| 2009-04-29 08:42:30 |
Anders Kaseorg |
description |
Binary package hint: cvsps
1. Availability: all architectures <http://archive.ubuntu.com/ubuntu/pool/universe/c/cvsps/>
2. Rationale: cvsps is a dependency of git-cvs, which is already in main. It is also a build dependency of the git-core source package in Debian; this build dependency is currently patched out by Ubuntu because cvsps is in universe. This is now the _only_ Ubuntu-specific needed in git-core (all other Ubuntu changes are already in Debian), which stops Ubuntu’s Git from receiving automatic updates from Debian unstable, and causes it to languish far behind Debian—Jaunty released with a version of Git that was nearly six months obsolete (LP bug #319096, LP bug #315870).
3. Security: No CVE entries <http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=cvsps>, no Secunia history <http://secunia.com/search/?search=cvsps>, no setuid binaries, no network servers. It can either act as a direct CVS client, or perform all remote access through the system cvs binary.
4. Quality assurance: The package requires no configuration. It got a new Debian maintainer in September 2007, who accepted a patch from Ubuntu last October. There are a handful of open Debian bugs <http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=cvsps;dist=unstable>. A notable report is <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464090>, which requests switching to a more current upstream that has 19 patches (9 files changed, 205 insertions(+), 67 deletions(-)) on top of cvsps 2.1. The critical ones are already in Debian as dpatches. The source does not have a test suite, but I have used the package in conjunction with git-cvs and it seems to work fine.
5. UI standards: This package is not user-facing, except possibly for some error messages (which are not localized).
6. Standards compliance: There are 3 lintian warnings <http://packages.qa.debian.org/c/cvsps.html>, which don’t look serious (debian/copyright lists the copyright holder instead of displaying a copyright notice, debian/compat of 4, and a non-fatal manpage error). The package installs a single binary and manpage in the standard locations, and all Debian changes are made with dpatch.
7. Dependencies: All dependencies (libc6, zlib1g, cvs) and build dependencies (debhelper, zlib1g-dev, dpatch) are in main.
8. Maintenance: This package is infrequently updated in Debian and is not likely to require any additional attention from Ubuntu.
9. Background information: Nothing notable beyond debian/control.
10. Internationalization: This is not a graphical application and does not require translation. |
Binary package hint: cvsps
1. Availability: all architectures <http://archive.ubuntu.com/ubuntu/pool/universe/c/cvsps/>
2. Rationale: cvsps is a dependency of git-cvs, which is already in main. It is also a build dependency of the git-core source package in Debian; this build dependency is currently patched out by Ubuntu because cvsps is in universe. This is now the _only_ Ubuntu-specific needed in git-core (all other Ubuntu changes are already in Debian), which stops Ubuntu’s Git from receiving automatic updates from Debian unstable, and causes it to languish far behind Debian—Jaunty released with a version of Git that was nearly six months obsolete (LP bug #319096, LP bug #315870).
3. Security: No CVE entries <http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=cvsps>, no Secunia history <http://secunia.com/search/?search=cvsps>, no setuid binaries, no network servers. It can either act as a direct CVS client, or perform all remote access through the system cvs binary.
4. Quality assurance: The package requires no configuration. It got a new Debian maintainer in September 2007, who accepted a patch from Ubuntu last October. There are a handful of open Debian bugs <http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=cvsps;dist=unstable>, and no open Ubuntu bugs <https://bugs.launchpad.net/ubuntu/+source/cvsps>. A notable report is <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464090>, which requests switching to a more current upstream that has 19 patches (9 files changed, 205 insertions(+), 67 deletions(-)) on top of cvsps 2.1. The critical ones are already in Debian as dpatches. The source does not have a test suite, but I have used the package in conjunction with git-cvs and it seems to work fine.
5. UI standards: This package is not user-facing, except possibly for some error messages (which are not localized).
6. Standards compliance: There are 3 lintian warnings <http://packages.qa.debian.org/c/cvsps.html>, which don’t look serious (debian/copyright lists the copyright holder instead of displaying a copyright notice, debian/compat of 4, and a non-fatal manpage error). The package installs a single binary and manpage in the standard locations, and all Debian changes are made with dpatch.
7. Dependencies: All dependencies (libc6, zlib1g, cvs) and build dependencies (debhelper, zlib1g-dev, dpatch) are in main.
8. Maintenance: This package is infrequently updated in Debian and is not likely to require any additional attention from Ubuntu.
9. Background information: Nothing notable beyond debian/control.
10. Internationalization: This is not a graphical application and does not require translation. |
|
