Details about package caio
Package uploads
Upload #2
Information
Changelog
caio (0.9.17-1) unstable; urgency=low
.
* Initial release, autogenerated by py2dsp/3.20230219; Closes: #1080257
Comments
No comments
Upload #1
Information
Changelog
caio (0.9.17-1) unstable; urgency=low
.
* Initial release, autogenerated by py2dsp/3.20230219; Closes: #1080257
Comments
-
Hi,
It would be nice if you could file an RFS for this package.
For now, just going to add lintia issues (removed those I do not care about).
Running lintian...
N:
E: python3-caio: copyright-file-contains-full-apache-2-license
N:
N: The copyright file /usr/share/doc/*pkg*/copyright contains the complete
N: text of the Apache 2.0 license. It should refer to the file
N: /usr/share/common-licenses/Apache-2.0 instead.
N:
N: Please refer to Copyright information (Section 12.5) in the Debian Policy
N: Manual for details.
N:
N: Visibility: error
N: Show-Always: no
N: Check: debian/copyright
N:
N:
E: python3-caio: copyright-not-using-common-license-for-apache2
N:
N: The strings "Apache License, Version" or "Apache-2" appear in the
N: copyright file for this package, but the copyright file does not reference
N: /usr/share/common-licenses as the location of the Apache-2 on Debian
N: systems.
N:
N: If the copyright file must mention the Apache-2 for reasons other than
N: stating the license of the package, please add a Lintian override.
N:
N: Please refer to Copyright information (Section 12.5) in the Debian Policy
N: Manual for details.
N:
N: Visibility: error
N: Show-Always: no
N: Check: debian/copyright
N: Renamed from: copyright-should-refer-to-common-license-file-for-apache-2
N:
N:
E: python3-caio: extended-description-is-empty
N:
N: The extended description (the lines after the first line of the
N: "Description:" field) is empty.
N:
N: Please refer to The description of a package (Section 3.4) in the Debian
N: Policy Manual for details.
N:
N: Visibility: error
N: Show-Always: no
N: Check: fields/description
N:
N:
I: python3-caio: hardening-no-bindnow [usr/lib/python3/dist-packages/caio/linux_aio.cpython-312-x86_64-linux-gnu.so]
N:
N: This package provides an ELF binary that lacks the "bindnow" linker flag.
N:
N: This is needed (together with "relro") to make the "Global Offset Table"
N: (GOT) fully read-only. The bindnow feature trades startup time for
N: improved security. Please consider enabling this feature or consider
N: overriding the tag (possibly with a comment about why).
N:
N: If you use dpkg-buildflags, you may have to add hardening=+bindnow or
N: hardening=+all to DEB_BUILD_MAINT_OPTIONS.
N:
N: The relevant compiler flags are set in LDFLAGS.
N:
N: Please refer to https://wiki.debian.org/Hardening for details.
N:
N: Visibility: info
N: Show-Always: no
N: Check: binaries/hardening
N:
N:
I: python3-caio: hardening-no-bindnow [usr/lib/python3/dist-packages/caio/thread_aio.cpython-312-x86_64-linux-gnu.so]
N:
I: python3-caio: hardening-no-fortify-functions [usr/lib/python3/dist-packages/caio/linux_aio.cpython-312-x86_64-linux-gnu.so]
N:
N: This package provides an ELF binary that lacks the use of fortified libc
N: functions. Either there are no potentially unfortified functions called by
N: any routines, all unfortified calls have already been fully validated at
N: compile-time, or the package was not built with the default Debian
N: compiler flags defined by dpkg-buildflags. If built using dpkg-buildflags
N: directly, be sure to import CPPFLAGS.
N:
N: NB: Due to false-positives, Lintian ignores some unprotected functions
N: (e.g. memcpy).
N:
N: Please refer to https://wiki.debian.org/Hardening and Bug#673112 for
N: details.
N:
N: Visibility: info
N: Show-Always: no
N: Check: binaries/hardening
N:
N:
I: python3-caio: hardening-no-fortify-functions [usr/lib/python3/dist-packages/caio/thread_aio.cpython-312-x86_64-linux-gnu.so]
N:
I: caio source: missing-vcs-browser-field Vcs-Git https://gitlab.com/apt-mirror2/caio-debian-packaging
N:
N: A Vcs-* field in this package is pointing to a repository that supports
N: browsing of the repository via a web browser.
N:
N: This is typically a nicer user-experience for developers and avoids
N: unnecessary and time-consuming clones of the repository.
N:
N: Please add a suitable Vcs-Browser field to the package.
N:
N: Visibility: info
N: Show-Always: no
N: Check: fields/vcs
N:
N:
I: caio source: out-of-date-standards-version 4.6.2.0 (released 2022-12-17) (current is 4.7.0)
N:
N: The source package refers to a Standards-Version older than the one that
N: was current at the time the package was created (according to the
N: timestamp of the latest debian/changelog entry). Please consider updating
N: the package to current Policy and setting this control field
N: appropriately.
N:
N: If the package is already compliant with the current standards, you don't
N: have to re-upload the package just to adjust the Standards-Version control
N: field. However, please remember to update this field next time you upload
N: the package.
N:
N: See /usr/share/doc/debian-policy/upgrading-checklist.txt.gz in the
N: debian-policy package for a summary of changes in newer versions of
N: Policy.
N:
N: Please refer to
N: https://www.debian.org/doc/debian-policy/upgrading-checklist.html for
N: details.
N:
N: Visibility: info
N: Show-Always: no
N: Check: fields/standards-version
N:
N:
P: caio source: homepage-field-uses-insecure-uri http://github.com/mosquito/caio
N:
N: The Homepage field uses an unencrypted transport protocol for the URI.
N:
N: Visibility: pedantic
N: Show-Always: no
N: Check: fields/homepage
N:
N:
P: python3-caio: homepage-field-uses-insecure-uri http://github.com/mosquito/caio
N:
N:
X: caio source: upstream-metadata-file-is-missing
N:
N: This source package is not Debian-native but it does not have a
N: debian/upstream/metadata file.
N:
N: The Upstream MEtadata GAthered with YAml (UMEGAYA) project is an effort to
N: collect meta-information about upstream projects from any source package.
N: This file is in YAML format and it is used in to feed the data in the
N: UltimateDebianDatabase. For example, it can contains the way the authors
N: want their software be cited in publications and some bibliographic
N: references about the software.
N:
N: Please add a debian/upstream/metadata file.
N:
N: Please refer to https://dep-team.pages.debian.net/deps/dep12/ and
N: https://wiki.debian.org/UpstreamMetadata for details.
N:
N: Visibility: pedantic
N: Show-Always: no
N: Check: debian/upstream/metadata
N: This tag is experimental.
N:
E: Lintian run failed (runtime error)
Needs work
Phil Wyett at Sept. 2, 2024, 12:18 p.m.
-
Thanks for your review! I fixed all lintian issues in version 0.9.17-2.
However it looks like `hardening-no-fortify-functions` now false-positive - at least `-D_FORTIFY_SOURCE=2` is correctly passed
Yuri Konotopov at Sept. 2, 2024, 7:37 p.m.