Hello! In an act of productive procrastination, I spent a few hours yesterday looking at the tags in Lintian that are currently marked as "Experimental: yes".
As far as I understand, very few people run Lintian at the experimental level, which means these tags are still ran, but not really shown to users (and thus waste CPU cycles). I'm emailing the Lintian and QA lists in order to get some feedback before creating a big MR with tens of commits removing the tags I feel should be removed. If you think the reasoning below is flawed, please reply to this message and let me know! === Tags I'm planning to remove === * update-debian-copyright - last updated: 2022-12 - 22,597 entries in UDD - This tag was highly controversial when it was implemented and I don't see its usefulness. * spelling-error-in-binary - last updated: 2019-03 - 336,571 entries in UDD - As many pointed out, this tag frequently has false positives and even when the issue is valid, it's often hard to fix them upstream. * systemd-service-file-missing-hardening-features - last updated: 2018-12 - 6,458 entries in UDD - This check only looks if the systemd service file includes at least 1 feature in a long list of "hardening" features. IMO, this is an overly simplistic solution to a very hard problem. * binary-file-built-without-LFS-support - last updated: 2019-09 - 25,628 entries in UDD - To comply with this tag, the description mentions "[upstream] code review might be needed". Considering the number of packages flagged and the difficulty of the task, I feel this is outside of the scope of what a lintian tag should recommend. * exit-in-shared-library - last updated: 2021-11 - 33,020 entries in UDD - The tag's description acknowledges that "In most cases, removing the call should be discussed with upstream, particularly as it may produce an ABI change". I feel this is outside of the scope of what a lintian tag should recommend. * mentions-deprecated-usr-lib-perl5-directory - last updated: 2018-08 - The logic behind this tag seems dubious. The 9 entries in UDD all seem like false-positives. * prefer-uscan-symlink - last updated: 2021-11 - 14,294 entries in UDD - This tag asks individual users to change their ~/.devscripts configuration file instead of using the filenamemangle option in debian/watch. I don't understand how an individual change can be the solution to a collective problem? * debian-watch-does-not-check-openpgp-signature - last updated: 2018-12 - 35,725 entries in UDD - This tag was changed to Experimental because it was not really actionable (#916207). I feel this is outside of the scope of what a lintian tag should recommend. * duplicate-files - last updated: 2019-10 - 117,663 entries in UDD - This tag has been Experimental since 2011 and asks maintainers to do very complex work (hunting and replacing "duplicate" files by symlinks) for very little results. I feel this is outside of the scope of what a lintian tag should recommend. * dependency-on-python-version-marked-for-end-of-life - 1 entry in UDD - Python 2 has been removed from the archive a while ago and isn't coming back. I have opened #1124516 to flag this issue for the only package that raises this check. * application-in-library-section - 9,847 entries in UDD - The logic behind this check is flawed, as proven by the large number of false-positives from the Python and Ruby sections. For certain languages, the difference between "applications" and "libraries" is often arbitrary. * library-package-name-for-application - 7,769 entries in UDD - The logic behind this check is flawed, as proven by the large number of false-positives from the Python and Ruby sections. For certain languages, the difference between "applications" and "libraries" is often arbitrary. * bin-sbin-mismatch - last updated: 2020-08 - 3,062 entries in UDD - This tag checks to see if /usr/bin/foo is mentioned in a script which is installed in /usr/sbin/foo. This logic seems somewhat dubious. It is also apparently prone to false positives on ELF files. * maybe-not-arch-all-binnmuable - last updated: pre-2020 - 1,215 entries in UDD - This tag looks like it was a real "experiment" to verify something in the archive. From discussing it on IRC, I think the experiment is now over. === Tags I think should be removed, but could probably stay Experimental? === * bad-intended-distribution - last updated: 2014-11 - 15 entries in UDD - I don't really understand this tag? It seems to me like the unreleased-changelog-distribution tag already takes care these kind of issues. The entries in UDD mostly look like false-positives. * executable-in-usr-lib - last updated: 2022-01 - 159,250 entries in UDD - The logic behind this tag is valid. Considering the very large number of entries in UDD, I don't think this will be fixed. What is the point of having a tag if we're not willing to show it for fear of "wasting people's time"? * elf-warning - last updated: 2021-11 - 54,241 entries in UDD - This tag uses the same valid logic as the elf-error tag, but for the WARNING debug level. Considering the very large number of entries in UDD, I don't think this will be fixed. What is the point of having a tag if we're not willing to show it for fear of "wasting people's time"? * portable-executable-missing-security-features - last updated: 2019-02 - 499 entries in UDD - This tag's description is horrendously confusing and includes a whole section marked as "The following advice is historical. PLEASE DO NOT FOLLOW IT." Not really sure if this is still relevant. * non-consecutive-debian-revision - last updated: 2021-01 - 45 entries in UDD - The logic in this tag is interesting, but it also applies to packages that have already been released in the Debian archive (and as such, can't be changed). === Tags I think should be kept as Experimental === * unicode-trojan - last updated: 2021-11 - 86 entries in UDD - This tag is pretty old, and seems prone to false-positives. The logic behind it is interesting though. * very-long-line-length-in-source-file - 292,241 entries in UDD - Infamously prone to false-positives. Most of the time it's not actionable. A recent attempt to remove this tag failed, as it was not consensual: https://salsa.debian.org/lintian/lintian/-/merge_requests/505 * source-is-missing - last updated: 2020-06 - 99,660 entries in UDD - Uses the problematic very-long-line-length-in-source-file tag as a trigger. * file-in-etc-modprobe.d - last updated: 2025-06 - 194 entries in UDD - This is a very recent tag and there is a chance work might be done to improve it. * package-contains-no-arch-dependent-files - last updated: 2018-12 - 30,807 entries in UDD - The logic behind this tag looks valid. Changes have been proposed (#1036746) to make it less prone to false-positives. * hardening-no-fortify-functions - last updated: 2025-10 - 90,154 entries in UDD - This tag was updated recentl and there is a chance work might be done to improve it. === Tags I think should be kept but not be Experimental === * upstream-metadata-file-is-missing - 17,339 entries in UDD - Although it is raised for a large number of packages, this tag is pedantic, looks like a valid check and has a simple fix. * bogus-python-prerequisite - 19 entries in UDD - This tag was marked as Experimental for technicalities that have now been resolved. * empty-udeb-package - 0 entries in UDD - This tag uses the same code as the non-Experimental empty-binary-package tag, but for udeb packages. * embedded-pear-module - 13 entries in UDD - This looks like a valid check. * maintainer-script-supports-ancient-package-version - 158 entries in UDD - This looks like a valid check. * maintainer-script-calls-service - 57 entries in UDD - This looks like a valid check. * maintainer-script-switches-dir-to-symlink-unsafely - 44 entries in UDD - This looks like a valid check. * perl-module-name-not-mentioned-in-description - 164 entries in UDD. - This looks like a valid check, but should be downgraded to pedantic. * debian-rules-uses-as-needed-linker-flag - 663 entries in UDD - This tag should have been changed to "Experimental: no" after the Bullseye release. Its description needs to be updated. * deprecated-configure-filename - 356 entries in UDD - This looks like a valid check, but its description needs to be updated to specify the deprecation of "configure.in" was made in automake 1.14. * development-package-ships-elf-binary-in-path - 212 entries in UDD - This looks like a valid check. * libmodule-build-tiny-perl-needs-to-be-in-build-depends - 3 entries in UDD - This looks like a valid check. * libmodule-build-perl-needs-to-be-in-build-depends - 20 entries in UDD - This looks like a valid check. === Tags that are explicitly "Experimental: no" (which is the default) === * systemd-service-file-shutdown-problems * binaries-have-file-conflict -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Louis-Philippe Véronneau ⢿⡄⠘⠷⠚⠋ [email protected] / veronneau.org ⠈⠳⣄
