Conversation
adombeck
force-pushed
the
UDENG-8984-fix-lintian-issues
branch
8 times, most recently
from
df4a7b9 to
a6d6a7a
Compare
adombeck
force-pushed
the
UDENG-8984-fix-lintian-issues
branch
9 times, most recently
from
ed5afd3 to
dbba07a
Compare
adombeck
force-pushed
the
UDENG-8984-fix-lintian-issues
branch
6 times, most recently
from
3d782b8 to
e27d0a5
Compare
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #1253 +/- ##
==========================================
+ Coverage 85.00% 85.68% +0.67%
==========================================
Files 119 99 -20
Lines 7669 6685 -984
Branches 111 111
==========================================
- Hits 6519 5728 -791
+ Misses 1094 901 -193
Partials 56 56 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
adombeck
force-pushed
the
UDENG-8984-fix-lintian-issues
branch
from
e27d0a5 to
da162eb
Compare
Fixes the build of the Debian package to fail with:
dh_missing: warning: usr/bin/docgen exists in debian/tmp but is not installed to anywhere
dh_missing: error: missing files, aborting
This message is shown during the package build and sounded like an error, which was confusing.
adombeck
force-pushed
the
UDENG-8984-fix-lintian-issues
branch
7 times, most recently
from
572edcc to
65b1394
Compare
Also adjusts debian/lrc.config and debian/source/lintian-overrides.
The debian/copyright file was updated with the help of
decopy --group-by copyright --output debian/copyright --exclude '.*/snapcraft.yaml|debian/.*'
with my decopy fork [1] and a lot of manual adjustments of the result.
[1] https://salsa.debian.org/adombeck/decopy
If you regenerate the copyright file with decopy, check the following:
* The copyright and license of these entries:
* "Files: *"
* "Files: pam/integration-tests/pam_mkhomedir/pam_mkhomedir.c"
* "Files: pam/internal/gdm/extensions/*"
* "Files: pam/internal/gdm/extensions/gdm-pam-extensions-common.h"
* The "Files: cmd/*" entry should not be removed
* No "Files: vendor/*" entry
* No "Files: vendor_rust/*" entry
* No MIT license, it should be "Expat"
* No BSD or BSD-3 license, it should be "BSD-3-clause"
* No Apache-2.0, it should be "Apache-2"
* No "Comment: Add the corresponding license text here"
* The occurrences of "License: CC0" are probably false positives
* The occurrences of "License: Unlicense" are probably false positives
* Run licenserecon aka lrc
* Rebuild the Debian package and run lintian (both on source and binary
package)
We are seeing weird lintian behavior along with the output N: Some overrides were ignored. N: Use --verbose for more information.
Older lintian versions used the silent-on-rules-requires-root tag to
complain when the "Rules-Requires-Root:" field was missing:
P: authd source: silent-on-rules-requiring-root [debian/control]
That tag was removed in newer lintian versions and replaced with
redundant-rules-requires-root-no-field which checks the opposite, i.e.
that there is *no* "Rules-Requires-Root: no" field. We comply with the
new lintian versions by not setting the field.
To avoid older lintian versions to fail, we ignore the tag by adding it
to debian/source/lintian-overrides. We only do that on Nobel and Plucky
because the tag was removed in later lintian versions which would cause
lintian to fail with:
E: authd source: alien-tag silent-on-rules-requiring-root
adombeck
force-pushed
the
UDENG-8984-fix-lintian-issues
branch
from
84d9971 to
3e2cced
Compare
| @@ -3,415 +3,2633 @@ Upstream-Name: authd | |||
| Source: https://github.com/canonical/authd | |||
|
|
|||
| Files: * | |||
| Copyright: 2023 Canonical Ltd. | |||
There was a problem hiding this comment.
@3v1n0 FYI you can ignore the changes to debian/copyright done in 073cc9e because they are overwritten by d49cb08 (in case you review commit by commit, which I recommend because of the explanations in the commit messages)
I kept the commit because it documents what we tried and why I ended up implementing our own tool to generate copyright entries.
| vendor_rust/pin-project/src/lib.rs | ||
| vendor_rust/pin-project/examples/enum-default-expanded.rs | ||
| vendor_rust/pin-project/examples/enum-default.rs | ||
| vendor_rust/pin-project/examples/not_unpin-expanded.rs | ||
| vendor_rust/pin-project/examples/not_unpin.rs |
There was a problem hiding this comment.
Oh, we should be able to just use vendor_rust/pin-project/. Let me try that
There was a problem hiding this comment.
Yeah, but also they can be excluded using debian/copyright's file-excluded, no?
There was a problem hiding this comment.
Oh, we should be able to just use vendor_rust/pin-project/. Let me try that
so that didn't work, even though the comment from /usr/share/lrc/lrc.config says it should:
# Directories identified by trailing slash / # Entire contents will be (recursively) excluded. debian/patches/
I'll report that on the Debian bug tracker
Yeah, but also they can be excluded using debian/copyright's file-excluded, no?
I don't know what you mean. debian/copyright has no "file-excluded" stanza
There was a problem hiding this comment.
I'll report that on the Debian bug tracker
That's https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128312
There was a problem hiding this comment.
I don't know what you mean. debian/copyright has no "file-excluded" stanza
https://www.debian.org/doc/manuals/debmake-doc/ch08.en.html#files-excluded
Not sure if that applies to uscan only, but in theory it should be to avoid files being included in a tarball and ignore their copyright.
There was a problem hiding this comment.
https://www.debian.org/doc/manuals/debmake-doc/ch08.en.html#files-excluded
Oh, that's interesting. I looked for that stanza in https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ which doesn't mention it.
3v1n0
left a comment
3v1n0
left a comment
There was a problem hiding this comment.
I went through commits, so some of my review comments are outdated.
However, in general it looks very good and an huge effort.
I checked the generation script but not into full details, but the final result seems acceptable to me, so let's go with this.
| # With this approach, libnss is not using soname to track compatibility, so this override is safe. | ||
| authd: shared-library-lacks-version usr/lib/*/libnss_authd.so.2 libnss_authd.so | ||
|
|
||
| # Static-Built-Using is a valid field introduced in dpkg 1.21.0 but not yet recognized by lintian |
There was a problem hiding this comment.
I'm unsure if archive admins are happy to support something that is meant for 26.04 with code for 24.04, but it should also not be harmful
There was a problem hiding this comment.
Nice, worth considering adding this to a generic repo, or even ubuntu dev scripts, since we are vendoring more and more these days.
There was a problem hiding this comment.
Wondering also if some of the reuse tools could help here: https://reuse.software/dev/
There was a problem hiding this comment.
I looked into the reuse tool and many other tools, none of which were able to generate correct entries. The reuse tool is only a linter, it can't be used to print the license information it detects.
| vendor_rust/pin-project/src/lib.rs | ||
| vendor_rust/pin-project/examples/enum-default-expanded.rs | ||
| vendor_rust/pin-project/examples/enum-default.rs | ||
| vendor_rust/pin-project/examples/not_unpin-expanded.rs | ||
| vendor_rust/pin-project/examples/not_unpin.rs |
There was a problem hiding this comment.
Yeah, but also they can be excluded using debian/copyright's file-excluded, no?
| fi | ||
| allow-sudo: true | ||
| lintian: --fail-on error,warning,info,pedantic | ||
| lintian: --fail-on error,warning,info,pedantic --verbose |
There was a problem hiding this comment.
I hope this does not break the parser for the summary :)
There was a problem hiding this comment.
| tar-ignore = */.vscode | ||
| tar-ignore = *.so | ||
| tar-ignore = *.o | ||
| tar-ignore = authd/docs |
There was a problem hiding this comment.
Well, not for now, but the reason would be generating an authd-docs with the HTML files readable locally.
This is more a debian-stuff, that does not make much sense in an online-facing product, but still it's not unusual
There was a problem hiding this comment.
I had a discussion the other day regarding a GTK app I co-maintain with a GNOME person who says we should remove the help pages because apparently yelp is not the way to go anymore.
For authd I would find a man page a lot more useful, and from that we can link to the online docs for further information.
There was a problem hiding this comment.
GNOME person who says we should remove the help pages because apparently yelp is not the way to go anymore.
Yeah, well, gi-codgen format and Biblioteca reader are good alternatives, but anyways, still in debian there are a lot of docs even outside the gnome world.
But again, it was just a note, I don't think anybody of our targets really cares (given that it's quite expected to have the network working with authd anyways).
All the other tools I tried were not able to generate valid entries in debian/copyright for our vendored dependencies. The tool which came closest was decopy, but it still required a lot of manual effort to fix things after running it (see commit message of commit "debian: Update copyright file") and its output is non-reproducible, so we can't use it in CI to check if the file needs to be regenerated. I took time to implement our own script to generate these entries in debian/copyright for our vendored dependencies.
licensecheck doesn't detect SPDX identifiers so it reports the wrong license for a lot of files with SPDX identifiers.
We now have a way to automatically generate valid entries for vendored files in debian/copyright, so now it's an acceptable effort to keep this file maintained so that licensrecon is happy.
Drop the comma, as in the examples in https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/#copyright-field
Many of our vendored dependencies do not declare a copyright holder.
adombeck
force-pushed
the
UDENG-8984-fix-lintian-issues
branch
from
3e2cced to
2b93744
Compare
2 participants
No description provided.