Sign me up Login

Details about package caio

Name: caio
Uploader: Yuri Konotopov <ykonotopov@gnome.org> (Debian QA page)
Description: python3-caio - Asynchronous file IO for Linux MacOS or Windows

Package uploads

Upload #2

Information

Version: 0.9.17-1
Uploaded: 2024-09-06 22:24
Source package: caio_0.9.17-1.dsc
Distribution: unstable
Section: python
Priority: optional
Homepage: https://github.com/mosquito/caio
Vcs-Browser: https://gitlab.com/apt-mirror2/caio-debian-packaging
Vcs-Git: https://gitlab.com/apt-mirror2/caio-debian-packaging.git
Closes bugs: #1080257

Changelog

 caio (0.9.17-1) unstable; urgency=low
 .
   * Initial release, autogenerated by py2dsp/3.20230219; Closes: #1080257

QA information

Comments

No comments

Upload #1

Information

Version: 0.9.17-1
Uploaded: 2024-09-01 16:54
Source package: caio_0.9.17-1.dsc
Distribution: unstable
Section: python
Priority: optional
Homepage: http://github.com/mosquito/caio
Vcs-Git: https://gitlab.com/apt-mirror2/caio-debian-packaging
Closes bugs: #1080257

Changelog

 caio (0.9.17-1) unstable; urgency=low
 .
   * Initial release, autogenerated by py2dsp/3.20230219; Closes: #1080257

QA information

Comments

  1. Hi,

It would be nice if you could file an RFS for this package.

For now, just going to add lintia issues (removed those I do not care about).

Running lintian...
N:
E: python3-caio: copyright-file-contains-full-apache-2-license
N: 
N:   The copyright file /usr/share/doc/*pkg*/copyright contains the complete
N:   text of the Apache 2.0 license. It should refer to the file
N:   /usr/share/common-licenses/Apache-2.0 instead.
N: 
N:   Please refer to Copyright information (Section 12.5) in the Debian Policy
N:   Manual for details.
N: 
N:   Visibility: error
N:   Show-Always: no
N:   Check: debian/copyright
N: 
N:
E: python3-caio: copyright-not-using-common-license-for-apache2
N: 
N:   The strings "Apache License, Version" or "Apache-2" appear in the
N:   copyright file for this package, but the copyright file does not reference
N:   /usr/share/common-licenses as the location of the Apache-2 on Debian
N:   systems.
N:   
N:   If the copyright file must mention the Apache-2 for reasons other than
N:   stating the license of the package, please add a Lintian override.
N: 
N:   Please refer to Copyright information (Section 12.5) in the Debian Policy
N:   Manual for details.
N: 
N:   Visibility: error
N:   Show-Always: no
N:   Check: debian/copyright
N:   Renamed from: copyright-should-refer-to-common-license-file-for-apache-2
N: 
N:
E: python3-caio: extended-description-is-empty
N: 
N:   The extended description (the lines after the first line of the
N:   "Description:" field) is empty.
N: 
N:   Please refer to The description of a package (Section 3.4) in the Debian
N:   Policy Manual for details.
N: 
N:   Visibility: error
N:   Show-Always: no
N:   Check: fields/description
N: 
N:
I: python3-caio: hardening-no-bindnow [usr/lib/python3/dist-packages/caio/linux_aio.cpython-312-x86_64-linux-gnu.so]
N: 
N:   This package provides an ELF binary that lacks the "bindnow" linker flag.
N:   
N:   This is needed (together with "relro") to make the "Global Offset Table"
N:   (GOT) fully read-only. The bindnow feature trades startup time for
N:   improved security. Please consider enabling this feature or consider
N:   overriding the tag (possibly with a comment about why).
N:   
N:   If you use dpkg-buildflags, you may have to add hardening=+bindnow or
N:   hardening=+all to DEB_BUILD_MAINT_OPTIONS.
N:   
N:   The relevant compiler flags are set in LDFLAGS.
N: 
N:   Please refer to https://wiki.debian.org/Hardening for details.
N: 
N:   Visibility: info
N:   Show-Always: no
N:   Check: binaries/hardening
N: 
N:
I: python3-caio: hardening-no-bindnow [usr/lib/python3/dist-packages/caio/thread_aio.cpython-312-x86_64-linux-gnu.so]
N:
I: python3-caio: hardening-no-fortify-functions [usr/lib/python3/dist-packages/caio/linux_aio.cpython-312-x86_64-linux-gnu.so]
N: 
N:   This package provides an ELF binary that lacks the use of fortified libc
N:   functions. Either there are no potentially unfortified functions called by
N:   any routines, all unfortified calls have already been fully validated at
N:   compile-time, or the package was not built with the default Debian
N:   compiler flags defined by dpkg-buildflags. If built using dpkg-buildflags
N:   directly, be sure to import CPPFLAGS.
N:   
N:   NB: Due to false-positives, Lintian ignores some unprotected functions
N:   (e.g. memcpy).
N: 
N:   Please refer to https://wiki.debian.org/Hardening and Bug#673112 for
N:   details.
N: 
N:   Visibility: info
N:   Show-Always: no
N:   Check: binaries/hardening
N: 
N:
I: python3-caio: hardening-no-fortify-functions [usr/lib/python3/dist-packages/caio/thread_aio.cpython-312-x86_64-linux-gnu.so]
N:
I: caio source: missing-vcs-browser-field Vcs-Git https://gitlab.com/apt-mirror2/caio-debian-packaging
N: 
N:   A Vcs-* field in this package is pointing to a repository that supports
N:   browsing of the repository via a web browser.
N:   
N:   This is typically a nicer user-experience for developers and avoids
N:   unnecessary and time-consuming clones of the repository.
N:   
N:   Please add a suitable Vcs-Browser field to the package.
N: 
N:   Visibility: info
N:   Show-Always: no
N:   Check: fields/vcs
N: 
N:
I: caio source: out-of-date-standards-version 4.6.2.0 (released 2022-12-17) (current is 4.7.0)
N: 
N:   The source package refers to a Standards-Version older than the one that
N:   was current at the time the package was created (according to the
N:   timestamp of the latest debian/changelog entry). Please consider updating
N:   the package to current Policy and setting this control field
N:   appropriately.
N:   
N:   If the package is already compliant with the current standards, you don't
N:   have to re-upload the package just to adjust the Standards-Version control
N:   field. However, please remember to update this field next time you upload
N:   the package.
N:   
N:   See /usr/share/doc/debian-policy/upgrading-checklist.txt.gz in the
N:   debian-policy package for a summary of changes in newer versions of
N:   Policy.
N: 
N:   Please refer to
N:   https://www.debian.org/doc/debian-policy/upgrading-checklist.html for
N:   details.
N: 
N:   Visibility: info
N:   Show-Always: no
N:   Check: fields/standards-version
N: 
N:
P: caio source: homepage-field-uses-insecure-uri http://github.com/mosquito/caio
N: 
N:   The Homepage field uses an unencrypted transport protocol for the URI.
N: 
N:   Visibility: pedantic
N:   Show-Always: no
N:   Check: fields/homepage
N: 
N:
P: python3-caio: homepage-field-uses-insecure-uri http://github.com/mosquito/caio
N:
N:
X: caio source: upstream-metadata-file-is-missing
N: 
N:   This source package is not Debian-native but it does not have a
N:   debian/upstream/metadata file.
N:   
N:   The Upstream MEtadata GAthered with YAml (UMEGAYA) project is an effort to
N:   collect meta-information about upstream projects from any source package.
N:   This file is in YAML format and it is used in to feed the data in the
N:   UltimateDebianDatabase. For example, it can contains the way the authors
N:   want their software be cited in publications and some bibliographic
N:   references about the software.
N:   
N:   Please add a debian/upstream/metadata file.
N: 
N:   Please refer to https://dep-team.pages.debian.net/deps/dep12/ and
N:   https://wiki.debian.org/UpstreamMetadata for details.
N: 
N:   Visibility: pedantic
N:   Show-Always: no
N:   Check: debian/upstream/metadata
N:   This tag is experimental.
N: 

E: Lintian run failed (runtime error)
    Needs work Phil Wyett at Sept. 2, 2024, 12:18 p.m. 
  2. Thanks for your review! I fixed all lintian issues in version 0.9.17-2.
However it looks like `hardening-no-fortify-functions` now false-positive - at least `-D_FORTIFY_SOURCE=2` is correctly passed
    Yuri Konotopov at Sept. 2, 2024, 7:37 p.m.