diff options
Diffstat (limited to '')
178 files changed, 1906 insertions, 0 deletions
diff --git a/tags/p/package-builds-dbg-and-dbgsym-variants.tag b/tags/p/package-builds-dbg-and-dbgsym-variants.tag new file mode 100644 index 0000000..45f7aac --- /dev/null +++ b/tags/p/package-builds-dbg-and-dbgsym-variants.tag @@ -0,0 +1,10 @@ +Tag: package-builds-dbg-and-dbgsym-variants +Severity: warning +Check: changes-file +See-Also: dh_strip(1), https://wiki.debian.org/AutomaticDebugPackages +Explanation: This package appears to build both -dbg and -dbgsym variants of a + package. Only one package should contain the debug symbols + . + Usually the -dbg should be dropped in favour of the -dbgsym. However, + in some cases (e.g. Python modules) the -dbg contains more than just + the debug symbols. In these cases the -dbgsym should not be built. diff --git a/tags/p/package-contains-ancient-file.tag b/tags/p/package-contains-ancient-file.tag new file mode 100644 index 0000000..aac9a01 --- /dev/null +++ b/tags/p/package-contains-ancient-file.tag @@ -0,0 +1,7 @@ +Tag: package-contains-ancient-file +Severity: error +Check: files/date +Explanation: Your package contains a file that claims to have been generated + more than 20 years ago. This is most probably an error. Your package + will be rejected by the Debian archive scripts if it contains a file + with such a timestamp. diff --git a/tags/p/package-contains-broken-symlink-wildcard.tag b/tags/p/package-contains-broken-symlink-wildcard.tag new file mode 100644 index 0000000..7ebb7f6 --- /dev/null +++ b/tags/p/package-contains-broken-symlink-wildcard.tag @@ -0,0 +1,7 @@ +Tag: package-contains-broken-symlink-wildcard +Severity: warning +Check: files/symbolic-links/broken +Explanation: The package contains a symlink with a target that + appears to be a "failed" wildcard expansion. Furthermore + the target does not exists in the package or any of its + direct dependencies (built from the same source package). diff --git a/tags/p/package-contains-bts-control-dir.tag b/tags/p/package-contains-bts-control-dir.tag new file mode 100644 index 0000000..0d854e7 --- /dev/null +++ b/tags/p/package-contains-bts-control-dir.tag @@ -0,0 +1,6 @@ +Tag: package-contains-bts-control-dir +Severity: warning +Check: files/bugs +Explanation: The package contains a control directory for a bug tracking system. + It was most likely installed by accident, since bug tracking directories + usually don't belong in packages. diff --git a/tags/p/package-contains-cmake-private-file.tag b/tags/p/package-contains-cmake-private-file.tag new file mode 100644 index 0000000..af6a00c --- /dev/null +++ b/tags/p/package-contains-cmake-private-file.tag @@ -0,0 +1,13 @@ +Tag: package-contains-cmake-private-file +Severity: error +Check: build-systems/cmake +Explanation: The package ships a file in a location reserved for <code>CMake</code>. + It usually means you shipped a <code>Find</code> module. + . + Libraries should not ship Find modules Config files. Config files should + be installed in the unversioned path + <code>usr/(lib/<arch>|lib|share)/cmake/<name>*/</code> + . + When CMake Config files are installed in an unversioned path, your + package will continue to work when a new version of CMake is uploaded. +See-Also: https://wiki.debian.org/CMake, https://cmake.org/cmake/help/v3.10/manual/cmake-packages.7.html#config-file-packages diff --git a/tags/p/package-contains-compiled-font-file.tag b/tags/p/package-contains-compiled-font-file.tag new file mode 100644 index 0000000..15b04ef --- /dev/null +++ b/tags/p/package-contains-compiled-font-file.tag @@ -0,0 +1,6 @@ +Tag: package-contains-compiled-font-file +Severity: error +Check: desktop/x11 +Explanation: This package appears to contain a compiled font file. These files + should be generated automatically by triggers and it must not be shipped + in any package. diff --git a/tags/p/package-contains-compiled-glib-schema.tag b/tags/p/package-contains-compiled-glib-schema.tag new file mode 100644 index 0000000..1c70c5b --- /dev/null +++ b/tags/p/package-contains-compiled-glib-schema.tag @@ -0,0 +1,7 @@ +Tag: package-contains-compiled-glib-schema +Severity: error +Check: files/names +Explanation: This package contains a file named <code>gschemas.compiled</code>. This + file is generated automatically by triggers and it must not be shipped in + any package. +See-Also: Bug#883801 diff --git a/tags/p/package-contains-documentation-outside-usr-share-doc.tag b/tags/p/package-contains-documentation-outside-usr-share-doc.tag new file mode 100644 index 0000000..09fabca --- /dev/null +++ b/tags/p/package-contains-documentation-outside-usr-share-doc.tag @@ -0,0 +1,25 @@ +Tag: package-contains-documentation-outside-usr-share-doc +Severity: info +Check: documentation +Explanation: This package ships a documentation file outside /usr/share/doc + Documentation files are normally installed inside <code>/usr/share/doc</code>. + . + If this file doesn't describe the contents or purpose of the directory + it is in, please consider moving this file to <code>/usr/share/doc/</code> + or maybe even removing it. If this file does describe the contents + or purpose of the directory it is in, please add a lintian override. + +Screen: python/egg/metadata +Advocates: Scott Kitterman <debian@kitterman.com> +Reason: The folders <code>XXX.dist-info/</code> and <code>XXX.egg-info/</code> + hold metadata for Python modules. Those files are not documentation even though + some of their names carry the <code>.txt</code> file extension. + . + Python modules can be both public and private. +See-Also: + https://www.python.org/dev/peps/pep-0427/#the-dist-info-directory, + https://www.python.org/dev/peps/pep-0376/#id16, + https://www.python.org/dev/peps/pep-0610/, + https://www.python.org/dev/peps/pep-0639/, + https://setuptools.pypa.io/en/latest/deprecated/python_eggs.html, + Bug#1003913 diff --git a/tags/p/package-contains-empty-directory.tag b/tags/p/package-contains-empty-directory.tag new file mode 100644 index 0000000..6ef9072 --- /dev/null +++ b/tags/p/package-contains-empty-directory.tag @@ -0,0 +1,10 @@ +Tag: package-contains-empty-directory +Severity: info +Check: files/empty-directories +Explanation: This package installs an empty directory. This might be intentional + but it's normally a mistake. If it is intentional, add a Lintian override. + . + If a package ships with or installs empty directories, you can remove them + in debian/rules by calling: + . + $ find path/to/base/dir -type d -empty -delete diff --git a/tags/p/package-contains-eslint-config-file.tag b/tags/p/package-contains-eslint-config-file.tag new file mode 100644 index 0000000..430db18 --- /dev/null +++ b/tags/p/package-contains-eslint-config-file.tag @@ -0,0 +1,11 @@ +Tag: package-contains-eslint-config-file +Severity: error +Check: files/names +Explanation: This package ships an ESLint config file. This file is + a configuration file for the ESLint pluggable linting utility + for JavaScript. + . + Even if these files are useful for modifying the source, + they do not belong in installed packages. + . + Please remove this file from your package. diff --git a/tags/p/package-contains-file-in-etc-skel.tag b/tags/p/package-contains-file-in-etc-skel.tag new file mode 100644 index 0000000..f47f468 --- /dev/null +++ b/tags/p/package-contains-file-in-etc-skel.tag @@ -0,0 +1,13 @@ +Tag: package-contains-file-in-etc-skel +Severity: error +Check: files/names +Explanation: This package ships the specified file under <code>/etc/skel</code>. Files + in this directory are copied into new user accounts by <code>adduser(8)</code>. + . + However, <code>/etc/skel</code> should be empty as possible as there is no + mechanism for ensuring files are copied into the accounts of existing + users when the package is installed. + . + Please remove the installation of this file, ensuring this package + can automatically create them or can otherwise function without them. +See-Also: debian-policy 10.7.5 diff --git a/tags/p/package-contains-file-in-usr-share-hal.tag b/tags/p/package-contains-file-in-usr-share-hal.tag new file mode 100644 index 0000000..6f5605b --- /dev/null +++ b/tags/p/package-contains-file-in-usr-share-hal.tag @@ -0,0 +1,9 @@ +Tag: package-contains-file-in-usr-share-hal +Severity: warning +Check: files/names +Explanation: This package installs the specified file under + <code>/usr/share/hal/</code> but this directory is no longer looked at + by any package in Debian since the removal of the <code>hal</code> package + in 2014. + . + Please remove or otherwise prevent the installation of this file. diff --git a/tags/p/package-contains-hardlink.tag b/tags/p/package-contains-hardlink.tag new file mode 100644 index 0000000..5539e58 --- /dev/null +++ b/tags/p/package-contains-hardlink.tag @@ -0,0 +1,14 @@ +Tag: package-contains-hardlink +Severity: warning +Check: files/hard-links +Explanation: The package contains a hardlink in <code>/etc</code> or across different + directories. This might not work at all if directories are on different + filesystems (which can happen anytime as the system administrator sees fit), + certain filesystems such as AFS don't even support cross-directory hardlinks + at all. + . + For configuration files, certain editors might break hardlinks, and so + does dpkg in certain cases. + . + A better solution might be using symlinks here. +See-Also: debian-policy 10.7.3 diff --git a/tags/p/package-contains-icon-cache-in-generic-dir.tag b/tags/p/package-contains-icon-cache-in-generic-dir.tag new file mode 100644 index 0000000..04efa6c --- /dev/null +++ b/tags/p/package-contains-icon-cache-in-generic-dir.tag @@ -0,0 +1,8 @@ +Tag: package-contains-icon-cache-in-generic-dir +Severity: warning +Check: files/names +Explanation: This package installs the specified icon cache in a generic + location such as <code>/usr/share/icons/hicolor</code> which will + invariably clash with other packages. + . + Please remove or otherwise prevent the installation of this file. diff --git a/tags/p/package-contains-info-dir-file.tag b/tags/p/package-contains-info-dir-file.tag new file mode 100644 index 0000000..7354361 --- /dev/null +++ b/tags/p/package-contains-info-dir-file.tag @@ -0,0 +1,10 @@ +Tag: package-contains-info-dir-file +Severity: error +Check: documentation +Explanation: This package contains a file named <code>dir</code> or <code>dir.old</code>, + possibly compressed, in <code>/usr/share/info</code>. This is the directory + (or backup) of info pages and is generated automatically by install-info + when a package containing info documentation is installed. Some upstream + build systems create it automatically, but it must not be included in a + package since it needs to be generated dynamically based on the installed + info files on the system. diff --git a/tags/p/package-contains-linda-override.tag b/tags/p/package-contains-linda-override.tag new file mode 100644 index 0000000..6e4cc37 --- /dev/null +++ b/tags/p/package-contains-linda-override.tag @@ -0,0 +1,7 @@ +Tag: package-contains-linda-override +Severity: warning +Check: linda +Explanation: This package contains a linda override file in + <code>/usr/share/linda/overrides</code>. Linda is obsolete and has been + removed from the archive as of 2008-03-04. Linda overrides should + probably be dropped from packages. diff --git a/tags/p/package-contains-mime-cache-file.tag b/tags/p/package-contains-mime-cache-file.tag new file mode 100644 index 0000000..3165e3b --- /dev/null +++ b/tags/p/package-contains-mime-cache-file.tag @@ -0,0 +1,9 @@ +Tag: package-contains-mime-cache-file +Severity: error +Check: mimeinfo +Explanation: This package contains a cache file generated automatically by + update-mime-database when a package containing MIME-Info Database + files is installed. Some upstream build systems create them + automatically, but they must not be included in a package since they need + to be generated dynamically based on the installed MIME-Info Database + files on the system. diff --git a/tags/p/package-contains-mime-file-outside-package-dir.tag b/tags/p/package-contains-mime-file-outside-package-dir.tag new file mode 100644 index 0000000..f56c274 --- /dev/null +++ b/tags/p/package-contains-mime-file-outside-package-dir.tag @@ -0,0 +1,10 @@ +Tag: package-contains-mime-file-outside-package-dir +Severity: error +Check: mimeinfo +See-Also: Bug#761649, /usr/share/doc/shared-mime-info/ +Explanation: This package contains a file in a path reserved solely for + mime cache file. + . + /usr/share/mime/ files are cache generated from + /usr/share/mime/packages/. Thus file under /usr/share/mime/ + should not be installed diff --git a/tags/p/package-contains-mimeinfo.cache-file.tag b/tags/p/package-contains-mimeinfo.cache-file.tag new file mode 100644 index 0000000..fbc4e98 --- /dev/null +++ b/tags/p/package-contains-mimeinfo.cache-file.tag @@ -0,0 +1,10 @@ +Tag: package-contains-mimeinfo.cache-file +Severity: error +Check: mimeinfo +Explanation: This package contains a file named <code>mimeinfo.cache</code>, + possibly compressed, in <code>/usr/share/applications</code>. This file is + generated automatically by update-desktop-database when a package + containing <code>.desktop</code> files associated to MIME types is installed. + Some upstream build systems create it automatically, but it must not be + included in a package since it needs to be generated dynamically based on + the installed .desktop files on the system. diff --git a/tags/p/package-contains-multiple-dpi-fonts.tag b/tags/p/package-contains-multiple-dpi-fonts.tag new file mode 100644 index 0000000..9c342a8 --- /dev/null +++ b/tags/p/package-contains-multiple-dpi-fonts.tag @@ -0,0 +1,9 @@ +Tag: package-contains-multiple-dpi-fonts +Severity: warning +Check: desktop/x11 +See-Also: debian-policy 11.8.5 +Explanation: This package contains both 100dpi and 75dpi bitmapped fonts. Both + versions should not be included in a single package. If both resolutions + are available, they should be provided in separate binary packages with + <code>-75dpi</code> or <code>-100dpi</code> appended to the package name for the + corresponding fonts. diff --git a/tags/p/package-contains-no-arch-dependent-files.tag b/tags/p/package-contains-no-arch-dependent-files.tag new file mode 100644 index 0000000..2c9a8a0 --- /dev/null +++ b/tags/p/package-contains-no-arch-dependent-files.tag @@ -0,0 +1,9 @@ +Tag: package-contains-no-arch-dependent-files +Severity: info +Check: files/architecture +Experimental: yes +Explanation: All files in this package are architecture-independent, + but the package is not marked <code>Architecture: all</code>. + . + The package should probably be marked <code>Architecture: all</code>. +See-Also: debian-policy 5.6.8 diff --git a/tags/p/package-contains-npm-ignore-file.tag b/tags/p/package-contains-npm-ignore-file.tag new file mode 100644 index 0000000..723ac4f --- /dev/null +++ b/tags/p/package-contains-npm-ignore-file.tag @@ -0,0 +1,9 @@ +Tag: package-contains-npm-ignore-file +Severity: error +Check: files/names +Explanation: The package ships an <code>.npmignore</code> file. It is a + configuration file for the <code>Node.js</code> package manager. + It is not needed in a Debian package. + . + The file tells the <code>npm</code> command to keep files out of + a <code>node</code> package. Please remove it from your package. diff --git a/tags/p/package-contains-python-coverage-file.tag b/tags/p/package-contains-python-coverage-file.tag new file mode 100644 index 0000000..0bafff0 --- /dev/null +++ b/tags/p/package-contains-python-coverage-file.tag @@ -0,0 +1,11 @@ +Tag: package-contains-python-coverage-file +Severity: warning +Check: files/names +Explanation: The package contains a file that looks like output from the Python + coverage.py tool. These are generated by python{,3}-coverage during a test + run, noting which parts of the code have been executed. They can then be + subsequently analyzed to identify code that could have been executed but was + not. + . + As they are unlikely to be of utility to end-users, these files should not + be shipped in the final binary package. diff --git a/tags/p/package-contains-python-doctree-file.tag b/tags/p/package-contains-python-doctree-file.tag new file mode 100644 index 0000000..cd77238 --- /dev/null +++ b/tags/p/package-contains-python-doctree-file.tag @@ -0,0 +1,29 @@ +Tag: package-contains-python-doctree-file +Severity: warning +Check: files/names +Explanation: This package appears to contain a pickled cache of reStructuredText + (*.rst) documentation in a <code>.doctree</code> file. + . + These are not needed to display the documentation correctly and as they can + contain absolute build paths can affect the reproducibility of the package. + . + The easiest way to prevent this is to use the <code>--with=sphinxdoc</code> + debhelper sequence or to add an explicit call to + <code>dh_sphinxdoc</code>. This will then require a dependency on + <code>${sphinxdoc:Depends}</code> for the relevant binary package. + . + Either prevent the installation of the <code>.doctree</code> file (or parent + <code>doctrees</code> directory if there is one) or pass the <code>-d</code> + option to <code>sphinx-build(1)</code> to create the caches elsewhere. + . + For example: + . + override_dh_auto_build: + dh_auto_build + PYTHONPATH=. sphinx-build -bman docs/ -d debian/doctrees docs/build/html + PYTHONPATH=. sphinx-build -bhtml docs/ -d debian/doctrees docs/build/html + . + override_dh_auto_clean: + dh_auto_clean + rm -rf debian/doctrees +See-Also: http://sphinx-doc.org/invocation.html#cmdoption-sphinx-build-d diff --git a/tags/p/package-contains-python-dot-directory.tag b/tags/p/package-contains-python-dot-directory.tag new file mode 100644 index 0000000..727c761 --- /dev/null +++ b/tags/p/package-contains-python-dot-directory.tag @@ -0,0 +1,12 @@ +Tag: package-contains-python-dot-directory +Severity: warning +Check: files/names +Explanation: The package contains files left over from a Python build + process, such as cached output from <code>pytest</code>. + . + Users of your package probably do not need the files. Please rebuild + your package with a newer version of <code>pybuild/dh-python</code>. + Many of the files will disappear. + . + Usually, the files contain time-stamped data. They will prevent your + package from being reproducible. diff --git a/tags/p/package-contains-python-header-in-incorrect-directory.tag b/tags/p/package-contains-python-header-in-incorrect-directory.tag new file mode 100644 index 0000000..50bc667 --- /dev/null +++ b/tags/p/package-contains-python-header-in-incorrect-directory.tag @@ -0,0 +1,14 @@ +Tag: package-contains-python-header-in-incorrect-directory +Severity: error +Check: files/names +Explanation: This package ships a header file such as + <code>/usr/include/python3.7/foo/bar.h</code>. However, + <code>/usr/include/python3.7</code> is a symlink to <code>python3.7m</code> in + <code>libpython3.7-dev</code>. + . + This may result in silent file overwrites or, depending on the unpacking + order (if <code>/usr/include/python3.7</code> is a directory), separating + the headers into two independent trees. + . + These header files should be shipped in + <code>/usr/include/python3.7m</code> instead. diff --git a/tags/p/package-contains-python-hypothesis-example.tag b/tags/p/package-contains-python-hypothesis-example.tag new file mode 100644 index 0000000..44a8ae0 --- /dev/null +++ b/tags/p/package-contains-python-hypothesis-example.tag @@ -0,0 +1,17 @@ +Tag: package-contains-python-hypothesis-example +Severity: warning +Check: files/names +Explanation: This package appears to contain the output of running a Python + "Hypothesis" testsuite. + . + These are not useful in the binary package or to end-users. In addition, + as they contain random/non-determinstic contents, they can affect the + reproducibility of the package. + . + You can disable generation of these files by, for example: + . + export HYPOTHESIS_DATABASE_FILE = $(CURDIR)/debian/hypothesis + . + override_dh_auto_clean: + dh_auto_clean + rm -rf $(CURDIR)/debian/hypothesis diff --git a/tags/p/package-contains-python-tests-in-global-namespace.tag b/tags/p/package-contains-python-tests-in-global-namespace.tag new file mode 100644 index 0000000..eec3327 --- /dev/null +++ b/tags/p/package-contains-python-tests-in-global-namespace.tag @@ -0,0 +1,12 @@ +Tag: package-contains-python-tests-in-global-namespace +Severity: warning +Check: files/names +Explanation: This package appears to contain Python test files such as + <code>test_foo.py</code> or <code>test_foo/</code> in the global module + namespace. + . + Whilst the tests may be useful in the binary package, it is probably a + mistake to pollute the "top-level" namespace in this way. + . + Please install them to a subdirectory of the module being tested + instead or simply omit from the binary package entirely. diff --git a/tags/p/package-contains-readme-for-other-platform-or-distro.tag b/tags/p/package-contains-readme-for-other-platform-or-distro.tag new file mode 100644 index 0000000..c29fe8d --- /dev/null +++ b/tags/p/package-contains-readme-for-other-platform-or-distro.tag @@ -0,0 +1,8 @@ +Tag: package-contains-readme-for-other-platform-or-distro +Severity: warning +Check: documentation +Explanation: package contains a README.(platform) file that contains instructions + specific to a platform or distribution other than Debian and thus can + most likely be removed. If it contains information that pertains to + Debian, please consider renaming it, or including it in an already + existing README file. diff --git a/tags/p/package-contains-sass-cache-directory.tag b/tags/p/package-contains-sass-cache-directory.tag new file mode 100644 index 0000000..02a5733 --- /dev/null +++ b/tags/p/package-contains-sass-cache-directory.tag @@ -0,0 +1,17 @@ +Tag: package-contains-sass-cache-directory +Severity: warning +Check: files/names +Explanation: This package appears to ship a <code>.sass-cache/</code> directory, + the result of running a the "Sass" utility that compiles CSS from SASS + or SCSS files. + . + These are not useful in the binary package or to end-users. In + addition, as they contain random/non-determinstic contents or + filenames they can affect the reproducibility of the package. + . + Please ensure they are removed prior to final package build. For + example, with: + . + override_dh_install: + dh_install -X.sass-cache +See-Also: https://reproducible-builds.org/, Bug#920595 diff --git a/tags/p/package-contains-thumbnails-dir.tag b/tags/p/package-contains-thumbnails-dir.tag new file mode 100644 index 0000000..2ebe714 --- /dev/null +++ b/tags/p/package-contains-thumbnails-dir.tag @@ -0,0 +1,6 @@ +Tag: package-contains-thumbnails-dir +Severity: error +Check: images/thumbnails +Explanation: Package contains a .thumbnails directory. It was most likely installed by + accident, since thumbnails usually don't belong in packages. +See-Also: https://specifications.freedesktop.org/thumbnail-spec/thumbnail-spec-latest.html diff --git a/tags/p/package-contains-timestamped-gzip.tag b/tags/p/package-contains-timestamped-gzip.tag new file mode 100644 index 0000000..93f4094 --- /dev/null +++ b/tags/p/package-contains-timestamped-gzip.tag @@ -0,0 +1,9 @@ +Tag: package-contains-timestamped-gzip +Severity: warning +Check: files/compressed/gz +Explanation: The package contains a gzip-compressed file that has timestamps. + Such files make the packages unreproducible, because their + contents depend on the time when the package was built. + . + Please consider passing the "-n" flag to gzip to avoid this. +See-Also: https://wiki.debian.org/ReproducibleBuilds diff --git a/tags/p/package-contains-unsafe-symlink.tag b/tags/p/package-contains-unsafe-symlink.tag new file mode 100644 index 0000000..72f11d6 --- /dev/null +++ b/tags/p/package-contains-unsafe-symlink.tag @@ -0,0 +1,6 @@ +Tag: package-contains-unsafe-symlink +Severity: error +Check: files/symbolic-links/broken +Explanation: The package contains an unsafe symlink. If followed, + the link will escape the package root. +See-Also: debian-policy 10.5 diff --git a/tags/p/package-contains-upstream-installation-documentation.tag b/tags/p/package-contains-upstream-installation-documentation.tag new file mode 100644 index 0000000..1e13fdb --- /dev/null +++ b/tags/p/package-contains-upstream-installation-documentation.tag @@ -0,0 +1,8 @@ +Tag: package-contains-upstream-installation-documentation +Severity: warning +Check: documentation +See-Also: debian-policy 12.3 +Explanation: Binary packages do not need to contain the instructions for building + and installing the package as this info is not needed by package users. + If the info contained is important for configuration perhaps it could be + summarized in README.Debian, otherwise an override may be added. diff --git a/tags/p/package-contains-usr-unmerged-pathnames.tag b/tags/p/package-contains-usr-unmerged-pathnames.tag new file mode 100644 index 0000000..68c9f9d --- /dev/null +++ b/tags/p/package-contains-usr-unmerged-pathnames.tag @@ -0,0 +1,17 @@ +Tag: package-contains-usr-unmerged-pathnames +Severity: classification +Check: files/usr-merge +Explanation: The package installs the listed file to a directory in / (the + filesystem root) rather than to the corresponding directory inside /usr. + . + Debian requires systems to mount /usr prior to invoking init (using an + initramfs if necessary) so any executables, libraries, or other files + placed in / for use by early portions of the system init no longer need + to do so. + . + Moving a file from / to /usr (especially an executable in /bin or + /sbin) will often require a compatibility symlink to the new location, + as other software may invoke it by absolute path. + . + A compatibility symlink to the corresponding file in /usr will not + trigger this warning but a symlink to anywhere else will. diff --git a/tags/p/package-contains-vcs-control-dir.tag b/tags/p/package-contains-vcs-control-dir.tag new file mode 100644 index 0000000..a6ad53b --- /dev/null +++ b/tags/p/package-contains-vcs-control-dir.tag @@ -0,0 +1,6 @@ +Tag: package-contains-vcs-control-dir +Severity: warning +Check: files/vcs +Explanation: The package contains a control directory for a version control system. + It was most likely installed by accident, since version control directories + usually don't belong in packages. diff --git a/tags/p/package-contains-vcs-control-file.tag b/tags/p/package-contains-vcs-control-file.tag new file mode 100644 index 0000000..47f5a36 --- /dev/null +++ b/tags/p/package-contains-vcs-control-file.tag @@ -0,0 +1,8 @@ +Tag: package-contains-vcs-control-file +Severity: warning +Check: files/vcs +Explanation: The package contains a VCS control file such as .(cvs|git|hg)ignore. + Files such as these are used by revision control systems to, for example, + specify untracked files it should ignore or inventory files. This file + is generally useless in an installed package and was probably installed + by accident. diff --git a/tags/p/package-contains-xvpics-dir.tag b/tags/p/package-contains-xvpics-dir.tag new file mode 100644 index 0000000..2b68ecb --- /dev/null +++ b/tags/p/package-contains-xvpics-dir.tag @@ -0,0 +1,5 @@ +Tag: package-contains-xvpics-dir +Severity: error +Check: images/thumbnails +Explanation: Package contains a .xvpics directory. It was most likely installed by + accident, since thumbnails usually don't belong in packages. diff --git a/tags/p/package-depends-on-an-x-font-package.tag b/tags/p/package-depends-on-an-x-font-package.tag new file mode 100644 index 0000000..7291d85 --- /dev/null +++ b/tags/p/package-depends-on-an-x-font-package.tag @@ -0,0 +1,10 @@ +Tag: package-depends-on-an-x-font-package +Severity: error +Check: fields/package-relations +Explanation: Packages must not depend on X Window System font packages. + . + If one or more of the fonts so packaged are necessary for proper operation + of the package with which they are associated the font package may be + Recommended; if the fonts merely provide an enhancement, a Suggests + relationship may be used. +See-Also: debian-policy 11.8.5 diff --git a/tags/p/package-depends-on-hardcoded-libc.tag b/tags/p/package-depends-on-hardcoded-libc.tag new file mode 100644 index 0000000..f3fe4f5 --- /dev/null +++ b/tags/p/package-depends-on-hardcoded-libc.tag @@ -0,0 +1,6 @@ +Tag: package-depends-on-hardcoded-libc +Severity: warning +Check: substvars/libc +Explanation: The package depends directly on <code>libc</code>. Please use + only the substitution variables <code>${shlibs:Depends}</code> in the relevant + stanza in the <code>debian/control</code> file. diff --git a/tags/p/package-depends-on-multiple-libpng-versions.tag b/tags/p/package-depends-on-multiple-libpng-versions.tag new file mode 100644 index 0000000..f187e3d --- /dev/null +++ b/tags/p/package-depends-on-multiple-libpng-versions.tag @@ -0,0 +1,6 @@ +Tag: package-depends-on-multiple-libpng-versions +Severity: error +Check: fields/package-relations +Explanation: The package seems to declare several relations to a libpng version. + This is not only sloppy but in the case of libraries, it may well break + the runtime execution of programs. diff --git a/tags/p/package-depends-on-multiple-libstdc-versions.tag b/tags/p/package-depends-on-multiple-libstdc-versions.tag new file mode 100644 index 0000000..3136857 --- /dev/null +++ b/tags/p/package-depends-on-multiple-libstdc-versions.tag @@ -0,0 +1,6 @@ +Tag: package-depends-on-multiple-libstdc-versions +Severity: error +Check: fields/package-relations +Explanation: The package seems to declare several relations to a libstdc version. + This is not only sloppy but in the case of libraries, it may well break + the runtime execution of programs. diff --git a/tags/p/package-depends-on-multiple-tcl-versions.tag b/tags/p/package-depends-on-multiple-tcl-versions.tag new file mode 100644 index 0000000..13ee51f --- /dev/null +++ b/tags/p/package-depends-on-multiple-tcl-versions.tag @@ -0,0 +1,6 @@ +Tag: package-depends-on-multiple-tcl-versions +Severity: error +Check: fields/package-relations +Explanation: The package seems to declare several relations to a tcl version. + This is not only sloppy but in the case of libraries, it may well break + the runtime execution of programs. diff --git a/tags/p/package-depends-on-multiple-tclx-versions.tag b/tags/p/package-depends-on-multiple-tclx-versions.tag new file mode 100644 index 0000000..bb01a6e --- /dev/null +++ b/tags/p/package-depends-on-multiple-tclx-versions.tag @@ -0,0 +1,6 @@ +Tag: package-depends-on-multiple-tclx-versions +Severity: error +Check: fields/package-relations +Explanation: The package seems to declare several relations to a tclx version. + This is not only sloppy but in the case of libraries, it may well break + the runtime execution of programs. diff --git a/tags/p/package-depends-on-multiple-tk-versions.tag b/tags/p/package-depends-on-multiple-tk-versions.tag new file mode 100644 index 0000000..24a9075 --- /dev/null +++ b/tags/p/package-depends-on-multiple-tk-versions.tag @@ -0,0 +1,6 @@ +Tag: package-depends-on-multiple-tk-versions +Severity: error +Check: fields/package-relations +Explanation: The package seems to declare several relations to a tk version. + This is not only sloppy but in the case of libraries, it may well break + the runtime execution of programs. diff --git a/tags/p/package-does-not-install-examples.tag b/tags/p/package-does-not-install-examples.tag new file mode 100644 index 0000000..01b43d9 --- /dev/null +++ b/tags/p/package-does-not-install-examples.tag @@ -0,0 +1,25 @@ +Tag: package-does-not-install-examples +Severity: pedantic +Check: examples +Explanation: The original source tarball contains the specified examples + directory. However, no examples are installed in any binary packages. + . + Please use <code>dh_installexamples</code> to install these to the most + relevant package, for example by adding the directory name followed + by a wildcard to a <code>debian/pkgname.examples</code> file. + . + Lintian looks for any directory called <code>examples</code> under + <code>/usr/share/doc</code> in all binary packages. +See-Also: + dh_installexamples(1) + +Screen: examples/in-tests +Advocates: Scott Kitterman <debian@kitterman.com> +Reason: + Some sources like python-tomlkit trigger this tag for tests because of files + in ./tests/examples/. They are not examples for tomlkit, however. They are + examples of TOML files used in the tests. + . + Overall, the check is probably better off not looking in test directories. +See-Also: + Bug#1005184 diff --git a/tags/p/package-does-not-use-debhelper-or-cdbs.tag b/tags/p/package-does-not-use-debhelper-or-cdbs.tag new file mode 100644 index 0000000..4f43b57 --- /dev/null +++ b/tags/p/package-does-not-use-debhelper-or-cdbs.tag @@ -0,0 +1,11 @@ +Tag: package-does-not-use-debhelper-or-cdbs +Severity: pedantic +Check: debhelper +Explanation: This package does not appear to use a build system helper such as + debhelper or cdbs. + . + It is recommended that packages use such tools as they avoid a large + number of common errors and tedious boilerplate as well as permit + distribution-wide changes to packages and reduce the "bus factor" & + barriers to entry from external contributors. +See-Also: debhelper(7), dh(1), https://build-common.alioth.debian.org/ diff --git a/tags/p/package-file-is-executable.tag b/tags/p/package-file-is-executable.tag new file mode 100644 index 0000000..94429c1 --- /dev/null +++ b/tags/p/package-file-is-executable.tag @@ -0,0 +1,10 @@ +Tag: package-file-is-executable +Severity: warning +Check: debhelper +Explanation: The named packaging file is executable. + . + There is no reason to make the <code>control</code>, <code>changelog</code> + or <code>copyright</code> files executable. + . + You will also see this tag for a Debhelper-related packaging file that is + marked executable while using a <code>compat</code> level below 9. diff --git a/tags/p/package-has-long-file-name.tag b/tags/p/package-has-long-file-name.tag new file mode 100644 index 0000000..2e92178 --- /dev/null +++ b/tags/p/package-has-long-file-name.tag @@ -0,0 +1,12 @@ +Tag: package-has-long-file-name +Severity: warning +Check: archive/file/name/length +Explanation: The package has a very long filename. This may complicate + shipping the package on some media that put restrictions on the + length of the filenames (such as CDs). + . + For architecture dependent packages, the tag is emitted based on the + length of the longest architecture name rather than the name of the + current architecture. +See-Also: + https://lists.debian.org/debian-devel/2011/03/msg00943.html diff --git a/tags/p/package-has-unnecessary-activation-of-ldconfig-trigger.tag b/tags/p/package-has-unnecessary-activation-of-ldconfig-trigger.tag new file mode 100644 index 0000000..edd531c --- /dev/null +++ b/tags/p/package-has-unnecessary-activation-of-ldconfig-trigger.tag @@ -0,0 +1,12 @@ +Tag: package-has-unnecessary-activation-of-ldconfig-trigger +Severity: warning +Check: libraries/shared/trigger/ldconfig +Explanation: The package activates the ldconfig trigger even though no shared + libraries are installed in a directory controlled by the dynamic + library loader. + . + Note this may be triggered by a bug in debhelper, that causes it to + auto-generate an ldconfig trigger for packages that do not need it. +See-Also: + debian-policy 8.1.1, + Bug#204975 diff --git a/tags/p/package-installs-apt-keyring.tag b/tags/p/package-installs-apt-keyring.tag new file mode 100644 index 0000000..fe4b439 --- /dev/null +++ b/tags/p/package-installs-apt-keyring.tag @@ -0,0 +1,13 @@ +Tag: package-installs-apt-keyring +Severity: error +Check: apt +See-Also: apt-key(8) +Explanation: Debian packages should not install files under + <code>/etc/apt/trusted.gpg.d/</code> or install an + <code>/etc/apt/trusted.gpg</code> file. + . + Trusted keyrings are under the control of the local administrator and + packages should not override local administrator choices. + . + Packages whose names end in <code>-apt-source</code> or + <code>-archive-keyring</code> are permitted to install such files. diff --git a/tags/p/package-installs-apt-preferences.tag b/tags/p/package-installs-apt-preferences.tag new file mode 100644 index 0000000..433b0f8 --- /dev/null +++ b/tags/p/package-installs-apt-preferences.tag @@ -0,0 +1,10 @@ +Tag: package-installs-apt-preferences +Severity: error +Check: apt +See-Also: apt_preferences(5) +Explanation: Debian packages should not install files under <code>/etc/apt/preferences.d/</code> or install an /etc/apt/preferences file. + This directory is under the control of the local administrator. + . + Package should not override local administrator choices. +Renamed-From: + package-install-apt-preferences diff --git a/tags/p/package-installs-apt-sources.tag b/tags/p/package-installs-apt-sources.tag new file mode 100644 index 0000000..464438a --- /dev/null +++ b/tags/p/package-installs-apt-sources.tag @@ -0,0 +1,17 @@ +Tag: package-installs-apt-sources +Severity: error +Check: apt +See-Also: sources.list(5) +Explanation: Debian packages should not install files under + <code>/etc/apt/sources.list.d/</code> or install an + <code>/etc/apt/sources.list</code> file. + . + The selection of installation sources is under the control of the + local administrator. Packages are generally not allowed to change + the administrator's choices. + . + As a limited exception for the convenience of administrators, + packages whose names end in the clearly named + <code>-apt-source</code> are permitted to install such files. +Renamed-From: + package-install-apt-sources diff --git a/tags/p/package-installs-deprecated-upstart-configuration.tag b/tags/p/package-installs-deprecated-upstart-configuration.tag new file mode 100644 index 0000000..c2ab7cf --- /dev/null +++ b/tags/p/package-installs-deprecated-upstart-configuration.tag @@ -0,0 +1,9 @@ +Tag: package-installs-deprecated-upstart-configuration +Severity: warning +Check: files/init +Explanation: The package installs files into the <code>/etc/init</code> + directory which is used by Upstart, a replacement for the <code>/sbin/init</code> + daemon which handles starting of tasks and services during boot, etc. + . + However, Upstart was removed in Debian "stretch" and these files are thus no + longer useful and should be removed. diff --git a/tags/p/package-installs-file-to-usr-x11r6.tag b/tags/p/package-installs-file-to-usr-x11r6.tag new file mode 100644 index 0000000..3712741 --- /dev/null +++ b/tags/p/package-installs-file-to-usr-x11r6.tag @@ -0,0 +1,12 @@ +Tag: package-installs-file-to-usr-x11r6 +Severity: error +Check: desktop/x11 +Explanation: Packages using the X Window System should not be configured to install + files under the /usr/X11R6/ directory. Debian has switched to the modular + X tree which now uses regular FHS paths and all packages should follow. + . + Programs that use GNU autoconf and automake are usually easily configured + at compile time to use /usr/ instead of /usr/X11R6/. Packages that use + imake must build-depend on xutils-dev (>= 1:1.0.2-2) for the correct + paths. +See-Also: debian-policy 11.8.7 diff --git a/tags/p/package-installs-ieee-data.tag b/tags/p/package-installs-ieee-data.tag new file mode 100644 index 0000000..ca9344d --- /dev/null +++ b/tags/p/package-installs-ieee-data.tag @@ -0,0 +1,13 @@ +Tag: package-installs-ieee-data +Severity: error +Check: files/ieee-data +See-Also: Bug#785662 +Explanation: Debian package should not install ieee oui.txt or iab.txt file + These files are shipped in the package ieee-data and package should + depends on the ieee-data instead of shipping these files. + . + Package should symlinks to /usr/share/ieee-data/iab.txt or + /usr/share/ieee-data/oui.txt. Moreover, you should also + depends on ieee-data package. +Renamed-From: + package-install-ieee-data diff --git a/tags/p/package-installs-into-etc-gconf-schemas.tag b/tags/p/package-installs-into-etc-gconf-schemas.tag new file mode 100644 index 0000000..f54e248 --- /dev/null +++ b/tags/p/package-installs-into-etc-gconf-schemas.tag @@ -0,0 +1,7 @@ +Tag: package-installs-into-etc-gconf-schemas +Severity: warning +Check: desktop/gnome +Explanation: The package installs files into the <code>/etc/gconf/schemas</code> + directory. No package should do this; this directory is reserved for + local overrides. Instead, schemas should be installed into + <code>/usr/share/gconf/schemas</code>. diff --git a/tags/p/package-installs-into-etc-rc.boot.tag b/tags/p/package-installs-into-etc-rc.boot.tag new file mode 100644 index 0000000..9a6c841 --- /dev/null +++ b/tags/p/package-installs-into-etc-rc.boot.tag @@ -0,0 +1,6 @@ +Tag: package-installs-into-etc-rc.boot +Severity: error +Check: files/init +Explanation: The package installs files in the <code>/etc/rc.boot</code> directory, + which is obsolete. +See-Also: debian-policy 9.3.4 diff --git a/tags/p/package-installs-into-etc-rc.d.tag b/tags/p/package-installs-into-etc-rc.d.tag new file mode 100644 index 0000000..f36734c --- /dev/null +++ b/tags/p/package-installs-into-etc-rc.d.tag @@ -0,0 +1,6 @@ +Tag: package-installs-into-etc-rc.d +Severity: error +Check: files/init +Explanation: The package installs files into the <code>/etc/rc.d</code> or + <code>/etc/rc?.d</code> which is not allowed. +See-Also: debian-policy 9.3.3 diff --git a/tags/p/package-installs-into-obsolete-dir.tag b/tags/p/package-installs-into-obsolete-dir.tag new file mode 100644 index 0000000..d30d16f --- /dev/null +++ b/tags/p/package-installs-into-obsolete-dir.tag @@ -0,0 +1,7 @@ +Tag: package-installs-into-obsolete-dir +Severity: warning +Check: files/obsolete-paths +Explanation: The package installs files to an obsolete directory. + Please use a newer path. +Renamed-From: + package-install-into-obsolete-dir diff --git a/tags/p/package-installs-java-bytecode.tag b/tags/p/package-installs-java-bytecode.tag new file mode 100644 index 0000000..0fbb752 --- /dev/null +++ b/tags/p/package-installs-java-bytecode.tag @@ -0,0 +1,8 @@ +Tag: package-installs-java-bytecode +Severity: warning +Check: languages/java/bytecode +See-Also: java-policy 2 +Explanation: Compiled Java source files must not be included in the package. + This is likely due to a packaging mistake. These files should be + removed from the installed package or included in <code>.jar</code> + archives to save space. diff --git a/tags/p/package-installs-nonbinary-perl-in-usr-lib-perl5.tag b/tags/p/package-installs-nonbinary-perl-in-usr-lib-perl5.tag new file mode 100644 index 0000000..0061d3f --- /dev/null +++ b/tags/p/package-installs-nonbinary-perl-in-usr-lib-perl5.tag @@ -0,0 +1,8 @@ +Tag: package-installs-nonbinary-perl-in-usr-lib-perl5 +Severity: warning +Check: languages/perl +Explanation: Architecture-independent Perl code should be placed in + <code>/usr/share/perl5</code>, not <code>/usr/lib/.../perl5</code> + unless there is at least one architecture-dependent file + in the module. +See-Also: perl-policy 2.3 diff --git a/tags/p/package-installs-packlist.tag b/tags/p/package-installs-packlist.tag new file mode 100644 index 0000000..3eb3043 --- /dev/null +++ b/tags/p/package-installs-packlist.tag @@ -0,0 +1,16 @@ +Tag: package-installs-packlist +Severity: error +Check: languages/perl +Explanation: Packages built using the perl MakeMaker package will have a file + named .packlist in them. Those files are useless, and (in some cases) + have the additional problem of creating an architecture-specific + directory name in an architecture-independent package. + . + They can be suppressed by adding the following to <code>debian/rules</code>: + . + find debian/*pkg* -type f -name .packlist -delete + . + or by telling MakeMaker to use vendor install dirs; consult a recent + version of Perl policy. Perl 5.6.0-12 or higher supports this. +See-Also: + perl-policy 4.1 diff --git a/tags/p/package-installs-perllocal-pod.tag b/tags/p/package-installs-perllocal-pod.tag new file mode 100644 index 0000000..fc36f77 --- /dev/null +++ b/tags/p/package-installs-perllocal-pod.tag @@ -0,0 +1,8 @@ +Tag: package-installs-perllocal-pod +Severity: warning +Check: languages/perl +Explanation: This package installs a file <code>perllocal.pod</code>. Since that + file is intended for local documentation, it is not likely that it is + a good place for documentation supplied by a Debian package. In fact, + installing this package will wipe out whatever local documentation + existed there. diff --git a/tags/p/package-installs-python-bytecode.tag b/tags/p/package-installs-python-bytecode.tag new file mode 100644 index 0000000..65e5325 --- /dev/null +++ b/tags/p/package-installs-python-bytecode.tag @@ -0,0 +1,7 @@ +Tag: package-installs-python-bytecode +Severity: error +Check: languages/python +See-Also: python-policy 3.7 +Explanation: Compiled Python source files must not be included in the package. + These files should be removed from the package and created at package + installation time in the postinst. diff --git a/tags/p/package-installs-python-egg.tag b/tags/p/package-installs-python-egg.tag new file mode 100644 index 0000000..dc8435b --- /dev/null +++ b/tags/p/package-installs-python-egg.tag @@ -0,0 +1,8 @@ +Tag: package-installs-python-egg +Severity: error +Check: languages/python +See-Also: python-policy 3.7 +Explanation: Python eggs should not be installed, since the Debian package is + supposed to do the required steps for installing the Python code. + . + The egg may contain pre-compiled Python bytecode or shared libraries. diff --git a/tags/p/package-installs-python-pycache-dir.tag b/tags/p/package-installs-python-pycache-dir.tag new file mode 100644 index 0000000..b15c91e --- /dev/null +++ b/tags/p/package-installs-python-pycache-dir.tag @@ -0,0 +1,11 @@ +Tag: package-installs-python-pycache-dir +Severity: error +Check: languages/python +See-Also: python-policy 3.7 +Explanation: The package installs a __pycache__ + directory, which is normally + only used to store compiled Python source files. Compiled Python + source files must not be included in the package, instead they + should be generated at installation time in the postinst. + . + Note this tag is issues even if the directory is empty. diff --git a/tags/p/package-is-co-maintained.tag b/tags/p/package-is-co-maintained.tag new file mode 100644 index 0000000..abf00e9 --- /dev/null +++ b/tags/p/package-is-co-maintained.tag @@ -0,0 +1,6 @@ +Tag: package-is-co-maintained +Severity: classification +Check: fields/vcs +Explanation: The package is co-maintained but not team-maintained + according to the maintainer/uploaders fields in the + <code>debian/control</code> file. diff --git a/tags/p/package-is-maintained-by-individual.tag b/tags/p/package-is-maintained-by-individual.tag new file mode 100644 index 0000000..6155564 --- /dev/null +++ b/tags/p/package-is-maintained-by-individual.tag @@ -0,0 +1,5 @@ +Tag: package-is-maintained-by-individual +Severity: classification +Check: fields/vcs +Explanation: The package is maintained by an individual according to the + maintainer/uploaders fields in the <code>debian/control</code> file. diff --git a/tags/p/package-is-team-maintained.tag b/tags/p/package-is-team-maintained.tag new file mode 100644 index 0000000..f07de42 --- /dev/null +++ b/tags/p/package-is-team-maintained.tag @@ -0,0 +1,5 @@ +Tag: package-is-team-maintained +Severity: classification +Check: fields/vcs +Explanation: The package is team-maintained according to the + maintainer/uploaders fields in the <code>debian/control</code> file. diff --git a/tags/p/package-mixes-misc-and-dpi-fonts.tag b/tags/p/package-mixes-misc-and-dpi-fonts.tag new file mode 100644 index 0000000..532f75c --- /dev/null +++ b/tags/p/package-mixes-misc-and-dpi-fonts.tag @@ -0,0 +1,8 @@ +Tag: package-mixes-misc-and-dpi-fonts +Severity: warning +Check: desktop/x11 +See-Also: debian-policy 11.8.5 +Explanation: This package contains both bitmapped fonts for a specific DPI + (100dpi or 75dpi) and misc bitmapped fonts. These should not be combined + in the same package. Instead, the misc bitmapped fonts should be + provided in a separate package with <code>-misc</code> appended to its name. diff --git a/tags/p/package-modifies-ld.so-search-path.tag b/tags/p/package-modifies-ld.so-search-path.tag new file mode 100644 index 0000000..18774c6 --- /dev/null +++ b/tags/p/package-modifies-ld.so-search-path.tag @@ -0,0 +1,15 @@ +Tag: package-modifies-ld.so-search-path +Severity: error +Check: files/ld-so +Explanation: The package changes the search path for the runtime linker, but is + not part of <code>libc</code>. The offending file is in + <code>/etc/ld.so.conf.d</code>. + . + It is not okay to install libraries in a different directory and then + modify the run-time link path. Shared libraries should go into + <code>/usr/lib</code>. Alternatively, they can require binaries to set the + <code>RPATH</code> to find the library. + . + Without this precaution, conflicting libraries may trigger segmentation + faults for what should have been a conflict in the package manager. +See-Also: debian-policy 10.2 diff --git a/tags/p/package-name-defined-in-config-h.tag b/tags/p/package-name-defined-in-config-h.tag new file mode 100644 index 0000000..0723a54 --- /dev/null +++ b/tags/p/package-name-defined-in-config-h.tag @@ -0,0 +1,9 @@ +Tag: package-name-defined-in-config-h +Severity: warning +Check: includes/config-h +Explanation: This package installs a header file named <code>config.h</code> that + uses the identifier PACKAGE_NAME. It is probably incompatible with + packages using autoconf. + . + Please remove the file or rename the identifier. +See-Also: Bug#733598 diff --git a/tags/p/package-name-doesnt-match-sonames.tag b/tags/p/package-name-doesnt-match-sonames.tag new file mode 100644 index 0000000..bb89de8 --- /dev/null +++ b/tags/p/package-name-doesnt-match-sonames.tag @@ -0,0 +1,9 @@ +Tag: package-name-doesnt-match-sonames +Severity: warning +Check: libraries/shared/soname +Explanation: The package name of a library package should usually reflect + the soname of the included library. The package name can determined + from the library file name with the following code snippet: + . + $ objdump -p /path/to/libfoo-bar.so.1.2.3 | sed -n -e's/^[[:space:]]*SONAME[[:space:]]*//p' | \ + sed -r -e's/([0-9])\.so\./\1-/; s/\.so(\.|$)//; y/_/-/; s/(.*)/\L&/' diff --git a/tags/p/package-not-lowercase.tag b/tags/p/package-not-lowercase.tag new file mode 100644 index 0000000..9f39264 --- /dev/null +++ b/tags/p/package-not-lowercase.tag @@ -0,0 +1,5 @@ +Tag: package-not-lowercase +Severity: error +Check: fields/package +Explanation: New packages should not use uppercase characters in their names. +See-Also: debian-policy 5.6.7 diff --git a/tags/p/package-placeholder-in-symbols-file.tag b/tags/p/package-placeholder-in-symbols-file.tag new file mode 100644 index 0000000..52fa2c6 --- /dev/null +++ b/tags/p/package-placeholder-in-symbols-file.tag @@ -0,0 +1,17 @@ +Tag: package-placeholder-in-symbols-file +Severity: warning +Check: debian/symbols +Explanation: The symbols file contains the placeholder <code>#PACKAGE#</code> + in the <code>Build-Depends-Package</code> field. During the build process, it + will be replaced with the wrong value. There is no placeholder that works. + . + The development package for your shared library must be stated explicitly. + . + With the information, <code>dpkg-shlibdeps(1)</code> can calculate the + installation prerequisites for your package from the build prerequisites. +See-Also: + debian-policy 8.6.3.2, + deb-symbols(5), + dpkg-shlibdeps(1), + https://www.debian.org/doc/manuals/maint-guide/advanced.en.html#librarysymbols, + Bug#944047 diff --git a/tags/p/package-relation-with-perl-modules.tag b/tags/p/package-relation-with-perl-modules.tag new file mode 100644 index 0000000..774792b --- /dev/null +++ b/tags/p/package-relation-with-perl-modules.tag @@ -0,0 +1,8 @@ +# Imported from pkg-perl-tools (named depends-on-perl-modules there) +Tag: package-relation-with-perl-modules +Severity: error +Check: fields/package-relations +Explanation: No package should (build-) depend on 'perl-modules'. Instead, a + suitable dependency on 'perl' should be used. The existence of the + perl-modules package is an implementation detail of the perl + packaging. diff --git a/tags/p/package-relation-with-self.tag b/tags/p/package-relation-with-self.tag new file mode 100644 index 0000000..287f49f --- /dev/null +++ b/tags/p/package-relation-with-self.tag @@ -0,0 +1,6 @@ +Tag: package-relation-with-self +Severity: warning +Check: fields/package-relations +Explanation: The package declares a relationship with itself. This is not very + useful except in the case of a package Conflicting with itself if its + package name doubles as a virtual package. diff --git a/tags/p/package-section-games-but-contains-no-game.tag b/tags/p/package-section-games-but-contains-no-game.tag new file mode 100644 index 0000000..ac06b1a --- /dev/null +++ b/tags/p/package-section-games-but-contains-no-game.tag @@ -0,0 +1,7 @@ +Tag: package-section-games-but-contains-no-game +Severity: error +Check: games +See-Also: debian-policy 11.11 +Explanation: This package is marked as part of the section games, but doesn't + contain files in <code>/usr/games</code>. Binaries of games must be installed + in <code>/usr/games</code>. diff --git a/tags/p/package-section-games-but-has-usr-bin.tag b/tags/p/package-section-games-but-has-usr-bin.tag new file mode 100644 index 0000000..674f4c3 --- /dev/null +++ b/tags/p/package-section-games-but-has-usr-bin.tag @@ -0,0 +1,7 @@ +Tag: package-section-games-but-has-usr-bin +Severity: warning +Check: games +See-Also: debian-policy 11.11 +Explanation: This package is marked as part of the section games, but contains + executables in <code>/bin</code> or <code>/usr/bin/</code>. This can be intentional, + but is usually a mistake. diff --git a/tags/p/package-superseded-by-perl.tag b/tags/p/package-superseded-by-perl.tag new file mode 100644 index 0000000..95d2f58 --- /dev/null +++ b/tags/p/package-superseded-by-perl.tag @@ -0,0 +1,12 @@ +Tag: package-superseded-by-perl +Severity: warning +Check: languages/perl/core/provides +Explanation: This package is provided by one of the Perl core packages + (i.e. <code>perl</code>, <code>perl-base</code>, <code>perl-modules</code>). + The version in the core is at least as new as this one. + . + The package should be upgraded to a newer upstream version or be dropped from + the archive. + . + The Perl installable in Debian <code>Provides</code> this package. There is no + longer a need to modify consuming packages. diff --git a/tags/p/package-uses-debhelper-but-lacks-build-depends.tag b/tags/p/package-uses-debhelper-but-lacks-build-depends.tag new file mode 100644 index 0000000..f3f0656 --- /dev/null +++ b/tags/p/package-uses-debhelper-but-lacks-build-depends.tag @@ -0,0 +1,9 @@ +Tag: package-uses-debhelper-but-lacks-build-depends +Severity: error +Check: debhelper +Explanation: If a package uses debhelper, it must declare a Build-Depends + on debhelper or on the debhelper-compat virtual package. For example: + . + Build-Depends: debhelper (>= 13~) + . + Build-Depends: debhelper-compat (= 13) diff --git a/tags/p/package-uses-deprecated-debhelper-compat-version.tag b/tags/p/package-uses-deprecated-debhelper-compat-version.tag new file mode 100644 index 0000000..9c201e5 --- /dev/null +++ b/tags/p/package-uses-deprecated-debhelper-compat-version.tag @@ -0,0 +1,14 @@ +Tag: package-uses-deprecated-debhelper-compat-version +Severity: warning +Check: debhelper +See-Also: debhelper(7) +Explanation: The debhelper compatibility version used by this package is marked + as deprecated by the debhelper developer. You should really consider + using a newer compatibility version. + . + The compatibility version can be set by specifying + <code>debhelper-compat (= 12)</code> in your package's + <code>Build-Depends</code>, by the legacy <code>debian/compat</code> file or + even by setting and exporting DH_COMPAT in <code>debian/rules</code>. If it + is not set in either place, debhelper defaults to the deprecated + compatibility version 1. diff --git a/tags/p/package-uses-deprecated-dpatch-patch-system.tag b/tags/p/package-uses-deprecated-dpatch-patch-system.tag new file mode 100644 index 0000000..a21814d --- /dev/null +++ b/tags/p/package-uses-deprecated-dpatch-patch-system.tag @@ -0,0 +1,9 @@ +Tag: package-uses-deprecated-dpatch-patch-system +Severity: pedantic +Check: debian/patches/dpatch +Explanation: The dpatch patch system has been deprecated and superseded by the + "3.0 (quilt)" source format. + . + Please migrate the patches in the <code>debian/patches</code> directory and + the <code>00list</code> file to use this source format. +See-Also: dpatch(1), dpkg-source(1) diff --git a/tags/p/package-uses-dh-exec-but-lacks-build-depends.tag b/tags/p/package-uses-dh-exec-but-lacks-build-depends.tag new file mode 100644 index 0000000..260848c --- /dev/null +++ b/tags/p/package-uses-dh-exec-but-lacks-build-depends.tag @@ -0,0 +1,5 @@ +Tag: package-uses-dh-exec-but-lacks-build-depends +Severity: error +Check: debhelper +Explanation: If a package uses dh-exec, it must declare a Build-Depends + on it. diff --git a/tags/p/package-uses-dh-runit-but-lacks-breaks-substvar.tag b/tags/p/package-uses-dh-runit-but-lacks-breaks-substvar.tag new file mode 100644 index 0000000..bcee50c --- /dev/null +++ b/tags/p/package-uses-dh-runit-but-lacks-breaks-substvar.tag @@ -0,0 +1,12 @@ +Tag: package-uses-dh-runit-but-lacks-breaks-substvar +Severity: warning +Check: debhelper +Explanation: This source package appears to use <code>dh_runit(1)</code> but the + specified binary package does not define a <code>Breaks:</code> including + the <code>${runit:Breaks}</code> substitution variable. + . + <code>dh_runit(1)</code> may generate scripts that make assumptions about + the version of <code>runit</code> in use. + . + Please add the corresponding <code>Breaks</code> relation. +See-Also: dh_runit(1) diff --git a/tags/p/package-uses-experimental-debhelper-compat-version.tag b/tags/p/package-uses-experimental-debhelper-compat-version.tag new file mode 100644 index 0000000..b5b3016 --- /dev/null +++ b/tags/p/package-uses-experimental-debhelper-compat-version.tag @@ -0,0 +1,14 @@ +Tag: package-uses-experimental-debhelper-compat-version +Severity: pedantic +Check: debhelper +See-Also: debhelper(7) +Explanation: The debhelper compatibility version used by this package is marked + as experimental by the debhelper developer. You should consider using a + stable compatibility version instead. + . + The compatibility version can be set by specifying + <code>debhelper-compat (= 12)</code> in your package's + <code>Build-Depends</code>, by the legacy <code>debian/compat</code> file or + even by setting and exporting DH_COMPAT in <code>debian/rules</code>. If it + is not set in either place, debhelper defaults to the deprecated + compatibility version 1. diff --git a/tags/p/package-uses-local-diversion.tag b/tags/p/package-uses-local-diversion.tag new file mode 100644 index 0000000..5729a57 --- /dev/null +++ b/tags/p/package-uses-local-diversion.tag @@ -0,0 +1,8 @@ +Tag: package-uses-local-diversion +Severity: error +Check: maintainer-scripts/diversion +Explanation: The named maintainer script calls <code>dpkg-divert</code> with + <code>--local</code> or without <code>--package</code>. Those usages are + reserved for local administrators and must not be used by a Debian package. +See-Also: + debian-policy 3.9 diff --git a/tags/p/package-uses-old-debhelper-compat-version.tag b/tags/p/package-uses-old-debhelper-compat-version.tag new file mode 100644 index 0000000..77db29e --- /dev/null +++ b/tags/p/package-uses-old-debhelper-compat-version.tag @@ -0,0 +1,13 @@ +Tag: package-uses-old-debhelper-compat-version +Severity: pedantic +Check: debhelper +Explanation: This package uses a debhelper compatibility level that is no + longer recommended. Please consider using the recommended level. + . + For most packages, the best way to set the compatibility level is + to specify <code>debhelper-compat (= X)</code> as a <code>Build-Depends</code> + in <code>debian/control</code>. You can also use the <code>debian/compat</code> + file or export DH_COMPAT in <code>debian/rules</code>. + . + If no level is selected debhelper defaults to level 1, which is deprecated. +See-Also: debhelper(7) diff --git a/tags/p/package-uses-vendor-specific-patch-series.tag b/tags/p/package-uses-vendor-specific-patch-series.tag new file mode 100644 index 0000000..0ebf3d3 --- /dev/null +++ b/tags/p/package-uses-vendor-specific-patch-series.tag @@ -0,0 +1,25 @@ +Tag: package-uses-vendor-specific-patch-series +Severity: error +Check: debian/patches/quilt +Explanation: The specified series file for patches is vendor-specific. + . + Source packages may contain vendor (i.e. distribution) specific patches, + but such packages must not be uploaded to the Debian archive if they + are used in conjunction with vendor-specific series files. + . + Vendor specific series files were carefully implemented as a <code>dpkg</code> + feature. Unfortunately, they currently conflict with some workflow goals + in Debian. They are presently disallowed in Debian. + . + The preferred approach for distributions other than Debian is now to + apply such patches programmatically via <code>debian/rules</code>. You can + also create multiple, vendor-specific sources and upload them separately + for each distribution. + . + The decision to prohibit the use of that particular <code>dpkg</code> feature + in Debian was made by the project's technical committee in consideration of + other planned workflow modifications, and may be revisited. + . + You should only see this tag in Debian or other distributions when + targeting an upload for Debian. +See-Also: Bug#904302, Bug#922531, https://lists.debian.org/debian-devel-announce/2018/11/msg00004.html diff --git a/tags/p/patch-file-present-but-not-mentioned-in-series.tag b/tags/p/patch-file-present-but-not-mentioned-in-series.tag new file mode 100644 index 0000000..5bfc582 --- /dev/null +++ b/tags/p/patch-file-present-but-not-mentioned-in-series.tag @@ -0,0 +1,14 @@ +Tag: patch-file-present-but-not-mentioned-in-series +Severity: warning +Check: debian/patches/quilt +Explanation: The specified patch is present under the <code>debian/patches</code> + directory but is not mentioned in any "series" or "00list" file. + . + This may mean that a patch was created with the intention of modifying + the package but is not being applied. + . + Please either add the filename to the series file, or ensure it is + commented-out in a form that Lintian can recognise, for example: + . + 0001_fix-foo.patch + # 0002_fix-bar.patch diff --git a/tags/p/patch-modifying-debian-files.tag b/tags/p/patch-modifying-debian-files.tag new file mode 100644 index 0000000..c4dd4c7 --- /dev/null +++ b/tags/p/patch-modifying-debian-files.tag @@ -0,0 +1,10 @@ +Tag: patch-modifying-debian-files +Severity: error +Check: debian/patches/quilt +Explanation: A patch stored in <code>debian/patches/</code> modifies or creates files + in the <code>debian</code> folder, but that folder is already under the + maintainer's exclusive control. + . + It may be more appropriate to patch or create files in the upstream + directory hierarchy, but often it is easier to place a copy in the + <code>debian</code> folder. diff --git a/tags/p/patch-not-forwarded-upstream.tag b/tags/p/patch-not-forwarded-upstream.tag new file mode 100644 index 0000000..c762bf5 --- /dev/null +++ b/tags/p/patch-not-forwarded-upstream.tag @@ -0,0 +1,15 @@ +Tag: patch-not-forwarded-upstream +Severity: info +Check: debian/patches/dep3 +Renamed-From: send-patch +Explanation: According to the DEP-3 headers, this patch has not been forwarded + upstream. + . + Please forward the patch and try to have it included in upstream's version + control system. If the patch is not suitable for that, please mention + <code>not-needed</code> in the <code>Forwarded</code> field of the patch + header. +See-Also: social contract item 2, + developer-reference 3.1.4, + debian-policy 4.3, + Bug#755153 diff --git a/tags/p/patch-system-but-direct-changes-in-diff.tag b/tags/p/patch-system-but-direct-changes-in-diff.tag new file mode 100644 index 0000000..74a4f15 --- /dev/null +++ b/tags/p/patch-system-but-direct-changes-in-diff.tag @@ -0,0 +1,10 @@ +Tag: patch-system-but-direct-changes-in-diff +Severity: warning +Check: debian/patches +Explanation: The package uses a patch system, but the Debian diff.gz contains + changes to files or creation of additional files outside of the + <code>debian</code> directory. This often indicates accidental changes that + weren't meant to be in the package or changes that were supposed to be + separated out into a patch. The package will also more easily support + possible future source package formats if all changes outside the + <code>debian</code> directory are stored as patches. diff --git a/tags/p/patch-system-but-no-source-readme.tag b/tags/p/patch-system-but-no-source-readme.tag new file mode 100644 index 0000000..60fa334 --- /dev/null +++ b/tags/p/patch-system-but-no-source-readme.tag @@ -0,0 +1,13 @@ +Tag: patch-system-but-no-source-readme +Severity: warning +Check: debian/patches +Explanation: This package build-depends on a patch system such as dpatch or + quilt, but there is no <code>debian/README.source</code> file. This file is + recommended for any package where <code>dpkg-source -x</code> does not result + in the preferred form for making modifications to the package. + . + If you are using quilt and the package needs no other special handling + instructions, you may want to add a <code>debian/README.source</code> + referring to <code>/usr/share/doc/quilt/README.source</code>. Similarly, you + can refer to <code>/usr/share/doc/dpatch/README.source.gz</code> for dpatch. +See-Also: debian-policy 4.14 diff --git a/tags/p/patch-system.tag b/tags/p/patch-system.tag new file mode 100644 index 0000000..c2e905b --- /dev/null +++ b/tags/p/patch-system.tag @@ -0,0 +1,5 @@ +Tag: patch-system +Severity: classification +Check: debian/patches +Explanation: This package uses the specified patch system (eg. "quilt" or + "dpatch"). diff --git a/tags/p/patched-file-without-utf8-name.tag b/tags/p/patched-file-without-utf8-name.tag new file mode 100644 index 0000000..2fff4d9 --- /dev/null +++ b/tags/p/patched-file-without-utf8-name.tag @@ -0,0 +1,12 @@ +Tag: patched-file-without-utf8-name +Severity: error +Check: files/names +See-Also: debian-policy 10.10 +Explanation: The file name in the patched source tree is not valid UTF-8. + The file does not appear in the upstream files. Its appearance is + considered the responsibility of the package maintainer. Please + rename the file. + . + Unlike other file names in Lintian, which are printed in UTF-8, the + attached reference shows the bytes used by the file system. + Unprintable characters may have been replaced. diff --git a/tags/p/pear-channel-without-pkg-php-tools-builddep.tag b/tags/p/pear-channel-without-pkg-php-tools-builddep.tag new file mode 100644 index 0000000..3273e23 --- /dev/null +++ b/tags/p/pear-channel-without-pkg-php-tools-builddep.tag @@ -0,0 +1,8 @@ +Tag: pear-channel-without-pkg-php-tools-builddep +Severity: warning +Check: languages/php/pear +Explanation: The package contains a channel.xml file but doesn't build-depend on + pkg-php-tools. + . + pkg-php-tools is the recommended tool for building PEAR and PECL packages. For + more information, install it and read the included README.PEAR. diff --git a/tags/p/pear-package-but-missing-dependency.tag b/tags/p/pear-package-but-missing-dependency.tag new file mode 100644 index 0000000..fafada5 --- /dev/null +++ b/tags/p/pear-package-but-missing-dependency.tag @@ -0,0 +1,5 @@ +Tag: pear-package-but-missing-dependency +Severity: warning +Check: languages/php/pear +Explanation: The package is a PEAR package but its control file doesn't have + ${phppear:Debian-Depends} in Depends or ${phppear:Debian-Recommends}. diff --git a/tags/p/pear-package-not-using-substvar.tag b/tags/p/pear-package-not-using-substvar.tag new file mode 100644 index 0000000..bc72f47 --- /dev/null +++ b/tags/p/pear-package-not-using-substvar.tag @@ -0,0 +1,9 @@ +Tag: pear-package-not-using-substvar +Severity: info +Check: languages/php/pear +Explanation: The package is a PEAR package but the control file does not use + ${phppear:summary} or ${phppear:description} in its description fields. + . + The substitution variables should be used when the description in the + PEAR package is suitable and respects best packaging practices. +See-Also: https://www.debian.org/doc/manuals/developers-reference/best-pkging-practices.html#bpp-desc-basics diff --git a/tags/p/pear-package-without-pkg-php-tools-builddep.tag b/tags/p/pear-package-without-pkg-php-tools-builddep.tag new file mode 100644 index 0000000..bd8df0c --- /dev/null +++ b/tags/p/pear-package-without-pkg-php-tools-builddep.tag @@ -0,0 +1,8 @@ +Tag: pear-package-without-pkg-php-tools-builddep +Severity: warning +Check: languages/php/pear +Explanation: The package contains a package.xml or package2.xml file but doesn't + build-depend on pkg-php-tools. + . + pkg-php-tools is the recommended tool for building PEAR and PECL packages. For + more information, install it and read the included README.PEAR. diff --git a/tags/p/pecl-package-requires-build-dependency.tag b/tags/p/pecl-package-requires-build-dependency.tag new file mode 100644 index 0000000..40abf2b --- /dev/null +++ b/tags/p/pecl-package-requires-build-dependency.tag @@ -0,0 +1,5 @@ +Tag: pecl-package-requires-build-dependency +Severity: warning +Check: languages/php/pear +Explanation: The package is a PECL package but its control file doesn't have + php-dev or dh-php as a build dependency. diff --git a/tags/p/perl-module-in-core-directory.tag b/tags/p/perl-module-in-core-directory.tag new file mode 100644 index 0000000..13e654f --- /dev/null +++ b/tags/p/perl-module-in-core-directory.tag @@ -0,0 +1,7 @@ +Tag: perl-module-in-core-directory +Severity: error +Check: languages/perl +Explanation: Packaged modules must not be installed into the core perl + directories as those directories change with each upstream perl + revision. The vendor directories are provided for this purpose. +See-Also: perl-policy 3.1 diff --git a/tags/p/perl-module-name-not-mentioned-in-description.tag b/tags/p/perl-module-name-not-mentioned-in-description.tag new file mode 100644 index 0000000..a45fcbd --- /dev/null +++ b/tags/p/perl-module-name-not-mentioned-in-description.tag @@ -0,0 +1,8 @@ +# Imported from pkg-perl-tools (named no-module-name-in-description there) +Tag: perl-module-name-not-mentioned-in-description +Severity: warning +Check: fields/description +Experimental: yes +Explanation: Debian users are likely to look for perl modules by their name, e.g. + Foo::Bar, not by package name (libfoo-bar-perl). To make this easier, the main + module name should be present in the long package description. diff --git a/tags/p/perl-module-uses-perl4-libs-without-dep.tag b/tags/p/perl-module-uses-perl4-libs-without-dep.tag new file mode 100644 index 0000000..0fc630e --- /dev/null +++ b/tags/p/perl-module-uses-perl4-libs-without-dep.tag @@ -0,0 +1,8 @@ +Tag: perl-module-uses-perl4-libs-without-dep +Severity: warning +Check: languages/perl +Explanation: This package includes perl modules using obsoleted perl 4-era + libraries. These libraries have been deprecated in perl in 5.14, and + are likely to be removed from the core in perl 5.16. Please either + remove references to these libraries, or add a dependency on + <code>libperl4-corelibs-perl | perl (<< 5.12.3-7)</code> to this package. diff --git a/tags/p/php-script-but-no-php-cli-dep.tag b/tags/p/php-script-but-no-php-cli-dep.tag new file mode 100644 index 0000000..1b834d2 --- /dev/null +++ b/tags/p/php-script-but-no-php-cli-dep.tag @@ -0,0 +1,10 @@ +Tag: php-script-but-no-php-cli-dep +Severity: error +Check: scripts +Explanation: Packages with PHP scripts must depend on the php-cli package. + Note that a dependency on a php-cgi package (such as php-cgi or php7.0-cgi) + is needlessly strict and forces the user to install a package that isn't + needed. + . + In some cases a weaker relationship, such as Suggests or Recommends, will + be more appropriate. diff --git a/tags/p/php-script-with-unusual-interpreter.tag b/tags/p/php-script-with-unusual-interpreter.tag new file mode 100644 index 0000000..68d4d9b --- /dev/null +++ b/tags/p/php-script-with-unusual-interpreter.tag @@ -0,0 +1,6 @@ +Tag: php-script-with-unusual-interpreter +Severity: warning +Check: scripts +Explanation: This package contains a php script using an unusual interpreter in the + shebang line. The recommended shebang line is either <code>#!/usr/bin/php</code> + or <code>#!/usr/bin/env php</code> without any version number. diff --git a/tags/p/pipe-symbol-used-as-license-disjunction.tag b/tags/p/pipe-symbol-used-as-license-disjunction.tag new file mode 100644 index 0000000..674c6ab --- /dev/null +++ b/tags/p/pipe-symbol-used-as-license-disjunction.tag @@ -0,0 +1,9 @@ +Tag: pipe-symbol-used-as-license-disjunction +Severity: warning +Check: debian/copyright/dep5 +Explanation: A vertical bar &vert (also known as a pipe symbol) does not stand for + a logical OR relationship in <code>debian/copyright</code>. + . + To describe dual licensing, please use the word "or" between license + names. +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ diff --git a/tags/p/pkg-config-bad-directive.tag b/tags/p/pkg-config-bad-directive.tag new file mode 100644 index 0000000..fe7a3b0 --- /dev/null +++ b/tags/p/pkg-config-bad-directive.tag @@ -0,0 +1,7 @@ +Tag: pkg-config-bad-directive +Severity: error +Check: files/pkgconfig +Explanation: The pkg-config file contains a wrong directive. + . + The following file includes a wrong directive. This could lead to + FTBFS or leak private compile flags to another package. diff --git a/tags/p/pkg-config-multi-arch-wrong-dir.tag b/tags/p/pkg-config-multi-arch-wrong-dir.tag new file mode 100644 index 0000000..e41da35 --- /dev/null +++ b/tags/p/pkg-config-multi-arch-wrong-dir.tag @@ -0,0 +1,15 @@ +Tag: pkg-config-multi-arch-wrong-dir +Severity: error +Check: files/pkgconfig +Explanation: The arch all pkg-config file contains a reference to a multi-arch path. + . + This can be usually be fixed by moving this file to a multi-arch path. + . + Another likely cause is using debhelper 9 or newer (thus enabling + multi-arch paths by default) on a package without multi-arch support. + The usual cure in this case is to update it for multi-arch. + . + Last but not least, this file could contain a reference to a cross + architecture (like for instance an x86_64-linux-gnu pkg-config file + referencing an i386-linux-gnu file). In this case the usual cure is to + fix this path. diff --git a/tags/p/pkg-config-unavailable-for-cross-compilation.tag b/tags/p/pkg-config-unavailable-for-cross-compilation.tag new file mode 100644 index 0000000..6e7cd83 --- /dev/null +++ b/tags/p/pkg-config-unavailable-for-cross-compilation.tag @@ -0,0 +1,14 @@ +Tag: pkg-config-unavailable-for-cross-compilation +Severity: warning +Check: files/pkgconfig +Explanation: The specified pkg-config(1) file is installed to + <code>/usr/lib/pkgconfig</code>. As the cross-compilation wrapper of pkg-config + does not search this directory the file is unavailable under + cross-compilation. + . + Please install the file to <code>/usr/lib/${DEB_HOST_MULTIARCH}/pkgconfig</code> + instead. + . + For projects that use GNU Autotools, a simple method is moving to a debhelper + compat level of 9 or higher. In the rare case that this file is architecture + independent it can be installed to <code>/usr/share/pkgconfig</code> instead. diff --git a/tags/p/pkg-js-autopkgtest-file-does-not-exist.tag b/tags/p/pkg-js-autopkgtest-file-does-not-exist.tag new file mode 100644 index 0000000..917d59a --- /dev/null +++ b/tags/p/pkg-js-autopkgtest-file-does-not-exist.tag @@ -0,0 +1,8 @@ +Tag: pkg-js-autopkgtest-file-does-not-exist +Severity: error +Check: languages/javascript/nodejs +Explanation: One of the files referenced the specified file does not exist in sources + and thus <code>pkg-js-autopkgtest</code> will likely fail. + . + Please update the <code>debian/tests/pkg-fs/files</code> file + (see <code>/usr/share/doc/pkg-js-autopkgtest/README.md</code>). diff --git a/tags/p/pkg-js-autopkgtest-test-is-empty.tag b/tags/p/pkg-js-autopkgtest-test-is-empty.tag new file mode 100644 index 0000000..009d354 --- /dev/null +++ b/tags/p/pkg-js-autopkgtest-test-is-empty.tag @@ -0,0 +1,8 @@ +Tag: pkg-js-autopkgtest-test-is-empty +Severity: error +Check: languages/javascript/nodejs +Explanation: The specified file is empty. This will produce erroneous autopkgtest + success reports. + . + Please set a significant test in this file + (see <code>/usr/share/doc/pkg-js-autopkgtest/README.md</code>). diff --git a/tags/p/pkg-js-autopkgtest-test-is-missing.tag b/tags/p/pkg-js-autopkgtest-test-is-missing.tag new file mode 100644 index 0000000..024c4c7 --- /dev/null +++ b/tags/p/pkg-js-autopkgtest-test-is-missing.tag @@ -0,0 +1,11 @@ +Tag: pkg-js-autopkgtest-test-is-missing +Severity: warning +Check: languages/javascript/nodejs +Explanation: The <code>Testsuite:</code> field for this package points to + <code>autopkgtest-pkg-nodejs</code> which attempts to execute + the specified file during autopkgtests. + . + When this file is missing, only a simple <code>node require("<module + name>")</code> is launched. This may be insufficient to really test this + nodejs module + (see <code>/usr/share/doc/pkg-js-autopkgtest/README.md</code>). diff --git a/tags/p/pkg-js-tools-test-is-empty.tag b/tags/p/pkg-js-tools-test-is-empty.tag new file mode 100644 index 0000000..457840f --- /dev/null +++ b/tags/p/pkg-js-tools-test-is-empty.tag @@ -0,0 +1,8 @@ +Tag: pkg-js-tools-test-is-empty +Severity: warning +Check: languages/javascript/nodejs +Explanation: The specified file is empty. This means that no test is played during + build. + . + Please set a significant test in this file + (see <code>/usr/share/doc/pkg-js-tools/README.md.gz</code>). diff --git a/tags/p/pkg-js-tools-test-is-missing.tag b/tags/p/pkg-js-tools-test-is-missing.tag new file mode 100644 index 0000000..2efe4df --- /dev/null +++ b/tags/p/pkg-js-tools-test-is-missing.tag @@ -0,0 +1,13 @@ +Tag: pkg-js-tools-test-is-missing +Severity: warning +Check: languages/javascript/nodejs +Explanation: The <code>debian/rules</code> file for this package uses <code>--with + nodejs</code> which attempts to execute the specified file when running + autopkgtests. + . + When this file is missing, only a simple <code>node require(".")</code> is + launched which may be insufficient to really test this nodejs module. + . + Please specify the upstream testsuite (or a custom one) in + <code>debian/tests/pkg-js/test</code> + (see <code>/usr/share/doc/pkg-js-tools/README.md.gz</code>). diff --git a/tags/p/pkg-not-in-package-test.tag b/tags/p/pkg-not-in-package-test.tag new file mode 100644 index 0000000..7a6e156 --- /dev/null +++ b/tags/p/pkg-not-in-package-test.tag @@ -0,0 +1,17 @@ +Tag: pkg-not-in-package-test +Severity: warning +Check: menu-format +Explanation: The given <code>menu</code> item does not check if the package that + ships the application is installed. + . + Each <code>menu</code> item should begin with a check that the required packages + are installed. At a minimum, the condition should check that the package that + ships the application is installed. + . + Menu items are normally shiiped in the same package that also provides the + application the <code>menu</code> item is for. + . + Sometimes this issue arises the package name was mespelled in the <code>menu</code> + entry, or an entry was copied from another package but not properly adjusted. +See-Also: + menu-manual 3.2 diff --git a/tags/p/pod-conversion-message.tag b/tags/p/pod-conversion-message.tag new file mode 100644 index 0000000..e0075be --- /dev/null +++ b/tags/p/pod-conversion-message.tag @@ -0,0 +1,9 @@ +Tag: pod-conversion-message +Severity: warning +Check: documentation/manual +Renamed-From: manpage-has-errors-from-pod2man +Explanation: A manual page contains a section <code>POD ERRORS</code>. This tag show + the contents. + . + The section was generated by <code>pod2man</code>. It shows any errors that + were found in the <code>POD</code> documentation when the page was generated. diff --git a/tags/p/poor-compression-in-manual-page.tag b/tags/p/poor-compression-in-manual-page.tag new file mode 100644 index 0000000..8a2ec71 --- /dev/null +++ b/tags/p/poor-compression-in-manual-page.tag @@ -0,0 +1,7 @@ +Tag: poor-compression-in-manual-page +Severity: error +Check: documentation/manual +Renamed-From: manpage-not-compressed-with-max-compression +Explanation: Manual pages should be compressed with <code>gzip -9n</code>. It + selects the highest compression available. +See-Also: debian-policy 12.1 diff --git a/tags/p/portable-executable-missing-security-features.tag b/tags/p/portable-executable-missing-security-features.tag new file mode 100644 index 0000000..5e89c1c --- /dev/null +++ b/tags/p/portable-executable-missing-security-features.tag @@ -0,0 +1,40 @@ +Tag: portable-executable-missing-security-features +Severity: pedantic +Check: pe +Experimental: yes +Explanation: A portable executable (PE32+) file lacks security features. + . + Due to changes in <code>binutils-mingw-w64</code> the historical + advice is incorrect. Current tools do not create safe binaries, + and advertising such settings with <code>genpeimg</code> is pointless. + . + In short, the flags alone do nothing unless a binary is built + specifically to support a missing flag. Merely setting the flag, + as recommended below, can actually make a file less secure. + . + More information can be found via the link in the references. + . + The following advice is historical. PLEASE DO NOT FOLLOW IT. + . + The package ships a Microsoft Windows Portable Executable (PE) file + that appears to be lacking security hardening features. You can see + which are missing using the <code>pesec</code> tool from the + <code>pev</code> package. + . + EFI binaries also often trigger this tag. The security flags are + probably meaningless for them, but the flags are easily changed + using the <code>genpeimg</code> tool from the <code>mingw-w64-tools</code> + package. + . + $ genpeimg -d +d -d +n -d +s $file + . + Then, to verify that it worked: + . + $ genpeimg -x $file + ... + Optional Characteristics: + dynamic-base nx-compatible no-SEH + . + Please change the flags, if possible, instead of overriding the tag. + . +See-Also: https://www.kb.cert.org/vuls/id/307144/, Bug#953212 diff --git a/tags/p/possible-bashism-in-maintainer-script.tag b/tags/p/possible-bashism-in-maintainer-script.tag new file mode 100644 index 0000000..e4644b0 --- /dev/null +++ b/tags/p/possible-bashism-in-maintainer-script.tag @@ -0,0 +1,19 @@ +Tag: possible-bashism-in-maintainer-script +Severity: warning +Check: shell/non-posix/bash-centric +Explanation: This script is marked as running under <code>/bin/sh</code>, but it seems + to use a feature found in bash but not in the SUSv3 or POSIX shell + specification. + . + Some examples are: + . + - <code>==</code> in a test, it should use <code>=</code> instead + - <code>read</code> without a variable in the argument + - <code>function</code> to define a function + - <code>source</code> instead of <code>.</code> + - <code>. command args</code>, passing arguments to commands via <code>source</code> is not supported + - <code>{foo,bar}</code> instead of <code>foo bar</code> + - <code>[[ test ]]</code> instead of <code>[ test ]</code> (requires a Korn shell) + - <code>type</code> instead of <code>which</code> or <code>command -v</code> +See-Also: + debian-policy 10.4 diff --git a/tags/p/possible-debconf-note-abuse.tag b/tags/p/possible-debconf-note-abuse.tag new file mode 100644 index 0000000..4064d49 --- /dev/null +++ b/tags/p/possible-debconf-note-abuse.tag @@ -0,0 +1,18 @@ +Tag: possible-debconf-note-abuse +Severity: warning +Check: debian/debconf +Explanation: Debconf notes should be used only for important notes that the + user really should see, since debconf will go to great pains to make + sure the user sees it. + . + Displaying a note with a low priority is conflicting with this statement, + since using a low or medium priority shows that the note is not + important. + . + The right fix is NOT to increase the priority of the note, but to move + it somewhere else in the inline documentation, for example in a + README.Debian file for notes about package usability or NEWS.Debian for + changes in the package behavior, or to simply drop it if it is not + needed (e.g. "welcome" notes). Changing the templates type to "error" + can also be appropriate, such as for input validation errors. +See-Also: debian-policy 3.9.1 diff --git a/tags/p/possible-documentation-but-no-doc-base-registration.tag b/tags/p/possible-documentation-but-no-doc-base-registration.tag new file mode 100644 index 0000000..ec6eaa3 --- /dev/null +++ b/tags/p/possible-documentation-but-no-doc-base-registration.tag @@ -0,0 +1,10 @@ +Tag: possible-documentation-but-no-doc-base-registration +Severity: info +Check: menus +Explanation: The package ships a <code>.html</code> or <code>.pdf</code> file under + <code>/usr/share/doc/</code>. Those files are usually documentation, but no files + are registered in <code>doc-base</code>. + . + Files in folders named <code>examples</code> are exempt from this tag. +See-Also: + debian-policy 9.10 diff --git a/tags/p/possible-gpl-code-linked-with-openssl.tag b/tags/p/possible-gpl-code-linked-with-openssl.tag new file mode 100644 index 0000000..bb007d5 --- /dev/null +++ b/tags/p/possible-gpl-code-linked-with-openssl.tag @@ -0,0 +1,17 @@ +Tag: possible-gpl-code-linked-with-openssl +Severity: classification +Check: debian/copyright +Explanation: This package appears to be covered by the GNU GPL but depends on + the OpenSSL libssl package and does not mention a license exemption or + exception for OpenSSL in its copyright file. The GPL (including version + 3) is incompatible with some terms of the OpenSSL license, and therefore + Debian does not allow GPL-licensed code linked with OpenSSL libraries + unless there is a license exception explicitly permitting this. + . + If only the Debian packaging, or some other part of the package not + linked with OpenSSL, is covered by the GNU GPL, please add a Lintian + override for this tag. Lintian currently has no good way of + distinguishing between that case and problematic packages. +See-Also: + Bug#972181, + http://meetbot.debian.net/debian-ftp/2020/debian-ftp.2020-03-13-20.02.html diff --git a/tags/p/possible-missing-colon-in-closes.tag b/tags/p/possible-missing-colon-in-closes.tag new file mode 100644 index 0000000..0844483 --- /dev/null +++ b/tags/p/possible-missing-colon-in-closes.tag @@ -0,0 +1,7 @@ +Tag: possible-missing-colon-in-closes +Severity: error +Check: debian/changelog +Explanation: To close a bug in the Debian changelog, the word "closes" must be + followed by a colon. This entry looked like it was intended to close a + bug, but there's no colon after "closes". +See-Also: debian-policy 4.4 diff --git a/tags/p/possible-new-upstream-release-without-new-version.tag b/tags/p/possible-new-upstream-release-without-new-version.tag new file mode 100644 index 0000000..f50501d --- /dev/null +++ b/tags/p/possible-new-upstream-release-without-new-version.tag @@ -0,0 +1,9 @@ +Tag: possible-new-upstream-release-without-new-version +Severity: warning +Check: debian/changelog +Explanation: The most recent changelog entry contains an entry that appears to + say this is a new upstream release (a comment similar to "new upstream + release," possibly with a word between "upstream" and "release"), but the + upstream portion of the package version number didn't change. This may + indicate that the package version was not updated properly in + <code>debian/changelog</code>. diff --git a/tags/p/possible-unindented-list-in-extended-description.tag b/tags/p/possible-unindented-list-in-extended-description.tag new file mode 100644 index 0000000..fcefea3 --- /dev/null +++ b/tags/p/possible-unindented-list-in-extended-description.tag @@ -0,0 +1,8 @@ +Tag: possible-unindented-list-in-extended-description +Severity: warning +Check: fields/description +Explanation: The package "Description:" contains an unindented line which + starts with a dash (-) or asterisk (*). If this was meant to be a + list of items these lines need to be indented (dselect would + word-wrap these lines otherwise). +See-Also: debian-policy 5.6.13 diff --git a/tags/p/possibly-insecure-handling-of-tmp-files-in-maintainer-script.tag b/tags/p/possibly-insecure-handling-of-tmp-files-in-maintainer-script.tag new file mode 100644 index 0000000..17a7fb7 --- /dev/null +++ b/tags/p/possibly-insecure-handling-of-tmp-files-in-maintainer-script.tag @@ -0,0 +1,12 @@ +Tag: possibly-insecure-handling-of-tmp-files-in-maintainer-script +Severity: warning +Check: maintainer-scripts/temporary-files +Explanation: The named maintainer script appears to access a file or a directory in + <code>/tmp</code> or a similar folder for temporary data. Working directly in such + folders, which are usually world-writable, can easily lead to serious security or + privacy bugs. + . + Please consider using the <code>mktemp</code> utility from the <code>coreutils</code> + package when creating temporary files or directories. +See-Also: + debian-policy 10.4 diff --git a/tags/p/postinst-does-not-call-updatemenus.tag b/tags/p/postinst-does-not-call-updatemenus.tag new file mode 100644 index 0000000..b8cb401 --- /dev/null +++ b/tags/p/postinst-does-not-call-updatemenus.tag @@ -0,0 +1,15 @@ +Tag: postinst-does-not-call-updatemenus +Severity: error +Check: menus +Explanation: The package installs a file into <code>/etc/menu-methods</code>, + <code>/usr/share/menu</code>, or <code>/usr/lib/menu</code>, but does not + call the <code>update-menus</code> command in the <code>postinst</code> + maintainer script. + . + For example, you ca use the following code in your maintainer script: + . + if which update-menus > /dev/null; then + update-menus + fi +See-Also: + menu-manual 4.2 diff --git a/tags/p/postinst-does-not-load-confmodule.tag b/tags/p/postinst-does-not-load-confmodule.tag new file mode 100644 index 0000000..bf09480 --- /dev/null +++ b/tags/p/postinst-does-not-load-confmodule.tag @@ -0,0 +1,6 @@ +Tag: postinst-does-not-load-confmodule +Severity: warning +Check: debian/debconf +Explanation: Even if your postinst does not involve debconf, you currently need to + make sure it loads one of the debconf libraries. This will be changed in + the future. diff --git a/tags/p/postinst-has-useless-call-to-install-docs.tag b/tags/p/postinst-has-useless-call-to-install-docs.tag new file mode 100644 index 0000000..3f8f5e0 --- /dev/null +++ b/tags/p/postinst-has-useless-call-to-install-docs.tag @@ -0,0 +1,9 @@ +Tag: postinst-has-useless-call-to-install-docs +Severity: warning +Check: menus +Explanation: It is no longer necessary to call <code>install-docs</code> + in <code>postinst</code>. The processing of <code>doc-base</code> files is + now handled by triggers. + . + If the <code>install-docs</code> call was added by Debhelper, the issue can + be fixed by rebuilding the package with Debhelper version 7.2.3 or later. diff --git a/tags/p/postinst-has-useless-call-to-update-menus.tag b/tags/p/postinst-has-useless-call-to-update-menus.tag new file mode 100644 index 0000000..217b5f5 --- /dev/null +++ b/tags/p/postinst-has-useless-call-to-update-menus.tag @@ -0,0 +1,7 @@ +Tag: postinst-has-useless-call-to-update-menus +Severity: warning +Check: menus +Explanation: The <code>postinst</code> maintainer script calls the + <code>update-menus</code> program, but no files are being installed into + <code>/etc/menu-methods</code>, <code>/usr/share/menu</code>, + or <code>/usr/lib/menu</code>. diff --git a/tags/p/postinst-uses-db-input.tag b/tags/p/postinst-uses-db-input.tag new file mode 100644 index 0000000..7dbf579 --- /dev/null +++ b/tags/p/postinst-uses-db-input.tag @@ -0,0 +1,7 @@ +Tag: postinst-uses-db-input +Severity: warning +Check: debian/debconf +Explanation: It is generally not a good idea for postinst scripts to use debconf + commands like <code>db_input</code>. Typically, they should restrict themselves + to <code>db_get</code> to request previously acquired information, and have the + config script do the actual prompting. diff --git a/tags/p/postrm-calls-installdocs.tag b/tags/p/postrm-calls-installdocs.tag new file mode 100644 index 0000000..851c400 --- /dev/null +++ b/tags/p/postrm-calls-installdocs.tag @@ -0,0 +1,7 @@ +Tag: postrm-calls-installdocs +Severity: error +Check: menus +Explanation: The <code>postrm</code> maintainer script calls the + <code>install-docs</code> command. + . + The command is usually called from the <code>prerm</code> script. diff --git a/tags/p/postrm-contains-additional-updaterc.d-calls.tag b/tags/p/postrm-contains-additional-updaterc.d-calls.tag new file mode 100644 index 0000000..0537585 --- /dev/null +++ b/tags/p/postrm-contains-additional-updaterc.d-calls.tag @@ -0,0 +1,5 @@ +Tag: postrm-contains-additional-updaterc.d-calls +Severity: error +Check: init-d +Explanation: The <code>postrm</code> de-registers an <code>/etc/init.d</code> script which + has not been registered in the <code>postinst</code> script before. diff --git a/tags/p/postrm-does-not-call-updatemenus.tag b/tags/p/postrm-does-not-call-updatemenus.tag new file mode 100644 index 0000000..655743e --- /dev/null +++ b/tags/p/postrm-does-not-call-updatemenus.tag @@ -0,0 +1,15 @@ +Tag: postrm-does-not-call-updatemenus +Severity: error +Check: menus +Explanation: The package installs a file in <code>/etc/menu-methods</code>, + <code>/usr/share/menu</code>, or <code>/usr/lib/menu</code>, but does not + call the <code>update-menus</code> command in the <code>postrm</code> + script. + . + For example, you use the following code in your maintainer script: + . + if which update-menus > /dev/null; then + update-menus + fi +See-Also: + menu-manual 4.2 diff --git a/tags/p/postrm-does-not-call-updaterc.d-for-init.d-script.tag b/tags/p/postrm-does-not-call-updaterc.d-for-init.d-script.tag new file mode 100644 index 0000000..cde1b39 --- /dev/null +++ b/tags/p/postrm-does-not-call-updaterc.d-for-init.d-script.tag @@ -0,0 +1,7 @@ +Tag: postrm-does-not-call-updaterc.d-for-init.d-script +Severity: error +Check: init-d +Explanation: An <code>/etc/init.d</code> script which has been registered in the + <code>postinst</code> script is not de-registered in the + <code>postrm</code> script. +See-Also: debian-policy 9.3.3.1 diff --git a/tags/p/postrm-does-not-purge-debconf.tag b/tags/p/postrm-does-not-purge-debconf.tag new file mode 100644 index 0000000..c9eeb9b --- /dev/null +++ b/tags/p/postrm-does-not-purge-debconf.tag @@ -0,0 +1,6 @@ +Tag: postrm-does-not-purge-debconf +Severity: warning +Check: debian/debconf +Explanation: Packages using debconf should call <code>db_purge</code> or its equivalent + in their postrm. If the package uses debhelper, dh_installdebconf(1) should + take care of this. diff --git a/tags/p/postrm-has-useless-call-to-update-menus.tag b/tags/p/postrm-has-useless-call-to-update-menus.tag new file mode 100644 index 0000000..b89dcaa --- /dev/null +++ b/tags/p/postrm-has-useless-call-to-update-menus.tag @@ -0,0 +1,7 @@ +Tag: postrm-has-useless-call-to-update-menus +Severity: warning +Check: menus +Explanation: The <code>postrm</code> maintainer script calls the + <code>update-menus</code> command, but no files are being + installed into <code>/etc/menu-methods</code>, + <code>/usr/share/menu</code>, or <code>/usr/lib/menu</code>. diff --git a/tags/p/postrm-removes-alternative.tag b/tags/p/postrm-removes-alternative.tag new file mode 100644 index 0000000..4f2c5db --- /dev/null +++ b/tags/p/postrm-removes-alternative.tag @@ -0,0 +1,25 @@ +Tag: postrm-removes-alternative +Severity: warning +Check: scripts +Renamed-From: + maintainer-script-should-not-use-update-alternatives-remove +Explanation: <code>update-alternatives --remove <alternative> foo</code> is + called in the <code>postrm</code> maintainer script. + . + Instead, <code>update-alternatives --remove</code> should be called in + <code>prerm</code>. + . + Th present command will not work as intended. When <code>postrm</code> runs, + <code>foo</code> was already deleted. <code>update-alternatives</code> will + then ignore the program while constructing the list of available alternatives. + . + If the symbolic link in <code>/etc/alternatives</code> then still points at + <code>foo</code>, <code>update-alternatives</code> will not recognize it. It + will then mark the link as site-specific. + . + Going forward, the symbolic link will no longer be updated automatically. It will be + left dangling until <code>update-alternatives --auto <alternative></code> + is run by hand. +See-Also: + debian-policy appendix-6, + update-alternatives(8) diff --git a/tags/p/prefer-uscan-symlink.tag b/tags/p/prefer-uscan-symlink.tag new file mode 100644 index 0000000..ca55a21 --- /dev/null +++ b/tags/p/prefer-uscan-symlink.tag @@ -0,0 +1,13 @@ +Tag: prefer-uscan-symlink +Severity: pedantic +Experimental: yes +Check: debian/watch +Explanation: Please consider setting <code>USCAN_SYMLINK=rename</code> in your + <code>~/.devscripts</code> configuration file instead of using the option + <code>filenamemangle</code> in <code>debian/watch</code>. + . + Please check with your team before making changes to sources you maintain + together. There are circumstances when the <code>filenamemangle</code> option + is better. +See-Also: + uscan(1) diff --git a/tags/p/preinst-calls-installdocs.tag b/tags/p/preinst-calls-installdocs.tag new file mode 100644 index 0000000..cbf9a68 --- /dev/null +++ b/tags/p/preinst-calls-installdocs.tag @@ -0,0 +1,8 @@ +Tag: preinst-calls-installdocs +Severity: error +Check: menus +Explanation: The <code>preinst</code> maintainer script calls the + <code>install-docs</code> command. + . + That command is usually called from the <code>postinst</code> maintainer + script. diff --git a/tags/p/preinst-calls-updatemenus.tag b/tags/p/preinst-calls-updatemenus.tag new file mode 100644 index 0000000..75b8a28 --- /dev/null +++ b/tags/p/preinst-calls-updatemenus.tag @@ -0,0 +1,7 @@ +Tag: preinst-calls-updatemenus +Severity: error +Check: menus +Explanation: The <code>preinst</code> maintainer script calls the + <code>update-menus</code> command. + . + The command is usually called in the <code>postinst</code> script. diff --git a/tags/p/preinst-calls-updaterc.d.tag b/tags/p/preinst-calls-updaterc.d.tag new file mode 100644 index 0000000..4a4d7a3 --- /dev/null +++ b/tags/p/preinst-calls-updaterc.d.tag @@ -0,0 +1,6 @@ +Tag: preinst-calls-updaterc.d +Severity: error +Check: init-d +Explanation: The <code>preinst</code> package calls <code>update-rc.d</code>. Instead, + you should call it in the <code>postinst</code> script. +See-Also: debian-policy 9.3.3.1 diff --git a/tags/p/prerm-calls-updatemenus.tag b/tags/p/prerm-calls-updatemenus.tag new file mode 100644 index 0000000..6be5a33 --- /dev/null +++ b/tags/p/prerm-calls-updatemenus.tag @@ -0,0 +1,8 @@ +Tag: prerm-calls-updatemenus +Severity: error +Check: menus +Explanation: The <code>prerm</code> maintainer script calls the + <code>update-menus</code> command. + . + Usually, this command should be called from the <code>postrm</code> + maintainer script. diff --git a/tags/p/prerm-calls-updaterc.d.tag b/tags/p/prerm-calls-updaterc.d.tag new file mode 100644 index 0000000..acd432e --- /dev/null +++ b/tags/p/prerm-calls-updaterc.d.tag @@ -0,0 +1,6 @@ +Tag: prerm-calls-updaterc.d +Severity: error +Check: init-d +Explanation: The <code>prerm</code> package calls <code>update-rc.d</code>. Instead, + you should call it in the <code>postrm</code> script. +See-Also: debian-policy 9.3.3.1 diff --git a/tags/p/prerm-has-useless-call-to-install-docs.tag b/tags/p/prerm-has-useless-call-to-install-docs.tag new file mode 100644 index 0000000..753759e --- /dev/null +++ b/tags/p/prerm-has-useless-call-to-install-docs.tag @@ -0,0 +1,10 @@ +Tag: prerm-has-useless-call-to-install-docs +Severity: warning +Check: menus +Explanation: It is no longer necessary to call <code>install-docs</code> in + the <code>prerm</code> maintainer script. The processing of + <code>doc-base</code> files is now handled by triggers. + . + If the <code>install-docs</code> call was added by Debhelper, the issue + can be fixed by rebuilding the package with Debhelper version 7.2.3 or + later. diff --git a/tags/p/priority-extra-is-replaced-by-priority-optional.tag b/tags/p/priority-extra-is-replaced-by-priority-optional.tag new file mode 100644 index 0000000..798444a --- /dev/null +++ b/tags/p/priority-extra-is-replaced-by-priority-optional.tag @@ -0,0 +1,9 @@ +Tag: priority-extra-is-replaced-by-priority-optional +Severity: warning +Check: fields/priority +Explanation: Since Debian Policy version 4.0.1, the priority <code>extra</code> + has been deprecated. + . + Please update <code>debian/control</code> and replace all instances of + <code>Priority: extra</code> with <code>Priority: optional</code>. +See-Also: debian-policy 2.5 diff --git a/tags/p/privacy-breach-donation.tag b/tags/p/privacy-breach-donation.tag new file mode 100644 index 0000000..1a22725 --- /dev/null +++ b/tags/p/privacy-breach-donation.tag @@ -0,0 +1,16 @@ +Tag: privacy-breach-donation +Severity: error +Check: files/privacy-breach +See-Also: https://wiki.debian.org/UpstreamMetadata +Explanation: This package create a potential privacy breach by fetching data + from a donation website at runtime. + . + Please remove this privacy problem and add a note to the + debian/upstream/metadata file using the donation field. + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-facebook.tag b/tags/p/privacy-breach-facebook.tag new file mode 100644 index 0000000..b6ec556 --- /dev/null +++ b/tags/p/privacy-breach-facebook.tag @@ -0,0 +1,12 @@ +Tag: privacy-breach-facebook +Severity: error +Check: files/privacy-breach +Explanation: This package creates a privacy breach by exchanging data with + Facebook at runtime via plugins such as "Share" or "Like" buttons. + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-generic.tag b/tags/p/privacy-breach-generic.tag new file mode 100644 index 0000000..2fb425a --- /dev/null +++ b/tags/p/privacy-breach-generic.tag @@ -0,0 +1,13 @@ +Tag: privacy-breach-generic +Severity: warning +Check: files/privacy-breach +Explanation: This package creates a potential privacy breach by fetching data + from an external website at runtime. Please remove these scripts or + external HTML resources. + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-google-adsense.tag b/tags/p/privacy-breach-google-adsense.tag new file mode 100644 index 0000000..c65c6cc --- /dev/null +++ b/tags/p/privacy-breach-google-adsense.tag @@ -0,0 +1,21 @@ +Tag: privacy-breach-google-adsense +Severity: error +Check: files/privacy-breach +Explanation: This package creates a privacy breach by using Google AdSense. + Google AdSense is a service run by Google that allows publishers + of websites to automatically serve advertisements. Unfortunately, it + requires tracking and breaching the privacy of web users. + . + This tag can also indicate the use of the related obsolete privacy + breaching software, Urchin WebAnalytics. + . + Note that using Google AdSense in a local copy of a page is a violation of + the Google AdSense terms of use. This violation renders this package not + distributable in Debian, and is thus a serious bug. + . + Please replace any scripts, images or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-google-cse.tag b/tags/p/privacy-breach-google-cse.tag new file mode 100644 index 0000000..afa833d --- /dev/null +++ b/tags/p/privacy-breach-google-cse.tag @@ -0,0 +1,13 @@ +Tag: privacy-breach-google-cse +Severity: error +Check: files/privacy-breach +Explanation: This package creates a potential privacy breach by fetching + data from Google at runtime, and may feed private data to Google via + Custom Search Engine queries. + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-google-plus.tag b/tags/p/privacy-breach-google-plus.tag new file mode 100644 index 0000000..34e8989 --- /dev/null +++ b/tags/p/privacy-breach-google-plus.tag @@ -0,0 +1,13 @@ +Tag: privacy-breach-google-plus +Severity: error +Check: files/privacy-breach +Explanation: This package creates a potential privacy breach by + exchanging data with Google+ at runtime via plugins such + as "+1" buttons. + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-logo.tag b/tags/p/privacy-breach-logo.tag new file mode 100644 index 0000000..348c3b6 --- /dev/null +++ b/tags/p/privacy-breach-logo.tag @@ -0,0 +1,17 @@ +Tag: privacy-breach-logo +Severity: error +Check: files/privacy-breach +Explanation: This package creates a potential privacy breach by fetching a + logo at runtime. + . + Before using a local copy you should check that the logo is suitable + for main. You can get help with determining this by posting a link to + the logo and a copy of, or a link to, the logo copyright and license + information to the debian-legal mailing list. + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-piwik.tag b/tags/p/privacy-breach-piwik.tag new file mode 100644 index 0000000..ce42df1 --- /dev/null +++ b/tags/p/privacy-breach-piwik.tag @@ -0,0 +1,19 @@ +Tag: privacy-breach-piwik +Severity: error +Check: files/privacy-breach +Explanation: This package creates a privacy breach by using an online + Piwik module. + . + Piwik is a free and open source web analytics application, designed to + allow publishers of websites to track visitors. + . + Even though Piwik is free and respects the "Do Not Track" browser + option, it is nevertheless breaches the privacy of local users + by fetching data from internet. + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-statistics-website.tag b/tags/p/privacy-breach-statistics-website.tag new file mode 100644 index 0000000..f2597bd --- /dev/null +++ b/tags/p/privacy-breach-statistics-website.tag @@ -0,0 +1,25 @@ +Tag: privacy-breach-statistics-website +Severity: error +Check: files/privacy-breach +Explanation: This package creates a privacy breach by fetching data from + an external website in order to compile visitor statistics. + . + Please ask upstream to use the free software web analytics engine + Piwik, which respects the "Do Not Track" browser option. + . + This tag covers the following websites: + . + - cruel-carlota.pagodabox.com + - linkexchange.com (defunct) + - nedstatbasic.net + - onestat.com + - statcounter.com + - sitemeter.com + - webstats.motigo.com + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-twitter.tag b/tags/p/privacy-breach-twitter.tag new file mode 100644 index 0000000..7eff11e --- /dev/null +++ b/tags/p/privacy-breach-twitter.tag @@ -0,0 +1,12 @@ +Tag: privacy-breach-twitter +Severity: error +Check: files/privacy-breach +Explanation: This package creates a potential privacy breach by + exchanging data with Twitter at runtime via plugins. + . + Please replace any scripts, images, or other remote resources with + non-remote resources. It is preferable to replace them with text and + links but local copies of the remote resources are also acceptable as + long as they don't also make calls to remote services. Please ensure + that the remote resources are suitable for Debian main before making + local copies of them. diff --git a/tags/p/privacy-breach-uses-embedded-file.tag b/tags/p/privacy-breach-uses-embedded-file.tag new file mode 100644 index 0000000..3e0e021 --- /dev/null +++ b/tags/p/privacy-breach-uses-embedded-file.tag @@ -0,0 +1,11 @@ +Tag: privacy-breach-uses-embedded-file +Severity: error +Check: files/privacy-breach +Explanation: This package creates a potential privacy breach by fetching data + from an external website at runtime. Please remove these scripts or + external HTML resources. + . + Instead you can use the Debian package indicated in the context if it + is compatible. +Renamed-From: + privacy-breach-may-use-debian-package diff --git a/tags/p/privacy-breach-w3c-valid-html.tag b/tags/p/privacy-breach-w3c-valid-html.tag new file mode 100644 index 0000000..e16d083 --- /dev/null +++ b/tags/p/privacy-breach-w3c-valid-html.tag @@ -0,0 +1,15 @@ +Tag: privacy-breach-w3c-valid-html +Severity: error +Check: files/privacy-breach +See-Also: http://validator.w3.org/docs/help.html#icon, + http://www.w3.org/Consortium/Legal/logo-usage-20000308 +Explanation: This package creates a potential privacy breach by fetching W3C + validation icons. + . + These badges may be displayed to tell readers that care has been + taken to make a page compliant with W3C standards. Unfortunately, + downloading the image from www.w3.org might expose the reader's IP + address to potential tracking. + . + Note that these icons are non-free and must not be copied into the + package. You could safely delete this W3C validation badge. diff --git a/tags/p/program-not-linked-against-libc.tag b/tags/p/program-not-linked-against-libc.tag new file mode 100644 index 0000000..2ee582e --- /dev/null +++ b/tags/p/program-not-linked-against-libc.tag @@ -0,0 +1,11 @@ +Tag: program-not-linked-against-libc +Severity: error +Check: binaries/prerequisites +Explanation: The package installs a binary which is not dynamically linked + against libc. + . + It is theoretically possible to have a program which doesn't use any + symbols from libc, but it is far more likely that this binary simply + isn't linked correctly. +See-Also: + Bug#698720 diff --git a/tags/p/public-upstream-key-in-native-package.tag b/tags/p/public-upstream-key-in-native-package.tag new file mode 100644 index 0000000..1cff49a --- /dev/null +++ b/tags/p/public-upstream-key-in-native-package.tag @@ -0,0 +1,8 @@ +Tag: public-upstream-key-in-native-package +Severity: info +Check: debian/upstream/signing-key +See-Also: uscan(1) +Explanation: The source package contains a public upstream signing key even + though there is no upstream as the package is native. + . + Please remove the key. diff --git a/tags/p/public-upstream-key-not-minimal.tag b/tags/p/public-upstream-key-not-minimal.tag new file mode 100644 index 0000000..3aa6c8f --- /dev/null +++ b/tags/p/public-upstream-key-not-minimal.tag @@ -0,0 +1,13 @@ +Tag: public-upstream-key-not-minimal +Severity: info +Check: debian/upstream/signing-key +See-Also: uscan(1) +Explanation: The package contains a public upstream signing key with extra + signatures. The signatures are unnecessary and take up space in + the archive. + . + Please export the upstream key again with the command: + . + $ gpg --armor --export --export-options export-minimal,export-clean + . + and use that key instead of the key currently in the source package. diff --git a/tags/p/public-upstream-key-unusable.tag b/tags/p/public-upstream-key-unusable.tag new file mode 100644 index 0000000..ec78188 --- /dev/null +++ b/tags/p/public-upstream-key-unusable.tag @@ -0,0 +1,8 @@ +Tag: public-upstream-key-unusable +Severity: info +Check: debian/upstream/signing-key +See-Also: uscan(1) +Explanation: The source package contains a public upstream signing key that + contains bogus, unexpected or unsuitable data. + . + Please obtain the correct key from upstream. diff --git a/tags/p/public-upstream-keys-in-multiple-locations.tag b/tags/p/public-upstream-keys-in-multiple-locations.tag new file mode 100644 index 0000000..522d81f --- /dev/null +++ b/tags/p/public-upstream-keys-in-multiple-locations.tag @@ -0,0 +1,11 @@ +Tag: public-upstream-keys-in-multiple-locations +Severity: info +Check: debian/upstream/signing-key +See-Also: uscan(1) +Explanation: The source package contains public upstream signing keys + (or keyrings) in multiple locations. This situation is potentially + confusing for uscan(1) or any other tool hoping to verify the + integrity and authenticity of upstream sources. + . + Please remove all keys (or keyrings) except one at the recommended + location <code>debian/upstream/signing-key.asc</code>. diff --git a/tags/p/pypi-homepage.tag b/tags/p/pypi-homepage.tag new file mode 100644 index 0000000..10dd1b4 --- /dev/null +++ b/tags/p/pypi-homepage.tag @@ -0,0 +1,14 @@ +Tag: pypi-homepage +Severity: warning +Check: languages/python/homepage +Explanation: The <code>Homepage</code> field in this package's + control file refers to the Python Package Index (PyPI), and + not to the true upstream. + . + Debian packages should point at the upstream's homepage, but + PyPI is just another packaging system. You may be able to + find the correct information in the <code>Homepage</code> link + on the corresponding PyPI web page (under the "Project details" + tab). +See-Also: + Bug#981932 diff --git a/tags/p/python-debug-in-wrong-location.tag b/tags/p/python-debug-in-wrong-location.tag new file mode 100644 index 0000000..593a9d0 --- /dev/null +++ b/tags/p/python-debug-in-wrong-location.tag @@ -0,0 +1,9 @@ +Tag: python-debug-in-wrong-location +Severity: warning +Check: languages/python +See-Also: Bug#576014 +Explanation: The package appears to be installing debug modules in + /usr/lib/debug/usr/lib/pyshared/pythonX.Y/. However, gdb(1) + will not look for it there, making it less useful. The file + should be installed in /usr/lib/debug/usr/lib/pymodules/pythonX.Y/ + instead. diff --git a/tags/p/python-depends-but-no-python-helper.tag b/tags/p/python-depends-but-no-python-helper.tag new file mode 100644 index 0000000..85cc050 --- /dev/null +++ b/tags/p/python-depends-but-no-python-helper.tag @@ -0,0 +1,10 @@ +Tag: python-depends-but-no-python-helper +Severity: error +Check: debhelper +Explanation: The source package declares a dependency on <code>${python:Depends}</code> + in the given binary package's <code>debian/control</code> entry. However, + <code>debian/rules</code> doesn't call any helper that would generate this + substitution variable. + . + The source package probably needs a call to <code>dh_python2</code> (possibly via the + Python2 debhelper add-on) in the <code>debian/rules</code> file. diff --git a/tags/p/python-foo-but-no-python3-foo.tag b/tags/p/python-foo-but-no-python3-foo.tag new file mode 100644 index 0000000..3f982ca --- /dev/null +++ b/tags/p/python-foo-but-no-python3-foo.tag @@ -0,0 +1,16 @@ +Tag: python-foo-but-no-python3-foo +Severity: warning +Check: languages/python +Explanation: This source package appears to generate the specified Python 2 package + without creating a variant for Python 3. + . + The 2.x series of Python is due for deprecation and will not be maintained + by upstream past 2020 and will likely be dropped after the release of + Debian "buster". + . + If upstream have not moved or have no intention to move to Python 3, please + be certain that Debian would benefit from the continued inclusion of this + package and, if not, consider removing it. + . + Alternatively, ensure that the corresponding package specifies the + <code>${python3:Depends}</code> substvar in its binary dependencies. diff --git a/tags/p/python-module-has-overly-generic-name.tag b/tags/p/python-module-has-overly-generic-name.tag new file mode 100644 index 0000000..0123955 --- /dev/null +++ b/tags/p/python-module-has-overly-generic-name.tag @@ -0,0 +1,8 @@ +Tag: python-module-has-overly-generic-name +Severity: error +Check: languages/python +Explanation: This package installs a Python module with an overly generic name to + a global namespace. + . + This was either a mistake and/or likely to cause conflicts with other + packages. diff --git a/tags/p/python-module-in-wrong-location.tag b/tags/p/python-module-in-wrong-location.tag new file mode 100644 index 0000000..e8fd426 --- /dev/null +++ b/tags/p/python-module-in-wrong-location.tag @@ -0,0 +1,8 @@ +Tag: python-module-in-wrong-location +Severity: warning +Check: languages/python +See-Also: python-policy 2.5, Bug#576012 +Explanation: The package installs a Python module or debug information for a Python + module in the wrong location for the given version of Python. + . + dh_python3 can be used to fix this for Python 3 modules. diff --git a/tags/p/python-package-depends-on-package-from-other-python-variant.tag b/tags/p/python-package-depends-on-package-from-other-python-variant.tag new file mode 100644 index 0000000..9513846 --- /dev/null +++ b/tags/p/python-package-depends-on-package-from-other-python-variant.tag @@ -0,0 +1,10 @@ +Tag: python-package-depends-on-package-from-other-python-variant +Severity: warning +Check: languages/python +Explanation: Either the specified Python 3.x package declares a dependency on a + Python 2.x package, or the specified Python 2.x package depends on a Python + 3.x package. + . + This is likely a typo in <code>debian/control</code> or due to misconfigured + calls to, for example, <code>dh_installdocs --link-doc=PKG</code>. +See-Also: Bug#884692 diff --git a/tags/p/python-package-missing-depends-on-python.tag b/tags/p/python-package-missing-depends-on-python.tag new file mode 100644 index 0000000..524f182 --- /dev/null +++ b/tags/p/python-package-missing-depends-on-python.tag @@ -0,0 +1,8 @@ +Tag: python-package-missing-depends-on-python +Severity: error +Check: languages/python +Explanation: The specified Python package ships Python modules under + <code>/usr/lib</code> but does not specify any dependency on Python. + . + This is likely an omission, the result of a typo in + <code>debian/control</code> or the file should not be installed. diff --git a/tags/p/python-traceback-in-manpage.tag b/tags/p/python-traceback-in-manpage.tag new file mode 100644 index 0000000..a8e762d --- /dev/null +++ b/tags/p/python-traceback-in-manpage.tag @@ -0,0 +1,15 @@ +Tag: python-traceback-in-manpage +Severity: error +Check: documentation/manual +Explanation: The specified manual page contains a Python traceback. + . + This was probably caused by a call to <code>help2man</code> failing to + correctly execute, likely due to an missing or incorrect + <code>PYTHONPATH</code> environment variable. + . + Note that calls to generate manpages from binaries may succeed if the package + being built is already installed in the build environment as might locate + potentially old copy of the program under <code>/usr/lib/python3</code>. This + is fairly common on maintainers' machines, for example. However, in + environments where the package is not installed (such as most buildds), + generating the manpage may fail and inject a traceback into the manual page. diff --git a/tags/p/python-version-current-is-deprecated.tag b/tags/p/python-version-current-is-deprecated.tag new file mode 100644 index 0000000..de684b5 --- /dev/null +++ b/tags/p/python-version-current-is-deprecated.tag @@ -0,0 +1,6 @@ +Tag: python-version-current-is-deprecated +Severity: warning +Check: languages/python +Explanation: The use of "current" in the Python-Version or Python3-Version + field is deprecated. +See-Also: python-policy 3.4 diff --git a/tags/p/python2-script-but-no-python2-dep.tag b/tags/p/python2-script-but-no-python2-dep.tag new file mode 100644 index 0000000..7ec086a --- /dev/null +++ b/tags/p/python2-script-but-no-python2-dep.tag @@ -0,0 +1,21 @@ +Tag: python2-script-but-no-python2-dep +Severity: error +Check: scripts +Explanation: Packages with Python2 scripts should depend on the package + <code>python2</code>. Those with scripts that specify a specific version of + Python2 must depend, recommend or suggest on that version of Python2 + (exactly). + . + For example, if a script in the package uses <code>#!/usr/bin/python2</code>, + the package needs a dependency on <code>python2</code>. If a script uses + <code>#!/usr/bin/python2.7</code>, the package needs a dependency on + <code>python2.7</code>. A dependency on <code>python (>= 2.7)</code> is not + correct, since later versions of Python2 may not provide the + <code>/usr/bin/python2.7</code> binary. + . + If you are using debhelper, adding <code>${python2:Depends}</code> to the + Depends field and ensuring dh_python2 is run during the build should + take care of adding the correct dependency. + . + In some cases a weaker relationship, such as Suggests or Recommends, will + be more appropriate. diff --git a/tags/p/python3-depends-but-no-python3-helper.tag b/tags/p/python3-depends-but-no-python3-helper.tag new file mode 100644 index 0000000..50630fe --- /dev/null +++ b/tags/p/python3-depends-but-no-python3-helper.tag @@ -0,0 +1,6 @@ +Tag: python3-depends-but-no-python3-helper +Severity: error +Check: debhelper +Explanation: The source package declares a dependency on ${python3:Depends} in the + given binary package's debian/control entry. However, debian/rules doesn't + call any helper that would generate this substitution variable. diff --git a/tags/p/python3-script-but-no-python3-dep.tag b/tags/p/python3-script-but-no-python3-dep.tag new file mode 100644 index 0000000..f60d9f3 --- /dev/null +++ b/tags/p/python3-script-but-no-python3-dep.tag @@ -0,0 +1,21 @@ +Tag: python3-script-but-no-python3-dep +Severity: error +Check: scripts +Explanation: Packages with Python3 scripts should depend on the package + <code>python3</code>. Those with scripts that specify a specific version of + Python3 must depend, recommend or suggest on that version of Python3 + (exactly). + . + For example, if a script in the package uses <code>#!/usr/bin/python3</code>, + the package needs a dependency on <code>python3</code>. If a script uses + <code>#!/usr/bin/python3.8</code>, the package needs a dependency on + <code>python3.8</code>. A dependency on <code>python (>= 3.8)</code> is not + correct, since later versions of Python may not provide the + <code>/usr/bin/python3.8</code> binary. + . + If you are using debhelper, adding <code>${python3:Depends}</code> to the + Depends field and ensuring dh_python3 is run during the build should + take care of adding the correct dependency. + . + In some cases a weaker relationship, such as Suggests or Recommends, will + be more appropriate. |