[pkg] dirb package ready
Philippe Thierry
phil at reseau-libre.net
Fri Jun 16 20:05:27 UTC 2017
Le 16/06/2017 à 21:38, Raphael Hertzog a écrit :
> My comments:
> - since you use debhelper compat 10, you don't need to build-depend on
> dh-autoreconf (debhelper already does it for you) and you don't have to
> pass "--with autoreconf" in debian/rules either (again it's implicit
> already)
Ah great. I had to let it because even if i build through pbuilder, my
dev PC is still a jessie, and when the .dsc and orig/debian tarball are
made just before pbuilder is called through gbp, i have an error without
that flags. I think i should update my Debian :)
>
> - in debian/rules, you have "export DEB_BUILD_HARDENING=1", what is it
> for? I don't think anything is using that variable. It might have been
> used by hardening-wrapper in the past but it's not needed for
> dpkg-buildflags.
>
> - again in debian/rules, you don't need the following 3 lines:
> # see EXAMPLES in dpkg-buildflags(1) and read /usr/share/dpkg/*
> DPKG_EXPORT_BUILDFLAGS = 1
> include /usr/share/dpkg/default.mk
>
> debhelper is already setting the build flags as appropriate in the
> dh_auto_configure and dh_auto_build commands. And you are not using
> the variables exported by /usr/share/dpkg/default.mk anywhere else.
Ok. I followed the DebianHardening page of the wiki :)
Corrected.
>
> - the debian/orig-tar.sh debian/orig-tar.exclude is only a complicated
> way to do what we can do nowadays by adding a "Files-Excluded" field
> in debian/copyright (see man uscan and man mk-origtargz)
Ah great ! didn't know that way. I studied other packages which used
such method.
Corrected.
>
> => however this debian/watch file shows you how you can a hook a script
> into uscan and thus handle the "git submodule" problem you have with
> wcc...
I've tested using this method... Didn't managed because uscan drop the
.git dir, which make impossible the usage of git submodule init/git
submodule sync :-/
>
> - in debian/control you have "Priority: extra". We rarely use "extra".
> "optional" should be the default. extra is for limited cases, see
> https://www.debian.org/doc/debian-policy/ch-archive.html#s-priorities
Ok corrected.
> - I pushed some English improvements to the description
Thanks!
> Cheers,
Cheers,
More information about the Pkg-security-team
mailing list