Re: Bug#147203: lintian: scripts syntax checking (sh -n)
On Tue, Dec 03, 2002 at 02:16:45AM +0000, Colin Watson wrote:
> On Sun, Nov 24, 2002 at 07:08:05PM +0100, Bill Allombert wrote:
> > +#perl -c execute the BEGIN and END section, which can be a
> > +#security problem. Also it is slow.
>
> I'm inclined to think that 'perl -c' is not really a useful check to
> have. The checks for bashisms and such are useful, because they check
> parsing with different shells, which isn't something everyone remembers
> to do. However, if you've got a perl postinst, then you *cannot* install
> the package unless it parses.
All scripts are not postinst scripts. Broken prerm are also a problem and are
less tested, unfortunately. Also I have seen packages installing scripts in
/usr/bin/ that were seldom used and fully broken. For them 'sh -n' and 'perl
-c' work. Alas, some experiment I have made with 'ash -n' has shown that it
catch only important blunders. 'perl -c' is better in this regards.
> If people don't even install the package, then (a) I think they probably
> won't bother running lintian/linda either, and (b) we have much worse
> problems. The 'perl -c' check seems like high cost for low gain to me.
What are the cost exactly ?
Anyway, I am not over-enthousiast about these checks, and feel free to do
what you prefer. I was initially pushing this because I have stumbled over
several packages with completly broken scripts. If the maintainer did not
check them, the only option for us if we want to keep a high quality
level to Debian[1] is to check them ourselves, but since we do not have enough
time to check every packages that get uploaded, we have to write automated
check. Nobody wantinf to write a tool to find manpages with zero content ? :)
Friendly,
--
Bill. <ballombe@debian.org>
[1] As in '0 bugs' not '0 bugs in the BTS'.
Reply to: