Control: tags -1 moreinfo On Tue, 8 Oct 2024 18:04:49 +0200 Nicolas Schodet <n...@ni.fr.eu.org> wrote:
> I am looking for a sponsor for my package "nxt-python":
hi Nicolas,
your package is in really good shape overall. Please find my review
and suggestions at the bottom of this mail.
> About bugs #885467, #937175 and #773201: they were closed when the
> package was removed, should I re-open them before the upload, or is
> it handled at upload time?
See developer reference [0].
> I: nxt-python source: built-using-field-on-arch-all-package (in
> section for python3-nxt) Built-Using ${sphinxdoc:Built-Using},
> [debian/control:34]
>
> I think this is a bug in lintian as this is required by
> sphinx, see https://bugs.debian.org/999785
Yep, no action required here AFAICT.
> P: nxt-python source: maintainer-manual-page [debian/man/nxt_push.1]
> P: nxt-python source: maintainer-manual-page
> [debian/man/nxt_server.1] P: nxt-python source:
> maintainer-manual-page [debian/man/nxt_test.1]
>
> I am also the upstream maintainer, I plan to add them to
> upstream package in the future. Maybe I should add an
> override for this one.
No point in overriding a pedantic, factually correct lintian hit.
> X: python3-nxt: application-in-library-section python
> [...]
> python3-nxt: library-package-name-for-application [usr/bin/nxt_test]
For tiny/trivial utils in a package that is primarily intended as a
public Python module, you should keep the section at python and add
an override for the lintian hits.
These lintian tags are aimed at actual applications, where the
programming language used is but an implementation detail that
shouldn't affect the choice of section.
> X: nxt-python source: debian-watch-does-not-check-openpgp-signature
> [debian/watch]
>
> This is related to PyPI not encouraging PGP signature.
> Should I, as the upstream author, make releases outside of PyPI?
It's certainly welcome to have a signature to verify the integrity of
upstream releases, but in the end the choice is up to "upstream
developer you". Note that there's plenty of projects that publish
releases on multiple platforms, so this isn't necessarily a matter of
"pypi or not".
> X: nxt-python source: very-long-line-length-in-source-file 3559 >
> 512 [setup.py:20]
>
> This is from generated upstream package, quoting the README
> inside the setup.py.
Feel free to add an override, this lintian tag is just a crude way to
detect auto-generated stuff such as minified javascript in places
where Debian wants actual source code.
Finally, the very minor things that came up during review...:
* control:
+ is the python3-usb build-dependency used for anything other than
running tests? If not, it could be marked "<!nocheck>".
+ is Pere still involved with this package?
* Please add an autopkgtest. You could probably get away with simply
setting 'Testsuite: autopkgtest-pkg-pybuild' in d/control, which
would make pybuild run the same tests as on build in an autopkgtest
context.
* Enable the CI on salsa [1]. This is a very powerful quality control
tool for maintainers and sponsors alike.
Please remove the moreinfo tag (and put me in the CC) once you have
an updated package ready.
[0]https://www.debian.org/doc/manuals/developers-reference/pkgs.html#reintroducing-pkgs
[1]https://salsa.debian.org/salsa-ci-team/pipeline#activate-salsa-ci
pgp0PCMeZAZZT.pgp
Description: OpenPGP digital signature
