[2018-12-30 23:09] Chris Lamb <la...@debian.org>
> > > > As of implementation side, given that Lintian by design do not use
> > > > network, it is possible to assume that Debian release happens once a 2.5
> > > > year (or so), so versions older then 5.5 years (possible to lookup in
> > > > d/changelog) are below threhold.
> > >
> > > Alas, unless we can think of a more-reliable way of doing this I fear this
> > > will be far too full of false-positives or will simply not detect enough
> > > cases to be prioritised. :(
> >
> > Well, we could hardcode dates of Debian releases in Lintian.
>
> This is the easy part. The difficult parts I was referring to are:
>
> a) The dates in the debian/changelog file cannot "know" that that
> was the version in a stable release.
Probably I missing something oblivious, but still: if you know that
version X is latest, such as
date(X) < date(oldstable)
then all versions X' < X are too old, upgrade from them is not
supported.
> b) The parsing of the maintainer scripts is going to be very messy
> and error prone.
Again, maybe I miss something, but I believe this is as simple, as two
grep(1), like following:
for v in ${too_old_versions} ; do
if grep -v '#' $maintscript | grep -F "$v" ; then
echo "bad, bad"
fi
done
I got inspiration for this check during work on sysvinit, which keeps
checking upgrades from 10-years old versions.
But issue is not sysvinit-specific. I have number of packages, that have
code in maintainer scripts, that deals with upgrades from specific
versions. And in 5 years, this code should be removed. But I doubt I
will remember it then.
