--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: lintian: please add check for careless usage of "make clean" and the like
- From: Branden Robinson <branden@debian.org>
- Date: Sun, 28 Aug 2005 00:54:02 -0500
- Message-id: <20050828055402.1832068C053@sisyphus.deadbeast.net>
Package: lintian
Version: 1.23.10
Severity: wishlist
A lot of packages, particularly those with upstreams that use the GNU
autotools, have a very nasty habit of running the upstream clean rule while
utterly ignoring any errors from it. This is very, very bad. Please add a
check for it.
An egrep regex to catch this is probably about as simple as:
'\t[[:space:]]*-(\$[({]MAKE[)}]|make)[[:space:]].*(dist)?clean'
See transcript of IRC discussion below for further elaboration of rationale.
00:35 < Overfiend> joshk: What didn't you like about my changes to
debian/rules?
00:36 < Overfiend> a configure target for autofoo-using packages is
common practice AFAICT
00:36 < Overfiend> because of the problem of getting a properly cleaned
tree
00:36 < Overfiend> if you were to assert that configure getting run
*twice* for every package build from a freshly-unpacked source were
a bit stupid, I'd agree.
00:36 < Overfiend> But that stupidity appears to be forced on us by
GNU autofoo.
00:37 < joshk> yes - my scripts run a clean and then a build..
00:37 < Overfiend> your scripts? debuild does that too.
dpkg-buildpackage might as well, I don't remember.
00:37 < Overfiend> it's the Right Thing to do.
00:37 < vorlon> Overfiend: meh? Why would it be run twice?
00:37 < Overfiend> Builds should always start from a known state.
00:37 < Overfiend> vorlon: because debuild invokes debian/rules clean
before debian/rules binary
00:38 < Overfiend> or dpkg-buildpackage does
00:38 < Overfiend> as I said, I don't remember
00:38 < doogie> why does clean depend on configure?
00:38 < vorlon> Overfiend: there's no reason clean should need to depend
on configure
00:38 < Overfiend> can't "make clean" if there's no Makefile...
00:38 < vorlon> not with sane autotoolery
00:38 < doogie> then don't
00:38 < vorlon> yes, so you type "-make clean" instead
00:38 < Overfiend> UGH!
00:38 < doogie> what he said
00:38 < joshk> -$(MAKE) distclean, here
00:38 * Overfiend vomits across the room
00:38 < Overfiend> that's fucking moronic
00:38 < doogie> no, this is how it's done
00:38 < joshk> Overfiend: wow. have you considered entering a contest?
00:38 < Overfiend> "I don't care why make clean failed. Ignore it."
00:39 < vorlon> fine. [ ! -f Makefile ] || make clean
00:39 < vorlon> :P
00:39 < Overfiend> That's like swatting a fly with a neutron star.
00:39 < doogie> however, this is why I hate build systems that don't
support a build dir.
00:39 < joshk> build system? what build system? :|
00:39 < Overfiend> vorlon: that's a bit more reasonable.
00:39 < joshk> vorlon: hmm, good idea
00:39 < doogie> ifeq (Makefile,$(wildcard Makefile))
00:40 < doogie> make clean
00:40 < doogie> endif
00:40 < Overfiend> "Ignore all errors from make on the assumption that
the only reason it would fail is because there's no Makefile" is
mondo stupid.
00:40 < joshk> well, the reason i chose to do it my way is because it's
that way in every single one of my autofoo using packages currently
00:40 < doogie> my way is more efficient. less forking.
00:40 < joshk> so even if you were right, i'd end up having to orchestrate
that change over all my packages anyway..
00:40 < joshk> IOW: someday.
00:41 < Overfiend> I don't care which approach, vorlon's or doogie's,
people use. but -$(MAKE) {dist,}clean is just unholy bad.
00:41 < vorlon> doogie: doesn't every line get passed to sh for execution?
If [ is a builtin, there's no difference in fork count
(Connection timed out)]
00:42 < Overfiend> Recall that people mindlessly ignoring error conditions
is why we see most security advisories.
00:42 < doogie> vorlon: try again. if the Makefile doesn't exist,
$(wildcard) expands to nothing, so the line isn't sent to the shell
00:42 < vorlon> ah.
00:42 < vorlon> right.
00:42 < joshk> Overfiend: a ton of people, not just myself, use a
variation of -make clean - you may want to submit a lintian check
for it...
00:42 < doogie> and you have to test for the file's existance anyways.
00:42 < joshk> sounds like something that would get in. and it would
compel me to do it more quickly :)
00:42 < doogie> altho, it does make the file harder to read
00:43 < Overfiend> joshk, doogie, vorlon: permission to quote you guys
in my bug report.
00:43 < joshk> Overfiend: granted
00:43 < Overfiend> I'd rather paste this discussion than rewrite it.
00:43 < vorlon> Overfiend: as long as you leave out the fart noises
[Read error: 104 (Connection reset by peer)]
00:43 < Overfiend> vorlon: oh, very well
00:43 < doogie> you can always quote my makefile foo, if it is meant to
scare and intimidate
00:43 < Overfiend> doogie: :)
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable')
Architecture: powerpc (ppc)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.9-powerpc-smp
Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages lintian depends on:
ii binutils 2.16.1-2 The GNU assembler, linker and bina
ii diffstat 1.41-1 produces graph of changes introduc
ii file 4.12-1 Determines file type using "magic"
ii gettext 0.14.5-2 GNU Internationalization utilities
ii intltool-debian 0.30+20040213 Help i18n of RFC822 compliant conf
ii man-db 2.4.3-1 The on-line manual pager
ii perl [libdigest-md5-perl] 5.8.7-4 Larry Wall's Practical Extraction
lintian recommends no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: lintian
Source-Version: 1.23.32
We believe that the bug you reported is fixed in the latest version of
lintian, which is due to be installed in the Debian FTP archive:
lintian_1.23.32.dsc
to pool/main/l/lintian/lintian_1.23.32.dsc
lintian_1.23.32.tar.gz
to pool/main/l/lintian/lintian_1.23.32.tar.gz
lintian_1.23.32_all.deb
to pool/main/l/lintian/lintian_1.23.32_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 325372@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Russ Allbery <rra@debian.org> (supplier of updated lintian package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 21 Jun 2007 01:47:53 -0700
Source: lintian
Binary: lintian
Architecture: source all
Version: 1.23.32
Distribution: unstable
Urgency: low
Maintainer: Debian Lintian Maintainers <lintian-maint@debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description:
lintian - Debian package checker
Closes: 90019 173583 325372 428403 428681 429528 429840
Changes:
lintian (1.23.32) unstable; urgency=low
.
The "stability of output" release.
.
* checks/binaries:
+ [RA] Sort the package SONAMEs to provide more stable lintian tags.
Patch from Cyril Brulebois. (Closes: #428681)
* checks/files{.desc,}:
+ [RA] Limit the Zope license exception to only .dtml, .pt, and .cpt
files. Thanks, Bernd Zeimetz.
+ [RA] Sort the files listed in package-contains-hardlink so that the
lintian output is stable regardless of the hash order of the
directory when the tar file was built.
+ [RA] Don't incorrectly skip all other file location checks for hard
links.
+ [RA] Check for files installed in /usr/lib/sgml. This transition
was probably completed long ago, but checking for regression can't
hurt. (Closes: #90019)
* checks/manpages{.desc,}:
+ [RA] Check for dh_make man page templates (by looking for the
template whatis entry). Thanks, Bill Allombert. (Closes: #173583)
* checks/menus:
+ [RA] Avoid a quadratic search of the files in the package on
doc-base files that list tons of files individually. This speeds up
a lintian check of openoffice.org-dev-doc enormously.
* checks/po-debconf:
+ [RA] Close the template file handle between files so that the line
numbers for translated default fields are correct.
* checks/rules{.desc,}:
+ [RA] Check for ignoring all errors from make clean or make distclean
and recommend skipping the call if there's no Makefile instead.
Thanks, Branden Robinson. (Closes: #325372)
* checks/scripts{.desc,}:
+ [RA] Add Octave as an interpreter, and allow both versioned and
unversioned forms. Thanks, Sebastian Harl. (Closes: #428403)
+ [RA] Check for deprecated install-sgmlcatalog usage.
* checks/shared_libs:
+ [RA] Report the correct file for shlib-with-nonpic-code rather than
the last shlib in the package. (Closes: #429840, #429528)
.
* frontend/lintian:
+ [RA] Don't require -v in order to report unused overrides; they're
already info-level tags, which is enough hiding.
+ [RA] Remove old dead unused override code.
.
* reporting/html_reports:
+ [RA] Fix a Perl warning when generating the clean maintainer pages.
.
* unpack/unpack-binpkg-l1:
+ [RA] Sort the output of tar tfv by filename so that the lintian
output will be stable regardless of the hash order of the directory
when the tar file was built.
Files:
04d340df5593c330895d822edfbd1d10 803 devel optional lintian_1.23.32.dsc
7452f55648f0ef1446c026ae18163e9f 337107 devel optional lintian_1.23.32.tar.gz
be1cdda0c12c2da2f0b42b11bc4a0307 286358 devel optional lintian_1.23.32_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGejyp+YXjQAr8dHYRAjyHAKDAihFYCCzMefTG7qkh80ys75PMlgCgjyPd
VmKdnqZdzfIPzQA1AxfNKy0=
=3SGH
-----END PGP SIGNATURE-----
--- End Message ---