From 75808db17caf8b960b351e3408e74142f4c85aac Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 14 Apr 2024 15:42:30 +0200 Subject: Adding upstream version 2.117.0. Signed-off-by: Daniel Baumann --- ...share-doc-symlink-points-to-foreign-package.tag | 10 +++++++++ ...apitalization-error-in-description-synopsis.tag | 7 ++++++ tags/c/capitalization-error-in-description.tag | 12 +++++++++++ tags/c/capitalization-in-override-comment.tag | 8 +++++++ tags/c/carriage-return-line-feed.tag | 13 +++++++++++ tags/c/changed-by-invalid-for-derivative.tag | 8 +++++++ ...og-distribution-does-not-match-changes-file.tag | 11 ++++++++++ tags/c/changelog-empty-entry.tag | 6 ++++++ tags/c/changelog-file-missing-explicit-entry.tag | 11 ++++++++++ tags/c/changelog-file-not-compressed.tag | 6 ++++++ tags/c/changelog-is-dh_make-template.tag | 10 +++++++++ tags/c/changelog-is-symlink.tag | 11 ++++++++++ tags/c/changelog-news-debian-mismatch.tag | 7 ++++++ ...angelog-not-compressed-with-max-compression.tag | 6 ++++++ ...angelog-references-temp-security-identifier.tag | 15 +++++++++++++ tags/c/checksum-count-mismatch-in-changes-file.tag | 6 ++++++ tags/c/checksum-mismatch-in-changes-file.tag | 6 ++++++ tags/c/chown-with-dot.tag | 11 ++++++++++ tags/c/circular-installation-prerequisite.tag | 13 +++++++++++ tags/c/classpath-contains-relative-path.tag | 15 +++++++++++++ .../c/co-maintained-package-with-no-vcs-fields.tag | 10 +++++++++ tags/c/codeless-jar.tag | 5 +++++ tags/c/comma-separated-files-in-dep5-copyright.tag | 8 +++++++ tags/c/command-in-menu-file-and-desktop-file.tag | 13 +++++++++++ tags/c/command-with-path-in-maintainer-script.tag | 18 ++++++++++++++++ ...oser-package-without-pkg-php-tools-builddep.tag | 8 +++++++ tags/c/composer-prerequisite.tag | 22 +++++++++++++++++++ tags/c/compressed-documentation.tag | 10 +++++++++ tags/c/compressed-duplicate.tag | 8 +++++++ tags/c/compressed-symlink-with-wrong-ext.tag | 8 +++++++ tags/c/concatenated-upstream-signatures.tag | 7 ++++++ tags/c/conffile-has-bad-file-type.tag | 8 +++++++ tags/c/config-does-not-load-confmodule.tag | 4 ++++ tags/c/config-file-reserved.tag | 5 +++++ tags/c/configure-generated-file-in-source.tag | 17 +++++++++++++++ tags/c/conflicting-negation-in-source-relation.tag | 8 +++++++ tags/c/conflicting-test-fields.tag | 11 ++++++++++ tags/c/conflicts-with-dependency.tag | 6 ++++++ tags/c/conflicts-with-version.tag | 11 ++++++++++ .../control-file-contains-dh-make-vcs-comment.tag | 10 +++++++++ tags/c/control-file-has-bad-owner.tag | 5 +++++ tags/c/control-file-has-bad-permissions.tag | 7 ++++++ tags/c/control-file-is-empty.tag | 5 +++++ tags/c/control-file-is-not-a-file.tag | 4 ++++ tags/c/control-interpreter-in-usr-local.tag | 7 ++++++ tags/c/control-interpreter-without-depends.tag | 7 ++++++ tags/c/control-interpreter-without-predepends.tag | 15 +++++++++++++ tags/c/control-tarball-compression-format.tag | 4 ++++ ...ontains-automatically-extracted-boilerplate.tag | 8 +++++++ ...copyright-contains-dh_make-todo-boilerplate.tag | 8 +++++++ ...right-does-not-refer-to-common-license-file.tag | 7 ++++++ tags/c/copyright-file-compressed.tag | 6 ++++++ ...pyright-file-contains-full-apache-2-license.tag | 7 ++++++ .../copyright-file-contains-full-gfdl-license.tag | 7 ++++++ .../c/copyright-file-contains-full-gpl-license.tag | 8 +++++++ tags/c/copyright-file-is-symlink.tag | 6 ++++++ ...opyright-file-lacks-pointer-to-perl-license.tag | 7 ++++++ tags/c/copyright-has-crs.tag | 9 ++++++++ .../copyright-has-url-from-dh_make-boilerplate.tag | 9 ++++++++ ...yright-not-using-common-license-for-apache2.tag | 12 +++++++++++ ...copyright-not-using-common-license-for-gfdl.tag | 12 +++++++++++ .../copyright-not-using-common-license-for-gpl.tag | 12 +++++++++++ ...copyright-not-using-common-license-for-lgpl.tag | 13 +++++++++++ tags/c/copyright-refers-to-compressed-license.tag | 7 ++++++ ...right-refers-to-deprecated-bsd-license-file.tag | 13 +++++++++++ tags/c/copyright-refers-to-incorrect-directory.tag | 6 ++++++ ...opyright-refers-to-nonexistent-license-file.tag | 7 ++++++ tags/c/copyright-refers-to-old-directory.tag | 7 ++++++ tags/c/copyright-refers-to-symlink-license.tag | 21 ++++++++++++++++++ ...opyright-refers-to-versionless-license-file.tag | 17 +++++++++++++++ ...copyright-with-old-dh-make-debian-copyright.tag | 14 ++++++++++++ tags/c/copyright-without-copyright-notice.tag | 22 +++++++++++++++++++ tags/c/country-in-manual.tag | 10 +++++++++ tags/c/csh-considered-harmful.tag | 7 ++++++ tags/c/ctrl-script.tag | 7 ++++++ tags/c/custom-compression-in-debian-rules.tag | 23 ++++++++++++++++++++ ...custom-compression-in-debian-source-options.tag | 23 ++++++++++++++++++++ tags/c/custom-library-search-path.tag | 25 ++++++++++++++++++++++ tags/c/cute-field.tag | 8 +++++++ 79 files changed, 791 insertions(+) create mode 100644 tags/c/cannot-check-whether-usr-share-doc-symlink-points-to-foreign-package.tag create mode 100644 tags/c/capitalization-error-in-description-synopsis.tag create mode 100644 tags/c/capitalization-error-in-description.tag create mode 100644 tags/c/capitalization-in-override-comment.tag create mode 100644 tags/c/carriage-return-line-feed.tag create mode 100644 tags/c/changed-by-invalid-for-derivative.tag create mode 100644 tags/c/changelog-distribution-does-not-match-changes-file.tag create mode 100644 tags/c/changelog-empty-entry.tag create mode 100644 tags/c/changelog-file-missing-explicit-entry.tag create mode 100644 tags/c/changelog-file-not-compressed.tag create mode 100644 tags/c/changelog-is-dh_make-template.tag create mode 100644 tags/c/changelog-is-symlink.tag create mode 100644 tags/c/changelog-news-debian-mismatch.tag create mode 100644 tags/c/changelog-not-compressed-with-max-compression.tag create mode 100644 tags/c/changelog-references-temp-security-identifier.tag create mode 100644 tags/c/checksum-count-mismatch-in-changes-file.tag create mode 100644 tags/c/checksum-mismatch-in-changes-file.tag create mode 100644 tags/c/chown-with-dot.tag create mode 100644 tags/c/circular-installation-prerequisite.tag create mode 100644 tags/c/classpath-contains-relative-path.tag create mode 100644 tags/c/co-maintained-package-with-no-vcs-fields.tag create mode 100644 tags/c/codeless-jar.tag create mode 100644 tags/c/comma-separated-files-in-dep5-copyright.tag create mode 100644 tags/c/command-in-menu-file-and-desktop-file.tag create mode 100644 tags/c/command-with-path-in-maintainer-script.tag create mode 100644 tags/c/composer-package-without-pkg-php-tools-builddep.tag create mode 100644 tags/c/composer-prerequisite.tag create mode 100644 tags/c/compressed-documentation.tag create mode 100644 tags/c/compressed-duplicate.tag create mode 100644 tags/c/compressed-symlink-with-wrong-ext.tag create mode 100644 tags/c/concatenated-upstream-signatures.tag create mode 100644 tags/c/conffile-has-bad-file-type.tag create mode 100644 tags/c/config-does-not-load-confmodule.tag create mode 100644 tags/c/config-file-reserved.tag create mode 100644 tags/c/configure-generated-file-in-source.tag create mode 100644 tags/c/conflicting-negation-in-source-relation.tag create mode 100644 tags/c/conflicting-test-fields.tag create mode 100644 tags/c/conflicts-with-dependency.tag create mode 100644 tags/c/conflicts-with-version.tag create mode 100644 tags/c/control-file-contains-dh-make-vcs-comment.tag create mode 100644 tags/c/control-file-has-bad-owner.tag create mode 100644 tags/c/control-file-has-bad-permissions.tag create mode 100644 tags/c/control-file-is-empty.tag create mode 100644 tags/c/control-file-is-not-a-file.tag create mode 100644 tags/c/control-interpreter-in-usr-local.tag create mode 100644 tags/c/control-interpreter-without-depends.tag create mode 100644 tags/c/control-interpreter-without-predepends.tag create mode 100644 tags/c/control-tarball-compression-format.tag create mode 100644 tags/c/copyright-contains-automatically-extracted-boilerplate.tag create mode 100644 tags/c/copyright-contains-dh_make-todo-boilerplate.tag create mode 100644 tags/c/copyright-does-not-refer-to-common-license-file.tag create mode 100644 tags/c/copyright-file-compressed.tag create mode 100644 tags/c/copyright-file-contains-full-apache-2-license.tag create mode 100644 tags/c/copyright-file-contains-full-gfdl-license.tag create mode 100644 tags/c/copyright-file-contains-full-gpl-license.tag create mode 100644 tags/c/copyright-file-is-symlink.tag create mode 100644 tags/c/copyright-file-lacks-pointer-to-perl-license.tag create mode 100644 tags/c/copyright-has-crs.tag create mode 100644 tags/c/copyright-has-url-from-dh_make-boilerplate.tag create mode 100644 tags/c/copyright-not-using-common-license-for-apache2.tag create mode 100644 tags/c/copyright-not-using-common-license-for-gfdl.tag create mode 100644 tags/c/copyright-not-using-common-license-for-gpl.tag create mode 100644 tags/c/copyright-not-using-common-license-for-lgpl.tag create mode 100644 tags/c/copyright-refers-to-compressed-license.tag create mode 100644 tags/c/copyright-refers-to-deprecated-bsd-license-file.tag create mode 100644 tags/c/copyright-refers-to-incorrect-directory.tag create mode 100644 tags/c/copyright-refers-to-nonexistent-license-file.tag create mode 100644 tags/c/copyright-refers-to-old-directory.tag create mode 100644 tags/c/copyright-refers-to-symlink-license.tag create mode 100644 tags/c/copyright-refers-to-versionless-license-file.tag create mode 100644 tags/c/copyright-with-old-dh-make-debian-copyright.tag create mode 100644 tags/c/copyright-without-copyright-notice.tag create mode 100644 tags/c/country-in-manual.tag create mode 100644 tags/c/csh-considered-harmful.tag create mode 100644 tags/c/ctrl-script.tag create mode 100644 tags/c/custom-compression-in-debian-rules.tag create mode 100644 tags/c/custom-compression-in-debian-source-options.tag create mode 100644 tags/c/custom-library-search-path.tag create mode 100644 tags/c/cute-field.tag (limited to 'tags/c') diff --git a/tags/c/cannot-check-whether-usr-share-doc-symlink-points-to-foreign-package.tag b/tags/c/cannot-check-whether-usr-share-doc-symlink-points-to-foreign-package.tag new file mode 100644 index 0000000..259077f --- /dev/null +++ b/tags/c/cannot-check-whether-usr-share-doc-symlink-points-to-foreign-package.tag @@ -0,0 +1,10 @@ +Tag: cannot-check-whether-usr-share-doc-symlink-points-to-foreign-package +Severity: info +Check: debian/copyright +Explanation: There is a symlink /usr/share/doc/*pkg1* -> *pkg2* + in your package. This means that *pkg1* and *pkg2* must + both come from the same source package. Lintian cannot check this right now + however. + . + Please reprocess this binary together with its source package to avoid + this tag. diff --git a/tags/c/capitalization-error-in-description-synopsis.tag b/tags/c/capitalization-error-in-description-synopsis.tag new file mode 100644 index 0000000..4c48db9 --- /dev/null +++ b/tags/c/capitalization-error-in-description-synopsis.tag @@ -0,0 +1,7 @@ +Tag: capitalization-error-in-description-synopsis +Severity: info +Check: fields/description +Explanation: Lintian found a possible capitalization error in the package + synopsis. Lintian has a list of common capitalization errors, + primarily of upstream projects, that it looks for. It does not have a + dictionary like a spelling checker does. diff --git a/tags/c/capitalization-error-in-description.tag b/tags/c/capitalization-error-in-description.tag new file mode 100644 index 0000000..2253db9 --- /dev/null +++ b/tags/c/capitalization-error-in-description.tag @@ -0,0 +1,12 @@ +Tag: capitalization-error-in-description +Severity: info +Check: fields/description +Explanation: Lintian found a possible capitalization error in the package + description. Lintian has a list of common capitalization errors, + primarily of upstream projects, that it looks for. It does not have a + dictionary like a spelling checker does. + . + This is a particularly picky check of capitalization in package + descriptions, since they're very visible to end users, but it will have + false positives for project names used in a context where they should be + lowercase, such as package names or executable names. diff --git a/tags/c/capitalization-in-override-comment.tag b/tags/c/capitalization-in-override-comment.tag new file mode 100644 index 0000000..b941280 --- /dev/null +++ b/tags/c/capitalization-in-override-comment.tag @@ -0,0 +1,8 @@ +Tag: capitalization-in-override-comment +Severity: pedantic +Check: debian/lintian-overrides/comments +Explanation: The comment attached to a Lintian override probably contains + a capitalization error. + . + Lintian looks for common capitalization errors. It does not have a + dictionary. diff --git a/tags/c/carriage-return-line-feed.tag b/tags/c/carriage-return-line-feed.tag new file mode 100644 index 0000000..d4f2d8b --- /dev/null +++ b/tags/c/carriage-return-line-feed.tag @@ -0,0 +1,13 @@ +Tag: carriage-return-line-feed +Severity: error +Check: debian/line-separators +Renamed-From: control-file-with-CRLF-EOLs +Explanation: The given control file uses CRLF as line terminator + instead of the traditional UNIX LF terminator. Since some + tools were only designed with the UNIX end-of-line terminators in mind, + it is possible that they misbehave or lead to unexpected results. + . + Running the following command against the given file removes any + CR character in the file: + . + sed -i 's/\r//g' path/to/file diff --git a/tags/c/changed-by-invalid-for-derivative.tag b/tags/c/changed-by-invalid-for-derivative.tag new file mode 100644 index 0000000..718229e --- /dev/null +++ b/tags/c/changed-by-invalid-for-derivative.tag @@ -0,0 +1,8 @@ +Tag: changed-by-invalid-for-derivative +Severity: error +Check: fields/changed-by +Explanation: The Changed-By field does not match the required format for this + Debian derivative. + . + Derivative distributions of Debian may enforce additional restrictions + on such fields. diff --git a/tags/c/changelog-distribution-does-not-match-changes-file.tag b/tags/c/changelog-distribution-does-not-match-changes-file.tag new file mode 100644 index 0000000..4a02e36 --- /dev/null +++ b/tags/c/changelog-distribution-does-not-match-changes-file.tag @@ -0,0 +1,11 @@ +Tag: changelog-distribution-does-not-match-changes-file +Severity: warning +Check: debian/changelog +Explanation: The target distribution in the most recent entry in this package's + debian/changelog file does not match the target in the generated + .changes file. + . + This may indicate a mistake in setting the distribution, an accidental + upload to unstable of a package intended for experimental, or a mistake + in invoking sbuild(1). +See-Also: Bug#906155, sbuild(1) diff --git a/tags/c/changelog-empty-entry.tag b/tags/c/changelog-empty-entry.tag new file mode 100644 index 0000000..7584b23 --- /dev/null +++ b/tags/c/changelog-empty-entry.tag @@ -0,0 +1,6 @@ +Tag: changelog-empty-entry +Severity: error +Check: debian/changelog +Explanation: The last changelog entry is empty. Please add a description or use + an UNRELEASED version. +See-Also: debian-policy 4.4 diff --git a/tags/c/changelog-file-missing-explicit-entry.tag b/tags/c/changelog-file-missing-explicit-entry.tag new file mode 100644 index 0000000..2d99394 --- /dev/null +++ b/tags/c/changelog-file-missing-explicit-entry.tag @@ -0,0 +1,11 @@ +Tag: changelog-file-missing-explicit-entry +Severity: warning +Check: debian/changelog +Explanation: The latest changelog file for this package specifies a version in + the form of 1.2-3+deb8u1, 1.2-3+nmu4 (or similar) but this does not + follow from a corresponding 1.2-3 changelog stanza. + . + This suggests that changes were merged into a single entry. This is + suboptimal as it makes it more difficult for users to determine which + upload fixed a particular bug. +See-Also: developer-reference 5.8.5.4, developer-reference 5.11.2, developer-reference 5.14.3, Bug#916877 diff --git a/tags/c/changelog-file-not-compressed.tag b/tags/c/changelog-file-not-compressed.tag new file mode 100644 index 0000000..9796eb9 --- /dev/null +++ b/tags/c/changelog-file-not-compressed.tag @@ -0,0 +1,6 @@ +Tag: changelog-file-not-compressed +Severity: error +Check: debian/changelog +Explanation: Changelog files should be compressed using "gzip -9". Even if they + start out small, they will become large with time. +See-Also: debian-policy 12.7 diff --git a/tags/c/changelog-is-dh_make-template.tag b/tags/c/changelog-is-dh_make-template.tag new file mode 100644 index 0000000..ec288a0 --- /dev/null +++ b/tags/c/changelog-is-dh_make-template.tag @@ -0,0 +1,10 @@ +Tag: changelog-is-dh_make-template +Severity: error +Check: debian/changelog +Explanation: The changelog file has an instruction left by dh_make, which has + not been removed. Example: + . + - Initial release (Closes: #nnnn) <nnnn is the bug number of your ITP> + . + The "<... is the bug number ...>" part has not been removed from the + changelog. diff --git a/tags/c/changelog-is-symlink.tag b/tags/c/changelog-is-symlink.tag new file mode 100644 index 0000000..ad71b2f --- /dev/null +++ b/tags/c/changelog-is-symlink.tag @@ -0,0 +1,11 @@ +Tag: changelog-is-symlink +Severity: warning +Check: nmu +Explanation: The file debian/changelog is a symlink instead of a regular + file. This is unnecessary and makes package checking and manipulation + more difficult. If the changelog should be available in the source + package under multiple names, make debian/changelog the real + file and the other names symlinks to it. + . + This problem may have prevented Lintian from performing other checks, + leading to undetected changelog errors. diff --git a/tags/c/changelog-news-debian-mismatch.tag b/tags/c/changelog-news-debian-mismatch.tag new file mode 100644 index 0000000..8659155 --- /dev/null +++ b/tags/c/changelog-news-debian-mismatch.tag @@ -0,0 +1,7 @@ +Tag: changelog-news-debian-mismatch +Severity: warning +Check: debian/changelog +Explanation: The latest entries in the Debian changelog file and NEWS.Debian file + are for the same version but the given field doesn't match. The + changelog information is canonical and the NEWS.Debian information is + ignored, but it may be confusing to users to have them be different. diff --git a/tags/c/changelog-not-compressed-with-max-compression.tag b/tags/c/changelog-not-compressed-with-max-compression.tag new file mode 100644 index 0000000..73bf23b --- /dev/null +++ b/tags/c/changelog-not-compressed-with-max-compression.tag @@ -0,0 +1,6 @@ +Tag: changelog-not-compressed-with-max-compression +Severity: warning +Check: debian/changelog +Explanation: Changelog files should be compressed using "gzip -9"; i.e., using + the maximum compression level via the -9 option to gzip. +See-Also: debian-policy 12.7 diff --git a/tags/c/changelog-references-temp-security-identifier.tag b/tags/c/changelog-references-temp-security-identifier.tag new file mode 100644 index 0000000..03b0337 --- /dev/null +++ b/tags/c/changelog-references-temp-security-identifier.tag @@ -0,0 +1,15 @@ +Tag: changelog-references-temp-security-identifier +Severity: warning +Check: debian/changelog +Explanation: The changelog entry references a temporary security identifier, + like "TEMP-0000000-2FC21E". + . + The TEMP identifier will disappear in the future once a proper CVE + identifier has been assigned. Therefore it is useless as an + external reference. Even worse, the identifier is not stable and + may change even before a CVE is allocated. + . + If a CVE has been allocated, please use that instead. Otherwise, + please replace the TEMP identifier with a short description of the + issue. +See-Also: Bug#787929, Bug#807892 diff --git a/tags/c/checksum-count-mismatch-in-changes-file.tag b/tags/c/checksum-count-mismatch-in-changes-file.tag new file mode 100644 index 0000000..60a2255 --- /dev/null +++ b/tags/c/checksum-count-mismatch-in-changes-file.tag @@ -0,0 +1,6 @@ +Tag: checksum-count-mismatch-in-changes-file +Severity: error +Check: changes-file +Explanation: The number of checksums .changes file for the + specified algorithm does not match the number of files. +See-Also: debian-policy 5.6.21, debian-policy 5.6.24 diff --git a/tags/c/checksum-mismatch-in-changes-file.tag b/tags/c/checksum-mismatch-in-changes-file.tag new file mode 100644 index 0000000..c4826f2 --- /dev/null +++ b/tags/c/checksum-mismatch-in-changes-file.tag @@ -0,0 +1,6 @@ +Tag: checksum-mismatch-in-changes-file +Severity: error +Check: changes-file +Explanation: The actual checksum does not match what's listed in the + .changes file. +See-Also: debian-policy 5.6.21, debian-policy 5.6.24 diff --git a/tags/c/chown-with-dot.tag b/tags/c/chown-with-dot.tag new file mode 100644 index 0000000..1bc7bd0 --- /dev/null +++ b/tags/c/chown-with-dot.tag @@ -0,0 +1,11 @@ +Tag: chown-with-dot +Severity: pedantic +Check: script/deprecated/chown +Explanation: The named script uses a dot to separate owner and group in + a call like chown user.group but that usage is deprecated. + . + Please use a colon instead, as in: + . + chown user:group. +See-Also: + https://lists.debian.org/debian-devel/2022/03/msg00138.html diff --git a/tags/c/circular-installation-prerequisite.tag b/tags/c/circular-installation-prerequisite.tag new file mode 100644 index 0000000..55bdfe5 --- /dev/null +++ b/tags/c/circular-installation-prerequisite.tag @@ -0,0 +1,13 @@ +Tag: circular-installation-prerequisite +Severity: warning +Check: debian/control/prerequisite/circular +Renamed-From: + package-depends-on-itself +Explanation: The installable declares itself as its own installation prerequisite + in the relevant debian/control stanza. + . + Current versions of dpkg-gencontrol will silently ignore the + prerequisite, but it may still indicate an oversight. It could be a misspelling + or having cut and pasted an incorrect package name. +See-Also: + debian-policy 7.2 diff --git a/tags/c/classpath-contains-relative-path.tag b/tags/c/classpath-contains-relative-path.tag new file mode 100644 index 0000000..6f4bbdb --- /dev/null +++ b/tags/c/classpath-contains-relative-path.tag @@ -0,0 +1,15 @@ +Tag: classpath-contains-relative-path +Severity: warning +Check: languages/java +Explanation: The classpath listed in the jar file refers to a potential + missing jar file. This could be the remnants of a build-time + classpath that are not relevant for a JAR bundled in a Debian + package. + . + Alternatively, the classpath may be correct, but the package is + lacking a jar file or a symlink to it. + . + Note, Lintian assumes that all (relative) classpaths pointing to + /usr/share/java/ (but not subdirs thereof) are satisfied by + dependencies as long as there is at least one strong libX-java + dependency. diff --git a/tags/c/co-maintained-package-with-no-vcs-fields.tag b/tags/c/co-maintained-package-with-no-vcs-fields.tag new file mode 100644 index 0000000..fe4296b --- /dev/null +++ b/tags/c/co-maintained-package-with-no-vcs-fields.tag @@ -0,0 +1,10 @@ +Tag: co-maintained-package-with-no-vcs-fields +Severity: pedantic +Check: fields/vcs +Explanation: Based on the content of the maintainer and uploader fields this + package is co-maintained but there are no Vcs-* fields. + . + It is recommended that shared maintenance of packages are co-ordinated + via a revision control system. +Renamed-From: + co-maintained-package-with-no-vcs-headers diff --git a/tags/c/codeless-jar.tag b/tags/c/codeless-jar.tag new file mode 100644 index 0000000..743e7c5 --- /dev/null +++ b/tags/c/codeless-jar.tag @@ -0,0 +1,5 @@ +Tag: codeless-jar +Severity: warning +Check: languages/java +Explanation: The jar file contains a manifest but no code. This probably indicates + that something went wrong at build-time. diff --git a/tags/c/comma-separated-files-in-dep5-copyright.tag b/tags/c/comma-separated-files-in-dep5-copyright.tag new file mode 100644 index 0000000..d72dd55 --- /dev/null +++ b/tags/c/comma-separated-files-in-dep5-copyright.tag @@ -0,0 +1,8 @@ +Tag: comma-separated-files-in-dep5-copyright +Severity: warning +Check: debian/copyright/dep5 +See-Also: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Explanation: A list of files in the machine-readable copyright format appears to be + separated by commas. The file list should be whitespace separated instead. + . + Please note this tag is only emitted once per checked copyright file. diff --git a/tags/c/command-in-menu-file-and-desktop-file.tag b/tags/c/command-in-menu-file-and-desktop-file.tag new file mode 100644 index 0000000..fba0aa2 --- /dev/null +++ b/tags/c/command-in-menu-file-and-desktop-file.tag @@ -0,0 +1,13 @@ +Tag: command-in-menu-file-and-desktop-file +Severity: warning +Check: menu-format +Explanation: The command is listed both in a menu file and a + desktop file + . + Per decision by the Technical Committee, it is no longer allowed. + . + Please remove the menu file from the package. +See-Also: + debian-policy 9.6, + https://lists.debian.org/debian-devel-announce/2015/09/msg00000.html, + Bug#741573 diff --git a/tags/c/command-with-path-in-maintainer-script.tag b/tags/c/command-with-path-in-maintainer-script.tag new file mode 100644 index 0000000..d7602dc --- /dev/null +++ b/tags/c/command-with-path-in-maintainer-script.tag @@ -0,0 +1,18 @@ +Tag: command-with-path-in-maintainer-script +Severity: warning +Check: scripts +Explanation: The indicated program run in a maintainer script has a prepended + path. Programs called from maintainer scripts normally should not have a + path prepended. dpkg ensures that the PATH is set to a reasonable value, + and prepending a path may prevent the local administrator from using a + replacement version of a command for some local reason. + . + If the path is used to test a program for existence, please use if + which $program > /dev/null; then …. + . + If you intend to override this tag, please make sure that you are in + control of the installation path of the according program and that + you won't forget to change this maintainer script, too, if you ever + move that program around. +See-Also: debian-policy 6.1, developer-reference 6.4, Bug#769845, Bug#807695, + https://lists.debian.org/debian-devel/2014/11/msg00044.html diff --git a/tags/c/composer-package-without-pkg-php-tools-builddep.tag b/tags/c/composer-package-without-pkg-php-tools-builddep.tag new file mode 100644 index 0000000..2251ff6 --- /dev/null +++ b/tags/c/composer-package-without-pkg-php-tools-builddep.tag @@ -0,0 +1,8 @@ +Tag: composer-package-without-pkg-php-tools-builddep +Severity: info +Check: languages/php/pear +Explanation: The package contains a composer.json file but doesn't build-depend on + pkg-php-tools. + . + pkg-php-tools is the recommended tool for building PHP Composer packages. For + more information, install it and read the included README.Composer. diff --git a/tags/c/composer-prerequisite.tag b/tags/c/composer-prerequisite.tag new file mode 100644 index 0000000..62cad34 --- /dev/null +++ b/tags/c/composer-prerequisite.tag @@ -0,0 +1,22 @@ +Tag: composer-prerequisite +Severity: warning +Check: languages/php/composer +Explanation: A packaging relationship refers to the PHP composer. + . + The PHP Composer is a tool to install PHP packages similar to + pip for Python and npm for Node.js. It should not + be pulled in as a packaging relationship. + . + In Debian, the composer is dealt with in other ways, such as + dh_phpcomposer from pkg-php-tools and + phpab, which generates a static autoloader. + . + Maintainers of PHP-related packages may not be aware of all of the conventions + since many such packages are maintained by individuals who are not associated + with the PHP PEAR Maintainers team. +See-Also: + dh_phpcomposer(1), + phpab(1), + https://getcomposer.org, + https://en.wikipedia.org/wiki/Composer_(software), + Bug#977150 diff --git a/tags/c/compressed-documentation.tag b/tags/c/compressed-documentation.tag new file mode 100644 index 0000000..1a0526b --- /dev/null +++ b/tags/c/compressed-documentation.tag @@ -0,0 +1,10 @@ +Tag: compressed-documentation +Severity: warning +Check: documentation +Renamed-From: file-should-not-be-compressed +Explanation: The following file should not be compressed. + . + This file should be excluded from compression during build time. + If using debhelper (<< 9.20140227), you may need to use the -X + option to dh_compress. Newer versions of debhelper handle this + correctly by default. diff --git a/tags/c/compressed-duplicate.tag b/tags/c/compressed-duplicate.tag new file mode 100644 index 0000000..a6e9a9a --- /dev/null +++ b/tags/c/compressed-duplicate.tag @@ -0,0 +1,8 @@ +Tag: compressed-duplicate +Severity: info +Check: files/compressed +Renamed-From: duplicated-compressed-file +Explanation: The given, apparently compressed, file is shipped in the package + in addition to another file with the same name without the + compression-method extension. Normally this indicates a mistake in the + installation process of the package. diff --git a/tags/c/compressed-symlink-with-wrong-ext.tag b/tags/c/compressed-symlink-with-wrong-ext.tag new file mode 100644 index 0000000..d98d837 --- /dev/null +++ b/tags/c/compressed-symlink-with-wrong-ext.tag @@ -0,0 +1,8 @@ +Tag: compressed-symlink-with-wrong-ext +Severity: error +Check: files/symbolic-links +Explanation: The package installs a symbolic link pointing to a compressed file, + but the symbolic link does not use the same file extension than the + referenced file. In most cases, this can produce troubles when the + user or a program tries to access the file through the link. +See-Also: debian-policy 10.5 diff --git a/tags/c/concatenated-upstream-signatures.tag b/tags/c/concatenated-upstream-signatures.tag new file mode 100644 index 0000000..4de909e --- /dev/null +++ b/tags/c/concatenated-upstream-signatures.tag @@ -0,0 +1,7 @@ +Tag: concatenated-upstream-signatures +Severity: warning +Check: upstream-signature +Explanation: The packaging includes a detached upstream signature file that contains + multiple concatenated signature blocks. That is likely an error. + . + Please include only one signature block in the indicated signature file. diff --git a/tags/c/conffile-has-bad-file-type.tag b/tags/c/conffile-has-bad-file-type.tag new file mode 100644 index 0000000..7b9076f --- /dev/null +++ b/tags/c/conffile-has-bad-file-type.tag @@ -0,0 +1,8 @@ +Tag: conffile-has-bad-file-type +Severity: error +Check: conffiles +See-Also: Bug#690051, Bug#690910 +Explanation: The conffiles lists this path, which is not a file. This will + almost certainly not work. + . + Note that dpkg does not support symlinks being conffiles. diff --git a/tags/c/config-does-not-load-confmodule.tag b/tags/c/config-does-not-load-confmodule.tag new file mode 100644 index 0000000..c566c82 --- /dev/null +++ b/tags/c/config-does-not-load-confmodule.tag @@ -0,0 +1,4 @@ +Tag: config-does-not-load-confmodule +Severity: warning +Check: debian/debconf +Explanation: The config script must load one of the debconf libraries. diff --git a/tags/c/config-file-reserved.tag b/tags/c/config-file-reserved.tag new file mode 100644 index 0000000..78e9768 --- /dev/null +++ b/tags/c/config-file-reserved.tag @@ -0,0 +1,5 @@ +Tag: config-file-reserved +Severity: error +Check: files/pam +Explanation: This file is reserved by a specific package. Please email the + maintainer of the package in question if you have questions. diff --git a/tags/c/configure-generated-file-in-source.tag b/tags/c/configure-generated-file-in-source.tag new file mode 100644 index 0000000..702a3af --- /dev/null +++ b/tags/c/configure-generated-file-in-source.tag @@ -0,0 +1,17 @@ +Tag: configure-generated-file-in-source +Severity: warning +Check: build-systems/autotools +Explanation: Leaving config.cache/status causes autobuilders problems. + config.cache and config.status are produced by GNU autoconf's configure + scripts. If they are left in the source package, autobuilders may pick + up settings for the wrong architecture. + . + The clean rule in debian/rules should remove this file. This + should ideally be done by fixing the upstream build system to do it when + you run the appropriate cleaning command (and don't forget to forward the + fix to the upstream authors so it doesn't happen in the next release). If + that is already implemented, then make sure you are indeed cleaning it in + the clean rule. If all else fails, a simple rm -f should work. + . + Note that Lintian cannot reliably detect the removal in the clean rule, + so once you fix this, please ignore or override this warning. diff --git a/tags/c/conflicting-negation-in-source-relation.tag b/tags/c/conflicting-negation-in-source-relation.tag new file mode 100644 index 0000000..4d99e52 --- /dev/null +++ b/tags/c/conflicting-negation-in-source-relation.tag @@ -0,0 +1,8 @@ +Tag: conflicting-negation-in-source-relation +Severity: error +Check: fields/package-relations +See-Also: debian-policy 7.1 +Explanation: The architecture string in this source relation has some + negated architectures (prepended by !) and others that are not + negated. This is not permitted by Policy. Either all architectures must + be negated or none of them may be. diff --git a/tags/c/conflicting-test-fields.tag b/tags/c/conflicting-test-fields.tag new file mode 100644 index 0000000..7136cf8 --- /dev/null +++ b/tags/c/conflicting-test-fields.tag @@ -0,0 +1,11 @@ +Tag: conflicting-test-fields +Severity: warning +Check: testsuite +Renamed-from: + exclusive-runtime-tests-field +Explanation: The given section in the debian/tests/control file specifies + two conflicting fields. + . + Please pick one. +See-Also: + https://salsa.debian.org/ci-team/autopkgtest/tree/master/doc/README.package-tests.rst diff --git a/tags/c/conflicts-with-dependency.tag b/tags/c/conflicts-with-dependency.tag new file mode 100644 index 0000000..d6c37db --- /dev/null +++ b/tags/c/conflicts-with-dependency.tag @@ -0,0 +1,6 @@ +Tag: conflicts-with-dependency +Severity: error +Check: fields/package-relations +See-Also: debian-policy 7.4 +Explanation: The package seems to conflict with one of its dependencies, + recommendations, or suggestions by listing it in Conflicts or Breaks. diff --git a/tags/c/conflicts-with-version.tag b/tags/c/conflicts-with-version.tag new file mode 100644 index 0000000..0692972 --- /dev/null +++ b/tags/c/conflicts-with-version.tag @@ -0,0 +1,11 @@ +Tag: conflicts-with-version +Severity: info +Check: fields/package-relations +See-Also: debian-policy 7.4 +Explanation: An earlier-than version clause is normally an indication that Breaks + should be used instead of Conflicts. Breaks is a weaker requirement that + provides the package manager more leeway to find a valid upgrade path. + Conflicts should only be used if two packages can never be unpacked at + the same time, or for some situations involving virtual packages (where a + version clause is not appropriate). In particular, when moving files + between packages, use Breaks plus Replaces, not Conflicts plus Replaces. diff --git a/tags/c/control-file-contains-dh-make-vcs-comment.tag b/tags/c/control-file-contains-dh-make-vcs-comment.tag new file mode 100644 index 0000000..744b311 --- /dev/null +++ b/tags/c/control-file-contains-dh-make-vcs-comment.tag @@ -0,0 +1,10 @@ +Tag: control-file-contains-dh-make-vcs-comment +Severity: warning +Check: template/dh-make/control/vcs +Renamed-From: + control-file-contains-dh_make-vcs-comment +Explanation: The control file contains VCS-* lines that are + commented out. They were most likely placed there by dh_make. + . + If the URLs are valid, they should be uncommented. Otherwise, they should be + removed. diff --git a/tags/c/control-file-has-bad-owner.tag b/tags/c/control-file-has-bad-owner.tag new file mode 100644 index 0000000..eb713e2 --- /dev/null +++ b/tags/c/control-file-has-bad-owner.tag @@ -0,0 +1,5 @@ +Tag: control-file-has-bad-owner +Severity: error +Check: control-files +See-Also: debian-policy 10.9 +Explanation: All control files should be owned by root/root. diff --git a/tags/c/control-file-has-bad-permissions.tag b/tags/c/control-file-has-bad-permissions.tag new file mode 100644 index 0000000..336a9f5 --- /dev/null +++ b/tags/c/control-file-has-bad-permissions.tag @@ -0,0 +1,7 @@ +Tag: control-file-has-bad-permissions +Severity: error +Check: control-files +See-Also: debian-policy 10.9 +Explanation: The config, postinst, postrm, + preinst, and prerm control files should use mode 0755; + all other control files should use 0644. diff --git a/tags/c/control-file-is-empty.tag b/tags/c/control-file-is-empty.tag new file mode 100644 index 0000000..c1cdb11 --- /dev/null +++ b/tags/c/control-file-is-empty.tag @@ -0,0 +1,5 @@ +Tag: control-file-is-empty +Severity: warning +Check: control-files +Explanation: The package contains an empty control file, which is most probably + an error. diff --git a/tags/c/control-file-is-not-a-file.tag b/tags/c/control-file-is-not-a-file.tag new file mode 100644 index 0000000..67f6887 --- /dev/null +++ b/tags/c/control-file-is-not-a-file.tag @@ -0,0 +1,4 @@ +Tag: control-file-is-not-a-file +Severity: error +Check: control-files +Explanation: The package contains a control file that is not a regular file. diff --git a/tags/c/control-interpreter-in-usr-local.tag b/tags/c/control-interpreter-in-usr-local.tag new file mode 100644 index 0000000..c914db4 --- /dev/null +++ b/tags/c/control-interpreter-in-usr-local.tag @@ -0,0 +1,7 @@ +Tag: control-interpreter-in-usr-local +Severity: error +Check: scripts +Explanation: A control script for this package references an interpreter in a + directory in /usr/local. Control scripts must use interpreters + provided by Debian packages, and Debian packages do not install anything + in /usr/local. diff --git a/tags/c/control-interpreter-without-depends.tag b/tags/c/control-interpreter-without-depends.tag new file mode 100644 index 0000000..8b376be --- /dev/null +++ b/tags/c/control-interpreter-without-depends.tag @@ -0,0 +1,7 @@ +Tag: control-interpreter-without-depends +Severity: error +Check: scripts +Explanation: The package contains a maintainer script that uses an unusual and + non-essential interpreter but does not declare a Depends on the + package that provides this interpreter. +See-Also: debian-policy 7.2 diff --git a/tags/c/control-interpreter-without-predepends.tag b/tags/c/control-interpreter-without-predepends.tag new file mode 100644 index 0000000..70bf616 --- /dev/null +++ b/tags/c/control-interpreter-without-predepends.tag @@ -0,0 +1,15 @@ +Tag: control-interpreter-without-predepends +Severity: error +Check: scripts +Renamed-From: + preinst-interpreter-without-predepends +Explanation: The package contains a preinst maintainer script that uses + an unusual and non-essential interpreter but does not declare a + Pre-Depends on the package that provides this interpreter. + . + preinst scripts should be written using only essential + interpreters to avoid additional dependency complexity. Please do not + add a Pre-Depends without following the policy section 3.5. +See-Also: + debian-policy 7.2, + debian-policy 3.5 diff --git a/tags/c/control-tarball-compression-format.tag b/tags/c/control-tarball-compression-format.tag new file mode 100644 index 0000000..154decf --- /dev/null +++ b/tags/c/control-tarball-compression-format.tag @@ -0,0 +1,4 @@ +Tag: control-tarball-compression-format +Severity: classification +Check: deb-format +Explanation: This is the compressor format used for the control.tar tarball. diff --git a/tags/c/copyright-contains-automatically-extracted-boilerplate.tag b/tags/c/copyright-contains-automatically-extracted-boilerplate.tag new file mode 100644 index 0000000..5c0b147 --- /dev/null +++ b/tags/c/copyright-contains-automatically-extracted-boilerplate.tag @@ -0,0 +1,8 @@ +Tag: copyright-contains-automatically-extracted-boilerplate +Severity: warning +Check: debian/copyright +See-Also: debian-policy 12.5 +Explanation: The string "This copyright info was automatically extracted" + appears in the copyright file, which indicates that you either didn't + check the whole source to find additional copyright/license, or that + you didn't remove that paragraph after having done so. diff --git a/tags/c/copyright-contains-dh_make-todo-boilerplate.tag b/tags/c/copyright-contains-dh_make-todo-boilerplate.tag new file mode 100644 index 0000000..b9e8590 --- /dev/null +++ b/tags/c/copyright-contains-dh_make-todo-boilerplate.tag @@ -0,0 +1,8 @@ +Tag: copyright-contains-dh_make-todo-boilerplate +Severity: error +Check: debian/copyright +See-Also: debian-policy 12.5 +Explanation: The string "Please also look if..." appears in the copyright + file, which indicates that you either didn't check the whole source + to find additional copyright/license, or that you didn't remove that + paragraph after having done so. diff --git a/tags/c/copyright-does-not-refer-to-common-license-file.tag b/tags/c/copyright-does-not-refer-to-common-license-file.tag new file mode 100644 index 0000000..483bd87 --- /dev/null +++ b/tags/c/copyright-does-not-refer-to-common-license-file.tag @@ -0,0 +1,7 @@ +Tag: copyright-does-not-refer-to-common-license-file +Severity: warning +Check: debian/copyright +Explanation: If your package uses any one of the licenses in + /usr/share/common-licenses, the copyright file should refer to + files therein. +See-Also: debian-policy 12.5 diff --git a/tags/c/copyright-file-compressed.tag b/tags/c/copyright-file-compressed.tag new file mode 100644 index 0000000..258a712 --- /dev/null +++ b/tags/c/copyright-file-compressed.tag @@ -0,0 +1,6 @@ +Tag: copyright-file-compressed +Severity: error +Check: debian/copyright +Explanation: The copyright file /usr/share/doc/*pkg*/copyright must not be + compressed. +See-Also: debian-policy 12.5 diff --git a/tags/c/copyright-file-contains-full-apache-2-license.tag b/tags/c/copyright-file-contains-full-apache-2-license.tag new file mode 100644 index 0000000..54301a8 --- /dev/null +++ b/tags/c/copyright-file-contains-full-apache-2-license.tag @@ -0,0 +1,7 @@ +Tag: copyright-file-contains-full-apache-2-license +Severity: error +Check: debian/copyright +Explanation: The copyright file /usr/share/doc/*pkg*/copyright contains the + complete text of the Apache 2.0 license. It should refer to the file + /usr/share/common-licenses/Apache-2.0 instead. +See-Also: debian-policy 12.5 diff --git a/tags/c/copyright-file-contains-full-gfdl-license.tag b/tags/c/copyright-file-contains-full-gfdl-license.tag new file mode 100644 index 0000000..09b2dfe --- /dev/null +++ b/tags/c/copyright-file-contains-full-gfdl-license.tag @@ -0,0 +1,7 @@ +Tag: copyright-file-contains-full-gfdl-license +Severity: error +Check: debian/copyright +Explanation: The copyright file /usr/share/doc/*pkg*/copyright contains the + complete text of the GFDL v1.2. It should refer to the file + /usr/share/common-licenses/GFDL-1.2 instead. +See-Also: debian-policy 12.5 diff --git a/tags/c/copyright-file-contains-full-gpl-license.tag b/tags/c/copyright-file-contains-full-gpl-license.tag new file mode 100644 index 0000000..ed63564 --- /dev/null +++ b/tags/c/copyright-file-contains-full-gpl-license.tag @@ -0,0 +1,8 @@ +Tag: copyright-file-contains-full-gpl-license +Severity: error +Check: debian/copyright +Explanation: The copyright file /usr/share/doc/*pkg*/copyright contains the + complete text of the GPL v1, v2, or v3. It should refer to the file + /usr/share/common-licenses/GPL-1, GPL-2, or + GPL-3 instead. +See-Also: debian-policy 12.5 diff --git a/tags/c/copyright-file-is-symlink.tag b/tags/c/copyright-file-is-symlink.tag new file mode 100644 index 0000000..c8cab54 --- /dev/null +++ b/tags/c/copyright-file-is-symlink.tag @@ -0,0 +1,6 @@ +Tag: copyright-file-is-symlink +Severity: error +Check: debian/copyright +Explanation: The copyright file /usr/share/doc/*pkg*/copyright must not be a + symbolic link. +See-Also: debian-policy 12.5 diff --git a/tags/c/copyright-file-lacks-pointer-to-perl-license.tag b/tags/c/copyright-file-lacks-pointer-to-perl-license.tag new file mode 100644 index 0000000..9533e6d --- /dev/null +++ b/tags/c/copyright-file-lacks-pointer-to-perl-license.tag @@ -0,0 +1,7 @@ +Tag: copyright-file-lacks-pointer-to-perl-license +Severity: error +Check: debian/copyright +See-Also: debian-policy 12.5 +Explanation: If your package is released under the same terms as Perl itself, + it should refer to the Artistic and GPL license files in the + /usr/share/common-licenses directory. diff --git a/tags/c/copyright-has-crs.tag b/tags/c/copyright-has-crs.tag new file mode 100644 index 0000000..ec8bf1e --- /dev/null +++ b/tags/c/copyright-has-crs.tag @@ -0,0 +1,9 @@ +Tag: copyright-has-crs +Severity: pedantic +Check: debian/copyright +Explanation: The copyright file has lines ending in CRLF instead of just LF. + . + Running the following command against the given file removes any + CR character in the file: + . + sed -i 's/\r//g' path/to/file diff --git a/tags/c/copyright-has-url-from-dh_make-boilerplate.tag b/tags/c/copyright-has-url-from-dh_make-boilerplate.tag new file mode 100644 index 0000000..20732bd --- /dev/null +++ b/tags/c/copyright-has-url-from-dh_make-boilerplate.tag @@ -0,0 +1,9 @@ +Tag: copyright-has-url-from-dh_make-boilerplate +Severity: warning +Check: debian/copyright +See-Also: debian-policy 12.5 +Explanation: There is "url://example.com" in your copyright file. This was most + likely a remnant from the dh_make template. + . + Make sure you include the real location where you obtained the + upstream sources (if any). diff --git a/tags/c/copyright-not-using-common-license-for-apache2.tag b/tags/c/copyright-not-using-common-license-for-apache2.tag new file mode 100644 index 0000000..671121e --- /dev/null +++ b/tags/c/copyright-not-using-common-license-for-apache2.tag @@ -0,0 +1,12 @@ +Tag: copyright-not-using-common-license-for-apache2 +Severity: error +Check: debian/copyright +Renamed-From: copyright-should-refer-to-common-license-file-for-apache-2 +See-Also: debian-policy 12.5 +Explanation: The strings "Apache License, Version" or "Apache-2" appear in the + copyright file for this package, but the copyright file does not + reference /usr/share/common-licenses as the location of the + Apache-2 on Debian systems. + . + If the copyright file must mention the Apache-2 for reasons other than + stating the license of the package, please add a Lintian override. diff --git a/tags/c/copyright-not-using-common-license-for-gfdl.tag b/tags/c/copyright-not-using-common-license-for-gfdl.tag new file mode 100644 index 0000000..6af2d5d --- /dev/null +++ b/tags/c/copyright-not-using-common-license-for-gfdl.tag @@ -0,0 +1,12 @@ +Tag: copyright-not-using-common-license-for-gfdl +Severity: error +Check: debian/copyright +Renamed-From: copyright-should-refer-to-common-license-file-for-gfdl +See-Also: debian-policy 12.5 +Explanation: The strings "GNU Free Documentation License" or "GFDL" appear in the + copyright file for this package, but the copyright file does not + reference /usr/share/common-licenses as the location of the GFDL + on Debian systems. + . + If the copyright file must mention the GFDL for reasons other than stating + the license of the package, please add a Lintian override. diff --git a/tags/c/copyright-not-using-common-license-for-gpl.tag b/tags/c/copyright-not-using-common-license-for-gpl.tag new file mode 100644 index 0000000..1488849 --- /dev/null +++ b/tags/c/copyright-not-using-common-license-for-gpl.tag @@ -0,0 +1,12 @@ +Tag: copyright-not-using-common-license-for-gpl +Severity: error +Check: debian/copyright +Renamed-From: copyright-should-refer-to-common-license-file-for-gpl +See-Also: debian-policy 12.5 +Explanation: The strings "GNU General Public License" or "GPL" appear in the + copyright file for this package, but the copyright file does not + reference /usr/share/common-licenses as the location of the GPL + on Debian systems. + . + If the copyright file must mention the GPL for reasons other than stating + the license of the package, please add a Lintian override. diff --git a/tags/c/copyright-not-using-common-license-for-lgpl.tag b/tags/c/copyright-not-using-common-license-for-lgpl.tag new file mode 100644 index 0000000..7ffd345 --- /dev/null +++ b/tags/c/copyright-not-using-common-license-for-lgpl.tag @@ -0,0 +1,13 @@ +Tag: copyright-not-using-common-license-for-lgpl +Severity: error +Check: debian/copyright +Renamed-From: copyright-should-refer-to-common-license-file-for-lgpl +See-Also: debian-policy 12.5 +Explanation: The strings "GNU Lesser General Public License", "GNU Library + General Public License", or "LGPL" appear in the copyright file for this + package, but the copyright file does not reference + /usr/share/common-licenses as the location of the LGPL on Debian + systems. + . + If the copyright file must mention the LGPL for reasons other than stating + the license of the package, please add a Lintian override. diff --git a/tags/c/copyright-refers-to-compressed-license.tag b/tags/c/copyright-refers-to-compressed-license.tag new file mode 100644 index 0000000..65ce0e3 --- /dev/null +++ b/tags/c/copyright-refers-to-compressed-license.tag @@ -0,0 +1,7 @@ +Tag: copyright-refers-to-compressed-license +Severity: error +Check: debian/copyright +Explanation: The /usr/share/doc/*pkg*/copyright file refers to a standard license + /usr/share/common-licenses/{GPL,LGPL,Artistic,BSD}.gz as a compressed + file. Please update the reference (the licenses are installed + uncompressed). diff --git a/tags/c/copyright-refers-to-deprecated-bsd-license-file.tag b/tags/c/copyright-refers-to-deprecated-bsd-license-file.tag new file mode 100644 index 0000000..d81099a --- /dev/null +++ b/tags/c/copyright-refers-to-deprecated-bsd-license-file.tag @@ -0,0 +1,13 @@ +Tag: copyright-refers-to-deprecated-bsd-license-file +Severity: warning +Check: debian/copyright +See-Also: debian-policy 12.5 +Explanation: The copyright file refers to + /usr/share/common-licenses/BSD. Due to the brevity of this + license, the specificity of this copy to code whose copyright is held by + the Regents of the University of California, and the frequency of minor + wording changes in the license, its text should be included in the + copyright file directly rather than referencing this file. + . + This file may be removed from a future version of base-files if + references to it drop sufficiently. diff --git a/tags/c/copyright-refers-to-incorrect-directory.tag b/tags/c/copyright-refers-to-incorrect-directory.tag new file mode 100644 index 0000000..63c4cb6 --- /dev/null +++ b/tags/c/copyright-refers-to-incorrect-directory.tag @@ -0,0 +1,6 @@ +Tag: copyright-refers-to-incorrect-directory +Severity: error +Check: debian/copyright +See-Also: debian-policy 12.5 +Explanation: In the directory name /usr/share/common-licenses, licenses is spelled + with an "s", not as licences with a "c". diff --git a/tags/c/copyright-refers-to-nonexistent-license-file.tag b/tags/c/copyright-refers-to-nonexistent-license-file.tag new file mode 100644 index 0000000..0be8691 --- /dev/null +++ b/tags/c/copyright-refers-to-nonexistent-license-file.tag @@ -0,0 +1,7 @@ +Tag: copyright-refers-to-nonexistent-license-file +Severity: warning +Check: debian/copyright +Explanation: The copyright file refers to a license in + /usr/share/common-licenses that doesn't exist. Usually this is + a typo, such as accidentally omitting the - between the license + name and the version number. diff --git a/tags/c/copyright-refers-to-old-directory.tag b/tags/c/copyright-refers-to-old-directory.tag new file mode 100644 index 0000000..bb62b58 --- /dev/null +++ b/tags/c/copyright-refers-to-old-directory.tag @@ -0,0 +1,7 @@ +Tag: copyright-refers-to-old-directory +Severity: error +Check: debian/copyright +Explanation: The common licenses (GPL, BSD, Artistic, etc) have been moved from + /usr/doc/copyright to /usr/share/common-licenses. + Copyright files should be updated. +See-Also: debian-policy 12.5 diff --git a/tags/c/copyright-refers-to-symlink-license.tag b/tags/c/copyright-refers-to-symlink-license.tag new file mode 100644 index 0000000..5f25220 --- /dev/null +++ b/tags/c/copyright-refers-to-symlink-license.tag @@ -0,0 +1,21 @@ +Tag: copyright-refers-to-symlink-license +Severity: pedantic +Check: debian/copyright +Explanation: The copyright file refers to the versionless symlink in + /usr/share/common-licenses for the full text of the GPL, LGPL, + or GFDL license. This symlink is updated to point to the latest version + of the license when a new one is released. The package appears to allow + relicensing under later versions of its license, so this is legally + consistent, but it implies that Debian will relicense the package under + later versions of those licenses as they're released. It is normally + better to point to the version of the license the package references in + its license statement. + . + For example, if the package says something like "you may redistribute it + and/or modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2, or (at your + option) any later version", the debian/copyright file should + refer to /usr/share/common-licenses/GPL-2, not /GPL. + . + For packages released under the same terms as Perl, Perl references the + GPL version 1, so point to /usr/share/common-licenses/GPL-1. diff --git a/tags/c/copyright-refers-to-versionless-license-file.tag b/tags/c/copyright-refers-to-versionless-license-file.tag new file mode 100644 index 0000000..bf06f4e --- /dev/null +++ b/tags/c/copyright-refers-to-versionless-license-file.tag @@ -0,0 +1,17 @@ +Tag: copyright-refers-to-versionless-license-file +Severity: warning +Check: debian/copyright +Explanation: The copyright file refers to the versionless symlink in + /usr/share/common-licenses for the full text of the GPL, LGPL, + or GFDL license, but the package does not appear to allow distribution + under later versions of the license. This symlink will change with each + release of a new version of the license and may therefore point to a + different version than the package is released under. + debian/copyright should instead refers to the specific version + of the license that the package references. + . + For example, if the package says something like "you can redistribute it + and/or modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; version 2 dated June, 1991," + the debian/copyright file should refer to + /usr/share/common-licenses/GPL-2, not /GPL. diff --git a/tags/c/copyright-with-old-dh-make-debian-copyright.tag b/tags/c/copyright-with-old-dh-make-debian-copyright.tag new file mode 100644 index 0000000..5944afc --- /dev/null +++ b/tags/c/copyright-with-old-dh-make-debian-copyright.tag @@ -0,0 +1,14 @@ +Tag: copyright-with-old-dh-make-debian-copyright +Severity: pedantic +Check: debian/copyright +Explanation: The copyright file contains the incomplete Debian packaging + copyright boilerplate from older versions of dh_make. + (C) alone is not considered a valid copyright notice in some + countries. The word Copyright or the © symbol should be used + instead or in addition to (C). + . + Copyright notices like this are, in any country that's a signatory to the + Berne Convention, not required to claim copyright on a work, but their + presence may allow claiming additional damages should a copyright case go + to court. If you provide a notice, you may as well provide one that's + legally recognized in a broader range of countries. diff --git a/tags/c/copyright-without-copyright-notice.tag b/tags/c/copyright-without-copyright-notice.tag new file mode 100644 index 0000000..3ceee44 --- /dev/null +++ b/tags/c/copyright-without-copyright-notice.tag @@ -0,0 +1,22 @@ +Tag: copyright-without-copyright-notice +Severity: warning +Check: debian/copyright +See-Also: https://ftp-master.debian.org/REJECT-FAQ.html +Explanation: The copyright file for this package does not appear to contain a + copyright notice. You should copy the copyright notice from the upstream + source (or add one of your own for a native package). A copyright notice + must consist of Copyright, Copr., or the Unicode symbol of C in a circle + followed by the years and the copyright holder. A copyright notice is + not required for a work to be copyrighted, but Debian requires the + copyright file include the authors and years of copyright, and including + a valid copyright notice is the best way to do that. Examples: + . + Copyright YYYY Firstname Lastname <address@example.com> + Copr. YYYY-YYYY Firstname Lastname <address@example.com> + © YYYY,YYYY Firstname Lastname <address@example.com> + . + If the package is in the public domain rather than copyrighted, be sure + to mention "public domain" in the copyright file. Please be aware that + this is very rare and not the same as a DFSG-free license. True public + domain software is generally limited to such special cases as a work + product of a United States government agency. diff --git a/tags/c/country-in-manual.tag b/tags/c/country-in-manual.tag new file mode 100644 index 0000000..229f958 --- /dev/null +++ b/tags/c/country-in-manual.tag @@ -0,0 +1,10 @@ +Tag: country-in-manual +Severity: warning +Check: documentation/manual +Renamed-From: manpage-locale-dir-country-specific +Explanation: This package installs a manual page in a locale directory that + includes the country name. A country name should not be included in the + directory name unless it indicates a significant difference in the + language. The known cases where country names are appropriate are pt_BR + and zh_*. +See-Also: debian-policy 12.1 diff --git a/tags/c/csh-considered-harmful.tag b/tags/c/csh-considered-harmful.tag new file mode 100644 index 0000000..e2ebe7e --- /dev/null +++ b/tags/c/csh-considered-harmful.tag @@ -0,0 +1,7 @@ +Tag: csh-considered-harmful +Severity: warning +Check: shell/csh +Explanation: The Debian policy for scripts explicitly warns against using + csh and tcsh as scripting languages. +See-Also: + debian-policy 10.4 diff --git a/tags/c/ctrl-script.tag b/tags/c/ctrl-script.tag new file mode 100644 index 0000000..d3304ec --- /dev/null +++ b/tags/c/ctrl-script.tag @@ -0,0 +1,7 @@ +Tag: ctrl-script +Severity: classification +Check: control-files +Explanation: This package has one or more maintainer scripts (or other + executable control files). + . + This flags any control file with the executable bit set. diff --git a/tags/c/custom-compression-in-debian-rules.tag b/tags/c/custom-compression-in-debian-rules.tag new file mode 100644 index 0000000..135b0f7 --- /dev/null +++ b/tags/c/custom-compression-in-debian-rules.tag @@ -0,0 +1,23 @@ +Tag: custom-compression-in-debian-rules +Severity: warning +Check: debian/rules +Renamed-From: debian-rules-should-not-use-custom-compression-settings +Explanation: This package calls dh_builddeb(1) to select a custom + compression level or algorithm in debian/rules. Please remove + the call and let dpkg-deb(1) select suitable defaults. + . + Custom compression settings are usually chosen for one of two + reasons: + . + Higher compression levels or more advanced algorithms shrink the + sizes of large files, but they can cause problems in the resource + constrained environments used in Debian's buildd infrastructure. + For example, higher than expected memory consumption may trigger + an FTBFS or a failure to install. + . + Lower compression levels or less advanced algorithms are sometimes + needed to support older Debian version. Unfortunately, they also + make it harder to change the defaults on an archive-wide basis. + . + Some legitimate use cases trigger this tag. Please override it. +See-Also: Bug#829100, Bug#906614, Bug#909696, dpkg-deb(1) diff --git a/tags/c/custom-compression-in-debian-source-options.tag b/tags/c/custom-compression-in-debian-source-options.tag new file mode 100644 index 0000000..a253354 --- /dev/null +++ b/tags/c/custom-compression-in-debian-source-options.tag @@ -0,0 +1,23 @@ +Tag: custom-compression-in-debian-source-options +Severity: warning +Check: debian/source-dir +Renamed-From: debian-source-options-has-custom-compression-settings +Explanation: This package selects a custom compression level or algorithm + in debian/source/options. Please remove the call and let + dpkg-deb(1) select suitable defaults. + . + Custom compression settings are usually chosen for one of two + reasons: + . + Higher compression levels or more advanced algorithms shrink the + sizes of large files, but they can cause problems in the resource + constrained environments used in Debian's buildd infrastructure. + For example, higher than expected memory consumption may trigger + an FTBFS or a failure to install. + . + Lower compression levels or less advanced algorithms are sometimes + needed to support older Debian version. Unfortunately, they also + make it harder to change the defaults on an archive-wide basis. + . + Some legitimate use cases trigger this tag. Please override it. +See-Also: Bug#829100, Bug#906614, Bug#909696, dpkg-deb(1) diff --git a/tags/c/custom-library-search-path.tag b/tags/c/custom-library-search-path.tag new file mode 100644 index 0000000..76b36ad --- /dev/null +++ b/tags/c/custom-library-search-path.tag @@ -0,0 +1,25 @@ +Tag: custom-library-search-path +Severity: error +Check: binaries/rpath +Renamed-From: + binary-or-shlib-defines-rpath +Explanation: The binary or shared library sets RPATH or RUNPATH. This + overrides the normal library search path, possibly interfering with + local policy and causing problems for multilib, among other issues. + . + The only time a binary or shared library in a Debian package should + set RPATH or RUNPATH is if it is linked to private shared libraries + in the same package. In that case, place those private shared + libraries in /usr/lib/*package*. Libraries used by + binaries in other packages should be placed in /lib or + /usr/lib as appropriate, with a proper SONAME, in which case + RPATH/RUNPATH is unnecessary. + . + To fix this problem, look for link lines like: + gcc test.o -o test -Wl,--rpath,/usr/local/lib + or + gcc test.o -o test -R/usr/local/lib + and remove the -Wl,--rpath or -R argument. You can also + use the chrpath utility to remove the RPATH. +See-Also: + https://wiki.debian.org/RpathIssue diff --git a/tags/c/cute-field.tag b/tags/c/cute-field.tag new file mode 100644 index 0000000..fde8489 --- /dev/null +++ b/tags/c/cute-field.tag @@ -0,0 +1,8 @@ +Tag: cute-field +Severity: pedantic +Check: fields/style +Explanation: The named field uses a free-style form of capitalization, which + is permitted by policy. The alternative offered is probably a more + common variant in the archive. +See-Also: + debian-policy 5.1 -- cgit v1.2.3