[debhelper-devel] Bug#800012: debhelper: please call dpkg-buildflags --status on build
Simon Ruderich
simon at ruderich.org
Fri Sep 25 09:35:46 UTC 2015
Package: debhelper
Version: 9.20150811
Severity: normal
Tags: patch
Hello,
blhc is used in the buildd log scanner [1] to detect missing
compiler (hardening) flags. At the moment only the default flags
provided by dpkg-buildflags are verified as blhc can't detect
additional flag options specified in debian/rules (e.g.
hardening=+pie or hardening=-fortify to exclude hardening flags).
Since dpkg 1.16.5 dpkg-buildflags supports a --status option
which displays the current settings.
Please call dpkg-buildflags --status when building a package.
The attached patch tries to implement it for the `dh` binary,
thus supporting (only) the new dh short rules, but I'm not sure
if this is the best way to handle it.
Would it be possible to also call dpkg-buildflags --status when
using only the traditional dh_* commands?
Regards
Simon
[1]: https://qa.debian.org/bls/
--
+ privacy is necessary
+ using gnupg http://gnupg.org
+ public key id: 0x92FEFDB7E44C32F9
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dh-call-dpkg-buildflags-status.patch
Type: text/x-diff
Size: 541 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/debhelper-devel/attachments/20150925/59201197/attachment-0003.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/debhelper-devel/attachments/20150925/59201197/attachment-0003.sig>
More information about the debhelper-devel
mailing list