Ubuntu
cvsps package

Bug #369111
Comment #0

Comment 0 for bug 369111

Revision history for this message

Anders Kaseorg (andersk) wrote on 2009-04-29:

Binary package hint: cvsps

1. Availability: all architectures <http://archive.ubuntu.com/ubuntu/pool/universe/c/cvsps/>

2. Rationale: cvsps is a dependency of git-cvs, which is already in main. It is also a build dependency of the git-core source package in Debian; this build dependency is currently patched out by Ubuntu because cvsps is in universe. This is now the _only_ Ubuntu-specific needed in git-core (all other Ubuntu changes are already in Debian), which stops Ubuntu’s Git from receiving automatic updates from Debian unstable, and causes it to languish far behind Debian—Jaunty released with a version of Git that was nearly six months obsolete (LP bug #319096, LP bug #315870).

3. Security: No CVE entries <http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=cvsps>, no Secunia history <http://secunia.com/search/?search=cvsps>, no setuid binaries, no network servers. It can either act as a direct CVS client, or perform all remote access through the system cvs binary.

4. Quality assurance: The package requires no configuration. It got a new Debian maintainer in September 2007, who accepted a patch from Ubuntu last October. There are a handful of open Debian bugs <http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=cvsps;dist=unstable>. A notable report is <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464090>, which requests switching to a more current upstream that has 19 patches (9 files changed, 205 insertions(+), 67 deletions(-)) on top of cvsps 2.1. The critical ones are already in Debian as dpatches. The source does not have a test suite, but I have used the package in conjunction with git-cvs and it seems to work fine.

5. UI standards: This package is not user-facing, except possibly for some error messages (which are not localized).

6. Standards compliance: There are 3 lintian warnings <http://packages.qa.debian.org/c/cvsps.html>, which don’t look serious (debian/copyright lists the copyright holder instead of displaying a copyright notice, debian/compat of 4, and a non-fatal manpage error). The package installs a single binary and manpage in the standard locations, and all Debian changes are made with dpatch.

7. Dependencies: All dependencies (libc6, zlib1g, cvs) and build dependencies (debhelper, zlib1g-dev, dpatch) are in main.

8. Maintenance: This package is infrequently updated in Debian and is not likely to require any additional attention from Ubuntu.

9. Background information: Nothing notable beyond debian/control.

10. Internationalization: This is not a graphical application and does not require translation.

Binary package hint: cvsps

1. Availability: all architectures <http://archive.ubuntu.com/ubuntu/pool/universe/c/cvsps/>

2. Rationale: cvsps is a dependency of git-cvs, which is already in main.  It is also a build dependency of the git-core source package in Debian; this build dependency is currently patched out by Ubuntu because cvsps is in universe.  This is now the _only_ Ubuntu-specific needed in git-core (all other Ubuntu changes are already in Debian), which stops Ubuntu’s Git from receiving automatic updates from Debian unstable, and causes it to languish far behind Debian—Jaunty released with a version of Git that was nearly six months obsolete (LP bug #319096, LP bug #315870).

3. Security: No CVE entries <http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=cvsps>, no Secunia history <http://secunia.com/search/?search=cvsps>, no setuid binaries, no network servers.  It can either act as a direct CVS client, or perform all remote access through the system cvs binary.

4. Quality assurance: The package requires no configuration.  It got a new Debian maintainer in September 2007, who accepted a patch from Ubuntu last October.  There are a handful of open Debian bugs <http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=cvsps;dist=unstable>.  A notable report is <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464090>, which requests switching to a more current upstream that has 19 patches (9 files changed, 205 insertions(+), 67 deletions(-)) on top of cvsps 2.1.  The critical ones are already in Debian as dpatches.  The source does not have a test suite, but I have used the package in conjunction with git-cvs and it seems to work fine.

5. UI standards: This package is not user-facing, except possibly for some error messages (which are not localized).

6. Standards compliance: There are 3 lintian warnings <http://packages.qa.debian.org/c/cvsps.html>, which don’t look serious (debian/copyright lists the copyright holder instead of displaying a copyright notice, debian/compat of 4, and a non-fatal manpage error).  The package installs a single binary and manpage in the standard locations, and all Debian changes are made with dpatch.

7. Dependencies: All dependencies (libc6, zlib1g, cvs) and build dependencies (debhelper, zlib1g-dev, dpatch) are in main.

8. Maintenance: This package is infrequently updated in Debian and is not likely to require any additional attention from Ubuntu.

9. Background information: Nothing notable beyond debian/control.

10. Internationalization: This is not a graphical application and does not require translation.

Ubuntucvsps package

Comment 0 for bug 369111

Ubuntu
cvsps package