Differences between revisions 4 and 22 (spanning 18 versions)
Revision 4 as of 2017-02-08 14:14:42
Size: 1499
Editor: SeanWhitton
Comment: er, -ux
Revision 22 as of 2017-05-24 14:07:11
Size: 3119
Editor: RogerShimizu
Comment:
Deletions are marked like this. Additions are marked like this.
Line 10: Line 10:
 * Consider asking the sponsee to put their package in a git repository. This makes things easier when you expect to do several rounds of review.
Line 13: Line 14:
 * There're a few automatic tools. Just apt install to get them.
   * debmake. It compares source tree and debian/copyright, then give you a report.
 There are a [[CopyrightReviewTools|few automatic tools]].
 * debmake. It compares source tree and debian/copyright, then give you a report.
Line 18: Line 19:
   * decopy. It generate a copyright file for reference.  * decopy. It generate a copyright file for reference. (not in stretch, can be installed from unstable [[https://packages.debian.org/sid/decopy]])
Line 21: Line 22:
diff -u debian/copyright debian/copyright.tmp
Line 22: Line 24:
   * cme. It generate/overwrite debian/copyright.  * cme. It generate/overwrite debian/copyright.
Line 26: Line 28:
diff -u debian/copyright.orig debian/copyright
Line 27: Line 30:

Please be also noted that as an unwritten exception to the rule, Debian packages where the copyright of the autoconf files is not documented in the Debian copyright file are routinely accepted by our archive administrators. [0][1]

 * [0] https://lists.debian.org/debian-mentors/2009/09/msg00264.html
 * [1] https://lists.debian.org/debian-devel/2015/11/msg00260.html
Line 32: Line 40:
mk-build-deps
sudo dpkg -i <yyy_build-deps_zzz-1.deb>
sudo apt install -f
# you need to have package equivs installed before running command below
mk-build-deps --root-cmd sudo --install --tool "apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends"
Line 39: Line 46:
- or -
Line 46: Line 54:
lintian -I --pedemic lintian --info --display-info --display-experimental --pedantic --show-overrides --color auto
Line 48: Line 56:
 * [[https://tracker.debian.org/pkg/check-all-the-things|check-all-the-things]]
Line 54: Line 63:
 * [[CopyrightReview]]  * [[CopyrightReview]] [[CopyrightReviewTools]]
 * [[https://ftp-master.debian.org/REJECT-FAQ.html|REJECT FAQ]]
 * [[HowToPackageForDebian#Check_points_for_any_package|Check points for any package]]

== Alternative workflows ==

 * [[https://manpages.debian.org/unstable/dgit/dgit-sponsorship.7.en.html|dgit-sponsorship(7)]]

== Ideas to be added to this page ==

 * add sbuild/pbuilder usage
 * "dget -u" unpacks the source in case you already trust the person (but you didn't update the keyring)
 * debdiff between versions (in case of update)
{{{
filterdiff debdiff -i "*debian*" > debdiff.filtered
}}}
 * apt build-dep (dsc-file) to build-dependencies

Procedure to review packaging for mentors

Get the package

  • Usually sponsorship-requests (RFS) email tells how to get the package:

dget -x https://mentors.debian.net/debian/pool/main/x/yyy/yyy_zzz-1.dsc
  • Unless you have the sponsee's key (for example, they're in the DM keyring), you should replace the -x with -ux or dpkg-source will refuse to extract the source package.

  • Consider asking the sponsee to put their package in a git repository. This makes things easier when you expect to do several rounds of review.

Check the license

  • There are a few automatic tools.

  • debmake. It compares source tree and debian/copyright, then give you a report.

debmake -kk

decopy -o debian/copyright.tmp
diff -u debian/copyright debian/copyright.tmp
  • cme. It generate/overwrite debian/copyright.

cp debian/copyright debian/copyright.orig
cme update dpkg-copyright -trace
diff -u debian/copyright.orig debian/copyright

Please be also noted that as an unwritten exception to the rule, Debian packages where the copyright of the autoconf files is not documented in the Debian copyright file are routinely accepted by our archive administrators. [0][1]

Build the package

  • You need to install build-dependencies first. Here's a way to remove easily afterwards.

# you need to have package equivs installed before running command below
mk-build-deps --root-cmd sudo --install --tool "apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends"
  • debuild or dpkg-buildpackage

debuild -us -uc
- or -
dpkg-buildpackage -us -uc

Auto Check Tools

  • lintian (Note: Just verbose the output, but not all of them is must-fix)

lintian --info --display-info --display-experimental --pedantic --show-overrides --color auto

Other things to check

Alternative workflows

Ideas to be added to this page

  • add sbuild/pbuilder usage
  • "dget -u" unpacks the source in case you already trust the person (but you didn't update the keyring)
  • debdiff between versions (in case of update)

filterdiff debdiff -i "*debian*" > debdiff.filtered
  • apt build-dep (dsc-file) to build-dependencies