ -0,0 +1,6 @@ +Tag: svk-commit-file-in-package +Severity: warning +Check: files/vcs +Explanation: The package contains an svk-commitNNN.tmp file. This file is almost + certainly a left-over from a failed Subversion commit, and does not + belong in a Debian package. diff --git a/tags/s/svn-commit-file-in-package.tag b/tags/s/svn-commit-file-in-package.tag new file mode 100644 index 0000000..7695b5e --- /dev/null +++ b/tags/s/svn-commit-file-in-package.tag @@ -0,0 +1,6 @@ +Tag: svn-commit-file-in-package +Severity: warning +Check: files/vcs +Explanation: The package contains an svn-commit(.NNN).tmp file. This file is + almost certainly a left-over from a failed Subversion commit, and does + not belong in a Debian package. diff --git a/tags/s/symbols-declares-dependency-on-other-package.tag b/tags/s/symbols-declares-dependency-on-other-package.tag new file mode 100644 index 0000000..5226cba --- /dev/null +++ b/tags/s/symbols-declares-dependency-on-other-package.tag @@ -0,0 +1,15 @@ +Tag: symbols-declares-dependency-on-other-package +Severity: warning +Check: debian/shlibs +Explanation: This package declares in its symbols control file a dependency on + some other package (and not one listed in the Provides of this package). + . + Packages should normally only list in their symbols control file the + shared libraries included in that package, and therefore the dependencies + listed there should normally be satisfied by either the package itself or + one of its Provides. + . + In unusual circumstances where it's necessary to declare more complex + dependencies in the symbols control file, please add a Lintian override + for this warning. +See-Also: debian-policy 8.6 diff --git a/tags/s/symbols-file-contains-current-version-with-debian-revision.tag b/tags/s/symbols-file-contains-current-version-with-debian-revision.tag new file mode 100644 index 0000000..266cad1 --- /dev/null +++ b/tags/s/symbols-file-contains-current-version-with-debian-revision.tag @@ -0,0 +1,15 @@ +Tag: symbols-file-contains-current-version-with-debian-revision +Severity: error +Check: debian/shlibs +Explanation: Debian revisions should be stripped from versions in symbols files. + Not doing so leads to dependencies unsatisfiable by backports (1.0-1~bpo + << 1.0-1 while 1.0-1~bpo >= 1.0). If the Debian revision can't + be stripped because the symbol really appeared between two specific + Debian revisions, you should postfix the version with a single "~" + (example: 1.0-3~ if the symbol appeared in 1.0-3). + . + This problem normally means that the symbols were added automatically by + dpkg-gensymbols. dpkg-gensymbols uses the full version number for the + dependency associated to any new symbol that it detects. The maintainer + must update the <code>debian/<package>.symbols</code> file by adding + the new symbols with the corresponding upstream version. diff --git a/tags/s/symbols-file-contains-debian-revision.tag b/tags/s/symbols-file-contains-debian-revision.tag new file mode 100644 index 0000000..c15a2fe --- /dev/null +++ b/tags/s/symbols-file-contains-debian-revision.tag @@ -0,0 +1,10 @@ +Tag: symbols-file-contains-debian-revision +Severity: warning +Check: debian/shlibs +Explanation: Debian revisions should be stripped from versions in symbols files. + Not doing so leads to dependencies unsatisfiable by backports (1.0-1~bpo + << 1.0-1 while 1.0-1~bpo >= 1.0). If the Debian revision can't + be stripped because the symbol really appeared between two specific + Debian revisions, you should postfix the version with a single "~" + (example: 1.0-3~ if the symbol appeared in 1.0-3). +See-Also: dpkg-gensymbols(1), https://wiki.debian.org/UsingSymbolsFiles diff --git a/tags/s/symbols-file-missing-build-depends-package-field.tag b/tags/s/symbols-file-missing-build-depends-package-field.tag new file mode 100644 index 0000000..f6433e7 --- /dev/null +++ b/tags/s/symbols-file-missing-build-depends-package-field.tag @@ -0,0 +1,25 @@ +Tag: symbols-file-missing-build-depends-package-field +Severity: info +Check: debian/shlibs +Explanation: The symbols file for this package does not contain a + <code>Build-Depends-Package</code> meta-information field. + . + This field specifies the name of the <code>-dev</code> package associated + to the library and is used by <code>dpkg-shlibdeps(1)</code> to make sure + that the dependency generated is at least as strict as the + corresponding build dependency. + . + This is useful as allows packages to not hardcode this information + multiple times. + . + Note that the format of <code>deb-symbols(5)</code> files requires that the + <code>* Build-Depends-Package:</code> line should start in column one of + the file and not be indented to align with the symbols themselves. + Please do not use the placeholder <code>#PACKAGE#</code>. The + development package for your shared library must be stated explicitly. +See-Also: + debian-policy 8.6.3.2, + deb-symbols(5), + dpkg-shlibdeps(1), + https://www.debian.org/doc/manuals/maint-guide/advanced.en.html#librarysymbols, + Bug#944047 diff --git a/tags/s/symbols-for-undeclared-shared-library.tag b/tags/s/symbols-for-undeclared-shared-library.tag new file mode 100644 index 0000000..3a2f53b --- /dev/null +++ b/tags/s/symbols-for-undeclared-shared-library.tag @@ -0,0 +1,7 @@ +Tag: symbols-for-undeclared-shared-library +Severity: error +Check: debian/shlibs +Renamed-From: + symbols-declared-but-not-shlib +Explanation: The symbols control file contains dependency and symbol information + for a shared library which is not listed in the shlibs control file. diff --git a/tags/s/symlink-contains-spurious-segments.tag b/tags/s/symlink-contains-spurious-segments.tag new file mode 100644 index 0000000..ab5ec2b --- /dev/null +++ b/tags/s/symlink-contains-spurious-segments.tag @@ -0,0 +1,14 @@ +Tag: symlink-contains-spurious-segments +Severity: error +Check: files/symbolic-links +Explanation: The symbolic link target contains superfluous path segments like + <code>..</code> or <code>.</code>. They are not needed and make the link longer + than necessary, which goes against Debian policy. + . + Such segments can also cause unexpected problems in the presence of symlinked + directories. + . + With Debhelper, running dh_link after creating the package structure + will fix this problem for you. +See-Also: + debian-policy 10.5 diff --git a/tags/s/symlink-ends-with-slash.tag b/tags/s/symlink-ends-with-slash.tag new file mode 100644 index 0000000..f58eb43 --- /dev/null +++ b/tags/s/symlink-ends-with-slash.tag @@ -0,0 +1,10 @@ +Tag: symlink-ends-with-slash +Severity: warning +Check: files/symbolic-links +Explanation: This symbolic link target ends with a slash (/). That geos against + Debian policy, which states that symbolic links should be as short as possible. + . + With Debhelper, running dh_link after creating the package structure + will fix this problem for you. +See-Also: + debian-policy 10.5 diff --git a/tags/s/symlink-has-double-slash.tag b/tags/s/symlink-has-double-slash.tag new file mode 100644 index 0000000..3dbe2e4 --- /dev/null +++ b/tags/s/symlink-has-double-slash.tag @@ -0,0 +1,11 @@ +Tag: symlink-has-double-slash +Severity: warning +Check: files/symbolic-links +Explanation: This symbolic link target contains two successive slashes (//). + That goes against Debian policy, which states that symbolic links should be + as short as possible. + . + With Debhelper, running dh_link after creating the package structure + will fix this problem for you. +See-Also: + debian-policy 10.5 diff --git a/tags/s/symlink-has-too-many-up-segments.tag b/tags/s/symlink-has-too-many-up-segments.tag new file mode 100644 index 0000000..86833db --- /dev/null +++ b/tags/s/symlink-has-too-many-up-segments.tag @@ -0,0 +1,5 @@ +Tag: symlink-has-too-many-up-segments +Severity: error +Check: files/symbolic-links +See-Also: debian-policy 10.5 +Explanation: The symlink references a directory beyond the root directory "/". diff --git a/tags/s/symlink-is-self-recursive.tag b/tags/s/symlink-is-self-recursive.tag new file mode 100644 index 0000000..0d37aa2 --- /dev/null +++ b/tags/s/symlink-is-self-recursive.tag @@ -0,0 +1,6 @@ +Tag: symlink-is-self-recursive +Severity: warning +Check: files/symbolic-links +Explanation: The symbolic link is recursive to a higher directory of the symlink + itself. This means, that you can infinitely chdir with this symlink. This is + usually not okay, but sometimes wanted behaviour. diff --git a/tags/s/symlink-target-in-build-tree.tag b/tags/s/symlink-target-in-build-tree.tag new file mode 100644 index 0000000..3953bd1 --- /dev/null +++ b/tags/s/symlink-target-in-build-tree.tag @@ -0,0 +1,9 @@ +Tag: symlink-target-in-build-tree +Severity: error +Check: files/symbolic-links +Explanation: The package sets a link with a target pointing to common + build paths. + . + This often occurs if the package uses regular expressions to + strip the build path without properly regex quoting the build + path. diff --git a/tags/s/symlink-target-in-tmp.tag b/tags/s/symlink-target-in-tmp.tag new file mode 100644 index 0000000..452f26b --- /dev/null +++ b/tags/s/symlink-target-in-tmp.tag @@ -0,0 +1,9 @@ +Tag: symlink-target-in-tmp +Severity: error +Check: files/symbolic-links +Explanation: Packages must not set links with targets pointing into <code>/tmp</code> or + <code>/var/tmp</code>. The File Hierarchy Standard specifies that such files + may be removed by the administrator and that programs may not depend on + any files in <code>/tmp</code> being preserved across invocations, which + combined mean that it makes no sense to ship files in these directories. +See-Also: filesystem-hierarchy tmptemporaryfiles, filesystem-hierarchy vartmptemporaryfilespreservedbetwee diff --git a/tags/s/synopsis-is-a-sentence.tag b/tags/s/synopsis-is-a-sentence.tag new file mode 100644 index 0000000..8a351a5 --- /dev/null +++ b/tags/s/synopsis-is-a-sentence.tag @@ -0,0 +1,15 @@ +Tag: synopsis-is-a-sentence +Severity: info +Check: fields/description +Renamed-From: description-synopsis-might-not-be-phrased-properly +Explanation: The package synopsis (also known as the "short" description, ie. the + first line in the package's "Description:" field) either ends with a full + stop "." character or starts another sentence. + . + This is not necessary as the synopsis does not need to be a full + sentence. It is recommended that a single descriptive phrase is used + instead. + . + Note also that the synopsis is not part of the rest of the "long" + Description: field. +See-Also: developer-reference 6.2.2 diff --git a/tags/s/synopsis-too-long.tag b/tags/s/synopsis-too-long.tag new file mode 100644 index 0000000..5ffa77a --- /dev/null +++ b/tags/s/synopsis-too-long.tag @@ -0,0 +1,6 @@ +Tag: synopsis-too-long +Severity: warning +Check: fields/description +Renamed-From: description-too-long +Explanation: The first line of the "Description:" must be less than 80 characters long. +See-Also: debian-policy 3.4.1 diff --git a/tags/s/syntax-error-in-debconf-template.tag b/tags/s/syntax-error-in-debconf-template.tag new file mode 100644 index 0000000..8c010ff --- /dev/null +++ b/tags/s/syntax-error-in-debconf-template.tag @@ -0,0 +1,7 @@ +Tag: syntax-error-in-debconf-template +Severity: error +Check: debian/debconf +Explanation: The template file contains a syntax error. + . + This issue may hide other issues as Lintian skips some checks on the + file in this case. diff --git a/tags/s/syntax-error-in-debian-changelog.tag b/tags/s/syntax-error-in-debian-changelog.tag new file mode 100644 index 0000000..a6b3522 --- /dev/null +++ b/tags/s/syntax-error-in-debian-changelog.tag @@ -0,0 +1,12 @@ +Tag: syntax-error-in-debian-changelog +Severity: warning +Check: debian/changelog +Explanation: While parsing the Debian changelog, a syntax error was found. If + you have old changelog entries that don't follow the current syntax but + that you want to keep as-is for the historical record, add the line: + . + Old Changelog: + . + with no leading whitespace before the legacy entries. This line and + everything after it will be ignored. +See-Also: debian-policy 4.4 diff --git a/tags/s/syntax-error-in-debian-news-file.tag b/tags/s/syntax-error-in-debian-news-file.tag new file mode 100644 index 0000000..557dff4 --- /dev/null +++ b/tags/s/syntax-error-in-debian-news-file.tag @@ -0,0 +1,5 @@ +Tag: syntax-error-in-debian-news-file +Severity: warning +Check: debian/changelog +Explanation: While parsing the NEWS.Debian file, a syntax error was found. +See-Also: developer-reference 6.3.4 diff --git a/tags/s/syntax-error-in-dep5-copyright.tag b/tags/s/syntax-error-in-dep5-copyright.tag new file mode 100644 index 0000000..1ec35c4 --- /dev/null +++ b/tags/s/syntax-error-in-dep5-copyright.tag @@ -0,0 +1,9 @@ +Tag: syntax-error-in-dep5-copyright +Severity: warning +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: The machine-readable copyright file didn't pass Debian control file + syntax check. + . + This issue may hide other issues as Lintian skips some checks on the + file in this case. diff --git a/tags/s/syntax-error-in-symbols-file.tag b/tags/s/syntax-error-in-symbols-file.tag new file mode 100644 index 0000000..b77ce22 --- /dev/null +++ b/tags/s/syntax-error-in-symbols-file.tag @@ -0,0 +1,8 @@ +Tag: syntax-error-in-symbols-file +Severity: error +Check: debian/shlibs +Explanation: The symbols file contains an entry that does not follow the syntax + rules for symbols files. + . + This may be due to the entry appearing out of sequence. +See-Also: deb-symbols(5) diff --git a/tags/s/systemd-service-alias-without-extension.tag b/tags/s/systemd-service-alias-without-extension.tag new file mode 100644 index 0000000..58fdc51 --- /dev/null +++ b/tags/s/systemd-service-alias-without-extension.tag @@ -0,0 +1,8 @@ +Tag: systemd-service-alias-without-extension +Severity: warning +Check: systemd +See-Also: http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Alias= +Explanation: The service file lists an alias without a file extension. + . + The spec mandates that the extension of the listed alias matches + the extension of the unit itself. diff --git a/tags/s/systemd-service-file-missing-documentation-key.tag b/tags/s/systemd-service-file-missing-documentation-key.tag new file mode 100644 index 0000000..896e36b --- /dev/null +++ b/tags/s/systemd-service-file-missing-documentation-key.tag @@ -0,0 +1,8 @@ +Tag: systemd-service-file-missing-documentation-key +Severity: info +Check: systemd +Explanation: The systemd service file does not contain a <code>Documentation</code> key. + . + Documentation for systemd service files can be automatically viewed using + <code>systemctl help servicename</code> if this field is present. +See-Also: systemd.unit(5) diff --git a/tags/s/systemd-service-file-missing-hardening-features.tag b/tags/s/systemd-service-file-missing-hardening-features.tag new file mode 100644 index 0000000..fe337af --- /dev/null +++ b/tags/s/systemd-service-file-missing-hardening-features.tag @@ -0,0 +1,15 @@ +Tag: systemd-service-file-missing-hardening-features +Severity: pedantic +Experimental: yes +Check: systemd +Explanation: The specified systemd <code>.service</code> file does not appear to + enable any hardening options. + . + systemd has support for many security-oriented features such as + isolating services from the network, private <code>/tmp</code> directories, + as well as control over making directories appear read-only or even + inaccessible, etc. + . + Please consider supporting some options, collaborating upstream where + necessary about any potential changes. +See-Also: systemd.service(5), http://0pointer.de/blog/projects/security.html diff --git a/tags/s/systemd-service-file-missing-install-key.tag b/tags/s/systemd-service-file-missing-install-key.tag new file mode 100644 index 0000000..0d5dbd6 --- /dev/null +++ b/tags/s/systemd-service-file-missing-install-key.tag @@ -0,0 +1,9 @@ +Tag: systemd-service-file-missing-install-key +Severity: info +Check: systemd +Explanation: The systemd service file does not contain a <code>WantedBy=</code> or + <code>RequiredBy=</code> key in its <code>[Install]</code> section. + . + Forgetting to add such a line (e.g. <code>WantedBy=multi-user.target</code>) + results in the service file not being started by default. +See-Also: systemd.unit(5) diff --git a/tags/s/systemd-service-file-refers-to-obsolete-bindto.tag b/tags/s/systemd-service-file-refers-to-obsolete-bindto.tag new file mode 100644 index 0000000..592c89a --- /dev/null +++ b/tags/s/systemd-service-file-refers-to-obsolete-bindto.tag @@ -0,0 +1,8 @@ +Tag: systemd-service-file-refers-to-obsolete-bindto +Severity: warning +Check: systemd +Explanation: The systemd service file refers to the obsolete BindTo= option. + . + The <code>BindTo=</code> option has been deprecated in favour of + <code>BindsTo=</code> which should be used instead. +See-Also: https://github.com/systemd/systemd/commit/7f2cddae09fd2579ae24434df577bb5e5a157d86 diff --git a/tags/s/systemd-service-file-refers-to-obsolete-target.tag b/tags/s/systemd-service-file-refers-to-obsolete-target.tag new file mode 100644 index 0000000..8986cc1 --- /dev/null +++ b/tags/s/systemd-service-file-refers-to-obsolete-target.tag @@ -0,0 +1,8 @@ +Tag: systemd-service-file-refers-to-obsolete-target +Severity: warning +Check: systemd +Explanation: The systemd service file refers to an obsolete target. + . + Some targets are obsolete by now, e.g. syslog.target or dbus.target. For + example, declaring <code>After=syslog.target</code> is unnecessary by now because + syslog is socket-activated and will therefore be started when needed. diff --git a/tags/s/systemd-service-file-refers-to-unusual-wantedby-target.tag b/tags/s/systemd-service-file-refers-to-unusual-wantedby-target.tag new file mode 100644 index 0000000..d2062e5 --- /dev/null +++ b/tags/s/systemd-service-file-refers-to-unusual-wantedby-target.tag @@ -0,0 +1,11 @@ +Tag: systemd-service-file-refers-to-unusual-wantedby-target +Severity: warning +Check: systemd +Explanation: The specified systemd service file declares an unusual + <code>WantedBy=</code> relationship. + . + Most services that want to be started automatically at boot should use + <code>WantedBy=multi-user.target</code> or <code>WantedBy=graphical.target</code>. + Services that want to be started in rescue or single-user mode should + instead use <code>WantedBy=sysinit.target</code> +See-Also: https://wiki.debian.org/Teams/pkg-systemd/rcSMigration diff --git a/tags/s/systemd-service-file-refers-to-var-run.tag b/tags/s/systemd-service-file-refers-to-var-run.tag new file mode 100644 index 0000000..2eb00d2 --- /dev/null +++ b/tags/s/systemd-service-file-refers-to-var-run.tag @@ -0,0 +1,13 @@ +Tag: systemd-service-file-refers-to-var-run +Severity: info +Check: systemd +Explanation: The specified systemd service file declares a <code>PIDFile=</code> + that references <code>/var/run</code>. + . + <code>/var/run</code> is now merely a symlink pointing to <code>/run</code> and + thus it is now considered best practice that packages use <code>/run</code> + directly. + . + Please update the specified service file. +Renamed-From: + systemd-service-file-pidfile-refers-to-var-run diff --git a/tags/s/systemd-service-file-shutdown-problems.tag b/tags/s/systemd-service-file-shutdown-problems.tag new file mode 100644 index 0000000..ffb9a49 --- /dev/null +++ b/tags/s/systemd-service-file-shutdown-problems.tag @@ -0,0 +1,18 @@ +Tag: systemd-service-file-shutdown-problems +Severity: warning +Experimental: no +Check: systemd +See-Also: https://github.com/systemd/systemd/issues/11821 +Explanation: The specified systemd <code>.service</code> file contains both + <code>DefaultDependencies=no</code> and <code>Conflicts=shutdown.target</code> + directives without <code>Before=shutdown.target</code>. + . + This can lead to problems during shutdown because the service may + linger until the very end of shutdown sequence as nothing requests to + stop it before (due to <code>DefaultDependencies=no</code>). + . + There is race condition between stopping units and systemd getting a + request to exit the main loop, so it may proceed with shutdown before + all pending stop jobs have been processed. + . + Please add <code>Before=shutdown.target</code>. diff --git a/tags/s/systemd-service-file-uses-deprecated-syslog-facility.tag b/tags/s/systemd-service-file-uses-deprecated-syslog-facility.tag new file mode 100644 index 0000000..71db78c --- /dev/null +++ b/tags/s/systemd-service-file-uses-deprecated-syslog-facility.tag @@ -0,0 +1,11 @@ +Tag: systemd-service-file-uses-deprecated-syslog-facility +Severity: warning +Check: systemd +Explanation: The specified systemd service file specifies + <code>StandardOutput=</code> or <code>StandardError=</code> that references + <code>syslog</code> or <code>syslog-console</code>. + . + This is discouraged, and systemd versions 246 and above will log a + warning about this. +See-Also: + https://github.com/systemd/systemd/blob/6706384a89ae0c462e7172588c80667190c4d9e2/NEWS#L724 diff --git a/tags/s/systemd-service-file-uses-nobody-or-nogroup.tag b/tags/s/systemd-service-file-uses-nobody-or-nogroup.tag new file mode 100644 index 0000000..d755ad5 --- /dev/null +++ b/tags/s/systemd-service-file-uses-nobody-or-nogroup.tag @@ -0,0 +1,10 @@ +Tag: systemd-service-file-uses-nobody-or-nogroup +Severity: warning +Check: systemd +Explanation: The specified <code>systemd</code> service file declares a <code>User=</code> + or <code>Group=</code> that references <code>nobody</code> or <code>nogroup</code>. + . + The practice is discouraged. Starting with version 246, <code>systemd</code> version will + log a warning about it. +See-Also: + https://github.com/systemd/systemd/blob/v246/NEWS#L106-L113 diff --git a/tags/s/systemd-service-file-wraps-init-script.tag b/tags/s/systemd-service-file-wraps-init-script.tag new file mode 100644 index 0000000..8a895e6 --- /dev/null +++ b/tags/s/systemd-service-file-wraps-init-script.tag @@ -0,0 +1,11 @@ +Tag: systemd-service-file-wraps-init-script +Severity: warning +Check: systemd +Explanation: The listed service file simply uses ths existing SysV init script + via ExecStart, ExecStop, etc. + . + The main logic of more complex init scripts should be moved into helper + scripts which can be used directly from both the .service file and the + init script. This will also make the init scripts more readable and easier + to support other alternatives. Note that as /etc/init.d/* files are + conffiles, such updates are not guaranteed to reach users. diff --git a/tags/s/systemd-service-in-odd-location.tag b/tags/s/systemd-service-in-odd-location.tag new file mode 100644 index 0000000..851d5ae --- /dev/null +++ b/tags/s/systemd-service-in-odd-location.tag @@ -0,0 +1,18 @@ +Tag: systemd-service-in-odd-location +Severity: error +Check: systemd +Explanation: The package ships a systemd service file in a location outside + <code>/usr/lib/systemd/system/</code> + . + Systemd in Debian looks for unit files in <code>/usr/lib/systemd/system/</code>. + <code>/lib/systemd/system/</code> and <code>/etc/systemd/system</code>, but the + first location is now standard in Debian. + . + System administrators have the possibility to override service files (or in newer + systemd versions, parts of them) by placing files in <code>/etc/systemd/system</code>. + The canonical location for service files in Debian is <code>/usr/lib/systemd/system/</code>. +See-Also: + Bug#992465, + Bug#987989, + https://salsa.debian.org/debian/debhelper/-/commit/d70caa69c64b124e3611c967cfab93aef48346d8, + https://lists.debian.org/debian-devel/2021/08/msg00275.html diff --git a/tags/s/systemd-tmpfile-in-var-run.tag b/tags/s/systemd-tmpfile-in-var-run.tag new file mode 100644 index 0000000..341a133 --- /dev/null +++ b/tags/s/systemd-tmpfile-in-var-run.tag @@ -0,0 +1,12 @@ +Tag: systemd-tmpfile-in-var-run +Severity: info +Check: systemd/tmpfiles +Explanation: The named systemd file declares a temporary file with a location + in <code>/var/run</code>. + . + <code>/var/run</code> is nowadays a just symbolic link to <code>/run</code>. + Packages should use <code>/run</code> instead. + . + Please update the named file. +See-Also: + Bug#984678 diff --git a/tags/t/tab-in-license-text.tag b/tags/t/tab-in-license-text.tag new file mode 100644 index 0000000..0fb0129 --- /dev/null +++ b/tags/t/tab-in-license-text.tag @@ -0,0 +1,9 @@ +Tag: tab-in-license-text +Severity: warning +Check: debian/copyright/dep5 +Explanation: A long license text in <code>debian/copyright</code> contains + a tab character. It often occurs when a license text is copied + from another source, and not reformatted. + . + DEP-5 disallows the use of tab characters in the license text. + Please remove it. diff --git a/tags/t/tclsh-script-but-no-tclsh-dep.tag b/tags/t/tclsh-script-but-no-tclsh-dep.tag new file mode 100644 index 0000000..0b15b3b --- /dev/null +++ b/tags/t/tclsh-script-but-no-tclsh-dep.tag @@ -0,0 +1,9 @@ +Tag: tclsh-script-but-no-tclsh-dep +Severity: error +Check: scripts +Explanation: Packages that include tclsh scripts must depend on the virtual + package tclsh or, if they require a specific version of tcl, that + version of tcl. + . + In some cases a weaker relationship, such as Suggests or Recommends, will + be more appropriate. diff --git a/tags/t/team-upload-has-incorrect-version-number.tag b/tags/t/team-upload-has-incorrect-version-number.tag new file mode 100644 index 0000000..154b3e8 --- /dev/null +++ b/tags/t/team-upload-has-incorrect-version-number.tag @@ -0,0 +1,7 @@ +Tag: team-upload-has-incorrect-version-number +Severity: warning +Check: nmu +Explanation: A team upload (uploading a package from the same team without adding + oneself as maintainer or uploader) is a maintainer upload: it should not + get a NMU revision number. Team uploads are recognized by the string + "team upload" on the first line of the changelog file. diff --git a/tags/t/template-uses-unsplit-choices.tag b/tags/t/template-uses-unsplit-choices.tag new file mode 100644 index 0000000..be97f71 --- /dev/null +++ b/tags/t/template-uses-unsplit-choices.tag @@ -0,0 +1,15 @@ +Tag: template-uses-unsplit-choices +Severity: warning +Check: debian/debconf +Explanation: The use of _Choices in templates is deprecated. + A _Choices field must be translated as a single string. + . + Using __Choices allows each choice to be translated separately, easing + translation and is therefore recommended. + . + Instead of simply replacing all occurrences of "_Choices" by "__Choices", + apply the method described in po-debconf(7) under "SPLITTING CHOICES + LIST", to avoid breaking existing translations. + . + If in doubt, please ask for help on the debian-i18n mailing list. +See-Also: po-debconf(7) diff --git a/tags/t/temporary-debhelper-file.tag b/tags/t/temporary-debhelper-file.tag new file mode 100644 index 0000000..3cbc5a3 --- /dev/null +++ b/tags/t/temporary-debhelper-file.tag @@ -0,0 +1,10 @@ +Tag: temporary-debhelper-file +Severity: error +Check: debhelper/temporary +Explanation: The named file is a temporary Debhelper file. + . + The file should have been removed by <code>dh_clean</code>. Sometimes + that happens when an installable package was renamed or removed before the + build directory was cleaned up. +See-Also: + dh_clean(1) diff --git a/tags/t/test-leaves-python-version-untested.tag b/tags/t/test-leaves-python-version-untested.tag new file mode 100644 index 0000000..3075cd7 --- /dev/null +++ b/tags/t/test-leaves-python-version-untested.tag @@ -0,0 +1,11 @@ +Tag: test-leaves-python-version-untested +Severity: warning +Check: testsuite +Explanation: The named autopkgtest declares <code>python3-all</code> or an equivalent + as a runtime prerequisite but the test script does not query the supported Python + versions with <code>py3versions --supported</code>. + . + The test may pass with the standard Python version but could fail in the future with + a Python version that is already available now. + . + It is best to run tests for all Python versions supported by the target system. diff --git a/tags/t/testsuite-dependency-has-unparsable-elements.tag b/tags/t/testsuite-dependency-has-unparsable-elements.tag new file mode 100644 index 0000000..4a2705d --- /dev/null +++ b/tags/t/testsuite-dependency-has-unparsable-elements.tag @@ -0,0 +1,11 @@ +Tag: testsuite-dependency-has-unparsable-elements +Severity: warning +Check: testsuite +Explanation: Lintian cannot parse the Depends field for the given autopkgtest. + . + Please double check that dependency the syntax is correct. + . + Note that Lintian has a whitelist of known "special" dependencies + permitted by autopkgtest (e.g. @builddeps@). Lintian does not accept + these as a part of an OR-clause. +See-Also: https://salsa.debian.org/ci-team/autopkgtest/tree/master/doc/README.package-tests.rst diff --git a/tags/t/third-party-package-in-python-dir.tag b/tags/t/third-party-package-in-python-dir.tag new file mode 100644 index 0000000..a93aee5 --- /dev/null +++ b/tags/t/third-party-package-in-python-dir.tag @@ -0,0 +1,10 @@ +Tag: third-party-package-in-python-dir +Severity: warning +Check: languages/python +Explanation: Third-party Python packages should install their files in + <code>/usr/lib/python*VERSION*/site-packages</code> for Python versions + before 2.6 and <code>/usr/lib/python*VERSION*/dist-packages</code> + for Python 2.6 and later. All other directories in + <code>/usr/lib/python*VERSION*</code> are for use by the core python + packages. +See-Also: python-policy 2.5 diff --git a/tags/t/timewarp-standards-version.tag b/tags/t/timewarp-standards-version.tag new file mode 100644 index 0000000..8cf5108 --- /dev/null +++ b/tags/t/timewarp-standards-version.tag @@ -0,0 +1,7 @@ +Tag: timewarp-standards-version +Severity: warning +Check: fields/standards-version +Explanation: The source package refers to a Standards-Version that was released + after the date of the most recent <code>debian/changelog</code> entry. + Perhaps you forgot to update the timestamp in <code>debian/changelog</code> + before building the package? diff --git a/tags/t/too-long-extended-description-in-templates.tag b/tags/t/too-long-extended-description-in-templates.tag new file mode 100644 index 0000000..cb6da92 --- /dev/null +++ b/tags/t/too-long-extended-description-in-templates.tag @@ -0,0 +1,7 @@ +Tag: too-long-extended-description-in-templates +Severity: warning +Check: debian/debconf +Explanation: Some debconf interfaces cannot deal very well with descriptions of + more than about 20 lines, so try to keep the extended description below + this limit. +See-Also: developer-reference 6.5.3.2 diff --git a/tags/t/too-long-short-description-in-templates.tag b/tags/t/too-long-short-description-in-templates.tag new file mode 100644 index 0000000..4046f2f --- /dev/null +++ b/tags/t/too-long-short-description-in-templates.tag @@ -0,0 +1,8 @@ +Tag: too-long-short-description-in-templates +Severity: warning +Check: debian/debconf +Explanation: The short description should be kept short (50 characters or so) so + that it may be accommodated by most debconf interfaces. Keeping it short + also helps translators, as usually translations tend to end up being + longer than the original. +See-Also: developer-reference 6.5.3.2 diff --git a/tags/t/too-many-architectures.tag b/tags/t/too-many-architectures.tag new file mode 100644 index 0000000..7d8d2fe --- /dev/null +++ b/tags/t/too-many-architectures.tag @@ -0,0 +1,6 @@ +Tag: too-many-architectures +Severity: error +Check: fields/architecture +Explanation: A binary package should list exactly one architecture (the one it is + compiled for), or the special value "all" if it is architecture-independent. +See-Also: debian-policy 5.6.8 diff --git a/tags/t/too-many-contacts.tag b/tags/t/too-many-contacts.tag new file mode 100644 index 0000000..e34df76 --- /dev/null +++ b/tags/t/too-many-contacts.tag @@ -0,0 +1,7 @@ +Tag: too-many-contacts +Severity: error +Check: fields/mail-address +Explanation: The named field identifying a contact person lists too many people. +See-Also: debian-policy 5.6.2, + debian-policy 5.6.3, + debian-policy 5.6.4 diff --git a/tags/t/trailing-slash-for-dpkg-maintscript-helper-symlink_to_dir.tag b/tags/t/trailing-slash-for-dpkg-maintscript-helper-symlink_to_dir.tag new file mode 100644 index 0000000..d8a884c --- /dev/null +++ b/tags/t/trailing-slash-for-dpkg-maintscript-helper-symlink_to_dir.tag @@ -0,0 +1,7 @@ +Tag: trailing-slash-for-dpkg-maintscript-helper-symlink_to_dir +Severity: error +Check: scripts +Explanation: The maintainer script seems to call dpkg-maintscript-helper + symlink_to_dir with a trailing slash for pathname. This renders the + package uninstallable. +See-Also: dpkg-maintscript-helper(1) diff --git a/tags/t/trailing-whitespace.tag b/tags/t/trailing-whitespace.tag new file mode 100644 index 0000000..1040168 --- /dev/null +++ b/tags/t/trailing-whitespace.tag @@ -0,0 +1,27 @@ +Tag: trailing-whitespace +Severity: pedantic +Check: debian/trailing-whitespace +Renamed-From: file-contains-trailing-whitespace +Explanation: This file contains lines with trailing whitespace characters. + . + Whilst often harmless and unsightly, such extra whitespaces can also + cause tools to interpret the whitespace characters literally. The + tool <code>diff(1)</code> does not like them, either. They are best + avoided. + . + Some of these problems can be hard to track down. + . + Whitespace at the end of lines may be removed with the following: + . + $ sed -i -e 's@[[:space:]]*$@@g' debian/control debian/changelog + . + If you use Emacs, you can also use "M-x wh-cl" (whitespace-cleanup). + . + However, if you wish to only remove trailing spaces and leave trailing tabs + (eg. for Makefiles), you can use the following code snippet: + . + $ sed -i -e 's@[ ]*$@@g' debian/rules + . + To remove empty lines from the end of a file, you can use: + . + $ sed -i -e :a -e '/^\n*$/{$d;N;};/\n$/ba' debian/rules diff --git a/tags/t/transitional-package-not-oldlibs-optional.tag b/tags/t/transitional-package-not-oldlibs-optional.tag new file mode 100644 index 0000000..d66a5b4 --- /dev/null +++ b/tags/t/transitional-package-not-oldlibs-optional.tag @@ -0,0 +1,13 @@ +Tag: transitional-package-not-oldlibs-optional +Severity: warning +Check: fields/section +Renamed-From: + transitional-package-should-be-oldlibs-extra + transitional-package-should-be-oldlibs-optional +Explanation: The package appears to be a transitional package, but it is not + priority optional and in the oldlibs section. + . + Using oldlibs/optional assists package managers in handling the + transition package correctly. +See-Also: Bug#645438, + developer-reference 6.8.7 diff --git a/tags/t/translated-default-field.tag b/tags/t/translated-default-field.tag new file mode 100644 index 0000000..9e9f325 --- /dev/null +++ b/tags/t/translated-default-field.tag @@ -0,0 +1,20 @@ +Tag: translated-default-field +Severity: warning +Check: debian/po-debconf +Explanation: You should not mark as translatable "Default:" or "DefaultChoice:" + fields, unless explicitly needed (e.g. default country, default language, + etc.). If this Default field really should be translated, you should + explain translators how they should translate it by using comments or + brackets. For example: + . + # Translators: Default language name, but not translated + _Default: English + . + Or: + . + _Default: English[ Default language name, but not translated] + . + Note that in the first case, Lintian ignores the comment unless it + explicitly references translators and it is appears directly before + the field in question. +See-Also: po-debconf(7), Bug#637881 diff --git a/tags/t/trimmed-deb822-field.tag b/tags/t/trimmed-deb822-field.tag new file mode 100644 index 0000000..787d529 --- /dev/null +++ b/tags/t/trimmed-deb822-field.tag @@ -0,0 +1,6 @@ +Tag: trimmed-deb822-field +Severity: classification +Check: fields/deb822 +Explanation: The raw but trimmed contents of the named field in the given + Deb822 file. The number indicates the section from the top, + starting at 1. diff --git a/tags/t/trimmed-field.tag b/tags/t/trimmed-field.tag new file mode 100644 index 0000000..168cc3c --- /dev/null +++ b/tags/t/trimmed-field.tag @@ -0,0 +1,5 @@ +Tag: trimmed-field +Severity: classification +Check: fields/trimmed +Explanation: These are the raw but trimmed contents of the named field in + the package's primary control file. diff --git a/tags/t/triplet-dir-and-architecture-mismatch.tag b/tags/t/triplet-dir-and-architecture-mismatch.tag new file mode 100644 index 0000000..e1ac3d8 --- /dev/null +++ b/tags/t/triplet-dir-and-architecture-mismatch.tag @@ -0,0 +1,9 @@ +Tag: triplet-dir-and-architecture-mismatch +Severity: error +Check: files/architecture +See-Also: debian-policy 9.1.1 +Explanation: This package contains a directory under <code>/lib</code> or + <code>/usr/lib</code> which doesn't match the proper triplet for the + binary package's architecture. This is very likely to be a mistake + when indicating the underlying build system where the files should be + installed. diff --git a/tags/t/truetype-font-prohibits-installable-embedding.tag b/tags/t/truetype-font-prohibits-installable-embedding.tag new file mode 100644 index 0000000..32def69 --- /dev/null +++ b/tags/t/truetype-font-prohibits-installable-embedding.tag @@ -0,0 +1,7 @@ +Tag: truetype-font-prohibits-installable-embedding +Severity: warning +Check: fonts/truetype +Explanation: This package installs a TrueType font with restrictive license + terms. The font does not permit installable embedding, as defined by + the TrueType standard. +See-Also: https://developer.apple.com/fonts/TrueType-Reference-Manual/RM06/Chap6OS2.html diff --git a/tags/t/truetype-font-wrong-filename.tag b/tags/t/truetype-font-wrong-filename.tag new file mode 100644 index 0000000..dca4250 --- /dev/null +++ b/tags/t/truetype-font-wrong-filename.tag @@ -0,0 +1,5 @@ +Tag: truetype-font-wrong-filename +Severity: warning +Check: fonts/truetype +Explanation: This package installs a TrueType font with an extension other than + <code>.ttf</code>. The check is insensitive to case. diff --git a/tags/t/typelib-in-arch-all-package.tag b/tags/t/typelib-in-arch-all-package.tag new file mode 100644 index 0000000..b621eba --- /dev/null +++ b/tags/t/typelib-in-arch-all-package.tag @@ -0,0 +1,8 @@ +Tag: typelib-in-arch-all-package +Severity: error +Check: desktop/gnome/gir +Explanation: GObject-Introspection compiled typelibs + (<code>Foo-23.typelib</code>) are architecture-specific. They must ship in + architecture-dependent packages. +See-Also: + /usr/share/doc/gobject-introspection/policy.txt diff --git a/tags/t/typelib-missing-gir-depends.tag b/tags/t/typelib-missing-gir-depends.tag new file mode 100644 index 0000000..fe17927 --- /dev/null +++ b/tags/t/typelib-missing-gir-depends.tag @@ -0,0 +1,9 @@ +Tag: typelib-missing-gir-depends +Severity: warning +Check: desktop/gnome/gir +Explanation: GObject-Introspection compiled typelibs + (<code>Foo-23.typelib</code>) can depend on other typelibs. To generate + appropriate dependencies in the binary package, they must specify + <code>Depends: ${gir:Depends}</code> in the <code>control</code> file. +See-Also: + /usr/share/doc/gobject-introspection/policy.txt diff --git a/tags/t/typelib-not-in-multiarch-directory.tag b/tags/t/typelib-not-in-multiarch-directory.tag new file mode 100644 index 0000000..f9939ce --- /dev/null +++ b/tags/t/typelib-not-in-multiarch-directory.tag @@ -0,0 +1,6 @@ +Tag: typelib-not-in-multiarch-directory +Severity: warning +Check: desktop/gnome/gir +Explanation: Public GObject-Introspection binary typelibs + (<code>Foo-23.typelib</code>) should be installed in the multi-arch + directory <code>/usr/lib/MULTIARCH-TUPLE/girepository-1.0</code>. diff --git a/tags/t/typelib-package-name-does-not-match.tag b/tags/t/typelib-package-name-does-not-match.tag new file mode 100644 index 0000000..bdde8d6 --- /dev/null +++ b/tags/t/typelib-package-name-does-not-match.tag @@ -0,0 +1,18 @@ +Tag: typelib-package-name-does-not-match +Severity: warning +Check: desktop/gnome/gir +Explanation: GObject-Introspection binary typelibs (<code>Foo-23.typelib</code>) + should normally be made available in a package named gir1.2-foo-23. + . + If multiple typelibs are shipped in the same package, then that package + should have versioned <code>Provides</code> for the names that would have been + used for separate packages. This arrangement should only be used if the + included typelibs' versions are expected to remain the same at all times. + . + For example, <code>gir1.2-gtk-3.0</code> is named for the <code>Gtk-3.0</code> + typelib, but also contains the <code>Gdk-3.0</code> and <code>GdkX11-3.0</code> + typelibs. It should have versioned <code>Provides</code> entries for + <code>gir1.2-gdk-3.0 (= ${binary:Version})</code> + and <code>gir1.2-gdkx11-3.0 (= ${binary:Version})</code> to indicate this. +See-Also: + /usr/share/doc/gobject-introspection/policy.txt diff --git a/tags/t/typelib-section-not-introspection.tag b/tags/t/typelib-section-not-introspection.tag new file mode 100644 index 0000000..aed2b22 --- /dev/null +++ b/tags/t/typelib-section-not-introspection.tag @@ -0,0 +1,10 @@ +Tag: typelib-section-not-introspection +Severity: warning +Check: desktop/gnome/gir +Explanation: GObject-Introspection compiled typelibs (<code>Foo-23.typelib</code>) + should be made available in a GObject-Introspection package + in the <code>introspection</code> section of the archive. + . + Normally, it would named <code>gir1.2-foo-23</code>. +See-Also: + /usr/share/doc/gobject-introspection/policy.txt diff --git a/tags/t/typo-in-debhelper-override-target.tag b/tags/t/typo-in-debhelper-override-target.tag new file mode 100644 index 0000000..09cd141 --- /dev/null +++ b/tags/t/typo-in-debhelper-override-target.tag @@ -0,0 +1,13 @@ +Tag: typo-in-debhelper-override-target +Severity: warning +Check: debhelper +Explanation: The listed target in debian/rules is a likely misspelling or it is + missing an underscore ("_") between the <code>override_dh</code>, + <code>execute_after_dh</code> etc. and the command name. + . + This can result in (for example) a <code>override_dh_foo</code>-style target + silently not being executed by <code>make</code>. + . + Implementation detail: The typo is detected by using "Levenshtein + edit distance" so if the typo involve several characters Lintian may + not detect it. diff --git a/tags/t/typo-in-manual-page.tag b/tags/t/typo-in-manual-page.tag new file mode 100644 index 0000000..ef3d391 --- /dev/null +++ b/tags/t/typo-in-manual-page.tag @@ -0,0 +1,14 @@ +Tag: typo-in-manual-page +Severity: info +Check: documentation/manual +Renamed-From: spelling-error-in-manpage +Explanation: Lintian found a spelling error in a manual page. Lintian has a list + of common misspellings that it looks for. It does not have a + dictionary like a spelling checker does. + . + If the string containing the spelling error is translated with the help + of gettext (with the help of po4a, for example) or a similar tool, + please fix the error in the translations as well as the English text to + avoid making the translations fuzzy. With gettext, for example, this + means you should also fix the spelling mistake in the corresponding + msgids in the *.po files. diff --git a/tags/team/pkg-js/deprecated/nodejs-bad-buffer-usage.tag b/tags/team/pkg-js/deprecated/nodejs-bad-buffer-usage.tag new file mode 100644 index 0000000..86b4906 --- /dev/null +++ b/tags/team/pkg-js/deprecated/nodejs-bad-buffer-usage.tag @@ -0,0 +1,6 @@ +Tag: nodejs-bad-buffer-usage +Severity: warning +Check: team/pkg-js/deprecated +Name-Spaced: yes +Explanation: Replace <code>Buffer()</code> by <code>Buffer.from()</code> or + <code>Buffer.alloc()</code> for security reasons. diff --git a/tags/team/pkg-js/testsuite/no-team-tests.tag b/tags/team/pkg-js/testsuite/no-team-tests.tag new file mode 100644 index 0000000..dc0f132 --- /dev/null +++ b/tags/team/pkg-js/testsuite/no-team-tests.tag @@ -0,0 +1,8 @@ +Tag: no-team-tests +Severity: warning +Check: team/pkg-js/testsuite +Name-Spaced: yes +Explanation: Source packages maintained by pkg-js should declare a + 'Testsuite: autopkgtest-pkg-js' header instead of + 'Testsuite: autopkgtest' and avoid duplicating the standard + test control file in all the packages. diff --git a/tags/team/pkg-js/testsuite/no-testsuite-header.tag b/tags/team/pkg-js/testsuite/no-testsuite-header.tag new file mode 100644 index 0000000..419f8e8 --- /dev/null +++ b/tags/team/pkg-js/testsuite/no-testsuite-header.tag @@ -0,0 +1,6 @@ +Tag: no-testsuite-header +Severity: warning +Check: team/pkg-js/testsuite +Name-Spaced: yes +Explanation: Source packages maintained by pkg-js should declare a + 'Testsuite: autopkgtest-pkg-nodejs' header. diff --git a/tags/team/pkg-js/vcs/no-git.tag b/tags/team/pkg-js/vcs/no-git.tag new file mode 100644 index 0000000..a9e2f92 --- /dev/null +++ b/tags/team/pkg-js/vcs/no-git.tag @@ -0,0 +1,6 @@ +Tag: no-git +Severity: warning +Check: team/pkg-js/vcs +Name-Spaced: yes +Explanation: All pkg-js maintained packages moved to git. This package + still has a non-git Vcs-* header. diff --git a/tags/team/pkg-js/vcs/no-team-url.tag b/tags/team/pkg-js/vcs/no-team-url.tag new file mode 100644 index 0000000..065f7fd --- /dev/null +++ b/tags/team/pkg-js/vcs/no-team-url.tag @@ -0,0 +1,6 @@ +Tag: no-team-url +Severity: warning +Check: team/pkg-js/vcs +Name-Spaced: yes +Explanation: All pkg-js VCS repositories should live under a team-writable + location. diff --git a/tags/team/pkg-perl/testsuite/autopkgtest-needs-use-name.tag b/tags/team/pkg-perl/testsuite/autopkgtest-needs-use-name.tag new file mode 100644 index 0000000..c3447f7 --- /dev/null +++ b/tags/team/pkg-perl/testsuite/autopkgtest-needs-use-name.tag @@ -0,0 +1,12 @@ +Tag: autopkgtest-needs-use-name +Severity: warning +Check: team/pkg-perl/testsuite +Name-Spaced: yes +Explanation: The pkg-perl use.t autopkgtest uses META.json or META.yml + to extract the name of the main module in the package, which will + then be checked with 'perl -w -M"module"' and expected to load ok + and without warnings or other output. This package does not have + content in META.{json,yml} and thus should provide the module name + for use.t in debian/tests/pkg-perl/use-name. + . + See https://perl-team.pages.debian.net/autopkgtest.html diff --git a/tags/team/pkg-perl/testsuite/no-team-tests.tag b/tags/team/pkg-perl/testsuite/no-team-tests.tag new file mode 100644 index 0000000..8c2db89 --- /dev/null +++ b/tags/team/pkg-perl/testsuite/no-team-tests.tag @@ -0,0 +1,10 @@ +Tag: no-team-tests +Severity: warning +Check: team/pkg-perl/testsuite +Name-Spaced: yes +Explanation: Source packages maintained by pkg-perl should declare a + 'Testsuite: autopkgtest-pkg-perl' header instead of + 'Testsuite: autopkgtest' and avoid duplicating the standard + test control file in all the packages. + . + See https://perl-team.pages.debian.net/autopkgtest.html diff --git a/tags/team/pkg-perl/testsuite/no-testsuite-header.tag b/tags/team/pkg-perl/testsuite/no-testsuite-header.tag new file mode 100644 index 0000000..84e54d5 --- /dev/null +++ b/tags/team/pkg-perl/testsuite/no-testsuite-header.tag @@ -0,0 +1,8 @@ +Tag: no-testsuite-header +Severity: warning +Check: team/pkg-perl/testsuite +Name-Spaced: yes +Explanation: Source packages maintained by pkg-perl should declare a + 'Testsuite: autopkgtest-pkg-perl' header. + . + See https://perl-team.pages.debian.net/autopkgtest.html diff --git a/tags/team/pkg-perl/vcs/no-git.tag b/tags/team/pkg-perl/vcs/no-git.tag new file mode 100644 index 0000000..5879813 --- /dev/null +++ b/tags/team/pkg-perl/vcs/no-git.tag @@ -0,0 +1,6 @@ +Tag: no-git +Severity: error +Check: team/pkg-perl/vcs +Name-Spaced: yes +Explanation: All pkg-perl maintained packages moved to git. This package + still has a non-git Vcs-* header. diff --git a/tags/team/pkg-perl/vcs/no-team-url.tag b/tags/team/pkg-perl/vcs/no-team-url.tag new file mode 100644 index 0000000..6f150fd --- /dev/null +++ b/tags/team/pkg-perl/vcs/no-team-url.tag @@ -0,0 +1,6 @@ +Tag: no-team-url +Severity: warning +Check: team/pkg-perl/vcs +Name-Spaced: yes +Explanation: All pkg-perl VCS repositories should live under a team-writable + location. diff --git a/tags/team/pkg-perl/xs-abi/legacy-vendorarch-directory.tag b/tags/team/pkg-perl/xs-abi/legacy-vendorarch-directory.tag new file mode 100644 index 0000000..65df8c0 --- /dev/null +++ b/tags/team/pkg-perl/xs-abi/legacy-vendorarch-directory.tag @@ -0,0 +1,11 @@ +Tag: legacy-vendorarch-directory +Severity: error +Check: team/pkg-perl/xs-abi +Name-Spaced: yes +Explanation: Since 5.20, Debian perl packages use different directory for placing XS + libraries, which varies by API version and possibly architecture. Files + placed in the previously used directory (/usr/lib/perl5) will not be used by + perl. The build system needs to be fixed to use the value $Config{vendorarch} + (available from the Config module) instead of hardcoding the directory. + . + See Perl Policy 4.1. diff --git a/tags/u/udeb-contains-documentation-file.tag b/tags/u/udeb-contains-documentation-file.tag new file mode 100644 index 0000000..38c841d --- /dev/null +++ b/tags/u/udeb-contains-documentation-file.tag @@ -0,0 +1,4 @@ +Tag: udeb-contains-documentation-file +Severity: error +Check: documentation +Explanation: udeb packages should not contain any documentation. diff --git a/tags/u/udeb-postinst-calls-ldconfig.tag b/tags/u/udeb-postinst-calls-ldconfig.tag new file mode 100644 index 0000000..285f9e8 --- /dev/null +++ b/tags/u/udeb-postinst-calls-ldconfig.tag @@ -0,0 +1,9 @@ +Tag: udeb-postinst-calls-ldconfig +Severity: error +Check: maintainer-scripts/ldconfig +Renamed-From: + udeb-postinst-must-not-call-ldconfig +Explanation: The udeb invokes ldconfig via postinst on install. That is + an error in udebs. + . + ldconfig is not available (and not needed) in debian-installer. diff --git a/tags/u/udeb-uses-unsupported-compression-for-data-tarball.tag b/tags/u/udeb-uses-unsupported-compression-for-data-tarball.tag new file mode 100644 index 0000000..658c59a --- /dev/null +++ b/tags/u/udeb-uses-unsupported-compression-for-data-tarball.tag @@ -0,0 +1,9 @@ +Tag: udeb-uses-unsupported-compression-for-data-tarball +Severity: error +Check: deb-format +Explanation: The data tarball of this udeb package is not compressed in format + that udpkg (debian-installer's dpkg equivalent) does not support. Thus + the udeb is likely to be uninstallable and could break daily or weekly + d-i images. + . + Currently, udpkg supports .gz and .xz compressed tarballs. diff --git a/tags/u/udev-rule-in-etc.tag b/tags/u/udev-rule-in-etc.tag new file mode 100644 index 0000000..2d69cf6 --- /dev/null +++ b/tags/u/udev-rule-in-etc.tag @@ -0,0 +1,7 @@ +Tag: udev-rule-in-etc +Severity: error +Check: udev +See-Also: Bug#559208 +Explanation: This package ships a udev rule and installs it under + <code>/etc/udev/rules.d</code>, which is reserved for user-installed files. + The correct directory for system rules is <code>/lib/udev/rules.d</code>. diff --git a/tags/u/udev-rule-missing-subsystem.tag b/tags/u/udev-rule-missing-subsystem.tag new file mode 100644 index 0000000..5fea937 --- /dev/null +++ b/tags/u/udev-rule-missing-subsystem.tag @@ -0,0 +1,8 @@ +Tag: udev-rule-missing-subsystem +Severity: warning +Check: udev +See-Also: https://wiki.debian.org/USB/GadgetSetup +Explanation: The package matches vendor/product IDs without specifying + subsystem. The vendor/product IDs are subsystem specific. Matching + rules using those should specify subsystem too, for example by using + SUBSYSTEM=="usb" at the start of the matching rule. diff --git a/tags/u/udev-rule-missing-uaccess.tag b/tags/u/udev-rule-missing-uaccess.tag new file mode 100644 index 0000000..1b2eaa8 --- /dev/null +++ b/tags/u/udev-rule-missing-uaccess.tag @@ -0,0 +1,9 @@ +Tag: udev-rule-missing-uaccess +Severity: warning +Check: udev +See-Also: https://wiki.debian.org/USB/GadgetSetup +Explanation: The package set up a device for user access without using the + uaccess tag. Some udev rules get the same effect using other markers + enabling console user access using rules in + /lib/udev/rules.d/70-uaccess.rules. Others should specify + TAG+="uaccess" in the udev rule. diff --git a/tags/u/udev-rule-unreadable.tag b/tags/u/udev-rule-unreadable.tag new file mode 100644 index 0000000..79cff04 --- /dev/null +++ b/tags/u/udev-rule-unreadable.tag @@ -0,0 +1,7 @@ +Tag: udev-rule-unreadable +Severity: error +Check: udev +See-Also: https://wiki.debian.org/USB/GadgetSetup +Explanation: The udev rule entry should be a file + The package contain a non-file in /lib/udev/rules.d/. The directory + should only contain readable files. diff --git a/tags/u/udevadm-called-without-guard.tag b/tags/u/udevadm-called-without-guard.tag new file mode 100644 index 0000000..2661966 --- /dev/null +++ b/tags/u/udevadm-called-without-guard.tag @@ -0,0 +1,14 @@ +Tag: udevadm-called-without-guard +Severity: warning +Check: scripts +Explanation: The specified maintainer script uses <code>set -e</code> but seems to + call <code>udevadm(8)</code> without a conditional guard. + . + <code>udevadm</code> can exist but be non-functional (such as inside a + chroot) and thus can result in package installation or upgrade failure + if the call fails. + . + Please guard the return code of the call via wrapping it in a suitable + <code>if</code> construct, appending <code>|| true</code> or depending on the + <code>udev</code> package. +See-Also: Bug#890224, udevadm(8) diff --git a/tags/u/uncompressed-manual-page.tag b/tags/u/uncompressed-manual-page.tag new file mode 100644 index 0000000..979edc0 --- /dev/null +++ b/tags/u/uncompressed-manual-page.tag @@ -0,0 +1,6 @@ +Tag: uncompressed-manual-page +Severity: error +Check: documentation/manual +Renamed-From: manpage-not-compressed +Explanation: Manual pages have to be installed compressed (using "<code>gzip -9n</code>"). +See-Also: debian-policy 12.1 diff --git a/tags/u/unconditional-use-of-dpkg-statoverride.tag b/tags/u/unconditional-use-of-dpkg-statoverride.tag new file mode 100644 index 0000000..0fcfb03 --- /dev/null +++ b/tags/u/unconditional-use-of-dpkg-statoverride.tag @@ -0,0 +1,7 @@ +Tag: unconditional-use-of-dpkg-statoverride +Severity: warning +Check: maintainer-scripts/dpkg-statoverride +Explanation: The maintainer named script appears to use <code>dpkg-statoverride --add</code> + without first calling <code>dpkg-statoverride --list</code> to check the current status. +See-Also: + debian-policy 10.9.1 diff --git a/tags/u/undeclared-elf-prerequisites.tag b/tags/u/undeclared-elf-prerequisites.tag new file mode 100644 index 0000000..fc02c4e --- /dev/null +++ b/tags/u/undeclared-elf-prerequisites.tag @@ -0,0 +1,13 @@ +Tag: undeclared-elf-prerequisites +Severity: warning +Check: binaries/prerequisites +Renamed-From: + missing-depends-line +Explanation: The installation package contains an ELF executable or object file + with dynamic references but does not declare any package prerequisites. The + Depends field in the installation <code>control</code> file is empty. + . + This usually happens when <code>Depends</code> field in the source control file + does not mention <code>${shlibs:Depends}</code> or, when not using the + <code>dh</code> sequencer, there is no call to <code>dpkg-shlibdeps</code> in + <code>debian/rules</code>. diff --git a/tags/u/undocumented-manual-page.tag b/tags/u/undocumented-manual-page.tag new file mode 100644 index 0000000..fbd498c --- /dev/null +++ b/tags/u/undocumented-manual-page.tag @@ -0,0 +1,17 @@ +Tag: undocumented-manual-page +Severity: warning +Check: documentation/manual +Renamed-From: link-to-undocumented-manpage +Explanation: Symbolic links to the undocumented(7) manual page may be provided + if no manual page is available, but that is deprecated. + . + The lack of a manual page is still a bug, and if at all possible you + should write one yourself. + . + For help with writing manual pages, refer to the + [Man-Page-HOWTO](http://www.schweikhardt.net/man_page_howto.html), the examples created + by <code>dh_make</code>, or the + <code>/usr/share/doc/man-db/examples</code> directory. + If the package provides <code>--help</code> output, you might want to use + the <code>help2man</code> utility to generate a simple manual page. +See-Also: debian-policy 12.1 diff --git a/tags/u/unexpected-conffile.tag b/tags/u/unexpected-conffile.tag new file mode 100644 index 0000000..1f1df36 --- /dev/null +++ b/tags/u/unexpected-conffile.tag @@ -0,0 +1,10 @@ +Tag: unexpected-conffile +Severity: error +Check: conffiles +Explanation: The conffiles control file lists this path, but you should + ship no such file. + . + This condition presently occurs only when <code>DEBIAN/conffiles</code> + includes the instruction <code>remove-on-upgrade</code>. +See-Also: + deb-conffiles(5) diff --git a/tags/u/unicode-trojan.tag b/tags/u/unicode-trojan.tag new file mode 100644 index 0000000..23253d9 --- /dev/null +++ b/tags/u/unicode-trojan.tag @@ -0,0 +1,41 @@ +Tag: unicode-trojan +Severity: pedantic +Experimental: yes +Check: files/unicode/trojan +Explanation: The named text file contains a Unicode codepoint that has been + identified as a potential security risk. + . + There are two distinct attack vectors. One is homoglyphs in which text looks + confusingly similar to what a reader might expects, but is actually different. + The second is birectional attacks, in which the rendered text hides + potentially malicious characters. + . + Here are the relevant codepoints: + . + - ARABIC LETTER MARK (<code>U+061C</code>) + - LEFT-TO-RIGHT MARK (<code>U+200E</code>) + - RIGHT-TO-LEFT MARK (<code>U+200F</code>) + - LEFT-TO-RIGHT EMBEDDING (<code>U+202A</code>) + - RIGHT-TO-LEFT EMBEDDING (<code>U+202B</code>) + - POP DIRECTIONAL FORMATTING (<code>U+202C</code>) + - LEFT-TO-RIGHT OVERRIDE (<code>U+202D</code>) + - RIGHT-TO-LEFT OVERRIDE (<code>U+202E</code>) + - LEFT-TO-RIGHT ISOLATE (<code>U+2066</code>) + - RIGHT-TO-LEFT ISOLATE (<code>U+2067</code>) + - FIRST STRONG ISOLATE (<code>U+2068</code>) + - POP DIRECTIONAL ISOLATE (<code>U+2069</code>) + . + You can also run a similar check in your shell with that command: + . + <code>grep -r $'[\u061C\u200E\u200F\u202A\u202B\u202C\u202D\u202E\u2066\u2067\u2068\u2069]'</code> + . + The registered vulnerabilities are CVE-2021-42694 ("Homoglyph") and + CVE-2021-42574 ("Bidirectional Attack"). +See-Also: + https://nvd.nist.gov/vuln/detail/CVE-2021-42694, + https://nvd.nist.gov/vuln/detail/CVE-2021-42574, + https://www.trojansource.codes, + https://www.trojansource.codes/trojan-source.pdf, + https://en.wikipedia.org/wiki/Bidirectional_text, + https://www.ida.org/research-and-publications/publications/all/i/in/initial-analysis-of-underhanded-source-code, + https://www.ida.org/-/media/feature/publications/i/in/initial-analysis-of-underhanded-source-code/d-13166.ashx diff --git a/tags/u/unknown-architecture.tag b/tags/u/unknown-architecture.tag new file mode 100644 index 0000000..3076885 --- /dev/null +++ b/tags/u/unknown-architecture.tag @@ -0,0 +1,8 @@ +Tag: unknown-architecture +Severity: warning +Check: fields/architecture +Explanation: This package claims to be for an unknown architecture. The + architecture should be one of the values supported by dpkg or one of the + special values "all" or "any". The special value "source" is only used + in *.changes files and does not make sense in a binary package or a *.dsc + file. diff --git a/tags/u/unknown-conffile-instruction.tag b/tags/u/unknown-conffile-instruction.tag new file mode 100644 index 0000000..acdd392 --- /dev/null +++ b/tags/u/unknown-conffile-instruction.tag @@ -0,0 +1,10 @@ +Tag: unknown-conffile-instruction +Severity: error +Check: conffiles +Explanation: The instruction ahead of the file name in your + <code>debian/conffiles</code> file does not match any of the known values. + . + At the time of writing, the only supported value other than blank was + 'remove-on-upgrade'. +See-Also: + deb-conffiles(5) diff --git a/tags/u/unknown-control-file.tag b/tags/u/unknown-control-file.tag new file mode 100644 index 0000000..40fcbb5 --- /dev/null +++ b/tags/u/unknown-control-file.tag @@ -0,0 +1,8 @@ +Tag: unknown-control-file +Severity: warning +Check: control-files +Explanation: The package contains an unknown control file. Policy says that + putting additional files in the package control area is generally not a + good idea. +See-Also: + debian-policy appendix-2.2 diff --git a/tags/u/unknown-control-interpreter.tag b/tags/u/unknown-control-interpreter.tag new file mode 100644 index 0000000..6520135 --- /dev/null +++ b/tags/u/unknown-control-interpreter.tag @@ -0,0 +1,7 @@ +Tag: unknown-control-interpreter +Severity: error +Check: scripts +Explanation: This package contains a maintainer script that uses an interpreter + that the Lintian maintainers have not heard of. This is usually a typo + for a common interpreter. If not, please file a wishlist bug on Lintian + so that the Lintian maintainers can add this interpreter to their list. diff --git a/tags/u/unknown-copyright-format-uri.tag b/tags/u/unknown-copyright-format-uri.tag new file mode 100644 index 0000000..ea63e1b --- /dev/null +++ b/tags/u/unknown-copyright-format-uri.tag @@ -0,0 +1,6 @@ +Tag: unknown-copyright-format-uri +Severity: pedantic +Check: debian/copyright/dep5 +Explanation: The copyright file appears to intended as machine-readable, but Lintian + cannot recognize its format URI. It could be a typo for a common URI or a + syntax error in the first paragraph. diff --git a/tags/u/unknown-debconf-priority.tag b/tags/u/unknown-debconf-priority.tag new file mode 100644 index 0000000..81d5f44 --- /dev/null +++ b/tags/u/unknown-debconf-priority.tag @@ -0,0 +1,7 @@ +Tag: unknown-debconf-priority +Severity: error +Check: debian/debconf +Explanation: The given maintainer script calls db_input or db_text with a + first argument that doesn't match one of the known priorities. The + supported priorities are low, medium, high, and critical. +See-Also: debconf-devel(7) diff --git a/tags/u/unknown-debian-watch-file-standard.tag b/tags/u/unknown-debian-watch-file-standard.tag new file mode 100644 index 0000000..ecfb165 --- /dev/null +++ b/tags/u/unknown-debian-watch-file-standard.tag @@ -0,0 +1,9 @@ +Tag: unknown-debian-watch-file-standard +Severity: warning +Check: debian/watch/standard +Renamed-From: + debian-watch-file-unknown-version +Explanation: The <code>version=</code> line in the <code>debian/watch</code> file in this + package declares an unknown version. The currently known watch file + versions are 2, 3 and 4. +See-Also: uscan(1) diff --git a/tags/u/unknown-encoding-in-po-file.tag b/tags/u/unknown-encoding-in-po-file.tag new file mode 100644 index 0000000..000c66d --- /dev/null +++ b/tags/u/unknown-encoding-in-po-file.tag @@ -0,0 +1,5 @@ +Tag: unknown-encoding-in-po-file +Severity: warning +Check: debian/po-debconf +Explanation: Encoding must be declared in PO files. Otherwise, charset + conversions cannot be performed. diff --git a/tags/u/unknown-essential-value.tag b/tags/u/unknown-essential-value.tag new file mode 100644 index 0000000..4aeedf0 --- /dev/null +++ b/tags/u/unknown-essential-value.tag @@ -0,0 +1,5 @@ +Tag: unknown-essential-value +Severity: error +Check: fields/essential +Explanation: The only valid values for the Essential field are yes and no. +See-Also: debian-policy 5.6.9 diff --git a/tags/u/unknown-field-in-templates.tag b/tags/u/unknown-field-in-templates.tag new file mode 100644 index 0000000..8bbced5 --- /dev/null +++ b/tags/u/unknown-field-in-templates.tag @@ -0,0 +1,9 @@ +Tag: unknown-field-in-templates +Severity: error +Check: debian/debconf +Explanation: The valid field types are presently <code>Template</code>, + <code>Type</code>, <code>Choices</code>, <code>Default</code>, and + <code>Description</code>. +See-Also: + debconf-specification 3.1, + debconf-devel(7) diff --git a/tags/u/unknown-field.tag b/tags/u/unknown-field.tag new file mode 100644 index 0000000..f9a9dea --- /dev/null +++ b/tags/u/unknown-field.tag @@ -0,0 +1,8 @@ +Tag: unknown-field +Severity: warning +Check: fields/unknown +Renamed-From: unknown-field-in-dsc + unknown-field-in-control +Explanation: See the Policy Manual for a list of the possible fields in + a package control files. +See-Also: debian-policy 5.3, debian-policy 5.4 diff --git a/tags/u/unknown-file-in-debian-source.tag b/tags/u/unknown-file-in-debian-source.tag new file mode 100644 index 0000000..c33a79f --- /dev/null +++ b/tags/u/unknown-file-in-debian-source.tag @@ -0,0 +1,13 @@ +Tag: unknown-file-in-debian-source +Severity: error +Check: debian/source-dir +Explanation: The source package contains a file in <code>debian/source/</code> + that Lintian does not know about. Currently the following files are recognized: + . + - <code>format</code> + - <code>include-binaries</code> + - <code>lintian-overrides</code> + - <code>options</code> + - <code>patch-header</code> + . + Perhaps the name of one of the those files was accidentally mistyped. diff --git a/tags/u/unknown-file-in-python-module-directory.tag b/tags/u/unknown-file-in-python-module-directory.tag new file mode 100644 index 0000000..a7690e6 --- /dev/null +++ b/tags/u/unknown-file-in-python-module-directory.tag @@ -0,0 +1,8 @@ +Tag: unknown-file-in-python-module-directory +Severity: error +Check: languages/python +Explanation: This package installs the specified "non-Python" file in the + top-level of a Python library directory. + . + This was either a mistake and/or will likely to cause conflicts with other + packages. diff --git a/tags/u/unknown-java-class-version.tag b/tags/u/unknown-java-class-version.tag new file mode 100644 index 0000000..59826c5 --- /dev/null +++ b/tags/u/unknown-java-class-version.tag @@ -0,0 +1,5 @@ +Tag: unknown-java-class-version +Severity: warning +Check: languages/java +Explanation: The package contains a Jar file with Java class files compiled for an + unknown Java version. The class file may be corrupt. diff --git a/tags/u/unknown-locale-code.tag b/tags/u/unknown-locale-code.tag new file mode 100644 index 0000000..e01c29f --- /dev/null +++ b/tags/u/unknown-locale-code.tag @@ -0,0 +1,13 @@ +Tag: unknown-locale-code +Severity: warning +Check: files/locales +See-Also: http://www.loc.gov/standards/iso639-2/php/code_list.php +Explanation: The package appears to ship locales for a language but uses an + unknown locale code as a subdirectory of <code>/usr/share/locale</code>. + This usually results in users of the intended target language not + finding the locale. The language codes used in the locale directories + are those from the ISO 639-1 and ISO 639-2 standards, not those + usually used as TLDs (which are from the ISO 3166 standard). + . + It is possible that the language code was mistyped or incorrectly + guessed from the language's or country's name. diff --git a/tags/u/unknown-meta-field-in-symbols-file.tag b/tags/u/unknown-meta-field-in-symbols-file.tag new file mode 100644 index 0000000..2d9f01f --- /dev/null +++ b/tags/u/unknown-meta-field-in-symbols-file.tag @@ -0,0 +1,7 @@ +Tag: unknown-meta-field-in-symbols-file +Severity: error +Check: debian/shlibs +Explanation: The symbols control file contains an unknown meta-information field. + . + A list of currently supported fields may be found in deb-symbols(5). +See-Also: deb-symbols(5) diff --git a/tags/u/unknown-multi-arch-value.tag b/tags/u/unknown-multi-arch-value.tag new file mode 100644 index 0000000..da5796a --- /dev/null +++ b/tags/u/unknown-multi-arch-value.tag @@ -0,0 +1,5 @@ +Tag: unknown-multi-arch-value +Severity: error +Check: fields/multi-arch +Explanation: The package has an unknown value in its Multi-Arch field. The + value must be one of "no", "same", "foreign" or "allowed". diff --git a/tags/u/unknown-paragraph-in-dep5-copyright.tag b/tags/u/unknown-paragraph-in-dep5-copyright.tag new file mode 100644 index 0000000..f17a481 --- /dev/null +++ b/tags/u/unknown-paragraph-in-dep5-copyright.tag @@ -0,0 +1,6 @@ +Tag: unknown-paragraph-in-dep5-copyright +Severity: warning +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: The machine-readable copyright file contains a paragraph that is neither + a standalone license paragraph nor a files paragraph. diff --git a/tags/u/unknown-priority.tag b/tags/u/unknown-priority.tag new file mode 100644 index 0000000..d22af52 --- /dev/null +++ b/tags/u/unknown-priority.tag @@ -0,0 +1,6 @@ +Tag: unknown-priority +Severity: error +Check: fields/priority +Explanation: The "Priority:" field in this package's control file is not one of + the priorities defined in the Policy Manual. +See-Also: debian-policy 2.5 diff --git a/tags/u/unknown-runtime-tests-feature.tag b/tags/u/unknown-runtime-tests-feature.tag new file mode 100644 index 0000000..43df623 --- /dev/null +++ b/tags/u/unknown-runtime-tests-feature.tag @@ -0,0 +1,7 @@ +Tag: unknown-runtime-tests-feature +Severity: pedantic +Check: testsuite +Explanation: A paragraph in debian/tests/control mentions a non-standard + value for the Features field. Though allowed, this may indicate an + error, as the value will be ignored. +See-Also: https://salsa.debian.org/ci-team/autopkgtest/tree/master/doc/README.package-tests.rst diff --git a/tags/u/unknown-runtime-tests-field.tag b/tags/u/unknown-runtime-tests-field.tag new file mode 100644 index 0000000..09bed92 --- /dev/null +++ b/tags/u/unknown-runtime-tests-field.tag @@ -0,0 +1,7 @@ +Tag: unknown-runtime-tests-field +Severity: pedantic +Check: testsuite +Explanation: A paragraph in debian/tests/control mentions a non-standard + field. Though allowed, this may indicate an error, as the whole + paragraph will be ignored. +See-Also: https://salsa.debian.org/ci-team/autopkgtest/tree/master/doc/README.package-tests.rst diff --git a/tags/u/unknown-runtime-tests-restriction.tag b/tags/u/unknown-runtime-tests-restriction.tag new file mode 100644 index 0000000..208c40e --- /dev/null +++ b/tags/u/unknown-runtime-tests-restriction.tag @@ -0,0 +1,7 @@ +Tag: unknown-runtime-tests-restriction +Severity: pedantic +Check: testsuite +Explanation: A paragraph in debian/tests/control mentions a non-standard + value for the Restrictions field. Though allowed, this may indicate an + error, as the whole paragraph will be ignored. +See-Also: https://salsa.debian.org/ci-team/autopkgtest/tree/master/doc/README.package-tests.rst diff --git a/tags/u/unknown-section.tag b/tags/u/unknown-section.tag new file mode 100644 index 0000000..e8e1fd2 --- /dev/null +++ b/tags/u/unknown-section.tag @@ -0,0 +1,17 @@ +Tag: unknown-section +Severity: warning +Check: fields/section +Explanation: The "Section:" field in this package's control file is not one of + the sections in use on the ftp archive. Valid sections are currently + admin, comm, cli-mono, database, debug, devel, doc, + editors, electronics, embedded, fonts, games, gnome, gnu-r, + gnustep, graphics, hamradio, haskell, httpd, interpreters, + java, javascript, kde, libdevel, libs, lisp, localization, kernel, mail, + math, misc, net, news, ocaml, oldlibs, otherosfs, perl, + php, python, ruby, rust, science, shells, sound, tex, text, + utils, vcs, video, web, x11, xfce, zope. + . + The section name should be preceded by either "contrib/", "non-free/" + or "non-free-firmware/" if the package is in the according archive + area. +See-Also: debian-policy 2.4 diff --git a/tags/u/unknown-template-type.tag b/tags/u/unknown-template-type.tag new file mode 100644 index 0000000..2745b4d --- /dev/null +++ b/tags/u/unknown-template-type.tag @@ -0,0 +1,6 @@ +Tag: unknown-template-type +Severity: error +Check: debian/debconf +Explanation: A "Type:" field in a templates file provided by this package uses an + unknown data type. Valid types are currently "string", "boolean", "select", + "multiselect", "note", "text", and "password". diff --git a/tags/u/unknown-testsuite.tag b/tags/u/unknown-testsuite.tag new file mode 100644 index 0000000..c5497e7 --- /dev/null +++ b/tags/u/unknown-testsuite.tag @@ -0,0 +1,7 @@ +Tag: unknown-testsuite +Severity: warning +Check: testsuite +Explanation: The dsc file sets Testsuite to an unrecognised value. This + field is most probably copied by dpkg-source from Testsuite in + debian/control. +See-Also: https://salsa.debian.org/ci-team/autopkgtest/tree/master/doc/README.package-tests.rst diff --git a/tags/u/unknown-trigger.tag b/tags/u/unknown-trigger.tag new file mode 100644 index 0000000..64e95f3 --- /dev/null +++ b/tags/u/unknown-trigger.tag @@ -0,0 +1,8 @@ +Tag: unknown-trigger +Severity: error +Check: triggers +Explanation: The package has a trigger that Lintian does not recognise in its + control file. + . + The package may be uninstallable if dpkg does not support the trigger. +See-Also: deb-triggers(5) diff --git a/tags/u/unmerged-usr.tag b/tags/u/unmerged-usr.tag new file mode 100644 index 0000000..ef65646 --- /dev/null +++ b/tags/u/unmerged-usr.tag @@ -0,0 +1,27 @@ +Tag: unmerged-usr +Severity: classification +Check: files/hierarchy/merged-usr +Explanation: The named file is being installed in a legacy location. + Many competing distributions install this file under <code>/usr</code>. + Debian would like to do the same, but the best way to get there is + presently unclear. + . + Please coordinate with the release team before you change this path to + the new location. There is a growing body of evidence that uncoordinated + action by individual package maintainers or teams may not be the best + path forward. + . + Debian's Technical Committee voted on February 1, 2021 that the + <code>bookworm</code> release should support only the merged-usr root + filesystem layout, thus dropping support for the non-merged-usr layout. +See-Also: + https://wiki.debian.org/UsrMerge, + https://wiki.debian.org/Teams/Dpkg/MergedUsr, + Bug#978636, + https://lists.debian.org/debian-devel/2020/11/#00232, + https://lists.debian.org/debian-devel/2020/12/#00386, + https://lists.debian.org/debian-devel-announce/2019/03/msg00001.html, + https://rusty.ozlabs.org/?p=236, + https://www.linux-magazine.com/Issues/2019/228/Debian-usr-Merge, + https://lwn.net/Articles/773342/, + https://www.freedesktop.org/wiki/Software/systemd/TheCaseForTheUsrMerge/ diff --git a/tags/u/unnecessary-source-date-epoch-assignment.tag b/tags/u/unnecessary-source-date-epoch-assignment.tag new file mode 100644 index 0000000..8a0b015 --- /dev/null +++ b/tags/u/unnecessary-source-date-epoch-assignment.tag @@ -0,0 +1,11 @@ +Tag: unnecessary-source-date-epoch-assignment +Severity: info +Check: debian/rules +Explanation: There is an assignment to a <code>SOURCE_DATE_EPOCH</code> variable in the + <code>debian/rules</code> file. + . + As of dpkg 1.18.8, this is no longer necessary as dpkg exports this + variable if it is not already set. However, you can also include + <code>/usr/share/dpkg/pkg-info.mk</code> or <code>/usr/share/dpkg/default.mk</code> + to ensure it is exported. +See-Also: https://reproducible-builds.org/specs/source-date-epoch/ diff --git a/tags/u/unnecessary-team-upload.tag b/tags/u/unnecessary-team-upload.tag new file mode 100644 index 0000000..bb8a698 --- /dev/null +++ b/tags/u/unnecessary-team-upload.tag @@ -0,0 +1,5 @@ +Tag: unnecessary-team-upload +Severity: warning +Check: nmu +Explanation: The <code>debian/changelog</code> file refers to a "Team upload" but the + uploader is listed amongst the Maintainer/Uploaders. diff --git a/tags/u/unnecessary-testsuite-autopkgtest-field.tag b/tags/u/unnecessary-testsuite-autopkgtest-field.tag new file mode 100644 index 0000000..5803c10 --- /dev/null +++ b/tags/u/unnecessary-testsuite-autopkgtest-field.tag @@ -0,0 +1,10 @@ +Tag: unnecessary-testsuite-autopkgtest-field +Severity: warning +Check: testsuite +Explanation: You do not need to specify a <code>Testsuite: autopkgtest</code> field if + a <code>debian/tests/control</code> file exists. It is automatically added by + dpkg-source(1) since dpkg 1.17.1. + . + Please remove this line from your <code>debian/control</code> file. +Renamed-From: + unnecessary-testsuite-autopkgtest-header diff --git a/tags/u/unpack-message-for-deb-control.tag b/tags/u/unpack-message-for-deb-control.tag new file mode 100644 index 0000000..5674cab --- /dev/null +++ b/tags/u/unpack-message-for-deb-control.tag @@ -0,0 +1,8 @@ +Tag: unpack-message-for-deb-control +Severity: error +Check: unpack +Explanation: Unpacking the contents of the <code>control.tar.gz</code> + member of this installable package produced the listed error. + . + It probably means something is broken or the package was somehow + constructed in a strange way. diff --git a/tags/u/unpack-message-for-deb-data.tag b/tags/u/unpack-message-for-deb-data.tag new file mode 100644 index 0000000..815f7bb --- /dev/null +++ b/tags/u/unpack-message-for-deb-data.tag @@ -0,0 +1,8 @@ +Tag: unpack-message-for-deb-data +Severity: error +Check: unpack +Explanation: Unpacking the contents of the <code>data.tar.gz</code> + member of this installable package produced the listed error. + . + It probably means something is broken or the package was somehow + constructed in a strange way. diff --git a/tags/u/unpack-message-for-orig.tag b/tags/u/unpack-message-for-orig.tag new file mode 100644 index 0000000..f3cf0f1 --- /dev/null +++ b/tags/u/unpack-message-for-orig.tag @@ -0,0 +1,9 @@ +Tag: unpack-message-for-orig +Severity: error +Check: unpack +Explanation: Unpacking the contents of this source package produced the + listed error. + . + It probably means something is broken or the package was somehow + constructed in a strange way. You may wish to report this as a bug + to upstream. diff --git a/tags/u/unpack-message-for-source.tag b/tags/u/unpack-message-for-source.tag new file mode 100644 index 0000000..1ff56f4 --- /dev/null +++ b/tags/u/unpack-message-for-source.tag @@ -0,0 +1,8 @@ +Tag: unpack-message-for-source +Severity: info +Check: unpack +Explanation: Unpacking the contents of this source package produced the + listed error. + . + It probably means something is broken or the package was somehow + constructed in a strange way. diff --git a/tags/u/unparsable-menu-item.tag b/tags/u/unparsable-menu-item.tag new file mode 100644 index 0000000..238ce2b --- /dev/null +++ b/tags/u/unparsable-menu-item.tag @@ -0,0 +1,9 @@ +Tag: unparsable-menu-item +Severity: error +Check: menu-format +Explanation: A given <code>menu</code> file cannot be recognized as being a series of + <code>tag=value</code> pairs. + . + This condition is sometimes caused by unmatched double quotes. +See-Also: + menu-manual 3.2 diff --git a/tags/u/unquoted-string-in-menu-item.tag b/tags/u/unquoted-string-in-menu-item.tag new file mode 100644 index 0000000..e214b75 --- /dev/null +++ b/tags/u/unquoted-string-in-menu-item.tag @@ -0,0 +1,9 @@ +Tag: unquoted-string-in-menu-item +Severity: warning +Check: menu-format +Explanation: The given <code>menu</code> item includes a tag with an unquoted string that + looks like <code>section=Games</code> instead of <code>section="Games"</code>. + . + That use is deprecated. Please quote the string. +See-Also: + menu-manual 3.2 diff --git a/tags/u/unreleased-changelog-distribution.tag b/tags/u/unreleased-changelog-distribution.tag new file mode 100644 index 0000000..f9cb8ae --- /dev/null +++ b/tags/u/unreleased-changelog-distribution.tag @@ -0,0 +1,6 @@ +Tag: unreleased-changelog-distribution +Severity: info +Check: debian/changelog +Explanation: The distribution in the latest Debian changelog entry indicates + that this package was not intended to be released yet. +See-Also: Bug#873520 diff --git a/tags/u/unreleased-changes.tag b/tags/u/unreleased-changes.tag new file mode 100644 index 0000000..c69896f --- /dev/null +++ b/tags/u/unreleased-changes.tag @@ -0,0 +1,7 @@ +Tag: unreleased-changes +Severity: error +Check: fields/distribution +Explanation: The distribution in the <code>Changes</code> field copied from + <code>debian/changelog</code> indicates that this package was not intended + to be released yet. +See-Also: Bug#542747 diff --git a/tags/u/unstripped-binary-or-object.tag b/tags/u/unstripped-binary-or-object.tag new file mode 100644 index 0000000..e74ca91 --- /dev/null +++ b/tags/u/unstripped-binary-or-object.tag @@ -0,0 +1,8 @@ +Tag: unstripped-binary-or-object +Severity: error +Check: binaries/debug-symbols +See-Also: debian-policy 10.1, debian-policy 10.2 +Explanation: The package installs an unstripped binary or object file. + . + Please note, that shared libraries have to be stripped with the + <code>--strip-unneeded</code> option. diff --git a/tags/u/unstripped-static-library.tag b/tags/u/unstripped-static-library.tag new file mode 100644 index 0000000..0797bd5 --- /dev/null +++ b/tags/u/unstripped-static-library.tag @@ -0,0 +1,12 @@ +Tag: unstripped-static-library +Severity: info +Check: libraries/static +Explanation: The package installs an unstripped static library. + . + Please note, that static libraries have to be stripped with the + <code>--strip-debug</code> option. You will probably also want to + use <code>--remove-section=.comment --remove-section=.note</code> + to avoid the static-library-has-unneeded-section tag. + . + <code>dh_strip</code> (after debhelper/9.20150811) will do this + automatically for you. diff --git a/tags/u/unsupported-source-format.tag b/tags/u/unsupported-source-format.tag new file mode 100644 index 0000000..2d08af9 --- /dev/null +++ b/tags/u/unsupported-source-format.tag @@ -0,0 +1,6 @@ +Tag: unsupported-source-format +Severity: error +Check: fields/format +Explanation: This package uses a different source package format than "1.0", + "3.0 (quilt)" or "3.0 (native)". Other package formats are supported by + dpkg-source, but they are not allowed in the Debian archive. diff --git a/tags/u/untranslatable-debconf-templates.tag b/tags/u/untranslatable-debconf-templates.tag new file mode 100644 index 0000000..752cd57 --- /dev/null +++ b/tags/u/untranslatable-debconf-templates.tag @@ -0,0 +1,17 @@ +Tag: untranslatable-debconf-templates +Severity: error +Check: debian/po-debconf +Explanation: This package seems to be using debconf templates, but some + descriptions are not translatable. You should prepend an underscore + before every translatable field, as described in po-debconf(7). This + may mean that translators weren't properly warned about new strings. + . + Translators may be notified of changes using podebconf-report-po, for + example: + . + podebconf-report-po --call --withtranslators --deadline="+10 days" \ + --languageteam + . + If the field is not intended for users to see, ensure the first line + of the description contains "for internal use". +See-Also: debian-policy 3.9.1 diff --git a/tags/u/unused-build-dependency-on-cdbs.tag b/tags/u/unused-build-dependency-on-cdbs.tag new file mode 100644 index 0000000..2eb35c2 --- /dev/null +++ b/tags/u/unused-build-dependency-on-cdbs.tag @@ -0,0 +1,5 @@ +Tag: unused-build-dependency-on-cdbs +Severity: warning +Check: debhelper +Explanation: The package build-depends on cdbs, but does not include any cdbs + files in <code>debian/rules</code>. diff --git a/tags/u/unused-debconf-template.tag b/tags/u/unused-debconf-template.tag new file mode 100644 index 0000000..bfa218b --- /dev/null +++ b/tags/u/unused-debconf-template.tag @@ -0,0 +1,23 @@ +Tag: unused-debconf-template +Severity: info +Check: debian/debconf +Explanation: Templates which are not used by the package should be removed from + the templates file. + . + This will reduce the size of the templates database and prevent + translators from unnecessarily translating the template's text. + . + In some cases, the template is used but Lintian is unable to determine + this. Common causes are: + . + - the maintainer scripts embed a variable in the template name in + order to allow a template to be selected from a range of similar + templates (e.g. <code>db_input low start_$service_at_boot</code>) + . + - the template is not used by the maintainer scripts but is used by + a program in the package + . + - the maintainer scripts are written in perl. Lintian currently only + understands the shell script debconf functions. + . + If any of the above apply, please install an override. diff --git a/tags/u/unused-entry-in-debian-source-include-binaries.tag b/tags/u/unused-entry-in-debian-source-include-binaries.tag new file mode 100644 index 0000000..0180662 --- /dev/null +++ b/tags/u/unused-entry-in-debian-source-include-binaries.tag @@ -0,0 +1,9 @@ +Tag: unused-entry-in-debian-source-include-binaries +Severity: info +Check: debian/source/include-binaries +Explanation: An entry in <code>debian/source/include-binaries</code> does not exist + in the patched source tree. Please remove the entry. + . + The format for the file is described in the manual page for + <code>dpkg-source</code>. +See-Also: dpkg-source(1), Bug#528001, https://stackoverflow.com/questions/21057015/debian-include-binaries-format diff --git a/tags/u/unused-license-paragraph-in-dep5-copyright.tag b/tags/u/unused-license-paragraph-in-dep5-copyright.tag new file mode 100644 index 0000000..d3fa909 --- /dev/null +++ b/tags/u/unused-license-paragraph-in-dep5-copyright.tag @@ -0,0 +1,7 @@ +Tag: unused-license-paragraph-in-dep5-copyright +Severity: info +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: The license paragraph in the machine-readable copyright file is not + referenced by any files paragraph. It could be a typo in the license name or + the license paragraph is simply not needed and can be removed. diff --git a/tags/u/unused-override.tag b/tags/u/unused-override.tag new file mode 100644 index 0000000..6eab89e --- /dev/null +++ b/tags/u/unused-override.tag @@ -0,0 +1,21 @@ +Tag: unused-override +Severity: info +Show-Always: yes +Check: lintian +Explanation: Your package specifies the named override but there were no + tags that could have been silenced by it. + . + Maybe you fixed an underlying condition but forgot to remove the + override. It is also possible that the Lintian maintainers fixed a + false positive. + . + If the override is now unused, please remove it. + . + This tag is similar to <code>mismatched-override</code> except there a + tag could have been silenced if the context had matched. + . + Sometimes, overrides end up not being used because a tag appears + only on some architectures. In that case, overrides can be equipped + with an architecture qualifier. +See-Also: + lintian-manual 2.4.3 diff --git a/tags/u/unusual-control-interpreter.tag b/tags/u/unusual-control-interpreter.tag new file mode 100644 index 0000000..dc011b2 --- /dev/null +++ b/tags/u/unusual-control-interpreter.tag @@ -0,0 +1,7 @@ +Tag: unusual-control-interpreter +Severity: warning +Check: scripts +Explanation: This package contains a control script for an interpreter that is + not normally used for control scripts. This is permissible but not + recommended. It makes it harder for other developers to understand your + package. diff --git a/tags/u/unusual-documentation-package-name.tag b/tags/u/unusual-documentation-package-name.tag new file mode 100644 index 0000000..2e4ff3e --- /dev/null +++ b/tags/u/unusual-documentation-package-name.tag @@ -0,0 +1,9 @@ +Tag: unusual-documentation-package-name +Severity: info +Check: fields/package +Explanation: The specified package appears to be a documentation package + that ends with the string "-docs". It is recommended that such + packages use the more usual "-doc" suffix instead. + . + Please remove the superfluous trailing "s" from the package name. +See-Also: debian-policy 12.3 diff --git a/tags/u/unusual-interpreter.tag b/tags/u/unusual-interpreter.tag new file mode 100644 index 0000000..957a3a2 --- /dev/null +++ b/tags/u/unusual-interpreter.tag @@ -0,0 +1,6 @@ +Tag: unusual-interpreter +Severity: warning +Check: scripts +Explanation: This package contains a script for an interpreter that is not shipped + in the package and is not known to Lintian. It is possible that there is + a typo or the interpreter is not executable. diff --git a/tags/u/unversioned-copyright-format-uri.tag b/tags/u/unversioned-copyright-format-uri.tag new file mode 100644 index 0000000..47a8f35 --- /dev/null +++ b/tags/u/unversioned-copyright-format-uri.tag @@ -0,0 +1,9 @@ +Tag: unversioned-copyright-format-uri +Severity: pedantic +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: Format URI of the machine-readable copyright file is not versioned. + . + Please use + <code>https://www.debian.org/doc/packaging-manuals/copyright-format/*version*/</code> + as the format URI instead. diff --git a/tags/u/unwanted-path-too-specific.tag b/tags/u/unwanted-path-too-specific.tag new file mode 100644 index 0000000..6a681fb --- /dev/null +++ b/tags/u/unwanted-path-too-specific.tag @@ -0,0 +1,13 @@ +Tag: unwanted-path-too-specific +Severity: warning +Check: debian/not-installed +Explanation: The file <code>debian/not-installed</code> lists a path that may + cause unexpected build failures. The path is too specific. + . + A common problem are entries starting with + <code>usr/lib/x86_64-linux-gnu</code>. The sources will build fine + on <code>amd64</code> but not on other architectures, because the + paths to do exist. + . + Please consider using an asterisk, which will work fine. +See-Also: Bug#961104, Bug#961960, Bug#961973 diff --git a/tags/u/update-debian-copyright.tag b/tags/u/update-debian-copyright.tag new file mode 100644 index 0000000..05d2aa9 --- /dev/null +++ b/tags/u/update-debian-copyright.tag @@ -0,0 +1,6 @@ +Tag: update-debian-copyright +Experimental: yes +Severity: pedantic +Check: debian/copyright/dep5 +Explanation: The most recent copyright year mentioned for files in <code>./debian</code> + lags behind the year in the timestamp for the most recent changelog entry. diff --git a/tags/u/upload-has-backports-version-number.tag b/tags/u/upload-has-backports-version-number.tag new file mode 100644 index 0000000..9d806af --- /dev/null +++ b/tags/u/upload-has-backports-version-number.tag @@ -0,0 +1,5 @@ +Tag: upload-has-backports-version-number +Severity: error +Check: fields/distribution +Explanation: The version number looks like a backport, but the upload's target + distribution is not a backport suite. diff --git a/tags/u/uploader-name-missing.tag b/tags/u/uploader-name-missing.tag new file mode 100644 index 0000000..bb9f18e --- /dev/null +++ b/tags/u/uploader-name-missing.tag @@ -0,0 +1,6 @@ +Tag: uploader-name-missing +Severity: error +Check: fields/uploaders +Explanation: The uploader field seems to contain just an email address. It must + contain the package uploader's name and email address. +See-Also: debian-policy 5.6.3 diff --git a/tags/u/uploaders-in-orphan.tag b/tags/u/uploaders-in-orphan.tag new file mode 100644 index 0000000..a6ec425 --- /dev/null +++ b/tags/u/uploaders-in-orphan.tag @@ -0,0 +1,7 @@ +Tag: uploaders-in-orphan +Severity: error +Check: nmu +Renamed-From: orphaned-package-should-not-have-uploaders +Explanation: Packages with their maintainer set to packages@qa.debian.org, i.e. + orphaned packages, should not have uploaders. Adopt the package properly if + you want to resume its maintenance. diff --git a/tags/u/upstart-job-in-etc-init.d-not-registered-via-update-rc.d.tag b/tags/u/upstart-job-in-etc-init.d-not-registered-via-update-rc.d.tag new file mode 100644 index 0000000..668da83 --- /dev/null +++ b/tags/u/upstart-job-in-etc-init.d-not-registered-via-update-rc.d.tag @@ -0,0 +1,12 @@ +Tag: upstart-job-in-etc-init.d-not-registered-via-update-rc.d +Severity: warning +Check: init-d +Explanation: The package installs an upstart-job in <code>/etc/init.d</code> + which is not registered in the <code>postinst</code> script. On + non-upstart systems this is usually a bug, unless you omit the links + intentionally for some reason or create the links some other way. + . + This tag should only be emitted for vendors that do not use upstart + by default (such as Debian). If this tag is emitted by a vendor + using upstart (e.g. Ubuntu), it may be a misconfiguration of their + Lintian vendor profile. diff --git a/tags/u/upstream-file-without-utf8-name.tag b/tags/u/upstream-file-without-utf8-name.tag new file mode 100644 index 0000000..8726043 --- /dev/null +++ b/tags/u/upstream-file-without-utf8-name.tag @@ -0,0 +1,14 @@ +Tag: upstream-file-without-utf8-name +Severity: info +Check: files/names +See-Also: debian-policy 10.10 +Explanation: The file name in the upstream source tree is not valid UTF-8. + There is probably not much a maintainer can do other than ask upstream + to package the sources differently. + . + Repacking may by an option, but it often has other drawbacks, such as + the loss of a cryptographic chain of custody. + . + Unlike other file names in Lintian, which are printed in UTF-8, the + attached reference shows the bytes used by the file system. Unprintable + characters may have been replaced. diff --git a/tags/u/upstream-metadata-exists.tag b/tags/u/upstream-metadata-exists.tag new file mode 100644 index 0000000..5ab6d8b --- /dev/null +++ b/tags/u/upstream-metadata-exists.tag @@ -0,0 +1,5 @@ +Tag: upstream-metadata-exists +Severity: classification +Check: debian/upstream/metadata +See-Also: https://dep-team.pages.debian.net/deps/dep12/ +Explanation: The sources contain a DEP 12 metadata file. diff --git a/tags/u/upstream-metadata-field-unknown.tag b/tags/u/upstream-metadata-field-unknown.tag new file mode 100644 index 0000000..9308651 --- /dev/null +++ b/tags/u/upstream-metadata-field-unknown.tag @@ -0,0 +1,10 @@ +Tag: upstream-metadata-field-unknown +Severity: warning +Check: debian/upstream/metadata +Explanation: The named field in the upstream metadata provided with this + package is not part of the DEP-12 specification. + . + Please use only recognized field names. +See-Also: + https://dep-team.pages.debian.net/deps/dep12/, + https://wiki.debian.org/UpstreamMetadata diff --git a/tags/u/upstream-metadata-file-is-missing.tag b/tags/u/upstream-metadata-file-is-missing.tag new file mode 100644 index 0000000..04dbf27 --- /dev/null +++ b/tags/u/upstream-metadata-file-is-missing.tag @@ -0,0 +1,16 @@ +Tag: upstream-metadata-file-is-missing +Severity: pedantic +Check: debian/upstream/metadata +Experimental: yes +See-Also: https://dep-team.pages.debian.net/deps/dep12/, https://wiki.debian.org/UpstreamMetadata +Explanation: This source package is not Debian-native but it does not have a + <code>debian/upstream/metadata</code> file. + . + The Upstream MEtadata GAthered with YAml (UMEGAYA) project is an effort + to collect meta-information about upstream projects from any source + package. This file is in YAML format and it is used in to feed the data + in the UltimateDebianDatabase. For example, it can contains the way the + authors want their software be cited in publications and some + bibliographic references about the software. + . + Please add a <code>debian/upstream/metadata</code> file. diff --git a/tags/u/upstream-metadata-in-native-source.tag b/tags/u/upstream-metadata-in-native-source.tag new file mode 100644 index 0000000..acac795 --- /dev/null +++ b/tags/u/upstream-metadata-in-native-source.tag @@ -0,0 +1,15 @@ +Tag: upstream-metadata-in-native-source +Severity: warning +Check: debian/upstream/metadata +See-Also: https://dep-team.pages.debian.net/deps/dep12/, https://wiki.debian.org/UpstreamMetadata +Explanation: This source package is Debian-native and has a + <code>debian/upstream/metadata</code> file. + . + The Upstream MEtadata GAthered with YAml (UMEGAYA) project is an effort + to collect meta-information about upstream projects from any source + package. This file is in YAML format and it is used in to feed the data + in the UltimateDebianDatabase. For example, it can contains the way the + authors want their software be cited in publications and some + bibliographic references about the software. + . + Please remove the <code>debian/upstream/metadata</code> file. diff --git a/tags/u/upstream-metadata-is-not-a-file.tag b/tags/u/upstream-metadata-is-not-a-file.tag new file mode 100644 index 0000000..b18f20f --- /dev/null +++ b/tags/u/upstream-metadata-is-not-a-file.tag @@ -0,0 +1,7 @@ +Tag: upstream-metadata-is-not-a-file +Severity: warning +Check: debian/upstream/metadata +See-Also: https://dep-team.pages.debian.net/deps/dep12/ +Explanation: The DEP 12 metadata file in the source is not readable. This + could be caused by a dangling symlink, or that the name is used + by some non-file directory entry. diff --git a/tags/u/upstream-metadata-missing-bug-tracking.tag b/tags/u/upstream-metadata-missing-bug-tracking.tag new file mode 100644 index 0000000..15bae30 --- /dev/null +++ b/tags/u/upstream-metadata-missing-bug-tracking.tag @@ -0,0 +1,10 @@ +Tag: upstream-metadata-missing-bug-tracking +Severity: info +Check: debian/upstream/metadata +See-Also: https://dep-team.pages.debian.net/deps/dep12/ +Explanation: The DEP 12 metadata file does not specify any upstream bug + tracking information (ie. the <code>Bug-Database</code> or + <code>Bug-Submit</code> fields are missing). + . + The upstream metadata can be found in the source package in the + file <code>debian/upstream/metadata</code>. diff --git a/tags/u/upstream-metadata-missing-repository.tag b/tags/u/upstream-metadata-missing-repository.tag new file mode 100644 index 0000000..75f1224 --- /dev/null +++ b/tags/u/upstream-metadata-missing-repository.tag @@ -0,0 +1,10 @@ +Tag: upstream-metadata-missing-repository +Severity: info +Check: debian/upstream/metadata +See-Also: https://dep-team.pages.debian.net/deps/dep12/ +Explanation: The DEP 12 metadata file does not specify the location of + upstream's version control repository (ie. the <code>Repository</code> + and <code>Repository-Browse</code> fields are missing). + . + The upstream metadata can be found in the source package in the + file <code>debian/upstream/metadata</code>. diff --git a/tags/u/upstream-metadata-not-yaml-mapping.tag b/tags/u/upstream-metadata-not-yaml-mapping.tag new file mode 100644 index 0000000..a03f216 --- /dev/null +++ b/tags/u/upstream-metadata-not-yaml-mapping.tag @@ -0,0 +1,12 @@ +Tag: upstream-metadata-not-yaml-mapping +Severity: warning +Check: debian/upstream/metadata +See-Also: https://dep-team.pages.debian.net/deps/dep12/ +Explanation: The DEP 12 metadata file is not well formed. The document + level must be a YAML mapping: + . + Some-Field: some-value + Another-Field: another-value + . + Sometimes, the fields are mistakenly prefaced with a hyphen, which + makes them a YAML sequence. In that case, please remove the hyphens. diff --git a/tags/u/upstream-metadata-yaml-invalid.tag b/tags/u/upstream-metadata-yaml-invalid.tag new file mode 100644 index 0000000..fcb1c50 --- /dev/null +++ b/tags/u/upstream-metadata-yaml-invalid.tag @@ -0,0 +1,6 @@ +Tag: upstream-metadata-yaml-invalid +Severity: warning +Check: debian/upstream/metadata +See-Also: https://dep-team.pages.debian.net/deps/dep12/ +Explanation: The DEP 12 metadata file is not well formed. The formatting + need to be adjusted to match the YAML specification. diff --git a/tags/u/upstream-metadata.tag b/tags/u/upstream-metadata.tag new file mode 100644 index 0000000..6a1b737 --- /dev/null +++ b/tags/u/upstream-metadata.tag @@ -0,0 +1,6 @@ +Tag: upstream-metadata +Severity: classification +Check: debian/upstream/metadata +Explanation: The DEP 12 metadata contains the field and the value indicated. +See-Also: + https://dep-team.pages.debian.net/deps/dep12/ diff --git a/tags/u/use-of-compat-symlink.tag b/tags/u/use-of-compat-symlink.tag new file mode 100644 index 0000000..1471a71 --- /dev/null +++ b/tags/u/use-of-compat-symlink.tag @@ -0,0 +1,7 @@ +Tag: use-of-compat-symlink +Severity: error +Check: files/hierarchy/standard +Explanation: This package uses a directory that, according to the Filesystem + Hierarchy Standard, should exist only as a compatibility symlink. + Packages should not traverse such symlinks when installing files, they + should use the standard directories instead. diff --git a/tags/u/useless-autogenerated-doxygen-file.tag b/tags/u/useless-autogenerated-doxygen-file.tag new file mode 100644 index 0000000..2295333 --- /dev/null +++ b/tags/u/useless-autogenerated-doxygen-file.tag @@ -0,0 +1,12 @@ +Tag: useless-autogenerated-doxygen-file +Severity: info +Check: documentation +Explanation: The package appears to ship files + from doxygen generated documentation used only + for internal purpose of doxygen. + . + These files are only needed to speed up the + regeneration of the output when this is done + in an incremental fashion (i.e. without first deleting + all output files), and are not needed for + reading the documentation. diff --git a/tags/u/useless-autoreconf-build-depends.tag b/tags/u/useless-autoreconf-build-depends.tag new file mode 100644 index 0000000..5235496 --- /dev/null +++ b/tags/u/useless-autoreconf-build-depends.tag @@ -0,0 +1,8 @@ +Tag: useless-autoreconf-build-depends +Severity: warning +Check: debhelper +Explanation: Since compatibility level 10, debhelper enables the <code>autoreconf</code> + sequence by default. + . + It is therefore not necessary to specify build-dependencies on + <code>dh-autoreconf</code> or <code>autotools-dev</code> and they can be removed. diff --git a/tags/u/useless-whatis-entry.tag b/tags/u/useless-whatis-entry.tag new file mode 100644 index 0000000..102cd1e --- /dev/null +++ b/tags/u/useless-whatis-entry.tag @@ -0,0 +1,16 @@ +Tag: useless-whatis-entry +Severity: warning +Check: documentation/manual +Renamed-From: manpage-has-useless-whatis-entry +Explanation: The whatis entry for this manual page (the brief description found + in the NAME section) is of the form: + . + program - manual page for program + . + This conveys no information about what the program is for and is + repetitive. The short description should contain brief information about + what the program is for to aid in searching with apropos and similar + programs. + . + If this manual page was generated by help2man, use the -n option to + provide a more meaningful description. diff --git a/tags/u/uses-debhelper-compat-file.tag b/tags/u/uses-debhelper-compat-file.tag new file mode 100644 index 0000000..c7ecd31 --- /dev/null +++ b/tags/u/uses-debhelper-compat-file.tag @@ -0,0 +1,15 @@ +Tag: uses-debhelper-compat-file +Severity: pedantic +Check: debhelper +Explanation: This package uses a <code>debian/compat</code> file to denote the + required debhelper compatibility number. + . + However, debhelper has replaced <code>debian/compat</code> with the + <code>debhelper-compat</code> virtual package for most circumstances. + . + Packages not using an experimental or beta compatibility level should + Build-Depend on the <code>debhelper-compat</code> virtual package, for + example: + . + Build-Depends: debhelper-compat (= 13) +See-Also: debhelper(7) diff --git a/tags/u/uses-deprecated-adttmp.tag b/tags/u/uses-deprecated-adttmp.tag new file mode 100644 index 0000000..46416d0 --- /dev/null +++ b/tags/u/uses-deprecated-adttmp.tag @@ -0,0 +1,7 @@ +Tag: uses-deprecated-adttmp +Severity: warning +Check: testsuite +Explanation: The specified test file appears to use the deprecated + <code>ADTTMP</code> variable. + . + Please replace this with <code>AUTOPKGTEST_TMP</code>. diff --git a/tags/u/uses-deprecated-compression-for-data-tarball.tag b/tags/u/uses-deprecated-compression-for-data-tarball.tag new file mode 100644 index 0000000..3fdb6b3 --- /dev/null +++ b/tags/u/uses-deprecated-compression-for-data-tarball.tag @@ -0,0 +1,12 @@ +Tag: uses-deprecated-compression-for-data-tarball +Severity: error +Check: deb-format +Explanation: The data portion of this binary package uses a deprecated compression + format. Although dpkg will support extracting such binary packages for + the foreseeable future, creating them will eventually be disallowed. A + warning is emitted for lzma since dpkg 1.16.4, and for bzip2 since dpkg + 1.17.7. + . + For lzma, xz is the direct replacement. For bzip2 either gzip or xz can + be used as a substitute, depending on the wanted properties: gzip for + maximum compatibility and speed, and xz for maximum compression ratio. diff --git a/tags/u/uses-dpkg-database-directly.tag b/tags/u/uses-dpkg-database-directly.tag new file mode 100644 index 0000000..d00f4b5 --- /dev/null +++ b/tags/u/uses-dpkg-database-directly.tag @@ -0,0 +1,13 @@ +Tag: uses-dpkg-database-directly +Severity: warning +Check: files/contents +Explanation: The listed file or maintainer script appears to access the + internal database(s) of dpkg. + . + The entire dpkg database, its layout and files are an internal + interface and no program or package should be accessing it, other + than dpkg itself and the suite of dpkg tools. + . + Whilst the files may be editable by an admin, that's a supported (but + unrecommended) feature reserved for humans and not for automatic tools. +See-Also: https://wiki.debian.org/DpkgConffileHandling diff --git a/tags/u/uses-implicit-await-trigger.tag b/tags/u/uses-implicit-await-trigger.tag new file mode 100644 index 0000000..143f072 --- /dev/null +++ b/tags/u/uses-implicit-await-trigger.tag @@ -0,0 +1,19 @@ +Tag: uses-implicit-await-trigger +Severity: warning +Check: triggers +Explanation: The listed trigger is present in the control file of the package. + The trigger is an <code>await</code> trigger, which may not be obvious from its name. + . + The <code>await</code> triggers place rather strong requirements on <code>dpkg</code> that often lead + to trigger cycles due to changes in other packages. + . + If the package does not need the guarantees that <code>dpkg</code> provides to <code>await</code> + triggers, please use the <code>-noawait</code> variant of the trigger. This is often + the case for packages that use the trigger to compile a form of cache. + . + If the package does need the guarantees provided by <code>dpkg</code>, then please + document the rationale in a comment above the trigger and use the + <code>-await</code> variant of the trigger to avoid this warning. +See-Also: + deb-triggers(5), + Bug#774559 diff --git a/tags/u/uses-no-compression-for-control-tarball.tag b/tags/u/uses-no-compression-for-control-tarball.tag new file mode 100644 index 0000000..bc768a7 --- /dev/null +++ b/tags/u/uses-no-compression-for-control-tarball.tag @@ -0,0 +1,8 @@ +Tag: uses-no-compression-for-control-tarball +Severity: error +Check: deb-format +See-Also: deb(5) +Explanation: The control portion of this binary package uses a non-compressed + format. Although dpkg will support extracting such binary packages + since dpkg 1.10.24, creating them is not advised except in special + cases. diff --git a/tags/u/uses-no-compression-for-data-tarball.tag b/tags/u/uses-no-compression-for-data-tarball.tag new file mode 100644 index 0000000..e94b582 --- /dev/null +++ b/tags/u/uses-no-compression-for-data-tarball.tag @@ -0,0 +1,11 @@ +Tag: uses-no-compression-for-data-tarball +Severity: error +Check: deb-format +See-Also: deb(5) +Explanation: The data portion of this binary package uses a non-compressed + format. Although dpkg will support extracting such binary packages + since dpkg 1.10.24, creating them is not advised except in special + cases. + . + Except if data is non-compressible, use gzip for + maximum compatibility and speed, and xz for maximum compression ratio. diff --git a/tags/u/uses-pdm-cli.tag b/tags/u/uses-pdm-cli.tag new file mode 100644 index 0000000..4b28f7d --- /dev/null +++ b/tags/u/uses-pdm-cli.tag @@ -0,0 +1,8 @@ +Tag: uses-pdm-cli +Severity: info +Check: languages/python +Explanation: The source declares <code>python3-pdm</code> as a build prerequisite, + but that is a command-line interface (CLI) tool. + . + Should <code>pdm</code> be required to build these sources, please declare the + prerequisite <code>python3-pdm-pep517</code> instead. diff --git a/tags/u/uses-poetry-cli.tag b/tags/u/uses-poetry-cli.tag new file mode 100644 index 0000000..97ab42c --- /dev/null +++ b/tags/u/uses-poetry-cli.tag @@ -0,0 +1,8 @@ +Tag: uses-poetry-cli +Severity: info +Check: languages/python +Explanation: The source declares <code>python3-poetry</code> as a build prerequisite, + but that is a command-line interface (CLI) tool. + . + Should <code>poetry</code> be required to build these sources, please declare the + prerequisite <code>python3-poetry-core</code> instead. diff --git a/tags/u/uses-python-distutils.tag b/tags/u/uses-python-distutils.tag new file mode 100644 index 0000000..f4712d9 --- /dev/null +++ b/tags/u/uses-python-distutils.tag @@ -0,0 +1,12 @@ +Tag: uses-python-distutils +Severity: info +Check: languages/python/distutils +Explanation: This package uses the Python distutils module. + . + In Python 3.10 and 3.11, distutils has been formally marked as deprecated. Code + that imports distutils will no longer work from Python 3.12. + . + Please prepare for this deprecation and migrate away from the Python distutils + module. + . + See-Also: https://peps.python.org/pep-0632 diff --git a/tags/u/using-first-person-in-description.tag b/tags/u/using-first-person-in-description.tag new file mode 100644 index 0000000..9dd6022 --- /dev/null +++ b/tags/u/using-first-person-in-description.tag @@ -0,0 +1,12 @@ +Tag: using-first-person-in-description +Severity: info +Check: fields/description +Explanation: You should avoid the use of first person ("I will do this..." or + "We recommend..."). The computer is not a person and the description + does not speak for the maintainer or maintainers. Instead, use a more + neutral construction and try to rephrase into factual statements about + the package. + . + For example, rather than saying "I don't recommend this package if you + are short on memory," say something like "this package is not suitable + for low-memory systems." diff --git a/tags/u/using-first-person-in-templates.tag b/tags/u/using-first-person-in-templates.tag new file mode 100644 index 0000000..67ad8b9 --- /dev/null +++ b/tags/u/using-first-person-in-templates.tag @@ -0,0 +1,11 @@ +Tag: using-first-person-in-templates +Severity: warning +Check: debian/debconf +Explanation: You should avoid the use of first person ("I will do this..." or + "We recommend..."). The computer is not a person and the Debconf + templates do not speak for the Debian developers. You should use neutral + construction and often the passive form. + . + If this template is only used internally by the package and not displayed + to the user, put "for internal use" in the short description. +See-Also: developer-reference 6.5.2.5 diff --git a/tags/u/using-imperative-form-in-templates.tag b/tags/u/using-imperative-form-in-templates.tag new file mode 100644 index 0000000..b460b8f --- /dev/null +++ b/tags/u/using-imperative-form-in-templates.tag @@ -0,0 +1,7 @@ +Tag: using-imperative-form-in-templates +Severity: warning +Check: debian/debconf +Explanation: Do not use useless imperative constructions such as "Please choose...", + "Enter...". The interface will make it obvious that the user needs to + choose or enter something. +See-Also: developer-reference 6.5.4.2 diff --git a/tags/u/using-question-in-extended-description-in-templates.tag b/tags/u/using-question-in-extended-description-in-templates.tag new file mode 100644 index 0000000..01635f7 --- /dev/null +++ b/tags/u/using-question-in-extended-description-in-templates.tag @@ -0,0 +1,9 @@ +Tag: using-question-in-extended-description-in-templates +Severity: warning +Check: debian/debconf +Explanation: The extended description of a debconf template should never include + a question. + . + If this template is only used internally by the package and not displayed + to the user, put "for internal use" in the short description. +See-Also: developer-reference 6.5.3.2 diff --git a/tags/u/usr-share-doc-symlink-points-outside-of-usr-share-doc.tag b/tags/u/usr-share-doc-symlink-points-outside-of-usr-share-doc.tag new file mode 100644 index 0000000..7526291 --- /dev/null +++ b/tags/u/usr-share-doc-symlink-points-outside-of-usr-share-doc.tag @@ -0,0 +1,6 @@ +Tag: usr-share-doc-symlink-points-outside-of-usr-share-doc +Severity: error +Check: debian/copyright +Explanation: The /usr/share/doc/*pkg* symbolic link is pointing to a directory + outside of <code>/usr/share/doc</code>. +See-Also: debian-policy 12.5 diff --git a/tags/u/usr-share-doc-symlink-to-foreign-package.tag b/tags/u/usr-share-doc-symlink-to-foreign-package.tag new file mode 100644 index 0000000..b0c04dc --- /dev/null +++ b/tags/u/usr-share-doc-symlink-to-foreign-package.tag @@ -0,0 +1,13 @@ +Tag: usr-share-doc-symlink-to-foreign-package +Severity: error +Check: debian/copyright +Explanation: If the package installs a symbolic link + <code>/usr/share/doc/*pkg1* -> *pkg2*</code>, then *pkg1* + and *pkg2* must both come from the same source package. + . + The best solution is probably to stop symlinking the + <code>/usr/share/doc</code> directory for this package and instead include a + real /usr/share/doc/*pkg1* directory within *pkg1* with the + appropriate contents (such as the <code>copyright</code> and + <code>changelog.Debian.gz</code> files). +See-Also: debian-policy 12.5 diff --git a/tags/u/usr-share-doc-symlink-without-dependency.tag b/tags/u/usr-share-doc-symlink-without-dependency.tag new file mode 100644 index 0000000..7c5f794 --- /dev/null +++ b/tags/u/usr-share-doc-symlink-without-dependency.tag @@ -0,0 +1,21 @@ +Tag: usr-share-doc-symlink-without-dependency +Severity: error +Check: debian/copyright +Explanation: If the package installs a symbolic link + <code>/usr/share/doc/*pkg1* -> *pkg2*</code>, then *pkg1* + must depend on *pkg2* directory, with the same version as + *pkg1*. + . + Adding the dependency just to fix this bug is often not a good solution. + Usually, it's better to include a real <code>/usr/share/doc/*pkg1*</code> + directory within *pkg1* and copy the copyright file into that + directory. + . + Transitive dependencies are not allowed here. In other words, if the + documentation directory is shipped in *pkg3* and *pkg1* depends + on *pkg2*, which in turn depends on *pkg3*, that's still an + error. Copyright file extractors are not required to go more than one + level deep when resolving dependencies. Each package should have a + direct dependency on the package which includes its documentation + directory. +See-Also: debian-policy 12.5 diff --git a/tags/v/vcs-browser-links-to-empty-view.tag b/tags/v/vcs-browser-links-to-empty-view.tag new file mode 100644 index 0000000..aedcdb7 --- /dev/null +++ b/tags/v/vcs-browser-links-to-empty-view.tag @@ -0,0 +1,7 @@ +Tag: vcs-browser-links-to-empty-view +Severity: warning +Check: fields/vcs +Explanation: The VCS-Browser links to an empty view of the repository due to it + including a suffix such as <code>?rev=0&sc=0</code>. + . + You should remove this suffix from the field. diff --git a/tags/v/vcs-field-bitrotted.tag b/tags/v/vcs-field-bitrotted.tag new file mode 100644 index 0000000..905a602 --- /dev/null +++ b/tags/v/vcs-field-bitrotted.tag @@ -0,0 +1,9 @@ +Tag: vcs-field-bitrotted +Severity: warning +Check: fields/vcs +Explanation: The VCS-* field uses an address which no longer works. Please + update it to use the current canonical URI instead. + . + Note that this check is based on a list of known URIs or/and + patterns. Lintian did not send an HTTP request to the URI to test + this. diff --git a/tags/v/vcs-field-has-unexpected-spaces.tag b/tags/v/vcs-field-has-unexpected-spaces.tag new file mode 100644 index 0000000..63c7c5a --- /dev/null +++ b/tags/v/vcs-field-has-unexpected-spaces.tag @@ -0,0 +1,11 @@ +Tag: vcs-field-has-unexpected-spaces +Severity: warning +Check: fields/vcs +Explanation: The VCS-* field contains more spaces than expected or spaces at + places where they were not expected. Where possible, escape valid + spaces in URIs to avoid any ambiguity with respect to possible future + additional optional fields. + . + This may be caused by incorrect use of the <code>-b</code> branch + separator. +See-Also: debian-policy 5.6.26 diff --git a/tags/v/vcs-field-mismatch.tag b/tags/v/vcs-field-mismatch.tag new file mode 100644 index 0000000..5b12288 --- /dev/null +++ b/tags/v/vcs-field-mismatch.tag @@ -0,0 +1,9 @@ +Tag: vcs-field-mismatch +Severity: warning +Check: fields/vcs +Explanation: The VCS-* field name appears to mismatch the target URI. + . + You might have moved the Debian packaging to another version control + system but have not updated the field name. For example, using the + Vcs-Svn field to point to a Git repository now hosted on + salsa.debian.org. diff --git a/tags/v/vcs-field-not-canonical.tag b/tags/v/vcs-field-not-canonical.tag new file mode 100644 index 0000000..03acacf --- /dev/null +++ b/tags/v/vcs-field-not-canonical.tag @@ -0,0 +1,10 @@ +Tag: vcs-field-not-canonical +Severity: info +Check: fields/vcs +Explanation: The VCS-* field contains an uncanonical URI. Please update to use + the current canonical URI instead. This reduces the network bandwidth used + and makes debcheckout work independent of the port forwarding and + redirections properly working. + . + Note that this check is based on a list of known URIs. Lintian did not + send an HTTP request to the URI to test this. diff --git a/tags/v/vcs-field-uses-insecure-uri.tag b/tags/v/vcs-field-uses-insecure-uri.tag new file mode 100644 index 0000000..489e28f --- /dev/null +++ b/tags/v/vcs-field-uses-insecure-uri.tag @@ -0,0 +1,11 @@ +Tag: vcs-field-uses-insecure-uri +Severity: info +Check: fields/vcs +Explanation: The Vcs-* field uses an unencrypted transport protocol for the + URI. It is recommended to use a secure transport such as HTTPS for + anonymous read-only access. + . + Note that you can often just exchange e.g. git:// with https:// for + repositories. Though, in some cases (bzr's "lp:" or CVS's pserver) it + might not be possible to use an alternative url and still have a + working (anonymous read-only) repository. diff --git a/tags/v/vcs-field-uses-not-recommended-uri-format.tag b/tags/v/vcs-field-uses-not-recommended-uri-format.tag new file mode 100644 index 0000000..b029573 --- /dev/null +++ b/tags/v/vcs-field-uses-not-recommended-uri-format.tag @@ -0,0 +1,10 @@ +Tag: vcs-field-uses-not-recommended-uri-format +Severity: warning +Check: fields/vcs +Explanation: The VCS-* field uses a URI which doesn't match the recommended + format, but still looks valid. Examples for not recommended URI formats + are protocols that require authentication (like SSH). Instead where + possible you should provide a URI that is accessible for everyone + without authentication. + . + This renders debcheckout(1) unusable in these cases. diff --git a/tags/v/vcs-field-uses-unknown-uri-format.tag b/tags/v/vcs-field-uses-unknown-uri-format.tag new file mode 100644 index 0000000..c016a2b --- /dev/null +++ b/tags/v/vcs-field-uses-unknown-uri-format.tag @@ -0,0 +1,5 @@ +Tag: vcs-field-uses-unknown-uri-format +Severity: warning +Check: fields/vcs +Explanation: The VCS-* field uses an URI which doesn't match any known format. + You might have forgotten the protocol before the hostname. diff --git a/tags/v/vcs-fields-use-more-than-one-vcs.tag b/tags/v/vcs-fields-use-more-than-one-vcs.tag new file mode 100644 index 0000000..f89a10b --- /dev/null +++ b/tags/v/vcs-fields-use-more-than-one-vcs.tag @@ -0,0 +1,4 @@ +Tag: vcs-fields-use-more-than-one-vcs +Severity: info +Check: fields/vcs +Explanation: The Vcs-* fields mix more than one version control system. diff --git a/tags/v/vcs-git-uses-invalid-user-uri.tag b/tags/v/vcs-git-uses-invalid-user-uri.tag new file mode 100644 index 0000000..0c9ab6b --- /dev/null +++ b/tags/v/vcs-git-uses-invalid-user-uri.tag @@ -0,0 +1,8 @@ +Tag: vcs-git-uses-invalid-user-uri +Severity: warning +Check: fields/vcs +Explanation: The Vcs-Git field is pointing to a personal repository using + a git://(git|anonscm).debian.org/~$LOGIN/$PRJ.git style URI. This is not + recommended since the repository this points is not automatically updated + when pushing to the personal repository. The recommended URI for anonymous + access is https://anonscm.debian.org/git/users/$LOGIN/$PRJ.git. diff --git a/tags/v/vcs-obsolete-in-debian-infrastructure.tag b/tags/v/vcs-obsolete-in-debian-infrastructure.tag new file mode 100644 index 0000000..5bd8448 --- /dev/null +++ b/tags/v/vcs-obsolete-in-debian-infrastructure.tag @@ -0,0 +1,16 @@ +Tag: vcs-obsolete-in-debian-infrastructure +Severity: warning +Check: fields/vcs +Explanation: The specified Vcs-* field points to an area within the *.debian.org + infrastructure but refers to a version control system that has been + deprecated. + . + After 1st May 2018, Debian ceased to offer hosting for any version + control system other than Git and the Alioth service became read-only + in May 2018. Packages should migrate to Git hosting on + https://salsa.debian.org. + . + For further information about salsa.debian.org, including how to add + HTTP redirects from alioth, please consult the Debian Wiki. +See-Also: https://lists.debian.org/debian-devel-announce/2017/08/msg00008.html, + https://wiki.debian.org/Salsa diff --git a/tags/v/vcs-uri.tag b/tags/v/vcs-uri.tag new file mode 100644 index 0000000..27fd63f --- /dev/null +++ b/tags/v/vcs-uri.tag @@ -0,0 +1,5 @@ +Tag: vcs-uri +Severity: classification +Check: fields/vcs +Explanation: The package uses the specified VCS URI according to the + <code>debian/control</code> file. diff --git a/tags/v/vcs.tag b/tags/v/vcs.tag new file mode 100644 index 0000000..95c2da6 --- /dev/null +++ b/tags/v/vcs.tag @@ -0,0 +1,5 @@ +Tag: vcs +Severity: classification +Check: fields/vcs +Explanation: The package uses the specified VCS (eg. "git") according to the + <code>debian/control</code> file. diff --git a/tags/v/version-refers-to-distribution.tag b/tags/v/version-refers-to-distribution.tag new file mode 100644 index 0000000..79d6cc3 --- /dev/null +++ b/tags/v/version-refers-to-distribution.tag @@ -0,0 +1,14 @@ +Tag: version-refers-to-distribution +Severity: warning +Check: debian/changelog +Explanation: The Debian portion of the package version contains a reference to a + particular Debian release or distribution. This should only be done for + uploads targeted at a particular release, not at unstable or + experimental, and should refer to the release by version number or code + name. + . + Using "testing" or "stable" in a package version targeted at the current + testing or stable release is less informative than using the code name or + version number and may cause annoying version sequencing issues if the + package doesn't change before the next release cycle starts. +See-Also: developer-reference 5.14.3 diff --git a/tags/v/version-substvar-for-external-package.tag b/tags/v/version-substvar-for-external-package.tag new file mode 100644 index 0000000..31bba12 --- /dev/null +++ b/tags/v/version-substvar-for-external-package.tag @@ -0,0 +1,8 @@ +Tag: version-substvar-for-external-package +Severity: error +Check: debian/version-substvars +Explanation: The first package has a relation on the second package using a + dpkg-control substitution variable to generate the versioned part of + the relation. However the second package is not built from this + source package. Usually this means there is a mistake or typo in the + package name in this dependency. diff --git a/tags/v/very-long-line-length-in-source-file.tag b/tags/v/very-long-line-length-in-source-file.tag new file mode 100644 index 0000000..507430c --- /dev/null +++ b/tags/v/very-long-line-length-in-source-file.tag @@ -0,0 +1,42 @@ +Tag: very-long-line-length-in-source-file +Experimental: yes +Severity: pedantic +Check: files/contents/line-length +Explanation: The source file includes a line length that is well beyond + the normally human made code line length. + . + This very long line length does not allow Lintian to do + correctly some source file checks. + . + This line could also be the result of some text injected by + a computer program, and thus could lead to FTBFS bugs. + . + Last but not least, long line in source code could be used + to obfuscate the source code and to hide stuff like backdoors + or security problems. + . + It could be due to jslint source comments or other build tool + comments. + . + You may report this issue upstream. +Renamed-From: + insane-line-length-in-source-file + +Screen: autotools/long-lines +Advocates: Russ Allbery <rra@debian.org> +Reason: + Upstream sources using <code>autoconf</code> have traditionally been + distributed with generated <code>./configure</code> scripts as well as + other third-party <code>m4</code> macro files such as <code>libtool</code>. + . + When paired with <code>automake</code>, there may also be some intermediate + <code>Makefile.in</code> files. + . + A lot of sources potentially contain such files, but they are not actionable + by either the Debian distributor or by the upstream maintainer. + . + As a side note, modern Debian build protocols will re-create many of those + files via <code>dh_autoreconf</code>. They are present merely to aid in + bootstrapping systems where the GNU suite may not yet be available. +See-Also: + Bug#996740 diff --git a/tags/v/vim-addon-within-vim-runtime-path.tag b/tags/v/vim-addon-within-vim-runtime-path.tag new file mode 100644 index 0000000..dcfd1cf --- /dev/null +++ b/tags/v/vim-addon-within-vim-runtime-path.tag @@ -0,0 +1,7 @@ +Tag: vim-addon-within-vim-runtime-path +Severity: warning +Check: vim +Explanation: Vim addons should not be installed directly under a directory contained + in the Vim runtime path. Users shall be given the freedom to choose which + addons they want to have enabled and which they don't. +See-Also: vim-policy 3.1 diff --git a/tags/v/virtual-package-depends-without-real-package-depends.tag b/tags/v/virtual-package-depends-without-real-package-depends.tag new file mode 100644 index 0000000..c4d0e89 --- /dev/null +++ b/tags/v/virtual-package-depends-without-real-package-depends.tag @@ -0,0 +1,14 @@ +Tag: virtual-package-depends-without-real-package-depends +Severity: warning +Check: fields/package-relations +Explanation: The package declares a depends on a virtual package without listing a + real package as an alternative first. + . + If this package could ever be a build dependency, it should list a real + package as the first alternative to any virtual package in its Depends. + Otherwise, the build daemons will not be able to provide a consistent + build environment. + . + If it will never be a build dependency, this isn't necessary, but you may + want to consider doing so anyway if there is a real package providing + that virtual package that most users will want to use. diff --git a/tags/w/wayward-symbolic-link-target-in-source.tag b/tags/w/wayward-symbolic-link-target-in-source.tag new file mode 100644 index 0000000..b7ee8fb --- /dev/null +++ b/tags/w/wayward-symbolic-link-target-in-source.tag @@ -0,0 +1,11 @@ +Tag: wayward-symbolic-link-target-in-source +Severity: error +Check: files/symbolic-links +Renamed-From: source-contains-unsafe-symlink +Explanation: The named symbolic link in a source package resolves outside + the shipped sources. + . + Please note that this tag is only issued for relative links targets. + Absolute link targets are also disqualified because source packages + are not anchored and can be unpacked anywhere. They triggers another + tag. diff --git a/tags/w/weak-dependency-on-misc-depends.tag b/tags/w/weak-dependency-on-misc-depends.tag new file mode 100644 index 0000000..389eda4 --- /dev/null +++ b/tags/w/weak-dependency-on-misc-depends.tag @@ -0,0 +1,8 @@ +Tag: weak-dependency-on-misc-depends +Severity: warning +Check: debhelper +See-Also: debhelper(7) +Explanation: The source package declares a weak dependency on ${misc:Depends} in + the given binary package's debian/control entry. A stronger dependency, that + is one that ensures the package's installation, is required so that the + additional commands are available to the maintainer scripts when they are run. diff --git a/tags/w/weak-library-dev-dependency.tag b/tags/w/weak-library-dev-dependency.tag new file mode 100644 index 0000000..bdffdc8 --- /dev/null +++ b/tags/w/weak-library-dev-dependency.tag @@ -0,0 +1,21 @@ +Tag: weak-library-dev-dependency +Severity: error +Check: debian/control/prerequisite/development +Explanation: This package seems to contain the development files for a + shared library, but the requirement for that shared library to be installed + does not include the same version. + . + A <code>-dev</code> package should normally use <code>(= ${binary:Version})</code> + for the prerequisite on the shared library. That will ensure that programs compile + and link properly. The symbolic links for the dynamic linker will also point to the + correct places. + . + To be sure, there are some circumstances when a weak prerequisite is warranted, for + example to prevent the breaking of binNMUs with architecture-independent <code>-dev</code> + packages. Then something like <code>(>= ${source:Upstream-Version}), (<< + ${source:Upstream-Version}+1~)</code> may be the right approach, or possibly + <code>${source:Version}</code> instead. The goal there is to ensure that a new upstream + version of the library does not satisfy the prerequisite, since any minor version change + might break the <code>*.so</code> links. +See-Also: + debian-policy 8.5 diff --git a/tags/w/web-application-depends-on-apache2-data-package.tag b/tags/w/web-application-depends-on-apache2-data-package.tag new file mode 100644 index 0000000..31d9125 --- /dev/null +++ b/tags/w/web-application-depends-on-apache2-data-package.tag @@ -0,0 +1,10 @@ +Tag: web-application-depends-on-apache2-data-package +Severity: warning +Check: apache2 +Explanation: The package appears to be a web application but declares a package + relation with <code>apache2-bin</code>, <code>apache2-data</code> or any of its + transitional packages. However, web applications are rarely bound to a specific + web server version. Thus, they should depend on <code>apache2</code> only instead. + If a web application is actually tied to a particular binary version of the web + server a dependency against the virtual <code>apache2-api-YYYYMMDD</code> package + is more appropriate. diff --git a/tags/w/web-application-works-only-with-apache.tag b/tags/w/web-application-works-only-with-apache.tag new file mode 100644 index 0000000..ea2b0d7 --- /dev/null +++ b/tags/w/web-application-works-only-with-apache.tag @@ -0,0 +1,10 @@ +Tag: web-application-works-only-with-apache +Severity: warning +Check: apache2 +Renamed-From: web-application-should-not-depend-unconditionally-on-apache2 +Explanation: The package appears to be a web application but declares a dependency + against <code>apache2</code> without any alternative. Most web applications should + work with any decent web server, thus such a package should be satisfied if any + web server providing the virtual "<code>httpd</code>" package is installed. This + can be accomplished by declaring a package relation in the form "<code>apache2 | + httpd</code>". diff --git a/tags/w/whitespace-after-continuation-character.tag b/tags/w/whitespace-after-continuation-character.tag new file mode 100644 index 0000000..789351f --- /dev/null +++ b/tags/w/whitespace-after-continuation-character.tag @@ -0,0 +1,9 @@ +Tag: whitespace-after-continuation-character +Severity: error +Check: menu-format +Explanation: The menu item is split up over two or more continuation lines, but + there is additional whitespace after the backslash (<code>\</code>) that + indicates where lines should be joined together. + . + There is no guarantee that such additional whitespace is handled correctly. + The backslash should be the end of the line. diff --git a/tags/w/wiki-copyright-format-uri.tag b/tags/w/wiki-copyright-format-uri.tag new file mode 100644 index 0000000..a28205c --- /dev/null +++ b/tags/w/wiki-copyright-format-uri.tag @@ -0,0 +1,9 @@ +Tag: wiki-copyright-format-uri +Severity: pedantic +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: Format URI of the machine-readable copyright file refers to Debian Wiki. + . + Debian Wiki is not used for the format development anymore. Please use + <code>https://www.debian.org/doc/packaging-manuals/copyright-format/*version*/</code> + as the format URI instead. diff --git a/tags/w/windows-devel-file-in-package.tag b/tags/w/windows-devel-file-in-package.tag new file mode 100644 index 0000000..c09f8c9 --- /dev/null +++ b/tags/w/windows-devel-file-in-package.tag @@ -0,0 +1,7 @@ +Tag: windows-devel-file-in-package +Severity: warning +Check: foreign-operating-systems +Explanation: This package appears to contain development files only meaningful to + Windows environments. Such files are generally useless in Debian packages and + were usually accidentally included by copying complete directories from the + source tarball. diff --git a/tags/w/windows-thumbnail-database-in-package.tag b/tags/w/windows-thumbnail-database-in-package.tag new file mode 100644 index 0000000..e658cb2 --- /dev/null +++ b/tags/w/windows-thumbnail-database-in-package.tag @@ -0,0 +1,8 @@ +Tag: windows-thumbnail-database-in-package +Severity: warning +Check: foreign-operating-systems +Explanation: There is a file in the package named <code>Thumbs.db</code> or + <code>Thumbs.db.gz</code>, which is normally a Windows image thumbnail + database. Such databases are generally useless in Debian packages and + were usually accidentally included by copying complete directories from + the source tarball. diff --git a/tags/w/wish-script-but-no-wish-dep.tag b/tags/w/wish-script-but-no-wish-dep.tag new file mode 100644 index 0000000..bc4f4d2 --- /dev/null +++ b/tags/w/wish-script-but-no-wish-dep.tag @@ -0,0 +1,9 @@ +Tag: wish-script-but-no-wish-dep +Severity: error +Check: scripts +Explanation: Packages that include wish scripts must depend on the virtual + package wish or, if they require a specific version of wish or tk, that + version of tk. + . + In some cases a weaker relationship, such as Suggests or Recommends, will + be more appropriate. diff --git a/tags/w/wrong-bug-number-in-closes.tag b/tags/w/wrong-bug-number-in-closes.tag new file mode 100644 index 0000000..e3d5fbf --- /dev/null +++ b/tags/w/wrong-bug-number-in-closes.tag @@ -0,0 +1,5 @@ +Tag: wrong-bug-number-in-closes +Severity: warning +Check: debian/changelog +Explanation: Bug numbers can only contain digits. +See-Also: debian-policy 4.4 diff --git a/tags/w/wrong-compression-in-manual-page.tag b/tags/w/wrong-compression-in-manual-page.tag new file mode 100644 index 0000000..21e5a22 --- /dev/null +++ b/tags/w/wrong-compression-in-manual-page.tag @@ -0,0 +1,6 @@ +Tag: wrong-compression-in-manual-page +Severity: error +Check: documentation/manual +Renamed-From: manpage-not-compressed-with-gzip +Explanation: Manual pages should be compressed with <code>gzip -9n</code>. +See-Also: debian-policy 12.1 diff --git a/tags/w/wrong-file-owner-uid-or-gid.tag b/tags/w/wrong-file-owner-uid-or-gid.tag new file mode 100644 index 0000000..0a5a6da --- /dev/null +++ b/tags/w/wrong-file-owner-uid-or-gid.tag @@ -0,0 +1,14 @@ +Tag: wrong-file-owner-uid-or-gid +Severity: error +Check: files/ownership +Explanation: The user or group ID of the owner of the file is invalid. The + owner user and group IDs must be in the set of globally allocated + IDs, because other IDs are dynamically allocated and might be used + for varying purposes on different systems, or are reserved. The set + of the allowed, globally allocated IDs consists of the ranges 0-99, + 64000-64999 and 65534. + . + It's possible for a Policy-compliant package to trigger this tag if the + user is created in the preinst maintainer script, but this is a very rare + case and doesn't appear to be necessary. +See-Also: debian-policy 9.2 diff --git a/tags/w/wrong-manual-section.tag b/tags/w/wrong-manual-section.tag new file mode 100644 index 0000000..9817686 --- /dev/null +++ b/tags/w/wrong-manual-section.tag @@ -0,0 +1,8 @@ +Tag: wrong-manual-section +Severity: warning +Check: documentation/manual +Renamed-From: manpage-section-mismatch +Explanation: A manual page usually should contain a <code>.TH</code> header, specifying the + section. The section in this manual page doesn't match with the section in the + filename. +See-Also: groff_man(7), man(1) diff --git a/tags/w/wrong-name-for-changelog-of-native-package.tag b/tags/w/wrong-name-for-changelog-of-native-package.tag new file mode 100644 index 0000000..cd1fb0e --- /dev/null +++ b/tags/w/wrong-name-for-changelog-of-native-package.tag @@ -0,0 +1,7 @@ +Tag: wrong-name-for-changelog-of-native-package +Severity: warning +Check: debian/changelog +Explanation: The changelog file of a native Debian package (ie. if there is + no upstream source) should usually be installed as + /usr/share/doc/*pkg*/changelog.gz +See-Also: debian-policy 12.7 diff --git a/tags/w/wrong-name-for-debian-changelog-file.tag b/tags/w/wrong-name-for-debian-changelog-file.tag new file mode 100644 index 0000000..4d5cafc --- /dev/null +++ b/tags/w/wrong-name-for-debian-changelog-file.tag @@ -0,0 +1,6 @@ +Tag: wrong-name-for-debian-changelog-file +Severity: error +Check: debian/changelog +Explanation: The Debian changelog file should usually be installed as + /usr/share/doc/*pkg*/changelog.Debian.gz +See-Also: debian-policy 12.7 diff --git a/tags/w/wrong-name-for-debian-news-file.tag b/tags/w/wrong-name-for-debian-news-file.tag new file mode 100644 index 0000000..3c117cf --- /dev/null +++ b/tags/w/wrong-name-for-debian-news-file.tag @@ -0,0 +1,7 @@ +Tag: wrong-name-for-debian-news-file +Severity: warning +Check: debian/changelog +Explanation: The Debian news file must be installed as + /usr/share/doc/*pkg*/NEWS.Debian.gz with exactly that capitalization + or automated tools may not find it correctly. +See-Also: developer-reference 6.3.4 diff --git a/tags/w/wrong-name-for-manual-page.tag b/tags/w/wrong-name-for-manual-page.tag new file mode 100644 index 0000000..7f0688e --- /dev/null +++ b/tags/w/wrong-name-for-manual-page.tag @@ -0,0 +1,7 @@ +Tag: wrong-name-for-manual-page +Severity: error +Check: documentation/manual +Renamed-From: manpage-has-wrong-extension +Explanation: The manual page has an extension other than + "*section*[*program*].gz". +See-Also: debian-policy 12.1 diff --git a/tags/w/wrong-name-for-upstream-changelog.tag b/tags/w/wrong-name-for-upstream-changelog.tag new file mode 100644 index 0000000..4f8fd94 --- /dev/null +++ b/tags/w/wrong-name-for-upstream-changelog.tag @@ -0,0 +1,6 @@ +Tag: wrong-name-for-upstream-changelog +Severity: warning +Check: debian/changelog +Explanation: If there is an upstream changelog file, it should usually be + installed as /usr/share/doc/*pkg*/changelog.gz +See-Also: debian-policy 12.7 diff --git a/tags/w/wrong-path-for-interpreter.tag b/tags/w/wrong-path-for-interpreter.tag new file mode 100644 index 0000000..4e0ec4c --- /dev/null +++ b/tags/w/wrong-path-for-interpreter.tag @@ -0,0 +1,10 @@ +Tag: wrong-path-for-interpreter +Severity: error +Check: scripts +Explanation: The interpreter you used is installed at another location on Debian + systems. + . + Note that, as a particular exception, Debian Policy ยง 10.4 states that + Perl scripts should use <code>/usr/bin/perl</code> directly and not + <code>/usr/bin/env</code>, etc. +See-Also: debian-policy 10.4 diff --git a/tags/w/wrong-section-according-to-package-name.tag b/tags/w/wrong-section-according-to-package-name.tag new file mode 100644 index 0000000..8dca357 --- /dev/null +++ b/tags/w/wrong-section-according-to-package-name.tag @@ -0,0 +1,5 @@ +Tag: wrong-section-according-to-package-name +Severity: info +Check: fields/section +Explanation: This package has a name suggesting that it belongs to a section + other than the one it is currently categorized in. diff --git a/tags/w/wrong-section-for-udeb.tag b/tags/w/wrong-section-for-udeb.tag new file mode 100644 index 0000000..2666653 --- /dev/null +++ b/tags/w/wrong-section-for-udeb.tag @@ -0,0 +1,4 @@ +Tag: wrong-section-for-udeb +Severity: warning +Check: fields/section +Explanation: udeb packages should have "Section: debian-installer". diff --git a/tags/w/wrong-team.tag b/tags/w/wrong-team.tag new file mode 100644 index 0000000..48a3ba5 --- /dev/null +++ b/tags/w/wrong-team.tag @@ -0,0 +1,8 @@ +Tag: wrong-team +Severity: warning +Check: fields/maintainer/team +Explanation: The package is team-maintained but uses a name from + another team's name space. + . + Sometimes teams split up. This tag was designed to make sure the + maintainer address is updated when that happens. diff --git a/tags/z/zero-byte-executable-in-path.tag b/tags/z/zero-byte-executable-in-path.tag new file mode 100644 index 0000000..03ba829 --- /dev/null +++ b/tags/z/zero-byte-executable-in-path.tag @@ -0,0 +1,9 @@ +Tag: zero-byte-executable-in-path +Severity: error +Check: files/names +Explanation: This package installs the specified empty executable file to the + system's PATH. These files do not do anything and produce no error + message when run. + . + This was likely caused by an error in the package build process. +See-Also: Bug#919341 diff --git a/tags/z/zero-byte-file-in-doc-directory.tag b/tags/z/zero-byte-file-in-doc-directory.tag new file mode 100644 index 0000000..2df5f54 --- /dev/null +++ b/tags/z/zero-byte-file-in-doc-directory.tag @@ -0,0 +1,11 @@ +Tag: zero-byte-file-in-doc-directory +Severity: warning +Check: documentation +Explanation: The documentation directory for this package contains an empty + file. This is often due to installing an upstream NEWS or README file + without realizing it's empty and hence not useful. + . + Files in the examples subdirectory are excluded from this check, but + there are some cases where empty files are legitimate parts of the + documentation without being examples. In those cases, please add an + override. diff --git a/tags/z/zip-parse-error.tag b/tags/z/zip-parse-error.tag new file mode 100644 index 0000000..59738fa --- /dev/null +++ b/tags/z/zip-parse-error.tag @@ -0,0 +1,5 @@ +Tag: zip-parse-error +Severity: warning +Check: languages/java +Explanation: The package contains a Jar file, but Lintian is unable to parse it. + It is possible that the Jar file is corrupt. |