RHash 1.3.5 package

Lukas Schwaighofer lukas at schwaighofer.name
Mon Feb 12 22:24:53 UTC 2018 

Hi Aleksey,

thanks for working on the Debian package of your software! :)

On Mon, 12 Feb 2018 14:21:33 +0300
Aleksey Kravchenko <rhash.admin at gmail.com> wrote:

> I've recently finished packaging new RHash version [1] for the Debian
> Security Tools Packaging Team, and now I need a sponsor to review and
> upload it.
> 
> Could you please help me with this?
> 
> [1] https://mentors.debian.net/package/rhash

I cannot sponsor your package, since I'm not a Debian Developer.  But
I'll try to help with the reviewing part :) .


All your changes look very reasonable.  Things I noticed:

* Since you are migrating from a manual -dbg package to an automatic
  dbgsym package, I believe you need to use the "--debug-migration"
  option from dh_strip.  See dh_strip(1) for more information.

* The "Change Maintainer field" changelog entry could be more
  informative. How about mentioning that it's now under pkg-security's
  umbrella?

* Debhelper compatibility level 11 is stable now, so why not upgrade to
  that? :)

* debian/rules suggestions
  - From my pkg-security experience, we usually use "hardening=+all"
    for the DEB_BUILD_MAINT_OPTIONS.  This is currently equivalent to
    what you are using ("hardening=+bindnow"), but it's conceivable
    that new hardening features will be added in the future and then
    we'll automatically enable them in a rebuild.
  - Since upstream's build system does not support CPPFLAGS, Debian's
    CPPFLAGS are not applied; it makes sense to pass those as CFLAGS to
    make (together with the actual CFLAGS).
  - The file is quite hard to read, so I'd suggest a bit of
    housekeeping:
    . The `-g` flag is already in CFLAGS and does not need to be added a
      second time if DEB_BUILD_OPTIONS contains "debug".
    . Newer debhelper versions already support parallelism, no need for
      manual quirks
    . No need to set the unchanged "LDFLAGS" variable (instead set the
      LIBLDFLAGS explicitly with `dpkg-buidlflags`)
    . The value LIB_LD is set to looks plain wrong: nothing is
      installed to debian/tmp and the LD_LIBRARY_PATH variable is not
      set.  Dropping it completely does not seem to affect the tests.
  I've attached a patch for the debian/rules containing all these
  suggestions (but not my first point about dh_strip).  Feel free
  to disregard any of it if you disagree.

* Nit: The word "formatting" is misspelled in several places, maybe you
  can correct that upstream :) .


I hope that helps.  If anything is unclear don't hesitate to ask. I see
you had asked for sponsorhip ~6 weeks ago.  If no one responds I'd
recommend you just re-ping after some time.  I believe the people here
don't ignore these requests intentionally and won't mind the reminder.

Regards
Lukas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rules.patch
Type: text/x-patch
Size: 2167 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-security-team/attachments/20180212/19365b62/attachment.bin>

More information about the Pkg-security-team mailing list