From 75808db17caf8b960b351e3408e74142f4c85aac Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 14 Apr 2024 15:42:30 +0200 Subject: Adding upstream version 2.117.0. Signed-off-by: Daniel Baumann --- tags/a/absolute-symbolic-link-target-in-source.tag | 11 ++++++++++ tags/a/absolute-symlink-in-top-level-folder.tag | 15 ++++++++++++++ tags/a/acute-accent-in-manual-page.tag | 18 ++++++++++++++++ tags/a/add-component-copyright.tag | 13 ++++++++++++ tags/a/adduser-with-home-var-run.tag | 6 ++++++ tags/a/adopted-extended-field.tag | 17 +++++++++++++++ tags/a/alien-tag.tag | 7 +++++++ tags/a/alternates-not-allowed.tag | 6 ++++++ ...depends-on-python-sphinx-and-python3-sphinx.tag | 12 +++++++++++ tags/a/ambiguous-paragraph-in-dep5-copyright.tag | 17 +++++++++++++++ tags/a/ancient-libtool.tag | 24 ++++++++++++++++++++++ tags/a/ancient-python-version-field.tag | 15 ++++++++++++++ tags/a/ansi-escape.tag | 4 ++++ tags/a/anticipated-repack-count.tag | 13 ++++++++++++ ...pache2-configuration-files-need-conf-suffix.tag | 6 ++++++ tags/a/apache2-deprecated-auth-config.tag | 15 ++++++++++++++ ...ache2-module-does-not-depend-on-apache2-api.tag | 7 +++++++ tags/a/apache2-module-does-not-ship-load-file.tag | 9 ++++++++ ...pache2-reverse-dependency-calls-invoke-rc.d.tag | 8 ++++++++ ...he2-reverse-dependency-calls-wrapper-script.tag | 8 ++++++++ ...endency-ships-file-in-not-allowed-directory.tag | 7 +++++++ ...-reverse-dependency-uses-obsolete-directory.tag | 7 +++++++ tags/a/apache2-unparsable-dependency.tag | 7 +++++++ tags/a/apache2-unsupported-dependency.tag | 7 +++++++ tags/a/application-in-library-section.tag | 15 ++++++++++++++ tags/a/appstream-metadata-in-legacy-location.tag | 6 ++++++ tags/a/appstream-metadata-invalid.tag | 6 ++++++ tags/a/appstream-metadata-legacy-format.tag | 12 +++++++++++ ...pstream-metadata-malformed-modalias-provide.tag | 7 +++++++ ...appstream-metadata-missing-modalias-provide.tag | 8 ++++++++ tags/a/arch-dep-package-has-big-usr-share.tag | 13 ++++++++++++ tags/a/arch-dependent-file-in-usr-share.tag | 6 ++++++ ...pendent-file-not-in-arch-specific-directory.tag | 6 ++++++ ...dependent-package-contains-binary-or-object.tag | 9 ++++++++ tags/a/arch-wildcard-in-binary-package.tag | 7 +++++++ tags/a/architecture-escape.tag | 13 ++++++++++++ tags/a/archive-liberty-mismatch.tag | 13 ++++++++++++ tags/a/aspell-package-not-arch-all.tag | 8 ++++++++ ...pkg-config-macro-not-cross-compilation-safe.tag | 10 +++++++++ 39 files changed, 398 insertions(+) create mode 100644 tags/a/absolute-symbolic-link-target-in-source.tag create mode 100644 tags/a/absolute-symlink-in-top-level-folder.tag create mode 100644 tags/a/acute-accent-in-manual-page.tag create mode 100644 tags/a/add-component-copyright.tag create mode 100644 tags/a/adduser-with-home-var-run.tag create mode 100644 tags/a/adopted-extended-field.tag create mode 100644 tags/a/alien-tag.tag create mode 100644 tags/a/alternates-not-allowed.tag create mode 100644 tags/a/alternatively-build-depends-on-python-sphinx-and-python3-sphinx.tag create mode 100644 tags/a/ambiguous-paragraph-in-dep5-copyright.tag create mode 100644 tags/a/ancient-libtool.tag create mode 100644 tags/a/ancient-python-version-field.tag create mode 100644 tags/a/ansi-escape.tag create mode 100644 tags/a/anticipated-repack-count.tag create mode 100644 tags/a/apache2-configuration-files-need-conf-suffix.tag create mode 100644 tags/a/apache2-deprecated-auth-config.tag create mode 100644 tags/a/apache2-module-does-not-depend-on-apache2-api.tag create mode 100644 tags/a/apache2-module-does-not-ship-load-file.tag create mode 100644 tags/a/apache2-reverse-dependency-calls-invoke-rc.d.tag create mode 100644 tags/a/apache2-reverse-dependency-calls-wrapper-script.tag create mode 100644 tags/a/apache2-reverse-dependency-ships-file-in-not-allowed-directory.tag create mode 100644 tags/a/apache2-reverse-dependency-uses-obsolete-directory.tag create mode 100644 tags/a/apache2-unparsable-dependency.tag create mode 100644 tags/a/apache2-unsupported-dependency.tag create mode 100644 tags/a/application-in-library-section.tag create mode 100644 tags/a/appstream-metadata-in-legacy-location.tag create mode 100644 tags/a/appstream-metadata-invalid.tag create mode 100644 tags/a/appstream-metadata-legacy-format.tag create mode 100644 tags/a/appstream-metadata-malformed-modalias-provide.tag create mode 100644 tags/a/appstream-metadata-missing-modalias-provide.tag create mode 100644 tags/a/arch-dep-package-has-big-usr-share.tag create mode 100644 tags/a/arch-dependent-file-in-usr-share.tag create mode 100644 tags/a/arch-dependent-file-not-in-arch-specific-directory.tag create mode 100644 tags/a/arch-independent-package-contains-binary-or-object.tag create mode 100644 tags/a/arch-wildcard-in-binary-package.tag create mode 100644 tags/a/architecture-escape.tag create mode 100644 tags/a/archive-liberty-mismatch.tag create mode 100644 tags/a/aspell-package-not-arch-all.tag create mode 100644 tags/a/autotools-pkg-config-macro-not-cross-compilation-safe.tag (limited to 'tags/a') diff --git a/tags/a/absolute-symbolic-link-target-in-source.tag b/tags/a/absolute-symbolic-link-target-in-source.tag new file mode 100644 index 0000000..593f806 --- /dev/null +++ b/tags/a/absolute-symbolic-link-target-in-source.tag @@ -0,0 +1,11 @@ +Tag: absolute-symbolic-link-target-in-source +Severity: warning +Check: files/symbolic-links +Explanation: This symlink in a patched source tree points to an absolute target. It + happens sometimes when people point toward /dev/null, but that can and should + be done in the installation package instead. It is no problem there. The + source package is considered unanchored and should not contain any absolute + file references. + . + Please remove the symbolic link from the source package or point it to a + location inside the patched source tree. diff --git a/tags/a/absolute-symlink-in-top-level-folder.tag b/tags/a/absolute-symlink-in-top-level-folder.tag new file mode 100644 index 0000000..f4d978b --- /dev/null +++ b/tags/a/absolute-symlink-in-top-level-folder.tag @@ -0,0 +1,15 @@ +Tag: absolute-symlink-in-top-level-folder +Severity: warning +Check: files/symbolic-links +Renamed-From: symlink-should-be-relative +Explanation: Symbolic links to files in the same top-level directory should be + relative. + . + As an example, a link in /usr to another file in /usr + should be relative, while a link in /usr to a file in + /etc should be absolute. + . + With Debhelper, running dh_link after creating the package structure + will fix the issue for you. +See-Also: + debian-policy 10.5 diff --git a/tags/a/acute-accent-in-manual-page.tag b/tags/a/acute-accent-in-manual-page.tag new file mode 100644 index 0000000..a792a28 --- /dev/null +++ b/tags/a/acute-accent-in-manual-page.tag @@ -0,0 +1,18 @@ +Tag: acute-accent-in-manual-page +Severity: info +Check: documentation/manual +Renamed-From: acute-accent-in-manpage +Explanation: This manual page uses the \' groff + sequence. Usually, the intent is to generate an apostrophe, but that + sequence actually renders as an acute accent. + . + For an apostrophe or a single closing quote, use plain '. + For single opening quote, i.e. a straight downward line ' + like the one used in shell commands, use '\(aq'. + . + In case this tag was emitted for the second half of a + '\\' sequence, this is indeed no acute accent, but still + wrong: A literal backslash should be written \e in the + groff format, i.e. a '\\' sequence needs to be changed + to '\e' which also won't trigger this tag. +See-Also: Bug#554897, Bug#507673, Bug#966803 diff --git a/tags/a/add-component-copyright.tag b/tags/a/add-component-copyright.tag new file mode 100644 index 0000000..a8bffc6 --- /dev/null +++ b/tags/a/add-component-copyright.tag @@ -0,0 +1,13 @@ +Tag: add-component-copyright +Severity: info +Check: debian/copyright/dep5/components +Explanation: The sources ship an extra orig component, but the + named debian/copyright file lacks a separate entry for it. + . + Tarballs usually include a COPYING or LICENSE file, or a shipping manifest + of some kind. It is good practice to list those license terms separately in + our copyright files. +See-Also: + uscan(1), + Bug#915181, + Bug#915384 diff --git a/tags/a/adduser-with-home-var-run.tag b/tags/a/adduser-with-home-var-run.tag new file mode 100644 index 0000000..4f8c9c6 --- /dev/null +++ b/tags/a/adduser-with-home-var-run.tag @@ -0,0 +1,6 @@ +Tag: adduser-with-home-var-run +Severity: warning +Check: maintainer-scripts/adduser +Explanation: {pre,post}inst script calls adduser --home /var/run, should be /run. + Examples for such packages include pesign, pulseaudio and openssh-server. +See-Also: Bug#760422 diff --git a/tags/a/adopted-extended-field.tag b/tags/a/adopted-extended-field.tag new file mode 100644 index 0000000..eed0b31 --- /dev/null +++ b/tags/a/adopted-extended-field.tag @@ -0,0 +1,17 @@ +Tag: adopted-extended-field +Severity: info +Check: debian/control/field/adopted +Renamed-From: + xc-package-type-in-debian-control + xs-testsuite-field-in-debian-control + xs-vcs-field-in-debian-control +Explanation: A field in debian/control has an extension prefix + but is also known without it. + . + Extension prefixes like XS-* or XC-* allow + experimental fields to propagate to the right place when packages are + built with dpkg. In this case, however, the field is + also known without the prefix. In all likelihood the field was permanently + adopted, and dpkg learned how to deal with it. + . + Please consider removing the extension prefix for the field name. diff --git a/tags/a/alien-tag.tag b/tags/a/alien-tag.tag new file mode 100644 index 0000000..731a66a --- /dev/null +++ b/tags/a/alien-tag.tag @@ -0,0 +1,7 @@ +Tag: alien-tag +Severity: error +Show-Always: yes +Check: debian/lintian-overrides/mystery +Explanation: The given override refers to an unknown tag. +See-Also: + lintian-manual 2.4.1 diff --git a/tags/a/alternates-not-allowed.tag b/tags/a/alternates-not-allowed.tag new file mode 100644 index 0000000..8482c90 --- /dev/null +++ b/tags/a/alternates-not-allowed.tag @@ -0,0 +1,6 @@ +Tag: alternates-not-allowed +Severity: error +Check: fields/package-relations +Explanation: Only the "Depends", "Recommends", "Suggests" and "Pre-Depends" + fields may specify alternate dependencies using the "|" symbol. +See-Also: debian-policy 7.1 diff --git a/tags/a/alternatively-build-depends-on-python-sphinx-and-python3-sphinx.tag b/tags/a/alternatively-build-depends-on-python-sphinx-and-python3-sphinx.tag new file mode 100644 index 0000000..7d3f775 --- /dev/null +++ b/tags/a/alternatively-build-depends-on-python-sphinx-and-python3-sphinx.tag @@ -0,0 +1,12 @@ +Tag: alternatively-build-depends-on-python-sphinx-and-python3-sphinx +Severity: warning +Check: languages/python +Explanation: This package alternatively Build-Depends on the Python 2 or Python 3 + version of the Sphinx documentation generator. + . + The 2.x series of Python is due for deprecation and will not be maintained + by upstream past 2020 and will likely be dropped after the release of + Debian "buster". + . + Please replace the alternative with a single build dependency on + python3-sphinx. diff --git a/tags/a/ambiguous-paragraph-in-dep5-copyright.tag b/tags/a/ambiguous-paragraph-in-dep5-copyright.tag new file mode 100644 index 0000000..0882a45 --- /dev/null +++ b/tags/a/ambiguous-paragraph-in-dep5-copyright.tag @@ -0,0 +1,17 @@ +Tag: ambiguous-paragraph-in-dep5-copyright +Severity: warning +Check: debian/copyright/dep5 +Explanation: The paragraph has both License and + Copyright fields, but no Files field. The paragraph + is technically valid according to the DEP 5 specification, but it is probably + a mistake. + . + If the paragraph is a "stand-alone" license paragraph, the Copyright + field is not needed. If it is, on the other hand, "files" paragraph, the + Files field is missing. + . + The Files field was at some point optional in some circumstances + but is now mandatory in all "files" paragraphs. +See-Also: + Bug#652380, + https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ diff --git a/tags/a/ancient-libtool.tag b/tags/a/ancient-libtool.tag new file mode 100644 index 0000000..bdcbba4 --- /dev/null +++ b/tags/a/ancient-libtool.tag @@ -0,0 +1,24 @@ +Tag: ancient-libtool +Severity: warning +Check: build-systems/autotools/libtool +Explanation: The referenced file seems to be from a libtool version older than + 1.5.2-2. This might lead to build errors on some newer architectures not + known to this libtool. + . + Please ask your upstream maintainer to re-libtoolize the package or do it + yourself if there is no active upstream. You will also need to run + Autoconf to regenerate the configure script. Usually it is best to do + this during the build by depending on autoconf, libtool, and automake if + it is used, and then running: + . + autoreconf -i --force + . + before running configure. Depending on how old the package is, this may + require additional modifications to configure.ac or + configure.in or other work. If you do this during the build, + determine which files it will add or update and be sure to remove those + files in the clean target. + . + If you have fixed architecture-specific issues with minimal patches, + rather than updating libtool, and verified that it builds correctly, + please override this tag. Lintian will not be able to verify that. diff --git a/tags/a/ancient-python-version-field.tag b/tags/a/ancient-python-version-field.tag new file mode 100644 index 0000000..69b6729 --- /dev/null +++ b/tags/a/ancient-python-version-field.tag @@ -0,0 +1,15 @@ +Tag: ancient-python-version-field +Severity: warning +Check: languages/python +See-Also: python-policy 3.4 +Explanation: The control fields Python-Version and + Python3-Version show the Python versions your package + supports, but the Python version listed here predates the current + "oldstable" distribution. There is no need to list it. + . + Please drop or update the named version. + . + When removing a version, please check debian/rules and + debian/tests/* for any use of py3versions -r. + Without a Python3-Version field, that program falls back to + all supported versions, which may not be what you want. diff --git a/tags/a/ansi-escape.tag b/tags/a/ansi-escape.tag new file mode 100644 index 0000000..23648e2 --- /dev/null +++ b/tags/a/ansi-escape.tag @@ -0,0 +1,4 @@ +Tag: ansi-escape +Severity: warning +Check: fields/terminal-control +Explanation: A control field contains an ANSI terminal escape code. diff --git a/tags/a/anticipated-repack-count.tag b/tags/a/anticipated-repack-count.tag new file mode 100644 index 0000000..00ee172 --- /dev/null +++ b/tags/a/anticipated-repack-count.tag @@ -0,0 +1,13 @@ +Tag: anticipated-repack-count +Severity: info +Check: fields/version/repack/count +Explanation: The version contains the string +dfsgN + where N is a low number as in +dfsg1. + . + Normally it is not necessary to repackage an upstream source package more than + once. You can omit the repack count. In most cases +dfsg-1 is + enough. + . + If you really need to bump it, just go straight to +dfsg2-1. +See-Also: + https://lists.debian.org/debian-devel/2021/10/msg00026.html diff --git a/tags/a/apache2-configuration-files-need-conf-suffix.tag b/tags/a/apache2-configuration-files-need-conf-suffix.tag new file mode 100644 index 0000000..2102ad3 --- /dev/null +++ b/tags/a/apache2-configuration-files-need-conf-suffix.tag @@ -0,0 +1,6 @@ +Tag: apache2-configuration-files-need-conf-suffix +Severity: error +Check: apache2 +Explanation: The package is installing an Apache2 configuration but that file does not + end with a '.conf' suffix. Starting with Apache2 2.4 all configuration + files except module '.load' files need that suffix or are ignored otherwise. diff --git a/tags/a/apache2-deprecated-auth-config.tag b/tags/a/apache2-deprecated-auth-config.tag new file mode 100644 index 0000000..a60d581 --- /dev/null +++ b/tags/a/apache2-deprecated-auth-config.tag @@ -0,0 +1,15 @@ +Tag: apache2-deprecated-auth-config +Severity: warning +Check: apache2 +Explanation: The package is using some of the deprecated authentication configuration + directives Order, Satisfy, Allow, Deny, <Limit> or <LimitExcept> + . + These do not integrate well with the new authorization scheme of Apache + 2.4 and, in the case of <Limit> and <LimitExcept> have confusing + semantics. The configuration directives should be replaced with a suitable + combination of <RequireAll>, <RequireAny>, Require all, Require local, + Require ip, and Require method. + . + Alternatively, the offending lines can be wrapped between + <IfModule !mod_authz_core.c> ... </IfModule> or + <IfVersion < 2.3> ... </IfVersion> directives. diff --git a/tags/a/apache2-module-does-not-depend-on-apache2-api.tag b/tags/a/apache2-module-does-not-depend-on-apache2-api.tag new file mode 100644 index 0000000..50b9218 --- /dev/null +++ b/tags/a/apache2-module-does-not-depend-on-apache2-api.tag @@ -0,0 +1,7 @@ +Tag: apache2-module-does-not-depend-on-apache2-api +Severity: error +Check: apache2 +Explanation: The package is an Apache2 HTTPD server module but does not declare a + strong binary relation against the Apache2 server binary it links against. Modules + must depend on the apache2-api-YYYYMMNN package provided as a virtual + package by apache2-bin. diff --git a/tags/a/apache2-module-does-not-ship-load-file.tag b/tags/a/apache2-module-does-not-ship-load-file.tag new file mode 100644 index 0000000..7ce22cc --- /dev/null +++ b/tags/a/apache2-module-does-not-ship-load-file.tag @@ -0,0 +1,9 @@ +Tag: apache2-module-does-not-ship-load-file +Severity: error +Check: apache2 +Explanation: The package is an Apache2 HTTPD server module but does not ship a + ".load" file or it was installed under an unexpected name. The load + files in "/etc/apache2/mods-available" are required to interact with + the server package to enable and disable the module and must match the module + name without "mod_ prefix, e.g. mod_foo must ship a load file + named "foo.load". diff --git a/tags/a/apache2-reverse-dependency-calls-invoke-rc.d.tag b/tags/a/apache2-reverse-dependency-calls-invoke-rc.d.tag new file mode 100644 index 0000000..5aa2389 --- /dev/null +++ b/tags/a/apache2-reverse-dependency-calls-invoke-rc.d.tag @@ -0,0 +1,8 @@ +Tag: apache2-reverse-dependency-calls-invoke-rc.d +Severity: warning +Check: apache2 +Explanation: The package is invoking apache2's init script in its maintainer script + albeit it shouldn't do so. Reverse dependencies installing apache2 + configuration pieces should not restart the web server unconditionally in + maintainer scripts. Instead they should be using apache2-maintscript-helper + which correctly obeys local policies. diff --git a/tags/a/apache2-reverse-dependency-calls-wrapper-script.tag b/tags/a/apache2-reverse-dependency-calls-wrapper-script.tag new file mode 100644 index 0000000..fbec349 --- /dev/null +++ b/tags/a/apache2-reverse-dependency-calls-wrapper-script.tag @@ -0,0 +1,8 @@ +Tag: apache2-reverse-dependency-calls-wrapper-script +Severity: warning +Check: apache2 +Explanation: The package is calling an Apache2 configuration wrapper script (e.g. + a2enmod, a2enconf, a2enconf, ...). Maintainer + scripts should not be calling these scripts directly. To achieve a uniform and + consolidated behavior these scripts should be invoked indirectly by using + apache2-maintscript-helper. diff --git a/tags/a/apache2-reverse-dependency-ships-file-in-not-allowed-directory.tag b/tags/a/apache2-reverse-dependency-ships-file-in-not-allowed-directory.tag new file mode 100644 index 0000000..b530f75 --- /dev/null +++ b/tags/a/apache2-reverse-dependency-ships-file-in-not-allowed-directory.tag @@ -0,0 +1,7 @@ +Tag: apache2-reverse-dependency-ships-file-in-not-allowed-directory +Severity: error +Check: apache2 +Explanation: The package installs a piece of Apache2 configuration to + /etc/apache2/{sites,mods,conf}-enabled. This is not allowed. Instead + the respective /etc/apache2/{sites,mods,conf}-available counterparts + must be used. diff --git a/tags/a/apache2-reverse-dependency-uses-obsolete-directory.tag b/tags/a/apache2-reverse-dependency-uses-obsolete-directory.tag new file mode 100644 index 0000000..5f62dd4 --- /dev/null +++ b/tags/a/apache2-reverse-dependency-uses-obsolete-directory.tag @@ -0,0 +1,7 @@ +Tag: apache2-reverse-dependency-uses-obsolete-directory +Severity: warning +Check: apache2 +Explanation: The package is installing a file into the obsolete + /etc/apache2/conf.d/ directory. This file is not read by the Apache2 + 2.4 web server anymore. Instead /etc/apache2/conf-available/ should be + used. diff --git a/tags/a/apache2-unparsable-dependency.tag b/tags/a/apache2-unparsable-dependency.tag new file mode 100644 index 0000000..d796ebd --- /dev/null +++ b/tags/a/apache2-unparsable-dependency.tag @@ -0,0 +1,7 @@ +Tag: apache2-unparsable-dependency +Severity: warning +Check: apache2 +Explanation: The package is declaring a module dependency within an Apache + configuration file which does not meet the requirements. Dependencies must be + declared without paths, leading "mod_" prefix and without file + extension. diff --git a/tags/a/apache2-unsupported-dependency.tag b/tags/a/apache2-unsupported-dependency.tag new file mode 100644 index 0000000..040e36c --- /dev/null +++ b/tags/a/apache2-unsupported-dependency.tag @@ -0,0 +1,7 @@ +Tag: apache2-unsupported-dependency +Severity: warning +Check: apache2 +Explanation: The package is declaring a module dependency within an Apache + configuration file which is not supported there. Dependencies are supported in + module '.load' files, and web application '.conf' files, + conflicts in '.load files only. diff --git a/tags/a/application-in-library-section.tag b/tags/a/application-in-library-section.tag new file mode 100644 index 0000000..144a81f --- /dev/null +++ b/tags/a/application-in-library-section.tag @@ -0,0 +1,15 @@ +Tag: application-in-library-section +Severity: info +Check: application-not-library +Experimental: yes +Explanation: This package contains a binary in $PATH but is in a section just + thought for libraries. It likely should be in another section like + e.g. utils, text, devel, misc, etc., but not in e.g. perl, ruby or + python. + . + People tend to skip these package sections when looking for + applications in the package list and hence wouldn't notice this + package. + . + In case the program in $PATH is only a helper tool and the package is + primarily a library, please add a Lintian override for this tag. diff --git a/tags/a/appstream-metadata-in-legacy-location.tag b/tags/a/appstream-metadata-in-legacy-location.tag new file mode 100644 index 0000000..86c2c17 --- /dev/null +++ b/tags/a/appstream-metadata-in-legacy-location.tag @@ -0,0 +1,6 @@ +Tag: appstream-metadata-in-legacy-location +Severity: warning +Check: appstream-metadata +See-Also: https://wiki.debian.org/AppStream/Guidelines +Explanation: AppStream metadata file was found in /usr/share/appdata/. The + AppStream XML files should be placed in /usr/share/metainfo/. diff --git a/tags/a/appstream-metadata-invalid.tag b/tags/a/appstream-metadata-invalid.tag new file mode 100644 index 0000000..cafc77b --- /dev/null +++ b/tags/a/appstream-metadata-invalid.tag @@ -0,0 +1,6 @@ +Tag: appstream-metadata-invalid +Severity: error +Check: appstream-metadata +See-Also: https://wiki.debian.org/AppStream/Guidelines +Explanation: The specified AppStream metadata file does not consist of + valid XML. diff --git a/tags/a/appstream-metadata-legacy-format.tag b/tags/a/appstream-metadata-legacy-format.tag new file mode 100644 index 0000000..ddf8173 --- /dev/null +++ b/tags/a/appstream-metadata-legacy-format.tag @@ -0,0 +1,12 @@ +Tag: appstream-metadata-legacy-format +Severity: error +Check: appstream-metadata +See-Also: + https://wiki.debian.org/AppStream/Guidelines, + https://www.freedesktop.org/software/appstream/docs/chap-Metadata.html#sect-Metadata-GenericComponent +Explanation: The AppStream metadata contains the obsolete root node + <application>. It was used in a legacy format. + The application metadata for your package should follow the new + format described on freedesktop.org. + . + You can validate draft formats with 'appstreamcli validate'. diff --git a/tags/a/appstream-metadata-malformed-modalias-provide.tag b/tags/a/appstream-metadata-malformed-modalias-provide.tag new file mode 100644 index 0000000..6a04993 --- /dev/null +++ b/tags/a/appstream-metadata-malformed-modalias-provide.tag @@ -0,0 +1,7 @@ +Tag: appstream-metadata-malformed-modalias-provide +Severity: warning +Check: appstream-metadata +See-Also: https://wiki.debian.org/AppStream/Guidelines +Explanation: The modalias matching rule in the AppStream metadata file is + malformed. Hexadecimal numbers in vendor and product IDs must be + upper case. diff --git a/tags/a/appstream-metadata-missing-modalias-provide.tag b/tags/a/appstream-metadata-missing-modalias-provide.tag new file mode 100644 index 0000000..d3d8112 --- /dev/null +++ b/tags/a/appstream-metadata-missing-modalias-provide.tag @@ -0,0 +1,8 @@ +Tag: appstream-metadata-missing-modalias-provide +Severity: warning +Check: appstream-metadata +See-Also: https://wiki.debian.org/AppStream/Guidelines +Explanation: This package contain a udev rule for providing device access to + the console user (using the uaccess udev TAG) or to members of the + plugdev file group without announcing the hardware support using + AppStream. diff --git a/tags/a/arch-dep-package-has-big-usr-share.tag b/tags/a/arch-dep-package-has-big-usr-share.tag new file mode 100644 index 0000000..4583b58 --- /dev/null +++ b/tags/a/arch-dep-package-has-big-usr-share.tag @@ -0,0 +1,13 @@ +Tag: arch-dep-package-has-big-usr-share +Severity: info +Check: huge-usr-share +Explanation: The package has a significant amount of architecture-independent + data (over 4MB, or over 2MB and more than 50% of the package) in + /usr/share but is an architecture-dependent package. This is + wasteful of mirror space and bandwidth since it means distributing + multiple copies of this data, one for each architecture. + . + If the data in /usr/share is not architecture-independent, this + is a Policy violation that should be fixed by moving the data elsewhere + (usually /usr/lib). +See-Also: developer-reference 6.7.5 diff --git a/tags/a/arch-dependent-file-in-usr-share.tag b/tags/a/arch-dependent-file-in-usr-share.tag new file mode 100644 index 0000000..4b24a87 --- /dev/null +++ b/tags/a/arch-dependent-file-in-usr-share.tag @@ -0,0 +1,6 @@ +Tag: arch-dependent-file-in-usr-share +Severity: error +Check: binaries/location +Explanation: This package installs an ELF binary in the /usr/share + hierarchy, which is reserved for architecture-independent files. +See-Also: filesystem-hierarchy usrsharearchitectureindependentdata diff --git a/tags/a/arch-dependent-file-not-in-arch-specific-directory.tag b/tags/a/arch-dependent-file-not-in-arch-specific-directory.tag new file mode 100644 index 0000000..ca0be6d --- /dev/null +++ b/tags/a/arch-dependent-file-not-in-arch-specific-directory.tag @@ -0,0 +1,6 @@ +Tag: arch-dependent-file-not-in-arch-specific-directory +Severity: error +Check: binaries/location +Explanation: This package is Multi-Arch "same", but it installs an ELF binary in the + directory that is not architecture-specific. +See-Also: https://wiki.ubuntu.com/MultiarchSpec diff --git a/tags/a/arch-independent-package-contains-binary-or-object.tag b/tags/a/arch-independent-package-contains-binary-or-object.tag new file mode 100644 index 0000000..63ffedb --- /dev/null +++ b/tags/a/arch-independent-package-contains-binary-or-object.tag @@ -0,0 +1,9 @@ +Tag: arch-independent-package-contains-binary-or-object +Severity: error +Check: binaries/architecture +Explanation: The package contains a binary or object file but is tagged + Architecture: all. + . + If this package contains binaries or objects for cross-compiling or + binary blobs for other purposes independent of the host architecture + (such as BIOS updates or firmware), please add a Lintian override. diff --git a/tags/a/arch-wildcard-in-binary-package.tag b/tags/a/arch-wildcard-in-binary-package.tag new file mode 100644 index 0000000..9e5ce0b --- /dev/null +++ b/tags/a/arch-wildcard-in-binary-package.tag @@ -0,0 +1,7 @@ +Tag: arch-wildcard-in-binary-package +Severity: error +Check: fields/architecture +Explanation: Architecture wildcards, including the special architecture value + "any", do not make sense in a binary package. A binary package must + either be architecture-independent or built for a specific architecture. +See-Also: debian-policy 5.6.8 diff --git a/tags/a/architecture-escape.tag b/tags/a/architecture-escape.tag new file mode 100644 index 0000000..d10430d --- /dev/null +++ b/tags/a/architecture-escape.tag @@ -0,0 +1,13 @@ +Tag: architecture-escape +Severity: info +Check: files/hierarchy/links +Explanation: The named link is located in an architecture-specific load + path for the dynamic linker but points to a general folder in the path. + . + Packages should install public shared libraries into an + architecture-specific load path instead of using a link. +See-Also: + Bug#243158, + Bug#964111, + Bug#971707, + Bug#968525 diff --git a/tags/a/archive-liberty-mismatch.tag b/tags/a/archive-liberty-mismatch.tag new file mode 100644 index 0000000..506c86e --- /dev/null +++ b/tags/a/archive-liberty-mismatch.tag @@ -0,0 +1,13 @@ +Tag: archive-liberty-mismatch +Severity: error +Check: archive/liberty/mismatch +Renamed-From: + section-area-mismatch +Explanation: The debian/control file places the named installation + package in a different archive area (main, contrib, + non-free) than the source or the other installation packages. + . + A source and all installation packages produced from it must be in the + same archive area, except that sources in main may produce + installation packages in contrib as long as they also produce + installation packages in main. diff --git a/tags/a/aspell-package-not-arch-all.tag b/tags/a/aspell-package-not-arch-all.tag new file mode 100644 index 0000000..fffdf40 --- /dev/null +++ b/tags/a/aspell-package-not-arch-all.tag @@ -0,0 +1,8 @@ +Tag: aspell-package-not-arch-all +Severity: warning +Check: fields/architecture +Explanation: This package appears to be an aspell dictionary package, but it is + not Architecture: all. The binary hashes should be built at install-time + by calling aspell-autobuildhash, so the contents of the package should be + architecture-independent. +See-Also: aspell-autobuildhash(8) diff --git a/tags/a/autotools-pkg-config-macro-not-cross-compilation-safe.tag b/tags/a/autotools-pkg-config-macro-not-cross-compilation-safe.tag new file mode 100644 index 0000000..b1b4cda --- /dev/null +++ b/tags/a/autotools-pkg-config-macro-not-cross-compilation-safe.tag @@ -0,0 +1,10 @@ +Tag: autotools-pkg-config-macro-not-cross-compilation-safe +Severity: warning +Check: build-systems/autotools +Explanation: The package appears to use AC_PATH_PROG to discover the + location of pkg-config(1). This macro fails to select the correct + version to support cross-compilation. + . + A better way would be to use the PKG_PROG_PKG_CONFIG macro from + pkg.m4 and then using the $PKG_CONFIG shell variable. +See-Also: Bug#884798 -- cgit v1.2.3