Bug#797562: licensecheck: returns garbage when scanning binary files
Dominique Dumont
dod at debian.org
Mon Aug 31 15:07:27 UTC 2015
Package: devscripts
Version: 2.15.8
Severity: normal
Dear Maintainer,
Unfortunately, the fix for #794282 allows licensecheck to parse binary
files like jar and produce results like:
$ licensecheck -r -m --copyright src/oca/java/lib/ws-commons-util-1.0.2.jar
/usr/bin/licensecheck warning: cannot parse file 'src/oca/java/lib/ws-commons-
util-1.0.2.jar' with mime type 'application/zip; charset=binary'
src/oca/java/lib/ws-commons-util-1.0.2.jar UNKNOWN
C¨2ù3zzÃ0▒îÇï4Á▒I1Ír÷ÿÈ"zìÎ ñÔ \ªjqHEÙgz<n¤zbátZd°j±
nP£3Íäye^w?Z,þiaìn/µ¿Pe*L▒cX/9«;«DÄH§½çHj&"Aá
dSÎò$fRcoTIæ"Õk@:ÝOS:ÑNÇè¸Nã4¡Ó¤<î×{å×ûèN' 3NøQ3g_8=
HçU¼▒!BüêB7ïgxÔv×ðZëiÆËëtnàõ:oà[tnL`:Kç@ôÎ]P▒ä] [[·4xy£ÎMÒ)C3Èúì!ØÕzàçÚÕ
ÓtN§7Êå¿ç»}d÷¼®u{ÃpÚX}&Q¯ØWçÕÛX"Þ^¯ó&9¨Ó7ÓÓÚÜ<u¨Õ a½tnÑé}2ÁÝ▒SSkeT1éÐé ú
lh\ïåÍð·Â¨Ù+Ö,ûLuutzD@\à-:oå[áÛÆp2!Äñ4>0Ètxù6·I÷vYÅÕÕ
sêtÎãÛ¥cïô2¢ÑÁ^îÒ¹[ÙÅwd½¶Ó:ï®òÂàʲh_ÛoÌÔOÅgê'ñÁõrVe¢FZ▒è»6ÿRÇô¢=÷ºßçá%àãp,]p¾u¦y
ÏJïZ.75t«}}ð.ò▒Ò59;6tps0¥éÄido£h§îHÃÜeÏUt(BÀÇ!Gx/Áÿ]1sÇH¡[QZÎuÂTäÆõÇ3ÆlR
.§«PMÓ«âº3Ó#GÐî¹8NjgI4¯ÖAæCýnëÌ@U]¦±B▒WcðuDä°"{ÍPASÇ¢P1¾¨¥ËØ{Ñð<½ÜÜ#w26fz\o¹PáqÖáä.
\÷ï¦e´ê£r§x?÷~▒ïGòÞâVõ{¬ò^«@«▒JÈ´|U¶«wÃ*¡ðª´Ê¨*×bxÆð¶íÐsò¯.ë¢▒;-
m(e¼FMGM7GRê#æJY«´c¤õSQn±YÍ®6GX³¥=P;Ñukz'r/QÑG iÍá¶A¦37¨»LZ!Ð fáÙíCËlqñZgîB[ñ:
Ä Ü nuñs8< n[ÄÃV8q §0ÛA¼Þ·Äö%@¼ÁñFGÞBm Î;Ãâö%@ü79ÃW▒ ÞLo±&wç{¢¸0¿º0§{
¿L~ÝHq¡7zü½Õ)$þBo ,âmÙô7é·@ø AÜâ·éw0J&?AE$ÿg `rÉs´,ø4éG¯Pée* ,k^ ²9 ´¥v1P>8O+¦
$ file src/oca/java/lib/ws-commons-util-1.0.2.jar
src/oca/java/lib/ws-commons-util-1.0.2.jar: Zip archive data, at least v1.0 to
extract
I have similar results when licensecheck stumbles on jpg files. This
tends to break "cme update dpkg-copyright"
I see 2 ways out of this:
- go back to a while list and amend this white list to include the regressions
reported in #794282.
- add an option to license-check to skip "maybe-binary" types
I think the first option would be better for our users.
Thoughts ?
-- Package-specific info:
--- /etc/devscripts.conf ---
--- ~/.devscripts ---
DEBCHANGE_RELEASE_HEURISTIC=changelog
DEBSIGN_KEYID="49AB2B6C"
DEBUILD_LINTIAN=yes
DEBUILD_LINTIAN_OPTS="-i -I --show-overrides"
USCAN_DESTDIR=../tarballs
DEBRELEASE_DEBS_DIR=../build-area
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf
Kernel: Linux 4.0.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages devscripts depends on:
ii dpkg-dev 1.18.2
ii libc6 2.19-19
ii perl 5.20.2-6
ii python3 3.4.3-4
pn python3:any <none>
Versions of packages devscripts recommends:
ii at 3.1.16-1
ii curl 7.44.0-1
ii dctrl-tools 2.24-1
ii debian-keyring 2015.08.13
ii dput-ng [dput] 1.10
ii dupload 2.7.0
ii equivs 2.0.9
ii fakeroot 1.20.2-1
ii file 1:5.22+15-2
ii gnupg 1.4.19-5
ii libdistro-info-perl 0.14
ii libencode-locale-perl 1.03-1
ii libjson-perl 2.90-1
ii liblwp-protocol-https-perl 6.06-2
ii libsoap-lite-perl 1.11-1
ii liburi-perl 1.69-1
ii libwww-perl 6.13-1
ii lintian 2.5.36.1
ii man-db 2.7.2-1
ii patch 2.7.5-1
ii patchutils 0.3.4-1
ii python3-debian 0.1.27
ii python3-magic 1:5.22+15-2
ii sensible-utils 0.0.9
ii strace 4.10-3
ii unzip 6.0-18
ii wdiff 1.2.2-1
ii wget 1.16.3-3
ii xz-utils 5.1.1alpha+20120614-2.1
Versions of packages devscripts suggests:
ii bsd-mailx [mailx] 8.1.2-0.20150408cvs-1
ii build-essential 11.7
pn cvs-buildpackage <none>
pn debbindiff <none>
pn devscripts-el <none>
pn gnuplot <none>
ii gpgv 1.4.19-5
pn libauthen-sasl-perl <none>
ii libfile-desktopentry-perl 0.12-1
ii libnet-smtp-ssl-perl 1.03-1
ii libterm-size-perl 0.207-1+b2
ii libtimedate-perl 2.3000-2
ii libyaml-syck-perl 1.27-2+b2
ii mutt 1.5.23-3.1
ii openssh-client [ssh-client] 1:6.9p1-1
pn svn-buildpackage <none>
ii w3m 0.5.3-24
-- no debconf information
More information about the devscripts-devel
mailing list