1cmd: lintian --no-cfg --display-level '>=classification' --display-experimental --info --show-overrides '/tmp/debusine-fetch-exec-upload-7nilptkp/smartcardauth_14.2.0~pre5-0ubuntu20.04.0+3.dsc' '/tmp/debusine-fetch-exec-upload-7nilptkp/smartcardauth_14.2.0~pre5-0ubuntu20.04.0+3_amd64.deb' 2output (contains stderr only, stdout was captured): 3 4Files in working directory: 5lintian.txt 6-------------------- 7E: smartcardauth source: epoch-changed-but-upstream-version-did-not-go-backwards 1.0-3ubuntu5 -> 4:14.2.0~pre5-0ubuntu20.04.0+3 8N: 9N: The previous version of this package had a different version epoch to 10N: the current version but the upstream version did not go "backwards". For 11N: example, the previous package version was "1:1.0-1" and the current 12N: version is "2:2.0-1". 13N: 14N: This was likely an accidental bump or addition of an epoch. 15N: 16N: Epochs exist to cope with changes to the upstream version numbering 17N: scheme. Whilst they are a powerful tool, increasing or adding an epoch 18N: has many downsides including causing issues with versioned dependencies, 19N: being misleading to users and being aesthetically unappealing. Whilst 20N: they should be avoided, valid reasons to add or increment the epoch 21N: include: 22N: 23N: - Upstream changed their versioning scheme in a way that makes the 24N: latest version lower than the previous one. 25N: - You need to permanently revert to a lower upstream version. 26N: 27N: Temporary revertions (eg. after an NMU) should use not modify or 28N: introduce an epoch - please use the CURRENT+reallyFORMER until you can 29N: upload the latest version again. 30N: 31N: If you are unsure whether you need to increase the epoch for a package, 32N: please consult the debian-devel mailing list. 33N: 34N: Severity: error 35N: 36N: Check: debian/changelog 37N: 38E: smartcardauth source: missing-build-dependency cdbs 39N: 40N: The package doesn't specify a build dependency on a package that is used 41N: in debian/rules. 42N: 43N: Lintian intentionally does not take into account transitive 44N: dependencies. Even if the package build-depends on some package that in 45N: turn depends on the needed package, an explicit build dependency should 46N: be added. Otherwise, a latent bug is created that will appear without 47N: warning if the other package is ever updated to change its dependencies. 48N: Even if this seems unlikely, please always add explicit build 49N: dependencies on every non-essential, non-build-essential package that is 50N: used directly during the build. 51N: 52N: Refer to Debian Policy Manual section 4.2 (Package relationships) for 53N: details. 54N: 55N: Severity: error 56N: 57N: Check: debian/rules 58N: 59E: smartcardauth: no-copyright-file 60N: 61N: Each binary package has to include a plain file 62N: /usr/share/doc/<pkg>/copyright 63N: 64N: Refer to Debian Policy Manual section 12.5 (Copyright information) for 65N: details. 66N: 67N: Severity: error 68N: 69N: Check: debian/copyright 70N: 71E: smartcardauth: unstripped-binary-or-object usr/bin/cardpincheck 72N: 73N: The package installs an unstripped binary or object file. 74N: 75N: Please note, that shared libraries have to be stripped with the 76N: --strip-unneeded option. 77N: 78N: Refer to Debian Policy Manual section 10.1 (Binaries) and Debian Policy 79N: Manual section 10.2 (Libraries) for details. 80N: 81N: Severity: error 82N: 83N: Check: binaries 84N: 85W: smartcardauth source: ancient-standards-version 3.8.4 (released 2010-01-27) (current is 4.5.0) 86N: 87N: The source package refers to a Standards-Version that has been obsolete 88N: for more than two years. Please update your package to latest Policy and 89N: set this control field appropriately. 90N: 91N: If the package is already compliant with the current standards, you 92N: don't have to re-upload the package just to adjust the Standards-Version 93N: control field. However, please remember to update this field next time 94N: you upload the package. 95N: 96N: See /usr/share/doc/debian-policy/upgrading-checklist.txt.gz in the 97N: debian-policy package for a summary of changes in newer versions of 98N: Policy. 99N: 100N: Refer to 101N: https://www.debian.org/doc/debian-policy/upgrading-checklist.html for 102N: details. 103N: 104N: Severity: warning 105N: 106N: Check: fields/standards-version 107N: 108W: smartcardauth source: binary-nmu-debian-revision-in-source 4:14.2.0~pre5-0ubuntu20.04.0+3 109N: 110N: The version number of your source package ends in +b and a number or has 111N: a Debian revision containing three parts. These version numbers are used 112N: by binary NMUs and should not be used as the source version. (The +b 113N: form is the current standard; the three-part version number now 114N: obsolete.) 115N: 116N: Refer to Debian Developer's Reference section 5.10.2.1 (Recompilation or 117N: binary-only NMU) for details. 118N: 119N: Severity: warning 120N: 121N: Check: fields/version 122N: 123W: smartcardauth: binary-without-manpage usr/bin/cardpincheck 124N: 125N: Each binary in /usr/bin, /usr/sbin, /bin, /sbin or /usr/games should 126N: have a manual page 127N: 128N: Note that though the man program has the capability to check for several 129N: program names in the NAMES section, each of these programs should have 130N: its own manual page (a symbolic link to the appropriate manual page is 131N: sufficient) because other manual page viewers such as xman or tkman 132N: don't support this. 133N: 134N: If the name of the man page differs from the binary by case, man may be 135N: able to find it anyway; however, it is still best practice to make the 136N: case of the man page match the case of the binary. 137N: 138N: If the man pages are provided by another package on which this package 139N: depends, Lintian may not be able to determine that man pages are 140N: available. In this case, after confirming that all binaries do have man 141N: pages after this package and its dependencies are installed, please add 142N: a Lintian override. 143N: 144N: Refer to Debian Policy Manual section 12.1 (Manual pages) for details. 145N: 146N: Severity: warning 147N: 148N: Check: documentation/man 149N: 150W: smartcardauth: binary-without-manpage usr/bin/cryptosmartcard.sh 151W: smartcardauth source: debhelper-but-no-misc-depends smartcardauth 152N: 153N: The source package uses debhelper, but it does not include 154N: ${misc:Depends} in the given binary package's debian/control entry. Any 155N: debhelper command may add dependencies to ${misc:Depends} that are 156N: required for the work that it does, so recommended best practice is to 157N: always add ${misc:Depends} to the dependencies of each binary package if 158N: debhelper is in use. 159N: 160N: Refer to the debhelper(7) manual page for details. 161N: 162N: Severity: warning 163N: 164N: Check: debhelper 165N: 166W: smartcardauth source: debian-rules-sets-DEB_BUILD_OPTIONS line 6 167N: 168N: The debian/rules file sets the DEB_BUILD_OPTIONS variable, which will 169N: override any user-specified build profile. 170N: 171N: Please replace with DEB_BUILD_MAINT_OPTIONS. 172N: 173N: Refer to the dpkg-buildflags(1) manual page for details. 174N: 175N: Severity: warning 176N: 177N: Check: debian/rules 178N: 179W: smartcardauth source: debian-rules-sets-DEB_BUILD_OPTIONS line 7 180W: smartcardauth source: debian-source-options-has-custom-compression-settings compression = "xz" (line 2) 181N: 182N: The debian/source/options file for this package specifies a custom 183N: compression level or algorithm. 184N: 185N: Whilst higher levels may reduce the size of big files, they have the 186N: side effect of consuming a lot of memory during both compression and 187N: extraction. This can not only also waste time unnecessarily, it can 188N: cause packages to FTBFS or even fail to install in resource-constrained 189N: environments or architectures. 190N: 191N: Please remove the call and let dpkg-deb(1) select suitable defaults. 192N: 193N: Refer to https://bugs.debian.org/829100 and the dpkg-deb(1) manual page 194N: for details. 195N: 196N: Severity: warning 197N: 198N: Check: debian/source-dir 199N: 200W: smartcardauth source: debian-source-options-has-custom-compression-settings compression-level = 9 (line 3) 201W: smartcardauth source: epoch-change-without-comment 1.0-3ubuntu5 -> 4:14.2.0~pre5-0ubuntu20.04.0+3 202N: 203N: The previous version of this package had a different version epoch (eg. 204N: 2:1.0-1) to the current version but there's no reference to this in the 205N: changelog entry. 206N: 207N: Epochs exist to cope with changes to the upstream version numbering 208N: scheme. Whilst they are a powerful tool, increasing or adding an epoch 209N: has many downsides including causing issues with versioned dependencies, 210N: being misleading to users and being aesthetically unappealing. Whilst 211N: they should be avoided, valid reasons to add or increment the epoch 212N: include: 213N: 214N: - Upstream changed their versioning scheme in a way that makes the 215N: latest version lower than the previous one. 216N: - You need to permanently revert to a lower upstream version. 217N: 218N: Temporary revertions (eg. after an NMU) should use not modify or 219N: introduce an epoch - please use the CURRENT+reallyFORMER until you can 220N: upload the latest version again. 221N: 222N: If you are unsure whether you need to increase the epoch for a package, 223N: please consult the debian-devel mailing list. 224N: 225N: Lintian looks in this version's changelog entry for the phrase "epoch". 226N: 227N: Severity: warning 228N: 229N: Check: debian/changelog 230N: 231W: smartcardauth: extended-description-line-too-long 232N: 233N: One or more lines in the extended part of the "Description:" field have 234N: been found to contain more than 80 characters. For the benefit of users 235N: of 80x25 terminals, it is recommended that the lines do not exceed 80 236N: characters. 237N: 238N: Refer to Debian Policy Manual section 3.4.1 (The single line synopsis) 239N: for details. 240N: 241N: Severity: warning 242N: 243N: Check: fields/description 244N: 245W: smartcardauth: extended-description-line-too-long 246W: smartcardauth source: no-debian-copyright-in-source 247N: 248N: Every package must include the file /usr/share/doc/<pkg>/copyright. A 249N: copy of this file should be in debian/copyright in the source package. 250N: 251N: Refer to Debian Policy Manual section 12.5 (Copyright information) for 252N: details. 253N: 254N: Severity: warning 255N: 256N: Check: debian/copyright 257N: 258W: smartcardauth: package-relation-with-self breaks: smartcardauth (<< 4:14.0.0~) 259N: 260N: The package declares a relationship with itself. This is not very useful 261N: except in the case of a package Conflicting with itself if its package 262N: name doubles as a virtual package. 263N: 264N: Severity: warning 265N: 266N: Check: fields/package-relations 267N: 268W: smartcardauth: possible-unindented-list-in-extended-description 269N: 270N: The package "Description:" contains an unindented line which starts with 271N: a dash (-) or asterisk (*). If this was meant to be a list of items 272N: these lines need to be indented (dselect would word-wrap these lines 273N: otherwise). 274N: 275N: Refer to Debian Policy Manual section 5.6.13 (Description) for details. 276N: 277N: Severity: warning 278N: 279N: Check: fields/description 280N: 281W: smartcardauth: priority-extra-is-replaced-by-priority-optional 282N: 283N: Since Debian Policy version 4.0.1, the priority extra has been 284N: deprecated. 285N: 286N: Please update debian/control and replace all instances of Priority: 287N: extra with Priority: optional. 288N: 289N: Refer to Debian Policy Manual section 2.5 (Priorities) for details. 290N: 291N: Severity: warning 292N: 293N: Check: fields/priority 294N: 295W: smartcardauth: script-with-language-extension usr/bin/cryptosmartcard.sh 296N: 297N: When scripts are installed into a directory in the system PATH, the 298N: script name should not include an extension such as .sh or .pl that 299N: denotes the scripting language currently used to implement it. The 300N: implementation language may change; if it does, leaving the name the 301N: same would be confusing and changing it would be disruptive. 302N: 303N: Refer to Debian Policy Manual section 10.4 (Scripts) for details. 304N: 305N: Severity: warning 306N: 307N: Check: files/scripts 308N: 309W: smartcardauth: spelling-error-in-description ISO ISO (duplicate word) ISO 310N: 311N: Lintian found a spelling error in the package description. Lintian has a 312N: list of common misspellings that it looks for. It does not have a 313N: dictionary like a spelling checker does. It is particularly picky about 314N: spelling and capitalization in package descriptions since they're very 315N: visible to end users. 316N: 317N: Severity: warning 318N: 319N: Check: fields/description 320N: 321W: smartcardauth: unknown-section tde 322N: 323N: The "Section:" field in this package's control file is not one of the 324N: sections in use on the ftp archive. Valid sections are currently admin, 325N: comm, cli-mono, database, debug, devel, doc, editors, electronics, 326N: embedded, fonts, games, gnome, gnu-r, gnustep, graphics, hamradio, 327N: haskell, httpd, interpreters, java, javascript, kde, libdevel, libs, 328N: lisp, localization, kernel, mail, math, misc, net, news, ocaml, oldlibs, 329N: otherosfs, perl, php, python, ruby, rust, science, shells, sound, tex, 330N: text, utils, vcs, video, web, x11, xfce, zope. 331N: 332N: The section name should be preceded by "non-free/" if the package is in 333N: the non-free archive area, and by "contrib/" if the package is in the 334N: contrib archive area. 335N: 336N: Refer to Debian Policy Manual section 2.4 (Sections) for details. 337N: 338N: Severity: warning 339N: 340N: Check: fields/section 341N: 342W: smartcardauth: uses-implicit-await-trigger activate update-initramfs (line 1) 343N: 344N: The listed trigger is present in the control file of the package. The 345N: trigger is an await trigger, which may not be obvious from its name. 346N: 347N: Await triggers place rather strong requirements on dpkg that often lead 348N: to trigger cycles due to changes in other packages. 349N: 350N: If the package does not need the guarantees that dpkg provides to await 351N: triggers, please use the "-noawait" variant of the trigger. This is 352N: often the case for packages that use the trigger to compile a form of 353N: cache. 354N: 355N: If the package does need the guarantees provided by dpkg, then please 356N: document the rationale in a comment above the trigger and use the 357N: "-await" variant of the trigger to avoid this warning. 358N: 359N: Refer to the deb-triggers(5) manual page and 360N: https://bugs.debian.org/774559 for details. 361N: 362N: Severity: warning 363N: 364N: Check: triggers 365N: 366I: smartcardauth source: debian-watch-file-is-missing 367N: 368N: This source package is not Debian-native but it does not have a 369N: debian/watch file. This file is used for automatic detection of new 370N: upstream versions by the Debian External Health Status project and other 371N: project infrastructure. If this package is maintained upstream, please 372N: consider adding a debian/watch file to detect new releases. 373N: 374N: If the package is not maintained upstream or if upstream uses a 375N: distribution mechanism that cannot be meaningfully monitored by uscan 376N: and the Debian External Health Status project, please consider adding a 377N: debian/watch file containing only comments documenting the situation. 378N: 379N: Refer to Debian Policy Manual section 4.11 (Optional upstream source 380N: location: debian/watch) and the uscan(1) manual page for details. 381N: 382N: Severity: info 383N: 384N: Check: debian/watch 385N: 386I: smartcardauth source: no-dh-sequencer 387N: 388N: This package does not use the dh sequencer in debian/rules. 389N: 390N: While maintainers may use a variety of build systems, this one is by far 391N: the most popular. 392N: 393N: Maintainers are strongly encouraged to use the dh sequencer in new 394N: packages and convert existing ones when appropriate. 395N: 396N: Severity: info 397N: 398N: Check: debian/rules/dh-sequencer 399N: 400I: smartcardauth source: testsuite-autopkgtest-missing 401N: 402N: This package does not declare a test suite. 403N: 404N: Having a test suite aids with automated quality assurance of the archive 405N: outside of your package. For example, if your package has a test suite 406N: it is possible to re-run that test suite when any of your package's 407N: dependencies have a new version and check whether that update causes 408N: problems for your package. 409N: 410N: In addition, since May 2018 these tests now influence migration from 411N: unstable to testing: 412N: 413N: https://lists.debian.org/debian-devel-announce/2018/05/msg00001.html 414N: 415N: Please add a debian/tests/control file to your package to declare a 416N: testsuite, but please make sure to only add autopkgtests if they provide 417N: meaningful coverage of your package. 418N: 419N: Refer to https://ci.debian.net/doc/ for details. 420N: 421N: Severity: info 422N: 423N: Check: testsuite 424N: 425P: smartcardauth source: no-homepage-field 426N: 427N: This non-native package lacks a Homepage field. If the package has an 428N: upstream home page that contains useful information or resources for the 429N: end user, consider adding a Homepage control field to debian/control. 430N: 431N: Refer to Debian Policy Manual section 5.6.23 (Homepage) for details. 432N: 433N: Severity: pedantic 434N: 435N: Check: fields/homepage 436N: 437P: smartcardauth source: package-uses-old-debhelper-compat-version 10 438N: 439N: The debhelper compatibility version used by this package is marked as 440N: not recommended by the debhelper developer. You may consider using a 441N: recommended compatibility version. 442N: 443N: The compatibility version can be set by specifying debhelper-compat (= 444N: 12) in your package's Build-Depends, by the legacy debian/compat file or 445N: even by setting and exporting DH_COMPAT in debian/rules. If it is not 446N: set in either place, debhelper defaults to the deprecated compatibility 447N: version 1. 448N: 449N: Refer to the debhelper(7) manual page for details. 450N: 451N: Severity: pedantic 452N: 453N: Check: debhelper 454N: 455P: smartcardauth source: rules-requires-root-missing 456N: 457N: The debian/control file is missing an explicit Rules-Requires-Root 458N: field. 459N: 460N: Traditionally, Debian packages have required root privileges for some 461N: debian/rules target requiring a split between build and binary targets. 462N: This makes the builds slower due to the increased amount of invocations 463N: as well as the overhead of fakeroot itself. 464N: 465N: Please specify (eg.) Rules-Requires-Root: no in the debian/control 466N: source stanza, but packagers should verify using diffoscope(1) that the 467N: binaries built with this field present are identical. 468N: 469N: Refer to /usr/share/doc/dpkg-dev/rootless-builds.txt.gz, Debian Policy 470N: Manual section 4.9.2 (debian/rules and Rules-Requires-Root), and Debian 471N: Policy Manual section 5.6.31 (Rules-Requires-Root) for details. 472N: 473N: Severity: pedantic 474N: 475N: Check: debian/control 476N: 477X: smartcardauth source: upstream-metadata-file-is-missing 478N: 479N: This source package is not Debian-native but it does not have a 480N: debian/upstream/metadata file. 481N: 482N: The Upstream MEtadata GAthered with YAml (UMEGAYA) project is an effort 483N: to collect meta-information about upstream projects from any source 484N: package. This file is in YAML format and it is used in to feed the data 485N: in the UltimateDebianDatabase. For example, it can contains the way the 486N: authors want their software be cited in publications and some 487N: bibliographic references about the software. 488N: 489N: Please add a debian/upstream/metadata file. 490N: 491N: Refer to https://dep-team.pages.debian.net/deps/dep12/ and 492N: https://wiki.debian.org/UpstreamMetadata for details. 493N: 494N: Severity: pedantic 495N: 496N: Check: debian/upstream/metadata 497N: 498N: This tag is experimental. Please file a bug report if the tag seems 499N: wrong. 500N: 501C: smartcardauth: control-tarball-compression-format xz 502N: 503N: This is the compressor format used for the control.tar tarball. 504N: 505N: Severity: classification 506N: 507N: Check: deb-format 508N: 509N: This tag is a classification. There is no issue in your package. 510N: 511C: smartcardauth: data-tarball-compression-format xz 512N: 513N: This is the compressor format used for the data.tar tarball. 514N: 515N: Severity: classification 516N: 517N: Check: deb-format 518N: 519N: This tag is a classification. There is no issue in your package. 520N: 521C: smartcardauth source: debhelper-compat-level 10 522N: 523N: This is the debhelper compat level used specified by this package. 524N: 525N: Severity: classification 526N: 527N: Check: debhelper 528N: 529N: This tag is a classification. There is no issue in your package. 530N: 531C: smartcardauth source: debian-build-system cdbs-with-debhelper.mk 532N: 533N: This is the build system that Lintian believes the package is using. 534N: 535N: Severity: classification 536N: 537N: Check: debhelper 538N: 539N: This tag is a classification. There is no issue in your package. 540N: 541C: smartcardauth: no-ctrl-scripts 542N: 543N: The package does not rely on any maintainer scripts (or other executable 544N: control files). 545N: 546N: Severity: classification 547N: 548N: Check: control-files 549N: 550N: This tag is a classification. There is no issue in your package. 551N: 552C: smartcardauth source: package-is-maintained-by-individual 553N: 554N: The package is maintained by an individual according to the 555N: maintainer/uploaders fields in the debian/control file. 556N: 557N: Severity: classification 558N: 559N: Check: fields/vcs 560N: 561N: This tag is a classification. There is no issue in your package. 562N: 563C: smartcardauth: package-is-maintained-by-individual 564C: smartcardauth source: patch-system quilt 565N: 566N: This package uses the specified patch system (eg. "quilt" or "dpatch"). 567N: 568N: Severity: classification 569N: 570N: Check: patch-systems 571N: 572N: This tag is a classification. There is no issue in your package. 573N: 574C: smartcardauth source: source-format 3.0 (quilt) 575N: 576N: This is the source format declared in the package. 577N: 578N: Severity: classification 579N: 580N: Check: debian/source-dir 581N: 582N: This tag is a classification. There is no issue in your package. 583N: 584C: smartcardauth source: standards-version 3.8.4 585N: 586N: The standards version of the package according to Standards-Version 587N: field in the debian/control file. 588N: 589N: Severity: classification 590N: 591N: Check: fields/standards-version 592N: 593N: This tag is a classification. There is no issue in your package. 594N: 595 596--------------------