Debian Perl Group - Open tasks

This page collects ideas for tasks within the Teams/DebianPerlGroup. These tasks can be worked on at DebCamp, at a team sprint or might be tackled by volunteers "at home".

It should have an up to date list of open tasks, please remove completed tasks; for documentation please add links to the History section below (instead of adding them in between the tasks here).

Policy / issues for discussion (DebConf BoF)

Release-critical bugs

RM candidates (usertagged "rm-candidate"):

Leaf package with RC Bugs

Note: let's deprecate this section once we're done with what's in there, and instead use the "rm-candidate" usertag (see above).

Ping upstream means tell them we are going to remove it from Debian unstable in 3 weeks if no action. New forwarded reports should wait 3 months until the next step.

Leaf means either 0 or $few rdeps

Here is a template mail used by Dom:

Dear Maintainer,

The Debian perl group is reviewing packages with bugs which make them un-releasable; in particular when they are not heavily used by Debian users. We would like to remove such modules from Debian if we don't think they are likely to be fixed.

Module::Packaged is one such module, owing to this bug, and we would like to know whether you have any plans to look at the bug in the foreseeable future before we remove the package from Debian.

If we don't hear anything we will remove the package from Debian on or around 23rd February. This of course does not affect the standing of your module on CPAN.

Thank you for maintaining this module so far!

Transitions

Packages/tools

List of tasks that need to be performed on all/many of our packages; or maintenance tools ...

PET

(not exclusively a pkg-perl topic but still)

To be done:

Resources:

dh-make-perl

packagecheck{,.pl}

lintian profile

Recurring tasks

When a new Perl hits unstable

When oldstable is archived

Documentation/promotion

List of tasks that need to be (better) documented and promoted to get wider adoption:

Background tasks

Things that would be nice to do, often repetitive. Can be done globally, or every time you work on a specific package.

Nice to have, some day

inc/

NM

Find issues with Perl::Critic

Using Perl::Critic to find issues in Perl modules (e.g. 2-arg open, etc.) as suggested by Paul Wise during sprint in Lloret 2017.

  1. Run perlcritic (and maybe other linters) over new/updated Perl code introduced to Debian (cf. check-all-the-things)

  2. Make a report of modules affected by default perl-critic config with --noprofile to avoid running untrusted code

  3. Tweak perl-critic config

  4. Identify potential security issues and review code:
    • use lib

    • eval

    • qx and ``

    • system, sysopen, popen, open, open2, open3 without lists

    • open with pipes

  5. If ever possible have a script to determine which Modules should be checked first.
  6. Talk with upstream about deprecating all these things.

Subpages

History