Le Sun, Apr 06, 2025 at 07:50:34PM +0530, Nilesh Patra a écrit :
Do you plan to integrate this into the existing salsa-ci-team/pipeline?
Le Mon, Apr 07, 2025 at 08:25:22AM +0800, Sean Whitton a écrit :
Would you be able to provide me a link to an example of this web-browseable view? I might be able to provide some feedback.
Hi! Thanks for your replies, I surely want to have the CI pipelines to be not only fully compatible, but also to take advantage as much as possible of the salsa CI team's work. I have not suggested yet that they take them up because now is high iteration time, especially that I am such a beginner. Also, I am not sure if the current pipelines (except licenserecon, but this one is not really our creation) are worth running after a package is accepted in the archive. I can only offer an outdated example, but I think that it gives the gist of it: In https://salsa.debian.org/newgateway-team/reviews/-/issues/3 you can see how I opened an issue for a R package and started with my self-assesment using a checklist. (Its template has been simplified, mostly by moving away the points that are taken care by Lintian and debhelper). The link to the pipeline runs were not posted at the top of the issue because they did not work at that time, but the current issue template has now stubs at the top. Three pipelines were run for the package and reported here: https://salsa.debian.org/r-pkg-team/r-cran-multitaper/-/pipelines/831341 The first one greps for `-e 'copyr' -e '©' -e '(c)' -e 'licen[cs]e'` and returns its results in color for easy browsing, see the link below. It also saves the results in a file that can be downloaded. Surely one can run the same git grep command by hand, but the idea is to pre-run and make it browsable easily by anybody. https://salsa.debian.org/r-pkg-team/r-cran-multitaper/-/jobs/7243353 The second reports about the file types found in the source package. It would be nice to tweak it to make it more colorful, for instance to spot the binary files that may contain copyright statements that Git has missed, like images or PDFs. In contrary to the example below, the current version does not report directories nor the contents of the `.git` directory. https://salsa.debian.org/r-pkg-team/r-cran-multitaper/-/jobs/7243354 An alternative or complement would of course to modify the first pipeline so that it uses git attributes to convert usual suspect binary files into text that can be grepped, for instance by running exiftool on images, etc. There is also licenserecon, which in principle should pass and report nothing. In the case of this package, it fails partly because FORTRAN comment signs blur the view of the parser and cause it to lose accuracy in detecting the version of the GPL boilerplate. https://salsa.debian.org/r-pkg-team/r-cran-multitaper/-/jobs/7243355 In principle such runs should lead to report bugs on the toolchain like licensercon and to the improvement of the tools. In practice, I did not have time… I'd be more than happy to review a package from whoever adds these CI pipelines to their repo and opens an issue! Have a nice day, Charles -- Charles Plessy Nagahama, Yomitan, Okinawa, Japan Debian Med packaging team http://www.debian.org/devel/debian-med Tooting from work, https://fediscience.org/@charles_plessy Tooting from home, https://framapiaf.org/@charles_plessy
