Differences between revisions 4 and 5
Revision 4 as of 2007-07-30 18:43:11
Size: 2756
Editor: DonArmstrong
Comment:
Revision 5 as of 2007-07-30 19:33:31
Size: 3014
Comment:
Deletions are marked like this. Additions are marked like this.
Line 31: Line 31:
 
Line 45: Line 45:
 
Line 74: Line 74:
 * Does it build correctly a second time after cleaning?
 * Does the resulting package install correctly?
 * Does it uninstall cleanly?
 * Does it pass puiparts tests?
Line 78: Line 82:
 * If upstream provides md5sum/shasums for the source, does the signature still match?

Checklist for Package Sponsors

The checklist below is not exhaustive; you should be applying all of the normal checks you do to your own packages in addition to these.

(If there are additional checks that you think should be added, feel free to add them.)

Determine if the package actually belongs in Debian

  • Is there a significant use case for the package?
  • Are there pre-existing packages that do a better job?
  • Would you use the package?
  • Does the maintainer use the package?
  • What is the maturity level of the upstream codebase?
  • Is upstream active (alive)?

Determine if the maintainer can actually maintain the package

  • What is the skill level of the maintainer?
  • Are they familiar with the package and its languages?
  • How active are they?
  • Do they have existing packages?
  • How do they interact with users? [Check out their existing bugs.]

Determine if you can back up the maintainer

  • Is the package one that you are comfortable maintaining if the maintainer disappears?
  • Do you have time to assist the maintainer if they get stuck?

Make sure that the package can be distributed by Debian

  • Does debian/copyright list all of the copyrights of portions of the code?
  • Are all pieces licensed under licenses that Debian can distribute?
  • Does the proposed section (main, contrib, non-free) match the license?
  • Are there significant patents which the work infringes which are known to be enforced?

Make sure that the packaging is up to par

control

  • Is the description good?
  • Have they sent an ITP with the description to -devel? [Have they incorporated any comments?]
  • Are the dependencies correct? Are there missing recommends? Suggests?

rules

  • Are the rules sane?
  • Are all of the targets there?
  • Are they using the extant tools correctly?
  • Have they removed (or commented out) useless debhelper calls?
  • Does the maintainer understand what their rules file does?

changelog

  • Are the changes to the packaging described?
  • Are ITP bugs closed?
  • Are existing bugs in the package fixed?

general

  • Is the package lintian/linda clean?
  • Does it build in a buildd pbuilder chroot?
  • Does it build correctly a second time after cleaning?
  • Does the resulting package install correctly?
  • Does it uninstall cleanly?
  • Does it pass puiparts tests?
  • Do the resultant packages work? Have you used them?
  • Does the package contain what it's supposed to contain?
  • Does the .diff.gz look sane?
  • Is the upstream source pristine?
  • If upstream provides md5sum/shasums for the source, does the signature still match?

Check out the upstream codebase

  • Is the upstream source sane?
  • Are you building against Debian distributed libraries or internal copies?
  • Are there potential security issues? (Daemons, tempfile vulnerabilities, setuid binaries?)

CategoryDeveloper