RHash 1.3.5 package
Aleksey Kravchenko
rhash.admin at gmail.com
Tue Feb 13 23:05:49 UTC 2018
Hello Lukas,
thank you for the detailed review, especially for noticing that CPPFLAGS
must be used.
I applied your patch and the changes you proposed.
The "formatting" typo is fixed upstream [1] and will appear in the next
version.
I've put the updated package to mentors [2] to seek for a brave uploader.
[1] https://github.com/rhash/RHash/commit/9069daee36a70726753976499c77ee
543cda1871
[2] https://mentors.debian.net/package/rhash
Thanks,
Aleksey.
On Tue, Feb 13, 2018 at 1:24 AM, Lukas Schwaighofer <lukas at schwaighofer.name
> wrote:
> Hi Aleksey,
>
> thanks for working on the Debian package of your software! :)
>
> On Mon, 12 Feb 2018 14:21:33 +0300
> Aleksey Kravchenko <rhash.admin at gmail.com> wrote:
>
> > I've recently finished packaging new RHash version [1] for the Debian
> > Security Tools Packaging Team, and now I need a sponsor to review and
> > upload it.
> >
> > Could you please help me with this?
> >
> > [1] https://mentors.debian.net/package/rhash
>
> I cannot sponsor your package, since I'm not a Debian Developer. But
> I'll try to help with the reviewing part :) .
>
>
> All your changes look very reasonable. Things I noticed:
>
> * Since you are migrating from a manual -dbg package to an automatic
> dbgsym package, I believe you need to use the "--debug-migration"
> option from dh_strip. See dh_strip(1) for more information.
>
> * The "Change Maintainer field" changelog entry could be more
> informative. How about mentioning that it's now under pkg-security's
> umbrella?
>
> * Debhelper compatibility level 11 is stable now, so why not upgrade to
> that? :)
>
> * debian/rules suggestions
> - From my pkg-security experience, we usually use "hardening=+all"
> for the DEB_BUILD_MAINT_OPTIONS. This is currently equivalent to
> what you are using ("hardening=+bindnow"), but it's conceivable
> that new hardening features will be added in the future and then
> we'll automatically enable them in a rebuild.
> - Since upstream's build system does not support CPPFLAGS, Debian's
> CPPFLAGS are not applied; it makes sense to pass those as CFLAGS to
> make (together with the actual CFLAGS).
> - The file is quite hard to read, so I'd suggest a bit of
> housekeeping:
> . The `-g` flag is already in CFLAGS and does not need to be added a
> second time if DEB_BUILD_OPTIONS contains "debug".
> . Newer debhelper versions already support parallelism, no need for
> manual quirks
> . No need to set the unchanged "LDFLAGS" variable (instead set the
> LIBLDFLAGS explicitly with `dpkg-buidlflags`)
> . The value LIB_LD is set to looks plain wrong: nothing is
> installed to debian/tmp and the LD_LIBRARY_PATH variable is not
> set. Dropping it completely does not seem to affect the tests.
> I've attached a patch for the debian/rules containing all these
> suggestions (but not my first point about dh_strip). Feel free
> to disregard any of it if you disagree.
>
> * Nit: The word "formatting" is misspelled in several places, maybe you
> can correct that upstream :) .
>
>
> I hope that helps. If anything is unclear don't hesitate to ask. I see
> you had asked for sponsorhip ~6 weeks ago. If no one responds I'd
> recommend you just re-ping after some time. I believe the people here
> don't ignore these requests intentionally and won't mind the reminder.
>
> Regards
> Lukas
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-security-team/attachments/20180214/42db30de/attachment.html>
More information about the Pkg-security-team
mailing list