Control: tags -1 + moreinfo Anoop,
Preamble... Thank you for taking the time to create this package and your contribution to the Debian project. The review below is for assistance. This review is offered to help package submitters to Debian mentors inorder to improve their packages prior to possible sponsorship into Debian. There is no obligation on behalf of the submitter to make any alterations based upon information provided in the review. Review... 1. Build[1]: Good 2. Lintian[2]: Issue I: fcitx5-varnam: hardening-no-bindnow [usr/lib/x86_64-linux- gnu/fcitx5/libvarnamfcitx.so] N: N: This package provides an ELF binary that lacks the "bindnow" linker flag. N: N: This is needed (together with "relro") to make the "Global Offset Table" N: (GOT) fully read-only. The bindnow feature trades startup time for N: improved security. Please consider enabling this feature or consider N: overriding the tag (possibly with a comment about why). N: N: If you use dpkg-buildflags, you may have to add hardening=+bindnow or N: hardening=+all to DEB_BUILD_MAINT_OPTIONS. N: N: The relevant compiler flags are set in LDFLAGS. N: N: Please refer to https://wiki.debian.org/Hardening for details. N: N: Visibility: info N: Show-Always: no N: Check: binaries/hardening I: fcitx5-varnam source: patch-not-forwarded-upstream [debian/patches/000- change-icon-destdir.patch] N: N: According to the DEP-3 headers, this patch has not been forwarded N: upstream. N: N: Please forward the patch and try to have it included in upstream's version N: control system. If the patch is not suitable for that, please mention N: not-needed in the Forwarded field of the patch header. N: N: Please refer to social contract item 2, Coordination with upstream N: developers (Section 3.1.4) in the Debian Developer's Reference, Changes to N: the upstream sources (Section 4.3) in the Debian Policy Manual, and N: Bug#755153 for details. N: N: Visibility: info N: Show-Always: no N: Check: debian/patches/dep3 N: Renamed from: send-patch N: N: I: fcitx5-varnam source: patch-not-forwarded-upstream [debian/patches/001- fix-icon-name-kn.patch] I: fcitx5-varnam: synopsis-is-a-sentence "Fcitx5 wrapper for Varnam input method." N: N: The package synopsis (also known as the "short" description, ie. the first N: line in the package's "Description:" field) either ends with a full stop N: "." character or starts another sentence. N: N: This is not necessary as the synopsis does not need to be a full sentence. N: It is recommended that a single descriptive phrase is used instead. N: N: Note also that the synopsis is not part of the rest of the "long" N: Description: field. N: N: Please refer to The package synopsis, or short description (Section 6.2.2) N: in the Debian Developer's Reference for details. N: N: Visibility: info N: Show-Always: no N: Check: fields/description N: Renamed from: description-synopsis-might-not-be-phrased-properly 3. Licenses (lrc[3]): Good 4. Watch file (uscan --force-download): Good 5. Build Twice (sudo pbuilder build --twice <package>.dsc): Good 6. Reproducible builds (reporotest)[3]: Good 7. Install (No previous installs): Good 8. Upgrade (Over previous installs if any): N/A Additional... A. Please update 'Standards-Version' in 'debian/control' to 4.7.0 as per Debian policy[5]. B. Hardening is not enabled in 'debian/rules'. Summary... I believe fcitx5-varnam is not yet ready for sponsorship/upload. Could the contributor rectify one of more of the rasied issues. Once updated to your satisfaction and a new upload done, please remove the 'moreinfo' on the Request For Sponsorship (RFS) bug report. Regards Phil [1] Using: * pbuilder - https://wiki.ubuntu.com/PbuilderHowto. * https://wiki.debian.org/PbuilderTricks and * sbuild - https://wiki.debian.org/sbuild. [2] Command: lintian -v -i -I -E --pedantic --profile debian (*.dsc, *.changes, *.buildinfo). Each can throw up different, so be thorough. [3] 'lrc' from 'licenserecon' is located in Debian testing and newer. [4] https://wiki.debian.org/ReproducibleBuilds/Howto#Newer_method [5] https://www.debian.org/doc/debian-policy/ -- "I play the game for the game’s own sake" Arthur Conan Doyle - The Adventure of the Bruce-Partington Plans -- Internet Relay Chat (IRC): kathenas Website: https://kathenas.org Instagram: https://instagram.com/kathenasorg/ Buy Me A Coffee: https://buymeacoffee.com/kathenasorg --
signature.asc
Description: This is a digitally signed message part
