-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Alexey,
On 08.06.2011 11:55, rhash.admin wrote: > Hello! I need a sponsor for the rhash package! > http://mentors.debian.net/cgi-bin/sponsor-pkglist?action=details;package=rhash a few notes about your package you may want to consider (I'm no DD, so I can't sponsor you though): * debian/changelog: Please don't explain in the changelog what your package is for. We have a short and a long description for that. See [1] for some hints. You should neither mention the SONAME change there unless you changed it for the Debian package exclusively. If the latter you might want to elaborate the reason in a README.Debian file. * Please push debhelper compatibility to version 8 (debian/compat, debian/control), see debhelper(7). * debian/control: It is considered a best practice to have VCS links in debian/control which point to the repository where you develop the Debian package. See [2]. * Do you really need the minor version in the SONAME (and hence correctly reflected in the package name)? It is not wrong to do so, but since your package is new and your both, major and minor version are 0 you could probably just use the major version instead of an odd name like librhash0.0. * You replicate the package priority for your binary packages when compared to the source package in debian/control. No need for that unless you change priorities for binary packages. * I'm not sure what I should think about debian/Makefile-rhash-1.2.6rc1. Why didn't you merge those changes with your upstream Makefile, since you are upstream yourself? If you really want to keep it out of your upstream source, please use a quilt patch [3] instead. * Your upstream sources are missing copyright headers. Please consider adding them. * You could earn some bonus points for shipping a symbol file, see dpkg-gensymbols(1) * Your package synopsis should not start with an upper case letter, see [4]. Long description is fine, but I'm not entirely happy with the synopsis lines for each package. Tastes may vary. * Your debian/copyright provides conflicting license headers. I'm aware yor package is dual-licensed, see DEP-5 on how to specify such use cases, "Syntax" in [5]. Also consider the MIT hint mentioned in DEP-5. Moreover don't use hash marks like programming style comments, use the "Comment" header instead. * You ship some cryptographic algorithms, I hope you checked all legal issues with that? [1] http://www.debian.org/doc/manuals/developers-reference/best-pkging-practices.html#bpp-debian-changelog [2] http://www.debian.org/doc/manuals/developers-reference/best-pkging-practices.html#bpp-vcs [3] http://wiki.debian.org/UsingQuilt, among others [4] http://www.debian.org/doc/manuals/developers-reference/best-pkging-practices.html#bpp-desc-basics [5] http://dep.debian.net/deps/dep5/ - -- with kind regards, Arno Töll IRC: daemonkeeper on Freenode/OFTC GnuPG Key-ID: 0x9D80F36D -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJN8ANxAAoJEMcrUe6dgPNtDugP/2Ytoi0rmN529vJaMSFT6LrR 4aFIK2OD1VTUmHg9vdlWkUnqdq9DdSxJte6b4pl1gyjGMHrg6kK7fk758QQexNBd xLmHiC2+cPCnC/Hhh4BJovViZzYm37p8E3uarzWhp81hzyrK8OrvhPppkb4M50wn n0+hVrSYRvVmEn3lI/YR7meQXaysK4HFNfogICCPJvUadJKJJqTmdPG/zzf1h1dq n2AqNrgnpZlZeSsPQEFvquSV94vpqyU+XdEZNTxdO6GHzQq6wD5lrG/Y8PiSBv5z LxvcAwmO6Owd5QXO4JFtGn1kneMgVDn9kK9PeESO79niAY2AbjGWRp4P0UccIgI+ yZ7woE7f9x4BcdVcZtk3lmtfdCZZspuPUwKeBDIpMRXQgjAqT7+4lUDW7g9DMmwa LnST9L+0XzG2s9EANNfVyL5wJKHXe5eioq0U2TQ8ShCZCtfhn6smYcrR04wRKHnH wJb1LYsPH3ygJGmEtEbBga0H+9+aY3zr7ZoM3hjI1veqna+N8SQ5YXrr34sYPNyz Ji1r4KQ5Mjewq85fvM/VLAlXKebdZ34FAqPrazCQHVuZzMRtVPqgFpcVi336S3n3 KDIl5IpcrBabmf05APOmhkIzqXjReyihFNqUWQjXm+gFUJjhyM6kTZhm+Wx4eFyS Yx3EkSvBItEw6A/QXicB =xfL6 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4df00371.8000...@toell.net
