Hi Lukas, > > Gianfranco suggested also asking the pkg-security-team for possible > > sponsors. It would be great if one of you could have a look and > > provide guidance! If team maintenance is be possible, I'd like that > > very much. > > I think arpwatch would be a good fit for the team. Is there somebody > willing to review my packaging work?
This seems to be a good fit for the team, indeed. https://git.somlen.de/arpwatch.git/ returns 403 Forbidden :) Quick review: * lintian reports P: arpwatch source: source-contains-data-from-ieee-data-oui-db ethercodes.dat but it looks like you already fixed it. If this warning is not relevant anymore please override it. * There's no copyright entry for you Nitpicking: in debian/changelog: why "remove dmassagevendor" ? This changelog entry could be more verbose. $ cme check dpkg [...] Warning in 'dirs:0' value 'usr/sbin': Make sure that this directory is actually needed. See L<http://www.debian.org/doc/manuals/maint-guide/dother.en.html#dirs> for details Warning in 'dirs:1' value 'var/lib/arpwatch': Make sure that this directory is actually needed. See L<http://www.debian.org/doc/manuals/maint-guide/dother.en.html#dirs> for details [...] Warning in 'control source Vcs-Git' value 'git://anonscm.debian.org/collab-maint/arpwatch.git': An unencrypted transport protocol is used for this URI. It is recommended to use a secure transport such as HTTPS for anonymous read-only access. Warning in 'control source Vcs-Git' value 'git://anonscm.debian.org/collab-maint/arpwatch.git': URL is not the canonical one for repositories hosted on Alioth. Warning in 'control binary:arpwatch Pre-Depends:0' value 'dpkg (>= 1.16.1)': unnecessary versioned dependency: dpkg (>= 1.16.1). Debian has oldstable -> 1.16.18; stable -> 1.17.27; unstable -> 1.18.23; testing -> 1.18.23; Warning in 'copyright Format' value 'http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/': Format uses insecure http protocol instead of https checking data check done $ codespell * aclocal.m4:784: seperate ==> separate aclocal.m4:787: independantly ==> independently aclocal.m4:788: dependancies ==> dependencies arp2ethers:8: occurance ==> occurrence config.sub:1161: nto ==> not | disable due to \n debian/changelog:129: wont ==> won't, wont dns.c:140: cannonical ==> canonical WARNING: Decoding file ethercodes.dat WARNING: using encoding=utf-8 failed. WARNING: Trying next encoding: iso-8859-1 ethercodes.dat:785: Intruments ==> Instruments ethercodes.dat:838: Aircaft ==> Aircraft ethercodes.dat:1180: Engeneering ==> Engineering ethercodes.dat:2083: Internation ==> International ethercodes.dat:7447: MANAGMENT ==> MANAGEMENT Otherwise, the package looks good. I did not review everything yet, I'll take a second look later. :) Cheers, Hugo -- Hugo Lefeuvre (hle) | www.owl.eu.com 4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
signature.asc
Description: PGP signature
