Your message dated Thu, 13 Oct 2011 20:59:43 +0200
with message-id <1318532383.14927.11.camel@scapa>
and subject line Re: Bug#645191: update on waf binary data
has caused the Debian Bug report #645191,
regarding midori: doesn't contain source for waf binary code
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
645191: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645191
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: midori
Version: 0.3.0-1.1
Severity: serious
Hi!
The included waf script does include binary data in line 161 to which
the source code isn't included, which is clearly a policy violation.
Please include the source code for that, and actually re-produce the
waf script from that source code and use that instead.
Thanks in advance,
Rhonda
--
Fühlst du dich mutlos, fass endlich Mut, los |
Fühlst du dich hilflos, geh raus und hilf, los | Wir sind Helden
Fühlst du dich machtlos, geh raus und mach, los | 23.55: Alles auf Anfang
Fühlst du dich haltlos, such Halt und lass los |
--- End Message ---
--- Begin Message ---
On jeu., 2011-10-13 at 15:12 +0200, Gerfried Fuchs wrote:
> Hi again,
>
> it seems that the line 161 is actually a tar.bz2 file that gets
> extracted and then used. Though, first there is some substitution of \r
> and \n characters so that the "file" could go on one line.
Yes, this is waf. Documenting yourself may have prevented this.
>
> IMHO this is not acceptable because there are no tools included or
> commandline switches offered with waf (in postler and midori) to
> conveniently unpack and repack these part for a.) inspection or b.)
> modification, which are required for packages in Debian main.
Unpack is done automagically when running ./waf. Then you can modify
stuff, like it was done for the HPPA issue. waf might not be the easiest
build tool to live with (I don't like it either) but the fact it's
different from autotool or cmake or whatever and the fact that you
didn't read the documentation doesn't make it DFSG-nonfree.
>
> From what I understood there seems to be some waf-light that wouldn't
> use the mangled tarball included within the script, I would guess that
> this is the best way to move forward from here.
>
> If you really would like to argue that character substitution within
> the tarball for embedding it in the waf script is acceptable in
> accordance to policy/DFSG without direct tool to unpack/repack it, then
> please discuss this on e.g. debian-devel or such, or overrule me and
> lower the severity (but please provide understandable reasoning too),
> I still believe that this is against our rules.
I really don't want to argue. I have way better use of my time.
--
Yves-Alexis
signature.asc
Description: This is a digitally signed message part
--- End Message ---
