1 # SOME DESCRIPTIVE TITLE
2 # Copyright (C) YEAR Free Software Foundation, Inc.
3 # This file is distributed under the same license as the PACKAGE package.
4 # FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
9 "Project-Id-Version: PACKAGE VERSION\n"
10 "POT-Creation-Date: 2011-10-12 09:49+0300\n"
11 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
12 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
13 "Language-Team: LANGUAGE <LL@li.org>\n"
16 "Content-Type: text/plain; charset=UTF-8\n"
17 "Content-Transfer-Encoding: 8bit\n"
19 #. type: Content of: <chapter><title>
21 msgid "Managing Packages"
24 #. type: Content of: <chapter><para>
27 "This chapter contains information related to creating, uploading, "
28 "maintaining, and porting packages."
31 #. type: Content of: <chapter><section><title>
36 #. type: Content of: <chapter><section><para>
39 "If you want to create a new package for the Debian distribution, you should "
40 "first check the <ulink url=\"&url-wnpp;\">Work-Needing and Prospective "
41 "Packages (WNPP)</ulink> list. Checking the WNPP list ensures that no one is "
42 "already working on packaging that software, and that effort is not "
43 "duplicated. Read the <ulink url=\"&url-wnpp;\">WNPP web pages</ulink> for "
47 #. type: Content of: <chapter><section><para>
50 "Assuming no one else is already working on your prospective package, you "
51 "must then submit a bug report (<xref linkend=\"submit-bug\"/>) against the "
52 "pseudo-package <systemitem role=\"package\">wnpp</systemitem> describing "
53 "your plan to create a new package, including, but not limiting yourself to, "
54 "a description of the package, the license of the prospective package, and "
55 "the current URL where it can be downloaded from."
58 #. type: Content of: <chapter><section><para>
61 "You should set the subject of the bug to <literal>ITP: "
62 "<replaceable>foo</replaceable> -- <replaceable>short "
63 "description</replaceable></literal>, substituting the name of the new "
64 "package for <replaceable>foo</replaceable>. The severity of the bug report "
65 "must be set to <literal>wishlist</literal>. Please send a copy to "
66 "&email-debian-devel; by using the X-Debbugs-CC header (don't use CC:, "
67 "because that way the message's subject won't indicate the bug number). If "
68 "you are packaging so many new packages (>10) that notifying the mailing "
69 "list in separate messages is too disruptive, send a summary after filing the "
70 "bugs to the debian-devel list instead. This will inform the other "
71 "developers about upcoming packages and will allow a review of your "
72 "description and package name."
75 #. type: Content of: <chapter><section><para>
78 "Please include a <literal>Closes: "
79 "#<replaceable>nnnnn</replaceable></literal> entry in the changelog of the "
80 "new package in order for the bug report to be automatically closed once the "
81 "new package is installed in the archive (see <xref "
82 "linkend=\"upload-bugfix\"/>)."
85 #. type: Content of: <chapter><section><para>
88 "If you think your package needs some explanations for the administrators of "
89 "the NEW package queue, include them in your changelog, send to "
90 "&email-ftpmaster; a reply to the email you receive as a maintainer after "
91 "your upload, or reply to the rejection email in case you are already "
95 #. type: Content of: <chapter><section><para>
98 "When closing security bugs include CVE numbers as well as the "
99 "<literal>Closes: #<replaceable>nnnnn</replaceable></literal>. This is "
100 "useful for the security team to track vulnerabilities. If an upload is made "
101 "to fix the bug before the advisory ID is known, it is encouraged to modify "
102 "the historical changelog entry with the next upload. Even in this case, "
103 "please include all available pointers to background information in the "
104 "original changelog entry."
107 #. type: Content of: <chapter><section><para>
110 "There are a number of reasons why we ask maintainers to announce their "
114 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
117 "It helps the (potentially new) maintainer to tap into the experience of "
118 "people on the list, and lets them know if anyone else is working on it "
122 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
125 "It lets other people thinking about working on the package know that there "
126 "already is a volunteer, so efforts may be shared."
129 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
132 "It lets the rest of the maintainers know more about the package than the one "
133 "line description and the usual changelog entry ``Initial release'' that gets "
134 "posted to &email-debian-devel-changes;."
137 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
140 "It is helpful to the people who live off <literal>unstable</literal> (and "
141 "form our first line of testers). We should encourage these people."
144 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
147 "The announcements give maintainers and other interested parties a better "
148 "feel of what is going on, and what is new, in the project."
151 #. type: Content of: <chapter><section><para>
154 "Please see <ulink url=\"http://&ftp-master-host;/REJECT-FAQ.html\"></ulink> "
155 "for common rejection reasons for a new package."
158 #. type: Content of: <chapter><section><title>
160 msgid "Recording changes in the package"
163 #. type: Content of: <chapter><section><para>
166 "Changes that you make to the package need to be recorded in the "
167 "<filename>debian/changelog</filename>. These changes should provide a "
168 "concise description of what was changed, why (if it's in doubt), and note if "
169 "any bugs were closed. They also record when the package was completed. "
170 "This file will be installed in "
171 "<filename>/usr/share/doc/<replaceable>package</replaceable>/changelog.Debian.gz</filename>, "
173 "<filename>/usr/share/doc/<replaceable>package</replaceable>/changelog.gz</filename> "
174 "for native packages."
177 #. type: Content of: <chapter><section><para>
180 "The <filename>debian/changelog</filename> file conforms to a certain "
181 "structure, with a number of different fields. One field of note, the "
182 "<literal>distribution</literal>, is described in <xref "
183 "linkend=\"distribution\"/>. More information about the structure of this "
184 "file can be found in the Debian Policy section titled "
185 "<filename>debian/changelog</filename>."
188 #. type: Content of: <chapter><section><para>
191 "Changelog entries can be used to automatically close Debian bugs when the "
192 "package is installed into the archive. See <xref "
193 "linkend=\"upload-bugfix\"/>."
196 #. type: Content of: <chapter><section><para>
199 "It is conventional that the changelog entry of a package that contains a new "
200 "upstream version of the software looks like this:"
203 #. type: Content of: <chapter><section><screen>
206 msgid " * New upstream release.\n"
209 #. type: Content of: <chapter><section><para>
212 "There are tools to help you create entries and finalize the "
213 "<filename>changelog</filename> for release — see <xref "
214 "linkend=\"devscripts\"/> and <xref linkend=\"dpkg-dev-el\"/>."
217 #. type: Content of: <chapter><section><para>
219 msgid "See also <xref linkend=\"bpp-debian-changelog\"/>."
222 #. type: Content of: <chapter><section><title>
224 msgid "Testing the package"
227 #. type: Content of: <chapter><section><para>
230 "Before you upload your package, you should do basic testing on it. At a "
231 "minimum, you should try the following activities (you'll need to have an "
232 "older version of the same Debian package around):"
235 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
238 "Install the package and make sure the software works, or upgrade the package "
239 "from an older version to your new version if a Debian package for it already "
243 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
246 "Run <command>lintian</command> over the package. You can run "
247 "<command>lintian</command> as follows: <literal>lintian -v "
248 "<replaceable>package-version</replaceable>.changes</literal>. This will "
249 "check the source package as well as the binary package. If you don't "
250 "understand the output that <command>lintian</command> generates, try adding "
251 "the <literal>-i</literal> switch, which will cause "
252 "<command>lintian</command> to output a very verbose description of the "
256 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
259 "Normally, a package should <emphasis>not</emphasis> be uploaded if it causes "
260 "<command>lintian</command> to emit errors (they will start with "
261 "<literal>E</literal>)."
264 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
267 "For more information on <command>lintian</command>, see <xref "
268 "linkend=\"lintian\"/>."
271 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
274 "Optionally run <command>debdiff</command> (see <xref linkend=\"debdiff\"/>) "
275 "to analyze changes from an older version, if one exists."
278 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
281 "Downgrade the package to the previous version (if one exists) — this tests "
282 "the <filename>postrm</filename> and <filename>prerm</filename> scripts."
285 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
287 msgid "Remove the package, then reinstall it."
290 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
293 "Copy the source package in a different directory and try unpacking it and "
294 "rebuilding it. This tests if the package relies on existing files outside "
295 "of it, or if it relies on permissions being preserved on the files shipped "
296 "inside the <filename>.diff.gz</filename> file."
299 #. type: Content of: <chapter><section><title>
301 msgid "Layout of the source package"
304 #. type: Content of: <chapter><section><para>
306 msgid "There are two types of Debian source packages:"
309 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
312 "the so-called <literal>native</literal> packages, where there is no "
313 "distinction between the original sources and the patches applied for Debian"
316 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
319 "the (more common) packages where there's an original source tarball file "
320 "accompanied by another file that contains the changes made by Debian"
323 #. type: Content of: <chapter><section><para>
326 "For the native packages, the source package includes a Debian source control "
327 "file (<filename>.dsc</filename>) and the source tarball "
328 "(<filename>.tar.{gz,bz2,xz}</filename>). A source package of a non-native "
329 "package includes a Debian source control file, the original source tarball "
330 "(<filename>.orig.tar.{gz,bz2,xz}</filename>) and the Debian changes "
331 "(<filename>.diff.gz</filename> for the source format “1.0” or "
332 "<filename>.debian.tar.{gz,bz2,xz}</filename> for the source format “3.0 "
336 #. type: Content of: <chapter><section><para>
339 "With source format “1.0”, whether a package is native or not was determined "
340 "by <command>dpkg-source</command> at build time. Nowadays it is recommended "
341 "to be explicit about the desired source format by putting either “3.0 "
342 "(quilt)” or “3.0 (native)” in <filename>debian/source/format</filename>. "
343 "The rest of this section relates only to non-native packages."
346 #. type: Content of: <chapter><section><para>
349 "The first time a version is uploaded which corresponds to a particular "
350 "upstream version, the original source tar file should be uploaded and "
351 "included in the <filename>.changes</filename> file. Subsequently, this very "
352 "same tar file should be used to build the new diffs and "
353 "<filename>.dsc</filename> files, and will not need to be re-uploaded."
356 #. type: Content of: <chapter><section><para>
359 "By default, <command>dpkg-genchanges</command> and "
360 "<command>dpkg-buildpackage</command> will include the original source tar "
361 "file if and only if the current changelog entry has a different upstream "
362 "version from the preceding entry. This behavior may be modified by using "
363 "<literal>-sa</literal> to always include it or <literal>-sd</literal> to "
364 "always leave it out."
367 #. type: Content of: <chapter><section><para>
370 "If no original source is included in the upload, the original source "
371 "tar-file used by <command>dpkg-source</command> when constructing the "
372 "<filename>.dsc</filename> file and diff to be uploaded "
373 "<emphasis>must</emphasis> be byte-for-byte identical with the one already in "
377 #. type: Content of: <chapter><section><para>
380 "Please notice that, in non-native packages, permissions on files that are "
381 "not present in the <filename>*.orig.tar.{gz,bz2,xz}</filename> will not be "
382 "preserved, as diff does not store file permissions in the patch. However "
383 "when using source format “3.0 (quilt)”, permissions of files inside the "
384 "<filename>debian</filename> directory are preserved since they are stored in "
388 #. type: Content of: <chapter><section><title>
390 msgid "Picking a distribution"
393 #. type: Content of: <chapter><section><para>
396 "Each upload needs to specify which distribution the package is intended "
397 "for. The package build process extracts this information from the first "
398 "line of the <filename>debian/changelog</filename> file and places it in the "
399 "<literal>Distribution</literal> field of the <filename>.changes</filename> "
403 #. type: Content of: <chapter><section><para>
406 "There are several possible values for this field: <literal>stable</literal>, "
407 "<literal>unstable</literal>, <literal>testing-proposed-updates</literal> and "
408 "<literal>experimental</literal>. Normally, packages are uploaded into "
409 "<literal>unstable</literal>."
412 #. type: Content of: <chapter><section><para>
415 "Actually, there are two other possible distributions: "
416 "<literal>stable-security</literal> and <literal>testing-security</literal>, "
417 "but read <xref linkend=\"bug-security\"/> for more information on those."
420 #. type: Content of: <chapter><section><para>
423 "It is not possible to upload a package into several distributions at the "
427 #. type: Content of: <chapter><section><section><title>
430 "Special case: uploads to the <literal>stable</literal> and "
431 "<literal>oldstable</literal> distributions"
434 #. type: Content of: <chapter><section><section><para>
437 "Uploading to <literal>stable</literal> means that the package will "
438 "transferred to the <literal>proposed-updates-new</literal> queue for review "
439 "by the stable release managers, and if approved will be installed in "
440 "<filename>stable-proposed-updates</filename> directory of the Debian "
441 "archive. From there, it will be included in <literal>stable</literal> with "
442 "the next point release."
445 #. type: Content of: <chapter><section><section><para>
448 "To ensure that your upload will be accepted, you should discuss the changes "
449 "with the stable release team before you upload. For that, send a mail to the "
450 "&email-debian-release; mailing list, including the patch you want to apply "
451 "to the package version currently in <literal>stable</literal>. Always be "
452 "verbose and detailed in your changelog entries for uploads to the "
453 "<literal>stable</literal> distribution."
456 #. type: Content of: <chapter><section><section><para>
459 "Extra care should be taken when uploading to <literal>stable</literal>. "
460 "Basically, a package should only be uploaded to <literal>stable</literal> if "
461 "one of the following happens:"
464 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
466 msgid "a truly critical functionality problem"
469 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
471 msgid "the package becomes uninstallable"
474 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
476 msgid "a released architecture lacks the package"
479 #. type: Content of: <chapter><section><section><para>
482 "In the past, uploads to <literal>stable</literal> were used to address "
483 "security problems as well. However, this practice is deprecated, as uploads "
484 "used for Debian security advisories are automatically copied to the "
485 "appropriate <filename>proposed-updates</filename> archive when the advisory "
486 "is released. See <xref linkend=\"bug-security\"/> for detailed information "
487 "on handling security problems. If the security teams deems the problem to be "
488 "too benign to be fixed through a <literal>DSA</literal>, the stable release "
489 "managers are usually willing to include your fix nonetheless in a regular "
490 "upload to <literal>stable</literal>."
493 #. type: Content of: <chapter><section><section><para>
496 "Changing anything else in the package that isn't important is discouraged, "
497 "because even trivial fixes can cause bugs later on."
500 #. type: Content of: <chapter><section><section><para>
503 "Packages uploaded to <literal>stable</literal> need to be compiled on "
504 "systems running <literal>stable</literal>, so that their dependencies are "
505 "limited to the libraries (and other packages) available in "
506 "<literal>stable</literal>; for example, a package uploaded to "
507 "<literal>stable</literal> that depends on a library package that only exists "
508 "in <literal>unstable</literal> will be rejected. Making changes to "
509 "dependencies of other packages (by messing with <literal>Provides</literal> "
510 "or <filename>shlibs</filename> files), possibly making those other packages "
511 "uninstallable, is strongly discouraged."
514 #. type: Content of: <chapter><section><section><para>
517 "Uploads to the <literal>oldstable</literal> distributions are possible as "
518 "long as it hasn't been archived. The same rules as for "
519 "<literal>stable</literal> apply."
522 #. type: Content of: <chapter><section><section><title>
524 msgid "Special case: uploads to <literal>testing/testing-proposed-updates</literal>"
527 #. type: Content of: <chapter><section><section><para>
530 "Please see the information in the <link linkend=\"t-p-u\">testing "
531 "section</link> for details."
534 #. type: Content of: <chapter><section><title>
536 msgid "Uploading a package"
539 #. type: Content of: <chapter><section><section><title>
541 msgid "Uploading to <literal>ftp-master</literal>"
544 #. type: Content of: <chapter><section><section><para>
547 "To upload a package, you should upload the files (including the signed "
548 "changes and dsc-file) with anonymous ftp to "
549 "<literal>&ftp-upload-host;</literal> in the directory <ulink "
550 "url=\"ftp://&ftp-upload-host;&upload-queue;\">&upload-queue;</ulink>. To "
551 "get the files processed there, they need to be signed with a key in the "
552 "Debian Developers keyring or the Debian Maintainers keyring (see <ulink "
553 "url=\"&url-wiki-dm;\"></ulink>)."
556 #. type: Content of: <chapter><section><section><para>
559 "Please note that you should transfer the changes file last. Otherwise, your "
560 "upload may be rejected because the archive maintenance software will parse "
561 "the changes file and see that not all files have been uploaded."
564 #. type: Content of: <chapter><section><section><para>
567 "You may also find the Debian packages <link "
568 "linkend=\"dupload\">dupload</link> or <link linkend=\"dput\">dput</link> "
569 "useful when uploading packages.These handy programs help automate the "
570 "process of uploading packages into Debian."
573 #. type: Content of: <chapter><section><section><para>
576 "For removing packages, please see <ulink "
577 "url=\"ftp://&ftp-upload-host;&upload-queue;README\"/> and the Debian package "
578 "<link linkend=\"dcut\">dcut</link>."
581 #. type: Content of: <chapter><section><section><title>
583 msgid "Delayed uploads"
586 #. type: Content of: <chapter><section><section><para>
589 "It is sometimes useful to upload a package immediately, but to want this "
590 "package to arrive in the archive only a few days later. For example, when "
591 "preparing a <link linkend=\"nmu\">Non-Maintainer Upload</link>, you might "
592 "want to give the maintainer a few days to react."
595 #. type: Content of: <chapter><section><section><para>
598 "An upload to the delayed directory keeps the package in <ulink "
599 "url=\"http://ftp-master.debian.org/deferred.html\">the deferred uploads "
600 "queue</ulink>. When the specified waiting time is over, the package is "
601 "moved into the regular incoming directory for processing. This is done "
602 "through automatic uploading to <literal>&ftp-upload-host;</literal> in "
603 "upload-directory <literal>DELAYED/[012345678]-day</literal>. 0-day is "
604 "uploaded multiple times per day to <literal>&ftp-upload-host;</literal>."
607 #. type: Content of: <chapter><section><section><para>
610 "With dput, you can use the <literal>--delayed "
611 "<replaceable>DELAY</replaceable></literal> parameter to put the package into "
615 #. type: Content of: <chapter><section><section><title>
617 msgid "Security uploads"
620 #. type: Content of: <chapter><section><section><para>
623 "Do <emphasis role=\"strong\">NOT</emphasis> upload a package to the security "
624 "upload queue (<literal>oldstable-security</literal>, "
625 "<literal>stable-security</literal>, etc.) without prior authorization from "
626 "the security team. If the package does not exactly meet the team's "
627 "requirements, it will cause many problems and delays in dealing with the "
628 "unwanted upload. For details, please see <xref linkend=\"bug-security\"/>."
631 #. type: Content of: <chapter><section><section><title>
633 msgid "Other upload queues"
636 #. type: Content of: <chapter><section><section><para>
639 "There is an alternative upload queue in Europe at <ulink "
640 "url=\"ftp://&ftp-eu-upload-host;&upload-queue;\"/>. It operates in the same "
641 "way as <literal>&ftp-upload-host;</literal>, but should be faster for "
642 "European developers."
645 #. type: Content of: <chapter><section><section><para>
648 "Packages can also be uploaded via ssh to "
649 "<literal>&ssh-upload-host;</literal>; files should be put "
650 "<literal>/srv/upload.debian.org/UploadQueue</literal>. This queue does not "
651 "support <link linkend=\"delayed-incoming\">delayed uploads</link>."
654 #. type: Content of: <chapter><section><section><title>
656 msgid "Notification that a new package has been installed"
659 #. type: Content of: <chapter><section><section><para>
662 "The Debian archive maintainers are responsible for handling package "
663 "uploads. For the most part, uploads are automatically handled on a daily "
664 "basis by the archive maintenance tools, <command>dak "
665 "process-upload</command>. Specifically, updates to existing packages to the "
666 "<literal>unstable</literal> distribution are handled automatically. In other "
667 "cases, notably new packages, placing the uploaded package into the "
668 "distribution is handled manually. When uploads are handled manually, the "
669 "change to the archive may take some time to occur. Please be patient."
672 #. type: Content of: <chapter><section><section><para>
675 "In any case, you will receive an email notification indicating that the "
676 "package has been added to the archive, which also indicates which bugs will "
677 "be closed by the upload. Please examine this notification carefully, "
678 "checking if any bugs you meant to close didn't get triggered."
681 #. type: Content of: <chapter><section><section><para>
684 "The installation notification also includes information on what section the "
685 "package was inserted into. If there is a disparity, you will receive a "
686 "separate email notifying you of that. Read on below."
689 #. type: Content of: <chapter><section><section><para>
692 "Note that if you upload via queues, the queue daemon software will also send "
693 "you a notification by email."
696 #. type: Content of: <chapter><section><title>
698 msgid "Specifying the package section, subsection and priority"
701 #. type: Content of: <chapter><section><para>
704 "The <filename>debian/control</filename> file's <literal>Section</literal> "
705 "and <literal>Priority</literal> fields do not actually specify where the "
706 "file will be placed in the archive, nor its priority. In order to retain "
707 "the overall integrity of the archive, it is the archive maintainers who have "
708 "control over these fields. The values in the "
709 "<filename>debian/control</filename> file are actually just hints."
712 #. type: Content of: <chapter><section><para>
715 "The archive maintainers keep track of the canonical sections and priorities "
716 "for packages in the <literal>override file</literal>. If there is a "
717 "disparity between the <literal>override file</literal> and the package's "
718 "fields as indicated in <filename>debian/control</filename>, then you will "
719 "receive an email noting the divergence when the package is installed into "
720 "the archive. You can either correct your "
721 "<filename>debian/control</filename> file for your next upload, or else you "
722 "may wish to make a change in the <literal>override file</literal>."
725 #. type: Content of: <chapter><section><para>
728 "To alter the actual section that a package is put in, you need to first make "
729 "sure that the <filename>debian/control</filename> file in your package is "
730 "accurate. Next, submit a bug against <systemitem "
731 "role=\"package\">ftp.debian.org</systemitem> requesting that the section or "
732 "priority for your package be changed from the old section or priority to the "
733 "new one. Use a Subject like <literal>override: PACKAGE1:section/priority, "
734 "[...], PACKAGEX:section/priority</literal>, and include the justification "
735 "for the change in the body of the bug report."
738 #. type: Content of: <chapter><section><para>
741 "For more information about <literal>override files</literal>, see "
742 "<citerefentry> <refentrytitle>dpkg-scanpackages</refentrytitle> "
743 "<manvolnum>1</manvolnum> </citerefentry> and <ulink "
744 "url=\"&url-bts-devel;#maintincorrect\"></ulink>."
747 #. type: Content of: <chapter><section><para>
750 "Note that the <literal>Section</literal> field describes both the section as "
751 "well as the subsection, which are described in <xref "
752 "linkend=\"archive-sections\"/>. If the section is main, it should be "
753 "omitted. The list of allowable subsections can be found in <ulink "
754 "url=\"&url-debian-policy;ch-archive.html#s-subsections\"></ulink>."
757 #. type: Content of: <chapter><section><title>
759 msgid "Handling bugs"
762 #. type: Content of: <chapter><section><para>
765 "Every developer has to be able to work with the Debian <ulink "
766 "url=\"&url-bts;\">bug tracking system</ulink>. This includes knowing how to "
767 "file bug reports properly (see <xref linkend=\"submit-bug\"/>), how to "
768 "update them and reorder them, and how to process and close them."
771 #. type: Content of: <chapter><section><para>
774 "The bug tracking system's features are described in the <ulink "
775 "url=\"&url-bts-devel;\">BTS documentation for developers</ulink>. This "
776 "includes closing bugs, sending followup messages, assigning severities and "
777 "tags, marking bugs as forwarded, and other issues."
780 #. type: Content of: <chapter><section><para>
783 "Operations such as reassigning bugs to other packages, merging separate bug "
784 "reports about the same issue, or reopening bugs when they are prematurely "
785 "closed, are handled using the so-called control mail server. All of the "
786 "commands available on this server are described in the <ulink "
787 "url=\"&url-bts-control;\">BTS control server documentation</ulink>."
790 #. type: Content of: <chapter><section><section><title>
792 msgid "Monitoring bugs"
795 #. type: Content of: <chapter><section><section><para>
798 "If you want to be a good maintainer, you should periodically check the "
799 "<ulink url=\"&url-bts;\">Debian bug tracking system (BTS)</ulink> for your "
800 "packages. The BTS contains all the open bugs against your packages. You "
801 "can check them by browsing this page: "
802 "<literal>http://&bugs-host;/<replaceable>yourlogin</replaceable>@debian.org</literal>."
805 #. type: Content of: <chapter><section><section><para>
808 "Maintainers interact with the BTS via email addresses at "
809 "<literal>&bugs-host;</literal>. Documentation on available commands can be "
810 "found at <ulink url=\"&url-bts;\"></ulink>, or, if you have installed the "
811 "<systemitem role=\"package\">doc-debian</systemitem> package, you can look "
812 "at the local files &file-bts-docs;."
815 #. type: Content of: <chapter><section><section><para>
818 "Some find it useful to get periodic reports on open bugs. You can add a "
819 "cron job such as the following if you want to get a weekly email outlining "
820 "all the open bugs against your packages:"
823 #. type: Content of: <chapter><section><section><screen>
827 "# ask for weekly reports of bugs in my packages\n"
828 "&cron-bug-report;\n"
831 #. type: Content of: <chapter><section><section><para>
834 "Replace <replaceable>address</replaceable> with your official Debian "
835 "maintainer address."
838 #. type: Content of: <chapter><section><section><title>
840 msgid "Responding to bugs"
843 #. type: Content of: <chapter><section><section><para>
846 "When responding to bugs, make sure that any discussion you have about bugs "
847 "is sent both to the original submitter of the bug, and to the bug itself "
848 "(e.g., <email><replaceable>123</replaceable>@&bugs-host;</email>). If "
849 "you're writing a new mail and you don't remember the submitter email "
850 "address, you can use the "
851 "<email><replaceable>123</replaceable>-submitter@&bugs-host;</email> email to "
852 "contact the submitter <emphasis>and</emphasis> to record your mail within "
853 "the bug log (that means you don't need to send a copy of the mail to "
854 "<email><replaceable>123</replaceable>@&bugs-host;</email>)."
857 #. type: Content of: <chapter><section><section><para>
860 "If you get a bug which mentions FTBFS, this means Fails to build from "
861 "source. Porters frequently use this acronym."
864 #. type: Content of: <chapter><section><section><para>
867 "Once you've dealt with a bug report (e.g. fixed it), mark it as "
868 "<literal>done</literal> (close it) by sending an explanation message to "
869 "<email><replaceable>123</replaceable>-done@&bugs-host;</email>. If you're "
870 "fixing a bug by changing and uploading the package, you can automate bug "
871 "closing as described in <xref linkend=\"upload-bugfix\"/>."
874 #. type: Content of: <chapter><section><section><para>
877 "You should <emphasis>never</emphasis> close bugs via the bug server "
878 "<literal>close</literal> command sent to &email-bts-control;. If you do so, "
879 "the original submitter will not receive any information about why the bug "
883 #. type: Content of: <chapter><section><section><title>
885 msgid "Bug housekeeping"
888 #. type: Content of: <chapter><section><section><para>
891 "As a package maintainer, you will often find bugs in other packages or have "
892 "bugs reported against your packages which are actually bugs in other "
893 "packages. The bug tracking system's features are described in the <ulink "
894 "url=\"&url-bts-devel;\">BTS documentation for Debian developers</ulink>. "
895 "Operations such as reassigning, merging, and tagging bug reports are "
896 "described in the <ulink url=\"&url-bts-control;\">BTS control server "
897 "documentation</ulink>. This section contains some guidelines for managing "
898 "your own bugs, based on the collective Debian developer experience."
901 #. type: Content of: <chapter><section><section><para>
904 "Filing bugs for problems that you find in other packages is one of the civic "
905 "obligations of maintainership, see <xref linkend=\"submit-bug\"/> for "
906 "details. However, handling the bugs in your own packages is even more "
910 #. type: Content of: <chapter><section><section><para>
912 msgid "Here's a list of steps that you may follow to handle a bug report:"
915 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
918 "Decide whether the report corresponds to a real bug or not. Sometimes users "
919 "are just calling a program in the wrong way because they haven't read the "
920 "documentation. If you diagnose this, just close the bug with enough "
921 "information to let the user correct their problem (give pointers to the good "
922 "documentation and so on). If the same report comes up again and again you "
923 "may ask yourself if the documentation is good enough or if the program "
924 "shouldn't detect its misuse in order to give an informative error message. "
925 "This is an issue that may need to be brought up with the upstream author."
928 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
931 "If the bug submitter disagrees with your decision to close the bug, they may "
932 "reopen it until you find an agreement on how to handle it. If you don't "
933 "find any, you may want to tag the bug <literal>wontfix</literal> to let "
934 "people know that the bug exists but that it won't be corrected. If this "
935 "situation is unacceptable, you (or the submitter) may want to require a "
936 "decision of the technical committee by reassigning the bug to <systemitem "
937 "role=\"package\">tech-ctte</systemitem> (you may use the clone command of "
938 "the BTS if you wish to keep it reported against your package). Before doing "
939 "so, please read the <ulink url=\"&url-tech-ctte;\">recommended "
943 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
946 "If the bug is real but it's caused by another package, just reassign the bug "
947 "to the right package. If you don't know which package it should be "
948 "reassigned to, you should ask for help on <link "
949 "linkend=\"irc-channels\">IRC</link> or on &email-debian-devel;. Please "
950 "inform the maintainer(s) of the package you reassign the bug to, for example "
951 "by Cc:ing the message that does the reassign to "
952 "<email><replaceable>packagename</replaceable>@packages.debian.org</email> "
953 "and explaining your reasons in that mail. Please note that a simple "
954 "reassignment is <emphasis>not</emphasis> e-mailed to the maintainers of the "
955 "package being reassigned to, so they won't know about it until they look at "
956 "a bug overview for their packages."
959 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
962 "If the bug affects the operation of your package, please consider cloning "
963 "the bug and reassigning the clone to the package that really causes the "
964 "behavior. Otherwise, the bug will not be shown in your package's bug list, "
965 "possibly causing users to report the same bug over and over again. You "
966 "should block \"your\" bug with the reassigned, cloned bug to document the "
970 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
973 "Sometimes you also have to adjust the severity of the bug so that it matches "
974 "our definition of the severity. That's because people tend to inflate the "
975 "severity of bugs to make sure their bugs are fixed quickly. Some bugs may "
976 "even be dropped to wishlist severity when the requested change is just "
980 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
983 "If the bug is real but the same problem has already been reported by someone "
984 "else, then the two relevant bug reports should be merged into one using the "
985 "merge command of the BTS. In this way, when the bug is fixed, all of the "
986 "submitters will be informed of this. (Note, however, that emails sent to "
987 "one bug report's submitter won't automatically be sent to the other report's "
988 "submitter.) For more details on the technicalities of the merge command and "
989 "its relative, the unmerge command, see the BTS control server documentation."
992 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
995 "The bug submitter may have forgotten to provide some information, in which "
996 "case you have to ask them for the required information. You may use the "
997 "<literal>moreinfo</literal> tag to mark the bug as such. Moreover if you "
998 "can't reproduce the bug, you tag it <literal>unreproducible</literal>. "
999 "Anyone who can reproduce the bug is then invited to provide more information "
1000 "on how to reproduce it. After a few months, if this information has not "
1001 "been sent by someone, the bug may be closed."
1004 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
1007 "If the bug is related to the packaging, you just fix it. If you are not "
1008 "able to fix it yourself, then tag the bug as <literal>help</literal>. You "
1009 "can also ask for help on &email-debian-devel; or &email-debian-qa;. If it's "
1010 "an upstream problem, you have to forward it to the upstream author. "
1011 "Forwarding a bug is not enough, you have to check at each release if the bug "
1012 "has been fixed or not. If it has, you just close it, otherwise you have to "
1013 "remind the author about it. If you have the required skills you can prepare "
1014 "a patch that fixes the bug and send it to the author at the same time. Make "
1015 "sure to send the patch to the BTS and to tag the bug as "
1016 "<literal>patch</literal>."
1019 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
1022 "If you have fixed a bug in your local copy, or if a fix has been committed "
1023 "to the VCS repository, you may tag the bug as <literal>pending</literal> to "
1024 "let people know that the bug is corrected and that it will be closed with "
1025 "the next upload (add the <literal>closes:</literal> in the "
1026 "<filename>changelog</filename>). This is particularly useful if you are "
1027 "several developers working on the same package."
1030 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
1033 "Once a corrected package is available in the archive, the bug should be "
1034 "closed indicating the version in which it was fixed. This can be done "
1035 "automatically, read <xref linkend=\"upload-bugfix\"/>."
1038 #. type: Content of: <chapter><section><section><title>
1040 msgid "When bugs are closed by new uploads"
1043 #. type: Content of: <chapter><section><section><para>
1046 "As bugs and problems are fixed in your packages, it is your responsibility "
1047 "as the package maintainer to close these bugs. However, you should not "
1048 "close a bug until the package which fixes the bug has been accepted into the "
1049 "Debian archive. Therefore, once you get notification that your updated "
1050 "package has been installed into the archive, you can and should close the "
1051 "bug in the BTS. Also, the bug should be closed with the correct version."
1054 #. type: Content of: <chapter><section><section><para>
1057 "However, it's possible to avoid having to manually close bugs after the "
1058 "upload — just list the fixed bugs in your "
1059 "<filename>debian/changelog</filename> file, following a certain syntax, and "
1060 "the archive maintenance software will close the bugs for you. For example:"
1063 #. type: Content of: <chapter><section><section><screen>
1067 "acme-cannon (3.1415) unstable; urgency=low\n"
1069 " * Frobbed with options (closes: Bug#98339)\n"
1070 " * Added safety to prevent operator dismemberment, closes: bug#98765,\n"
1071 " bug#98713, #98714.\n"
1072 " * Added man page. Closes: #98725.\n"
1075 #. type: Content of: <chapter><section><section><para>
1078 "Technically speaking, the following Perl regular expression describes how "
1079 "bug closing changelogs are identified:"
1082 #. type: Content of: <chapter><section><section><screen>
1085 msgid " /closes:\\s*(?:bug)?\\#\\s*\\d+(?:,\\s*(?:bug)?\\#\\s*\\d+)*/ig\n"
1088 #. type: Content of: <chapter><section><section><para>
1091 "We prefer the <literal>closes: #<replaceable>XXX</replaceable></literal> "
1092 "syntax, as it is the most concise entry and the easiest to integrate with "
1093 "the text of the <filename>changelog</filename>. Unless specified different "
1094 "by the <literal>-v</literal>-switch to <command>dpkg-buildpackage</command>, "
1095 "only the bugs closed in the most recent changelog entry are closed "
1096 "(basically, exactly the bugs mentioned in the changelog-part in the "
1097 "<filename>.changes</filename> file are closed)."
1100 #. type: Content of: <chapter><section><section><para>
1103 "Historically, uploads identified as <link linkend=\"nmu\">non-maintainer "
1104 "upload (NMU)</link> were tagged <literal>fixed</literal> instead of being "
1105 "closed, but that practice was ceased with the advent of version-tracking. "
1106 "The same applied to the tag <literal>fixed-in-experimental</literal>."
1109 #. type: Content of: <chapter><section><section><para>
1112 "If you happen to mistype a bug number or forget a bug in the changelog "
1113 "entries, don't hesitate to undo any damage the error caused. To reopen "
1114 "wrongly closed bugs, send a <literal>reopen "
1115 "<replaceable>XXX</replaceable></literal> command to the bug tracking "
1116 "system's control address, &email-bts-control;. To close any remaining bugs "
1117 "that were fixed by your upload, email the <filename>.changes</filename> file "
1118 "to <email><replaceable>XXX</replaceable>-done@&bugs-host;</email>, where "
1119 "<replaceable>XXX</replaceable> is the bug number, and put Version: "
1120 "<replaceable>YYY</replaceable> and an empty line as the first two lines of "
1121 "the body of the email, where <replaceable>YYY</replaceable> is the first "
1122 "version where the bug has been fixed."
1125 #. type: Content of: <chapter><section><section><para>
1128 "Bear in mind that it is not obligatory to close bugs using the changelog as "
1129 "described above. If you simply want to close bugs that don't have anything "
1130 "to do with an upload you made, do it by emailing an explanation to "
1131 "<email><replaceable>XXX</replaceable>-done@&bugs-host;</email>. Do "
1132 "<emphasis role=\"strong\">not</emphasis> close bugs in the changelog entry "
1133 "of a version if the changes in that version of the package don't have any "
1134 "bearing on the bug."
1137 #. type: Content of: <chapter><section><section><para>
1140 "For general information on how to write your changelog entries, see <xref "
1141 "linkend=\"bpp-debian-changelog\"/>."
1144 #. type: Content of: <chapter><section><section><title>
1146 msgid "Handling security-related bugs"
1149 #. type: Content of: <chapter><section><section><para>
1152 "Due to their sensitive nature, security-related bugs must be handled "
1153 "carefully. The Debian Security Team exists to coordinate this activity, "
1154 "keeping track of outstanding security problems, helping maintainers with "
1155 "security problems or fixing them themselves, sending security advisories, "
1156 "and maintaining <literal>security.debian.org</literal>."
1159 #. type: Content of: <chapter><section><section><para>
1162 "When you become aware of a security-related bug in a Debian package, whether "
1163 "or not you are the maintainer, collect pertinent information about the "
1164 "problem, and promptly contact the security team, preferably by filing a "
1165 "ticket in their Request Tracker. See <ulink "
1166 "url=\"http://wiki.debian.org/rt.debian.org#Security_Team\"></ulink>. "
1167 "Alternatively you may email &email-security-team;. <emphasis "
1168 "role=\"strong\">DO NOT UPLOAD</emphasis> any packages for "
1169 "<literal>stable</literal> without contacting the team. Useful information "
1170 "includes, for example:"
1173 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1175 msgid "Whether or not the bug is already public."
1178 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1181 "Which versions of the package are known to be affected by the bug. Check "
1182 "each version that is present in a supported Debian release, as well as "
1183 "<literal>testing</literal> and <literal>unstable</literal>."
1186 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1188 msgid "The nature of the fix, if any is available (patches are especially helpful)"
1191 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1194 "Any fixed packages that you have prepared yourself (send only the "
1195 "<filename>.diff.gz</filename> and <filename>.dsc</filename> files and read "
1196 "<xref linkend=\"bug-security-building\"/> first)"
1199 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1202 "Any assistance you can provide to help with testing (exploits, regression "
1206 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1209 "Any information needed for the advisory (see <xref "
1210 "linkend=\"bug-security-advisories\"/>)"
1213 #. type: Content of: <chapter><section><section><para>
1216 "As the maintainer of the package, you have the responsibility to maintain "
1217 "it, even in the stable release. You are in the best position to evaluate "
1218 "patches and test updated packages, so please see the sections below on how "
1219 "to prepare packages for the Security Team to handle."
1222 #. type: Content of: <chapter><section><section><section><title>
1224 msgid "The Security Tracker"
1227 #. type: Content of: <chapter><section><section><section><para>
1230 "The security team maintains a central database, the <ulink "
1231 "url=\"http://security-tracker.debian.org/\">Debian Security "
1232 "Tracker</ulink>. This contains all public information that is known about "
1233 "security issues: which packages and versions are affected or fixed, and thus "
1234 "whether stable, testing and/or unstable are vulnerable. Information that is "
1235 "still confidential is not added to the tracker."
1238 #. type: Content of: <chapter><section><section><section><para>
1241 "You can search it for a specific issue, but also on package name. Look for "
1242 "your package to see which issues are still open. If you can, please provide "
1243 "more information about those issues, or help to address them in your "
1244 "package. Instructions are on the tracker web pages."
1247 #. type: Content of: <chapter><section><section><section><title>
1249 msgid "Confidentiality"
1252 #. type: Content of: <chapter><section><section><section><para>
1255 "Unlike most other activities within Debian, information about security "
1256 "issues must sometimes be kept private for a time. This allows software "
1257 "distributors to coordinate their disclosure in order to minimize their "
1258 "users' exposure. Whether this is the case depends on the nature of the "
1259 "problem and corresponding fix, and whether it is already a matter of public "
1263 #. type: Content of: <chapter><section><section><section><para>
1265 msgid "There are several ways developers can learn of a security problem:"
1268 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1270 msgid "they notice it on a public forum (mailing list, web site, etc.)"
1273 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1275 msgid "someone files a bug report"
1278 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1280 msgid "someone informs them via private email"
1283 #. type: Content of: <chapter><section><section><section><para>
1286 "In the first two cases, the information is public and it is important to "
1287 "have a fix as soon as possible. In the last case, however, it might not be "
1288 "public information. In that case there are a few possible options for "
1289 "dealing with the problem:"
1292 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1295 "If the security exposure is minor, there is sometimes no need to keep the "
1296 "problem a secret and a fix should be made and released."
1299 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1302 "If the problem is severe, it is preferable to share the information with "
1303 "other vendors and coordinate a release. The security team keeps in contact "
1304 "with the various organizations and individuals and can take care of that."
1307 #. type: Content of: <chapter><section><section><section><para>
1310 "In all cases if the person who reports the problem asks that it not be "
1311 "disclosed, such requests should be honored, with the obvious exception of "
1312 "informing the security team in order that a fix may be produced for a stable "
1313 "release of Debian. When sending confidential information to the security "
1314 "team, be sure to mention this fact."
1317 #. type: Content of: <chapter><section><section><section><para>
1320 "Please note that if secrecy is needed you may not upload a fix to "
1321 "<literal>unstable</literal> (or anywhere else, such as a public VCS "
1322 "repository). It is not sufficient to obfuscate the details of the change, "
1323 "as the code itself is public, and can (and will) be examined by the general "
1327 #. type: Content of: <chapter><section><section><section><para>
1330 "There are two reasons for releasing information even though secrecy is "
1331 "requested: the problem has been known for a while, or the problem or exploit "
1332 "has become public."
1335 #. type: Content of: <chapter><section><section><section><para>
1338 "The Security Team has a PGP-key to enable encrypted communication about "
1339 "sensitive issues. See the <ulink "
1340 "url=\"http://www.debian.org/security/faq#contact\">Security Team FAQ</ulink> "
1344 #. type: Content of: <chapter><section><section><section><title>
1346 msgid "Security Advisories"
1349 #. type: Content of: <chapter><section><section><section><para>
1352 "Security advisories are only issued for the current, released stable "
1353 "distribution, and <emphasis>not</emphasis> for <literal>testing</literal> or "
1354 "<literal>unstable</literal>. When released, advisories are sent to the "
1355 "&email-debian-security-announce; mailing list and posted on <ulink "
1356 "url=\"&url-debian-security-advisories;\">the security web page</ulink>. "
1357 "Security advisories are written and posted by the security team. However "
1358 "they certainly do not mind if a maintainer can supply some of the "
1359 "information for them, or write part of the text. Information that should be "
1360 "in an advisory includes:"
1363 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1365 msgid "A description of the problem and its scope, including:"
1368 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1370 msgid "The type of problem (privilege escalation, denial of service, etc.)"
1373 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1375 msgid "What privileges may be gained, and by whom (if any)"
1378 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1380 msgid "How it can be exploited"
1383 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1385 msgid "Whether it is remotely or locally exploitable"
1388 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1390 msgid "How the problem was fixed"
1393 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1395 msgid "This information allows users to assess the threat to their systems."
1398 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1400 msgid "Version numbers of affected packages"
1403 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1405 msgid "Version numbers of fixed packages"
1408 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1411 "Information on where to obtain the updated packages (usually from the Debian "
1415 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1418 "References to upstream advisories, <ulink "
1419 "url=\"http://cve.mitre.org\">CVE</ulink> identifiers, and any other "
1420 "information useful in cross-referencing the vulnerability"
1423 #. type: Content of: <chapter><section><section><section><title>
1425 msgid "Preparing packages to address security issues"
1428 #. type: Content of: <chapter><section><section><section><para>
1431 "One way that you can assist the security team in their duties is to provide "
1432 "them with fixed packages suitable for a security advisory for the stable "
1436 #. type: Content of: <chapter><section><section><section><para>
1439 "When an update is made to the stable release, care must be taken to avoid "
1440 "changing system behavior or introducing new bugs. In order to do this, make "
1441 "as few changes as possible to fix the bug. Users and administrators rely on "
1442 "the exact behavior of a release once it is made, so any change that is made "
1443 "might break someone's system. This is especially true of libraries: make "
1444 "sure you never change the API or ABI, no matter how small the change."
1447 #. type: Content of: <chapter><section><section><section><para>
1450 "This means that moving to a new upstream version is not a good solution. "
1451 "Instead, the relevant changes should be back-ported to the version present "
1452 "in the current stable Debian release. Generally, upstream maintainers are "
1453 "willing to help if needed. If not, the Debian security team may be able to "
1457 #. type: Content of: <chapter><section><section><section><para>
1460 "In some cases, it is not possible to back-port a security fix, for example "
1461 "when large amounts of source code need to be modified or rewritten. If this "
1462 "happens, it may be necessary to move to a new upstream version. However, "
1463 "this is only done in extreme situations, and you must always coordinate that "
1464 "with the security team beforehand."
1467 #. type: Content of: <chapter><section><section><section><para>
1470 "Related to this is another important guideline: always test your changes. "
1471 "If you have an exploit available, try it and see if it indeed succeeds on "
1472 "the unpatched package and fails on the fixed package. Test other, normal "
1473 "actions as well, as sometimes a security fix can break seemingly unrelated "
1474 "features in subtle ways."
1477 #. type: Content of: <chapter><section><section><section><para>
1480 "Do <emphasis role=\"strong\">NOT</emphasis> include any changes in your "
1481 "package which are not directly related to fixing the vulnerability. These "
1482 "will only need to be reverted, and this wastes time. If there are other "
1483 "bugs in your package that you would like to fix, make an upload to "
1484 "proposed-updates in the usual way, after the security advisory is issued. "
1485 "The security update mechanism is not a means for introducing changes to your "
1486 "package which would otherwise be rejected from the stable release, so please "
1487 "do not attempt to do this."
1490 #. type: Content of: <chapter><section><section><section><para>
1493 "Review and test your changes as much as possible. Check the differences "
1494 "from the previous version repeatedly (<command>interdiff</command> from the "
1495 "<systemitem role=\"package\">patchutils</systemitem> package and "
1496 "<command>debdiff</command> from <systemitem "
1497 "role=\"package\">devscripts</systemitem> are useful tools for this, see "
1498 "<xref linkend=\"debdiff\"/>)."
1501 #. type: Content of: <chapter><section><section><section><para>
1503 msgid "Be sure to verify the following items:"
1506 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1509 "<emphasis role=\"strong\">Target the right distribution</emphasis> in your "
1510 "<filename>debian/changelog</filename>. For <literal>stable</literal> this "
1511 "is <literal>stable-security</literal> and for <literal>testing</literal> "
1512 "this is <literal>testing-security</literal>, and for the previous stable "
1513 "release, this is <literal>oldstable-security</literal>. Do not target "
1514 "<replaceable>distribution</replaceable><literal>-proposed-updates</literal> "
1515 "or <literal>stable</literal>!"
1518 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1520 msgid "The upload should have <emphasis role=\"strong\">urgency=high</emphasis>."
1523 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1526 "Make descriptive, meaningful changelog entries. Others will rely on them to "
1527 "determine whether a particular bug was fixed. Add "
1528 "<literal>closes:</literal> statements for any <emphasis "
1529 "role=\"strong\">Debian bugs</emphasis> filed. Always include an external "
1530 "reference, preferably a <emphasis role=\"strong\">CVE identifier</emphasis>, "
1531 "so that it can be cross-referenced. However, if a CVE identifier has not yet "
1532 "been assigned, do not wait for it but continue the process. The identifier "
1533 "can be cross-referenced later."
1536 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1539 "Make sure the <emphasis role=\"strong\">version number</emphasis> is "
1540 "proper. It must be greater than the current package, but less than package "
1541 "versions in later distributions. If in doubt, test it with <literal>dpkg "
1542 "--compare-versions</literal>. Be careful not to re-use a version number "
1543 "that you have already used for a previous upload, or one that conflicts with "
1544 "a binNMU. The convention is to append "
1545 "<literal>+</literal><replaceable>codename</replaceable><literal>1</literal>, "
1546 "e.g. <literal>1:2.4.3-4+lenny1</literal>, of course increasing 1 for any "
1547 "subsequent uploads."
1550 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1553 "Unless the upstream source has been uploaded to "
1554 "<literal>security.debian.org</literal> before (by a previous security "
1555 "update), build the upload <emphasis role=\"strong\">with full upstream "
1556 "source</emphasis> (<literal>dpkg-buildpackage -sa</literal>). If there has "
1557 "been a previous upload to <literal>security.debian.org</literal> with the "
1558 "same upstream version, you may upload without upstream source "
1559 "(<literal>dpkg-buildpackage -sd</literal>)."
1562 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1565 "Be sure to use the <emphasis role=\"strong\">exact same "
1566 "<filename>*.orig.tar.{gz,bz2,xz}</filename></emphasis> as used in the normal "
1567 "archive, otherwise it is not possible to move the security fix into the main "
1571 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1574 "Build the package on a <emphasis role=\"strong\">clean system</emphasis> "
1575 "which only has packages installed from the distribution you are building "
1576 "for. If you do not have such a system yourself, you can use a debian.org "
1577 "machine (see <xref linkend=\"server-machines\"/>) or setup a chroot (see "
1578 "<xref linkend=\"pbuilder\"/> and <xref linkend=\"debootstrap\"/>)."
1581 #. type: Content of: <chapter><section><section><section><title>
1583 msgid "Uploading the fixed package"
1586 #. type: Content of: <chapter><section><section><section><para>
1589 "Do <emphasis role=\"strong\">NOT</emphasis> upload a package to the security "
1590 "upload queue (<literal>oldstable-security</literal>, "
1591 "<literal>stable-security</literal>, etc.) without prior authorization from "
1592 "the security team. If the package does not exactly meet the team's "
1593 "requirements, it will cause many problems and delays in dealing with the "
1597 #. type: Content of: <chapter><section><section><section><para>
1600 "Do <emphasis role=\"strong\">NOT</emphasis> upload your fix to "
1601 "<literal>proposed-updates</literal> without coordinating with the security "
1602 "team. Packages from <literal>security.debian.org</literal> will be copied "
1603 "into the <literal>proposed-updates</literal> directory automatically. If a "
1604 "package with the same or a higher version number is already installed into "
1605 "the archive, the security update will be rejected by the archive system. "
1606 "That way, the stable distribution will end up without a security update for "
1607 "this package instead."
1610 #. type: Content of: <chapter><section><section><section><para>
1613 "Once you have created and tested the new package and it has been approved by "
1614 "the security team, it needs to be uploaded so that it can be installed in "
1615 "the archives. For security uploads, the place to upload to is "
1616 "<literal>ftp://security-master.debian.org/pub/SecurityUploadQueue/</literal>."
1619 #. type: Content of: <chapter><section><section><section><para>
1622 "Once an upload to the security queue has been accepted, the package will "
1623 "automatically be built for all architectures and stored for verification by "
1624 "the security team."
1627 #. type: Content of: <chapter><section><section><section><para>
1630 "Uploads which are waiting for acceptance or verification are only accessible "
1631 "by the security team. This is necessary since there might be fixes for "
1632 "security problems that cannot be disclosed yet."
1635 #. type: Content of: <chapter><section><section><section><para>
1638 "If a member of the security team accepts a package, it will be installed on "
1639 "<literal>security.debian.org</literal> as well as proposed for the proper "
1640 "<replaceable>distribution</replaceable><literal>-proposed-updates</literal> "
1641 "on <literal>&ftp-master-host;</literal>."
1644 #. type: Content of: <chapter><section><title>
1646 msgid "Moving, removing, renaming, adopting, and orphaning packages"
1649 #. type: Content of: <chapter><section><para>
1652 "Some archive manipulation operations are not automated in the Debian upload "
1653 "process. These procedures should be manually followed by maintainers. This "
1654 "chapter gives guidelines on what to do in these cases."
1657 #. type: Content of: <chapter><section><section><title>
1659 msgid "Moving packages"
1662 #. type: Content of: <chapter><section><section><para><footnote><para>
1665 "See the <ulink url=\"&url-debian-policy;\">Debian Policy Manual</ulink> for "
1666 "guidelines on what section a package belongs in."
1669 #. type: Content of: <chapter><section><section><para>
1672 "Sometimes a package will change its section. For instance, a package from "
1673 "the <literal>non-free</literal> section might be GPL'd in a later version, "
1674 "in which case the package should be moved to `main' or "
1675 "`contrib'.<placeholder type=\"footnote\" id=\"0\"/>"
1678 #. type: Content of: <chapter><section><section><para>
1681 "If you need to change the section for one of your packages, change the "
1682 "package control information to place the package in the desired section, and "
1683 "re-upload the package (see the <ulink url=\"&url-debian-policy;\">Debian "
1684 "Policy Manual</ulink> for details). You must ensure that you include the "
1685 "<filename>.orig.tar.{gz,bz2,xz}</filename> in your upload (even if you are "
1686 "not uploading a new upstream version), or it will not appear in the new "
1687 "section together with the rest of the package. If your new section is "
1688 "valid, it will be moved automatically. If it does not, then contact the "
1689 "ftpmasters in order to understand what happened."
1692 #. type: Content of: <chapter><section><section><para>
1695 "If, on the other hand, you need to change the <literal>subsection</literal> "
1696 "of one of your packages (e.g., ``devel'', ``admin''), the procedure is "
1697 "slightly different. Correct the subsection as found in the control file of "
1698 "the package, and re-upload that. Also, you'll need to get the override file "
1699 "updated, as described in <xref linkend=\"override-file\"/>."
1702 #. type: Content of: <chapter><section><section><title>
1704 msgid "Removing packages"
1707 #. type: Content of: <chapter><section><section><para>
1710 "If for some reason you want to completely remove a package (say, if it is an "
1711 "old compatibility library which is no longer required), you need to file a "
1712 "bug against <literal>ftp.debian.org</literal> asking that the package be "
1713 "removed; as all bugs, this bug should normally have normal severity. The "
1714 "bug title should be in the form <literal>RM: "
1715 "<replaceable>package</replaceable> <replaceable>[architecture "
1716 "list]</replaceable> -- <replaceable>reason</replaceable></literal>, where "
1717 "<replaceable>package</replaceable> is the package to be removed and "
1718 "<replaceable>reason</replaceable> is a short summary of the reason for the "
1719 "removal request. <replaceable>[architecture list]</replaceable> is optional "
1720 "and only needed if the removal request only applies to some architectures, "
1721 "not all. Note that the <command>reportbug</command> will create a title "
1722 "conforming to these rules when you use it to report a bug against the "
1723 "<literal>ftp.debian.org</literal> pseudo-package."
1726 #. type: Content of: <chapter><section><section><para>
1729 "If you want to remove a package you maintain, you should note this in the "
1730 "bug title by prepending <literal>ROM</literal> (Request Of Maintainer). "
1731 "There are several other standard acronyms used in the reasoning for a "
1732 "package removal, see <ulink "
1733 "url=\"http://&ftp-master-host;/removals.html\"></ulink> for a complete "
1734 "list. That page also provides a convenient overview of pending removal "
1738 #. type: Content of: <chapter><section><section><para>
1741 "Note that removals can only be done for the <literal>unstable</literal>, "
1742 "<literal>experimental</literal> and <literal>stable</literal> distribution. "
1743 "Packages are not removed from <literal>testing</literal> directly. Rather, "
1744 "they will be removed automatically after the package has been removed from "
1745 "<literal>unstable</literal> and no package in <literal>testing</literal> "
1749 #. type: Content of: <chapter><section><section><para>
1752 "There is one exception when an explicit removal request is not necessary: If "
1753 "a (source or binary) package is no longer built from source, it will be "
1754 "removed semi-automatically. For a binary-package, this means if there is no "
1755 "longer any source package producing this binary package; if the binary "
1756 "package is just no longer produced on some architectures, a removal request "
1757 "is still necessary. For a source-package, this means that all binary "
1758 "packages it refers to have been taken over by another source package."
1761 #. type: Content of: <chapter><section><section><para>
1764 "In your removal request, you have to detail the reasons justifying the "
1765 "request. This is to avoid unwanted removals and to keep a trace of why a "
1766 "package has been removed. For example, you can provide the name of the "
1767 "package that supersedes the one to be removed."
1770 #. type: Content of: <chapter><section><section><para>
1773 "Usually you only ask for the removal of a package maintained by yourself. "
1774 "If you want to remove another package, you have to get the approval of its "
1775 "maintainer. Should the package be orphaned and thus have no maintainer, you "
1776 "should first discuss the removal request on &email-debian-qa;. If there is a "
1777 "consensus that the package should be removed, you should reassign and "
1778 "retitle the <literal>O:</literal> bug filed against the "
1779 "<literal>wnpp</literal> package instead of filing a new bug as removal "
1783 #. type: Content of: <chapter><section><section><para>
1786 "Further information relating to these and other package removal related "
1787 "topics may be found at <ulink "
1788 "url=\"http://wiki.debian.org/ftpmaster_Removals\"></ulink> and <ulink "
1789 "url=\"&url-debian-qa;howto-remove.html\"></ulink>."
1792 #. type: Content of: <chapter><section><section><para>
1795 "If in doubt concerning whether a package is disposable, email "
1796 "&email-debian-devel; asking for opinions. Also of interest is the "
1797 "<command>apt-cache</command> program from the <systemitem "
1798 "role=\"package\">apt</systemitem> package. When invoked as "
1799 "<literal>apt-cache showpkg <replaceable>package</replaceable></literal>, the "
1800 "program will show details for <replaceable>package</replaceable>, including "
1801 "reverse depends. Other useful programs include <command>apt-cache "
1802 "rdepends</command>, <command>apt-rdepends</command>, "
1803 "<command>build-rdeps</command> (in the <systemitem "
1804 "role=\"package\">devscripts</systemitem> package) and "
1805 "<command>grep-dctrl</command>. Removal of orphaned packages is discussed on "
1806 "&email-debian-qa;."
1809 #. type: Content of: <chapter><section><section><para>
1812 "Once the package has been removed, the package's bugs should be handled. "
1813 "They should either be reassigned to another package in the case where the "
1814 "actual code has evolved into another package (e.g. "
1815 "<literal>libfoo12</literal> was removed because <literal>libfoo13</literal> "
1816 "supersedes it) or closed if the software is simply no longer part of "
1817 "Debian. When closing the bugs, to avoid marking the bugs as fixed in "
1818 "versions of the packages in previous Debian releases, they should be marked "
1819 "as fixed in the version "
1820 "<literal><most-recent-version-ever-in-Debian>+rm</literal>."
1823 #. type: Content of: <chapter><section><section><section><title>
1825 msgid "Removing packages from <filename>Incoming</filename>"
1828 #. type: Content of: <chapter><section><section><section><para>
1831 "In the past, it was possible to remove packages from "
1832 "<filename>incoming</filename>. However, with the introduction of the new "
1833 "incoming system, this is no longer possible. Instead, you have to upload a "
1834 "new revision of your package with a higher version than the package you want "
1835 "to replace. Both versions will be installed in the archive but only the "
1836 "higher version will actually be available in <literal>unstable</literal> "
1837 "since the previous version will immediately be replaced by the higher. "
1838 "However, if you do proper testing of your packages, the need to replace a "
1839 "package should not occur too often anyway."
1842 #. type: Content of: <chapter><section><section><title>
1844 msgid "Replacing or renaming packages"
1847 #. type: Content of: <chapter><section><section><para>
1850 "When the upstream maintainers for one of your packages chose to rename their "
1851 "software (or you made a mistake naming your package), you should follow a "
1852 "two-step process to rename it. In the first step, change the "
1853 "<filename>debian/control</filename> file to reflect the new name and to "
1854 "replace, provide and conflict with the obsolete package name (see the <ulink "
1855 "url=\"&url-debian-policy;\">Debian Policy Manual</ulink> for details). "
1856 "Please note that you should only add a <literal>Provides</literal> relation "
1857 "if all packages depending on the obsolete package name continue to work "
1858 "after the renaming. Once you've uploaded the package and the package has "
1859 "moved into the archive, file a bug against <literal>ftp.debian.org</literal> "
1860 "asking to remove the package with the obsolete name (see <xref "
1861 "linkend=\"removing-pkgs\"/>). Do not forget to properly reassign the "
1862 "package's bugs at the same time."
1865 #. type: Content of: <chapter><section><section><para>
1868 "At other times, you may make a mistake in constructing your package and wish "
1869 "to replace it. The only way to do this is to increase the version number "
1870 "and upload a new version. The old version will be expired in the usual "
1871 "manner. Note that this applies to each part of your package, including the "
1872 "sources: if you wish to replace the upstream source tarball of your package, "
1873 "you will need to upload it with a different version. An easy possibility is "
1874 "to replace <filename>foo_1.00.orig.tar.gz</filename> with "
1875 "<filename>foo_1.00+0.orig.tar.gz</filename> or "
1876 "<filename>foo_1.00.orig.tar.bz2</filename>. This restriction gives each "
1877 "file on the ftp site a unique name, which helps to ensure consistency across "
1878 "the mirror network."
1881 #. type: Content of: <chapter><section><section><title>
1883 msgid "Orphaning a package"
1886 #. type: Content of: <chapter><section><section><para>
1889 "If you can no longer maintain a package, you need to inform others, and see "
1890 "that the package is marked as orphaned. You should set the package "
1891 "maintainer to <literal>Debian QA Group &orphan-address;</literal> and submit "
1892 "a bug report against the pseudo package <systemitem "
1893 "role=\"package\">wnpp</systemitem>. The bug report should be titled "
1894 "<literal>O: <replaceable>package</replaceable> -- <replaceable>short "
1895 "description</replaceable></literal> indicating that the package is now "
1896 "orphaned. The severity of the bug should be set to "
1897 "<literal>normal</literal>; if the package has a priority of standard or "
1898 "higher, it should be set to important. If you feel it's necessary, send a "
1899 "copy to &email-debian-devel; by putting the address in the X-Debbugs-CC: "
1900 "header of the message (no, don't use CC:, because that way the message's "
1901 "subject won't indicate the bug number)."
1904 #. type: Content of: <chapter><section><section><para>
1907 "If you just intend to give the package away, but you can keep maintainership "
1908 "for the moment, then you should instead submit a bug against <systemitem "
1909 "role=\"package\">wnpp</systemitem> and title it <literal>RFA: "
1910 "<replaceable>package</replaceable> -- <replaceable>short "
1911 "description</replaceable></literal>. <literal>RFA</literal> stands for "
1912 "<literal>Request For Adoption</literal>."
1915 #. type: Content of: <chapter><section><section><para>
1917 msgid "More information is on the <ulink url=\"&url-wnpp;\">WNPP web pages</ulink>."
1920 #. type: Content of: <chapter><section><section><title>
1922 msgid "Adopting a package"
1925 #. type: Content of: <chapter><section><section><para>
1928 "A list of packages in need of a new maintainer is available in the <ulink "
1929 "url=\"&url-wnpp;\">Work-Needing and Prospective Packages list "
1930 "(WNPP)</ulink>. If you wish to take over maintenance of any of the packages "
1931 "listed in the WNPP, please take a look at the aforementioned page for "
1932 "information and procedures."
1935 #. type: Content of: <chapter><section><section><para>
1938 "It is not OK to simply take over a package that you feel is neglected — that "
1939 "would be package hijacking. You can, of course, contact the current "
1940 "maintainer and ask them if you may take over the package. If you have "
1941 "reason to believe a maintainer has gone AWOL (absent without leave), see "
1942 "<xref linkend=\"mia-qa\"/>."
1945 #. type: Content of: <chapter><section><section><para>
1948 "Generally, you may not take over the package without the assent of the "
1949 "current maintainer. Even if they ignore you, that is still not grounds to "
1950 "take over a package. Complaints about maintainers should be brought up on "
1951 "the developers' mailing list. If the discussion doesn't end with a positive "
1952 "conclusion, and the issue is of a technical nature, consider bringing it to "
1953 "the attention of the technical committee (see the <ulink "
1954 "url=\"&url-tech-ctte;\">technical committee web page</ulink> for more "
1958 #. type: Content of: <chapter><section><section><para>
1961 "If you take over an old package, you probably want to be listed as the "
1962 "package's official maintainer in the bug system. This will happen "
1963 "automatically once you upload a new version with an updated "
1964 "<literal>Maintainer</literal> field, although it can take a few hours after "
1965 "the upload is done. If you do not expect to upload a new version for a "
1966 "while, you can use <xref linkend=\"pkg-tracking-system\"/> to get the bug "
1967 "reports. However, make sure that the old maintainer has no problem with the "
1968 "fact that they will continue to receive the bugs during that time."
1971 #. type: Content of: <chapter><section><title>
1973 msgid "Porting and being ported"
1976 #. type: Content of: <chapter><section><para>
1979 "Debian supports an ever-increasing number of architectures. Even if you are "
1980 "not a porter, and you don't use any architecture but one, it is part of your "
1981 "duty as a maintainer to be aware of issues of portability. Therefore, even "
1982 "if you are not a porter, you should read most of this chapter."
1985 #. type: Content of: <chapter><section><para>
1988 "Porting is the act of building Debian packages for architectures that are "
1989 "different from the original architecture of the package maintainer's binary "
1990 "package. It is a unique and essential activity. In fact, porters do most "
1991 "of the actual compiling of Debian packages. For instance, when a maintainer "
1992 "uploads a (portable) source packages with binaries for the "
1993 "<literal>i386</literal> architecture, it will be built for each of the other "
1994 "architectures, amounting to &number-of-arches; more builds."
1997 #. type: Content of: <chapter><section><section><title>
1999 msgid "Being kind to porters"
2002 #. type: Content of: <chapter><section><section><para>
2005 "Porters have a difficult and unique task, since they are required to deal "
2006 "with a large volume of packages. Ideally, every source package should build "
2007 "right out of the box. Unfortunately, this is often not the case. This "
2008 "section contains a checklist of ``gotchas'' often committed by Debian "
2009 "maintainers — common problems which often stymie porters, and make their "
2010 "jobs unnecessarily difficult."
2013 #. type: Content of: <chapter><section><section><para>
2016 "The first and most important thing is to respond quickly to bug or issues "
2017 "raised by porters. Please treat porters with courtesy, as if they were in "
2018 "fact co-maintainers of your package (which, in a way, they are). Please be "
2019 "tolerant of succinct or even unclear bug reports; do your best to hunt down "
2020 "whatever the problem is."
2023 #. type: Content of: <chapter><section><section><para>
2026 "By far, most of the problems encountered by porters are caused by "
2027 "<emphasis>packaging bugs</emphasis> in the source packages. Here is a "
2028 "checklist of things you should check or be aware of."
2031 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2034 "Make sure that your <literal>Build-Depends</literal> and "
2035 "<literal>Build-Depends-Indep</literal> settings in "
2036 "<filename>debian/control</filename> are set properly. The best way to "
2037 "validate this is to use the <systemitem "
2038 "role=\"package\">debootstrap</systemitem> package to create an "
2039 "<literal>unstable</literal> chroot environment (see <xref "
2040 "linkend=\"debootstrap\"/>). Within that chrooted environment, install the "
2041 "<systemitem role=\"package\">build-essential</systemitem> package and any "
2042 "package dependencies mentioned in <literal>Build-Depends</literal> and/or "
2043 "<literal>Build-Depends-Indep</literal>. Finally, try building your package "
2044 "within that chrooted environment. These steps can be automated by the use "
2045 "of the <command>pbuilder</command> program which is provided by the package "
2046 "of the same name (see <xref linkend=\"pbuilder\"/>)."
2049 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2052 "If you can't set up a proper chroot, <command>dpkg-depcheck</command> may be "
2053 "of assistance (see <xref linkend=\"dpkg-depcheck\"/>)."
2056 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2059 "See the <ulink url=\"&url-debian-policy;\">Debian Policy Manual</ulink> for "
2060 "instructions on setting build dependencies."
2063 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2066 "Don't set architecture to a value other than <literal>all</literal> or "
2067 "<literal>any</literal> unless you really mean it. In too many cases, "
2068 "maintainers don't follow the instructions in the <ulink "
2069 "url=\"&url-debian-policy;\">Debian Policy Manual</ulink>. Setting your "
2070 "architecture to only one architecture (such as <literal>i386</literal> or "
2071 "<literal>amd64</literal>) is usually incorrect."
2074 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2077 "Make sure your source package is correct. Do <literal>dpkg-source -x "
2078 "<replaceable>package</replaceable>.dsc</literal> to make sure your source "
2079 "package unpacks properly. Then, in there, try building your package from "
2080 "scratch with <command>dpkg-buildpackage</command>."
2083 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2086 "Make sure you don't ship your source package with the "
2087 "<filename>debian/files</filename> or <filename>debian/substvars</filename> "
2088 "files. They should be removed by the <literal>clean</literal> target of "
2089 "<filename>debian/rules</filename>."
2092 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2095 "Make sure you don't rely on locally installed or hacked configurations or "
2096 "programs. For instance, you should never be calling programs in "
2097 "<filename>/usr/local/bin</filename> or the like. Try not to rely on "
2098 "programs being setup in a special way. Try building your package on another "
2099 "machine, even if it's the same architecture."
2102 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2105 "Don't depend on the package you're building being installed already (a "
2106 "sub-case of the above issue). There are, of course, exceptions to this rule, "
2107 "but be aware that any case like this needs manual bootstrapping and cannot "
2108 "be done by automated package builders."
2111 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2114 "Don't rely on the compiler being a certain version, if possible. If not, "
2115 "then make sure your build dependencies reflect the restrictions, although "
2116 "you are probably asking for trouble, since different architectures sometimes "
2117 "standardize on different compilers."
2120 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2123 "Make sure your <filename>debian/rules</filename> contains separate "
2124 "<literal>binary-arch</literal> and <literal>binary-indep</literal> targets, "
2125 "as the Debian Policy Manual requires. Make sure that both targets work "
2126 "independently, that is, that you can call the target without having called "
2127 "the other before. To test this, try to run <command>dpkg-buildpackage "
2131 #. type: Content of: <chapter><section><section><title>
2133 msgid "Guidelines for porter uploads"
2136 #. type: Content of: <chapter><section><section><para>
2139 "If the package builds out of the box for the architecture to be ported to, "
2140 "you are in luck and your job is easy. This section applies to that case; it "
2141 "describes how to build and upload your binary package so that it is properly "
2142 "installed into the archive. If you do have to patch the package in order to "
2143 "get it to compile for the other architecture, you are actually doing a "
2144 "source NMU, so consult <xref linkend=\"nmu-guidelines\"/> instead."
2147 #. type: Content of: <chapter><section><section><para>
2150 "For a porter upload, no changes are being made to the source. You do not "
2151 "need to touch any of the files in the source package. This includes "
2152 "<filename>debian/changelog</filename>."
2155 #. type: Content of: <chapter><section><section><para>
2158 "The way to invoke <command>dpkg-buildpackage</command> is as "
2159 "<literal>dpkg-buildpackage -B "
2160 "-m<replaceable>porter-email</replaceable></literal>. Of course, set "
2161 "<replaceable>porter-email</replaceable> to your email address. This will do "
2162 "a binary-only build of only the architecture-dependent portions of the "
2163 "package, using the <literal>binary-arch</literal> target in "
2164 "<filename>debian/rules</filename>."
2167 #. type: Content of: <chapter><section><section><para>
2170 "If you are working on a Debian machine for your porting efforts and you need "
2171 "to sign your upload locally for its acceptance in the archive, you can run "
2172 "<command>debsign</command> on your <filename>.changes</filename> file to "
2173 "have it signed conveniently, or use the remote signing mode of "
2174 "<command>dpkg-sig</command>."
2177 #. type: Content of: <chapter><section><section><section><title>
2179 msgid "Recompilation or binary-only NMU"
2182 #. type: Content of: <chapter><section><section><section><para>
2185 "Sometimes the initial porter upload is problematic because the environment "
2186 "in which the package was built was not good enough (outdated or obsolete "
2187 "library, bad compiler, etc.). Then you may just need to recompile it in an "
2188 "updated environment. However, you have to bump the version number in this "
2189 "case, so that the old bad package can be replaced in the Debian archive "
2190 "(<command>dak</command> refuses to install new packages if they don't have a "
2191 "version number greater than the currently available one)."
2194 #. type: Content of: <chapter><section><section><section><para>
2197 "You have to make sure that your binary-only NMU doesn't render the package "
2198 "uninstallable. This could happen when a source package generates "
2199 "arch-dependent and arch-independent packages that have inter-dependencies "
2200 "generated using dpkg's substitution variable "
2201 "<literal>$(Source-Version)</literal>."
2204 #. type: Content of: <chapter><section><section><section><para>
2207 "Despite the required modification of the changelog, these are called "
2208 "binary-only NMUs — there is no need in this case to trigger all other "
2209 "architectures to consider themselves out of date or requiring recompilation."
2212 #. type: Content of: <chapter><section><section><section><para>
2215 "Such recompilations require special ``magic'' version numbering, so that the "
2216 "archive maintenance tools recognize that, even though there is a new Debian "
2217 "version, there is no corresponding source update. If you get this wrong, "
2218 "the archive maintainers will reject your upload (due to lack of "
2219 "corresponding source code)."
2222 #. type: Content of: <chapter><section><section><section><para><footnote><para>
2225 "In the past, such NMUs used the third-level number on the Debian part of the "
2226 "revision to denote their recompilation-only status; however, this syntax was "
2227 "ambiguous with native packages and did not allow proper ordering of "
2228 "recompile-only NMUs, source NMUs, and security NMUs on the same package, and "
2229 "has therefore been abandoned in favor of this new syntax."
2232 #. type: Content of: <chapter><section><section><section><para>
2235 "The ``magic'' for a recompilation-only NMU is triggered by using a suffix "
2236 "appended to the package version number, following the form "
2237 "<literal>b<replaceable>number</replaceable></literal>. For instance, if the "
2238 "latest version you are recompiling against was version "
2239 "<literal>2.9-3</literal>, your binary-only NMU should carry a version of "
2240 "<literal>2.9-3+b1</literal>. If the latest version was "
2241 "<literal>3.4+b1</literal> (i.e, a native package with a previous "
2242 "recompilation NMU), your binary-only NMU should have a version number of "
2243 "<literal>3.4+b2</literal>.<placeholder type=\"footnote\" id=\"0\"/>"
2246 #. type: Content of: <chapter><section><section><section><para>
2249 "Similar to initial porter uploads, the correct way of invoking "
2250 "<command>dpkg-buildpackage</command> is <literal>dpkg-buildpackage "
2251 "-B</literal> to only build the architecture-dependent parts of the package."
2254 #. type: Content of: <chapter><section><section><section><title>
2256 msgid "When to do a source NMU if you are a porter"
2259 #. type: Content of: <chapter><section><section><section><para>
2262 "Porters doing a source NMU generally follow the guidelines found in <xref "
2263 "linkend=\"nmu\"/>, just like non-porters. However, it is expected that the "
2264 "wait cycle for a porter's source NMU is smaller than for a non-porter, since "
2265 "porters have to cope with a large quantity of packages. Again, the "
2266 "situation varies depending on the distribution they are uploading to. It "
2267 "also varies whether the architecture is a candidate for inclusion into the "
2268 "next stable release; the release managers decide and announce which "
2269 "architectures are candidates."
2272 #. type: Content of: <chapter><section><section><section><para>
2275 "If you are a porter doing an NMU for <literal>unstable</literal>, the above "
2276 "guidelines for porting should be followed, with two variations. Firstly, "
2277 "the acceptable waiting period — the time between when the bug is submitted "
2278 "to the BTS and when it is OK to do an NMU — is seven days for porters "
2279 "working on the <literal>unstable</literal> distribution. This period can be "
2280 "shortened if the problem is critical and imposes hardship on the porting "
2281 "effort, at the discretion of the porter group. (Remember, none of this is "
2282 "Policy, just mutually agreed upon guidelines.) For uploads to "
2283 "<literal>stable</literal> or <literal>testing</literal>, please coordinate "
2284 "with the appropriate release team first."
2287 #. type: Content of: <chapter><section><section><section><para>
2290 "Secondly, porters doing source NMUs should make sure that the bug they "
2291 "submit to the BTS should be of severity <literal>serious</literal> or "
2292 "greater. This ensures that a single source package can be used to compile "
2293 "every supported Debian architecture by release time. It is very important "
2294 "that we have one version of the binary and source package for all "
2295 "architectures in order to comply with many licenses."
2298 #. type: Content of: <chapter><section><section><section><para>
2301 "Porters should try to avoid patches which simply kludge around bugs in the "
2302 "current version of the compile environment, kernel, or libc. Sometimes such "
2303 "kludges can't be helped. If you have to kludge around compiler bugs and the "
2304 "like, make sure you <literal>#ifdef</literal> your work properly; also, "
2305 "document your kludge so that people know to remove it once the external "
2306 "problems have been fixed."
2309 #. type: Content of: <chapter><section><section><section><para>
2312 "Porters may also have an unofficial location where they can put the results "
2313 "of their work during the waiting period. This helps others running the port "
2314 "have the benefit of the porter's work, even during the waiting period. Of "
2315 "course, such locations have no official blessing or status, so buyer beware."
2318 #. type: Content of: <chapter><section><section><title>
2320 msgid "Porting infrastructure and automation"
2323 #. type: Content of: <chapter><section><section><para>
2326 "There is infrastructure and several tools to help automate package porting. "
2327 "This section contains a brief overview of this automation and porting to "
2328 "these tools; see the package documentation or references for full "
2332 #. type: Content of: <chapter><section><section><section><title>
2334 msgid "Mailing lists and web pages"
2337 #. type: Content of: <chapter><section><section><section><para>
2340 "Web pages containing the status of each port can be found at <ulink "
2341 "url=\"&url-debian-ports;\"></ulink>."
2344 #. type: Content of: <chapter><section><section><section><para>
2347 "Each port of Debian has a mailing list. The list of porting mailing lists "
2348 "can be found at <ulink url=\"&url-debian-port-lists;\"></ulink>. These "
2349 "lists are used to coordinate porters, and to connect the users of a given "
2350 "port with the porters."
2353 #. type: Content of: <chapter><section><section><section><title>
2355 msgid "Porter tools"
2358 #. type: Content of: <chapter><section><section><section><para>
2361 "Descriptions of several porting tools can be found in <xref "
2362 "linkend=\"tools-porting\"/>."
2365 #. type: Content of: <chapter><section><section><section><title>
2367 msgid "<systemitem role=\"package\">wanna-build</systemitem>"
2370 #. type: Content of: <chapter><section><section><section><para>
2373 "The <systemitem role=\"package\">wanna-build</systemitem> system is used as "
2374 "a distributed, client-server build distribution system. It is usually used "
2375 "in conjunction with build daemons running the <systemitem "
2376 "role=\"package\">buildd</systemitem> program. <literal>Build "
2377 "daemons</literal> are ``slave'' hosts which contact the central <systemitem "
2378 "role=\"package\">wanna-build</systemitem> system to receive a list of "
2379 "packages that need to be built."
2382 #. type: Content of: <chapter><section><section><section><para>
2385 "<systemitem role=\"package\">wanna-build</systemitem> is not yet available "
2386 "as a package; however, all Debian porting efforts are using it for automated "
2387 "package building. The tool used to do the actual package builds, "
2388 "<systemitem role=\"package\">sbuild</systemitem> is available as a package, "
2389 "see its description in <xref linkend=\"sbuild\"/>. Please note that the "
2390 "packaged version is not the same as the one used on build daemons, but it is "
2391 "close enough to reproduce problems."
2394 #. type: Content of: <chapter><section><section><section><para>
2397 "Most of the data produced by <systemitem "
2398 "role=\"package\">wanna-build</systemitem> which is generally useful to "
2399 "porters is available on the web at <ulink url=\"&url-buildd;\"></ulink>. "
2400 "This data includes nightly updated statistics, queueing information and logs "
2401 "for build attempts."
2404 #. type: Content of: <chapter><section><section><section><para>
2407 "We are quite proud of this system, since it has so many possible uses. "
2408 "Independent development groups can use the system for different sub-flavors "
2409 "of Debian, which may or may not really be of general interest (for instance, "
2410 "a flavor of Debian built with <command>gcc</command> bounds checking). It "
2411 "will also enable Debian to recompile entire distributions quickly."
2414 #. type: Content of: <chapter><section><section><section><para>
2417 "The wanna-build team, in charge of the buildds, can be reached at "
2418 "<literal>debian-wb-team@lists.debian.org</literal>. To determine who "
2419 "(wanna-build team, release team) and how (mail, BTS) to contact, refer to "
2420 "<ulink url=\"&url-wb-team;\"></ulink>."
2423 #. type: Content of: <chapter><section><section><section><para>
2426 "When requesting binNMUs or give-backs (retries after a failed build), please "
2427 "use the format described at <ulink url=\"&url-release-wb;\"/>."
2430 #. type: Content of: <chapter><section><section><title>
2432 msgid "When your package is <emphasis>not</emphasis> portable"
2435 #. type: Content of: <chapter><section><section><para>
2438 "Some packages still have issues with building and/or working on some of the "
2439 "architectures supported by Debian, and cannot be ported at all, or not "
2440 "within a reasonable amount of time. An example is a package that is "
2441 "SVGA-specific (only available for <literal>i386</literal> and "
2442 "<literal>amd64</literal>), or uses other hardware-specific features not "
2443 "supported on all architectures."
2446 #. type: Content of: <chapter><section><section><para>
2449 "In order to prevent broken packages from being uploaded to the archive, and "
2450 "wasting buildd time, you need to do a few things:"
2453 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2456 "First, make sure your package <emphasis>does</emphasis> fail to build on "
2457 "architectures that it cannot support. There are a few ways to achieve "
2458 "this. The preferred way is to have a small testsuite during build time that "
2459 "will test the functionality, and fail if it doesn't work. This is a good "
2460 "idea anyway, as this will prevent (some) broken uploads on all "
2461 "architectures, and also will allow the package to build as soon as the "
2462 "required functionality is available."
2465 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2468 "Additionally, if you believe the list of supported architectures is pretty "
2469 "constant, you should change <literal>any</literal> to a list of supported "
2470 "architectures in <filename>debian/control</filename>. This way, the build "
2471 "will fail also, and indicate this to a human reader without actually trying."
2474 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2477 "In order to prevent autobuilders from needlessly trying to build your "
2478 "package, it must be included in <filename>Packages-arch-specific</filename>, "
2479 "a list used by the <command>wanna-build</command> script. The current "
2480 "version is available as <ulink url=\"&url-buildd-p-a-s;\"/>; please see the "
2481 "top of the file for whom to contact for changes."
2484 #. type: Content of: <chapter><section><section><para>
2487 "Please note that it is insufficient to only add your package to "
2488 "<filename>Packages-arch-specific</filename> without making it fail to build "
2489 "on unsupported architectures: A porter or any other person trying to build "
2490 "your package might accidently upload it without noticing it doesn't work. "
2491 "If in the past some binary packages were uploaded on unsupported "
2492 "architectures, request their removal by filing a bug against <systemitem "
2493 "role=\"package\">ftp.debian.org</systemitem>."
2496 #. type: Content of: <chapter><section><section><title>
2498 msgid "Marking non-free packages as auto-buildable"
2501 #. type: Content of: <chapter><section><section><para>
2504 "By default packages from the <literal>non-free</literal> section are not "
2505 "built by the autobuilder network (mostly because the license of the packages "
2506 "could disapprove). To enable a package to be build you need to perform the "
2510 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2513 "Check whether it is legally allowed and technically possible to auto-build "
2517 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2520 "Add <literal>XS-Autobuild: yes</literal> into the header part of "
2521 "<filename>debian/control</filename>;"
2524 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2527 "Send an email to &email-nonfree-release; and explain why the package can "
2528 "legitimately and technically be auto-built."
2531 #. type: Content of: <chapter><section><title>
2533 msgid "Non-Maintainer Uploads (NMUs)"
2536 #. type: Content of: <chapter><section><para>
2539 "Every package has one or more maintainers. Normally, these are the people "
2540 "who work on and upload new versions of the package. In some situations, it "
2541 "is useful that other developers can upload a new version as well, for "
2542 "example if they want to fix a bug in a package they don't maintain, when the "
2543 "maintainer needs help to respond to issues. Such uploads are called "
2544 "<emphasis>Non-Maintainer Uploads (NMU)</emphasis>."
2547 #. type: Content of: <chapter><section><section><title>
2549 msgid "When and how to do an NMU"
2552 #. type: Content of: <chapter><section><section><para>
2554 msgid "Before doing an NMU, consider the following questions:"
2557 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2560 "Does your NMU really fix bugs? Fixing cosmetic issues or changing the "
2561 "packaging style in NMUs is discouraged."
2564 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2567 "Did you give enough time to the maintainer? When was the bug reported to the "
2568 "BTS? Being busy for a week or two isn't unusual. Is the bug so severe that "
2569 "it needs to be fixed right now, or can it wait a few more days?"
2572 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2575 "How confident are you about your changes? Please remember the Hippocratic "
2576 "Oath: \"Above all, do no harm.\" It is better to leave a package with an "
2577 "open grave bug than applying a non-functional patch, or one that hides the "
2578 "bug instead of resolving it. If you are not 100% sure of what you did, it "
2579 "might be a good idea to seek advice from others. Remember that if you break "
2580 "something in your NMU, many people will be very unhappy about it."
2583 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2586 "Have you clearly expressed your intention to NMU, at least in the BTS? It is "
2587 "also a good idea to try to contact the maintainer by other means (private "
2591 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2594 "If the maintainer is usually active and responsive, have you tried to "
2595 "contact him? In general it should be considered preferable that a maintainer "
2596 "takes care of an issue himself and that he is given the chance to review and "
2597 "correct your patch, because he can be expected to be more aware of potential "
2598 "issues which an NMUer might miss. It is often a better use of everyone's "
2599 "time if the maintainer is given an opportunity to upload a fix on their own."
2602 #. type: Content of: <chapter><section><section><para>
2605 "When doing an NMU, you must first make sure that your intention to NMU is "
2606 "clear. Then, you must send a patch with the differences between the current "
2607 "package and your proposed NMU to the BTS. The <command>nmudiff</command> "
2608 "script in the <systemitem role=\"package\">devscripts</systemitem> package "
2612 #. type: Content of: <chapter><section><section><para>
2615 "While preparing the patch, you should better be aware of any "
2616 "package-specific practices that the maintainer might be using. Taking them "
2617 "into account reduces the burden of integrating your changes into the normal "
2618 "package workflow and thus increases the chances that integration will "
2619 "happen. A good place where to look for for possible package-specific "
2620 "practices is <ulink "
2621 "url=\"&url-debian-policy;ch-source.html#s-readmesource\"><filename>debian/README.source</filename></ulink>."
2624 #. type: Content of: <chapter><section><section><para>
2627 "Unless you have an excellent reason not to do so, you must then give some "
2628 "time to the maintainer to react (for example, by uploading to the "
2629 "<literal>DELAYED</literal> queue). Here are some recommended values to use "
2633 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2636 "Upload fixing only release-critical bugs older than 7 days, with no "
2637 "maintainer activity on the bug for 7 days and no indication that a fix is in "
2641 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2643 msgid "Upload fixing only release-critical bugs older than 7 days: 2 days"
2646 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2648 msgid "Upload fixing only release-critical and important bugs: 5 days"
2651 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2653 msgid "Other NMUs: 10 days"
2656 #. type: Content of: <chapter><section><section><para>
2659 "Those delays are only examples. In some cases, such as uploads fixing "
2660 "security issues, or fixes for trivial bugs that blocking a transition, it is "
2661 "desirable that the fixed package reaches <literal>unstable</literal> sooner."
2664 #. type: Content of: <chapter><section><section><para>
2667 "Sometimes, release managers decide to allow NMUs with shorter delays for a "
2668 "subset of bugs (e.g release-critical bugs older than 7 days). Also, some "
2669 "maintainers list themselves in the <ulink "
2670 "url=\"&url-low-threshold-nmu;\">Low Threshold NMU list</ulink>, and accept "
2671 "that NMUs are uploaded without delay. But even in those cases, it's still a "
2672 "good idea to give the maintainer a few days to react before you upload, "
2673 "especially if the patch wasn't available in the BTS before, or if you know "
2674 "that the maintainer is generally active."
2677 #. type: Content of: <chapter><section><section><para>
2680 "After you upload an NMU, you are responsible for the possible problems that "
2681 "you might have introduced. You must keep an eye on the package (subscribing "
2682 "to the package on the PTS is a good way to achieve this)."
2685 #. type: Content of: <chapter><section><section><para>
2688 "This is not a license to perform NMUs thoughtlessly. If you NMU when it is "
2689 "clear that the maintainers are active and would have acknowledged a patch in "
2690 "a timely manner, or if you ignore the recommendations of this document, your "
2691 "upload might be a cause of conflict with the maintainer. You should always "
2692 "be prepared to defend the wisdom of any NMU you perform on its own merits."
2695 #. type: Content of: <chapter><section><section><title>
2697 msgid "NMUs and <filename>debian/changelog</filename>"
2700 #. type: Content of: <chapter><section><section><para>
2703 "Just like any other (source) upload, NMUs must add an entry to "
2704 "<filename>debian/changelog</filename>, telling what has changed with this "
2705 "upload. The first line of this entry must explicitely mention that this "
2706 "upload is an NMU, e.g.:"
2709 #. type: Content of: <chapter><section><section><screen>
2712 msgid " * Non-maintainer upload.\n"
2715 #. type: Content of: <chapter><section><section><para>
2717 msgid "The way to version NMUs differs for native and non-native packages."
2720 #. type: Content of: <chapter><section><section><para>
2723 "If the package is a native package (without a Debian revision in the version "
2724 "number), the version must be the version of the last maintainer upload, plus "
2725 "<literal>+nmu<replaceable>X</replaceable></literal>, where "
2726 "<replaceable>X</replaceable> is a counter starting at <literal>1</literal>. "
2727 "If the last upload was also an NMU, the counter should be increased. For "
2728 "example, if the current version is <literal>1.5</literal>, then an NMU would "
2729 "get version <literal>1.5+nmu1</literal>."
2732 #. type: Content of: <chapter><section><section><para>
2735 "If the package is a not a native package, you should add a minor version "
2736 "number to the Debian revision part of the version number (the portion after "
2737 "the last hyphen). This extra number must start at <literal>1</literal>. For "
2738 "example, if the current version is <literal>1.5-2</literal>, then an NMU "
2739 "would get version <literal>1.5-2.1</literal>. If a new upstream version is "
2740 "packaged in the NMU, the Debian revision is set to <literal>0</literal>, for "
2741 "example <literal>1.6-0.1</literal>."
2744 #. type: Content of: <chapter><section><section><para>
2747 "In both cases, if the last upload was also an NMU, the counter should be "
2748 "increased. For example, if the current version is "
2749 "<literal>1.5+nmu3</literal> (a native package which has already been NMUed), "
2750 "the NMU would get version <literal>1.5+nmu4</literal>."
2753 #. type: Content of: <chapter><section><section><para>
2756 "A special versioning scheme is needed to avoid disrupting the maintainer's "
2757 "work, since using an integer for the Debian revision will potentially "
2758 "conflict with a maintainer upload already in preparation at the time of an "
2759 "NMU, or even one sitting in the ftp NEW queue. It also has the benefit of "
2760 "making it visually clear that a package in the archive was not made by the "
2761 "official maintainer."
2764 #. type: Content of: <chapter><section><section><para>
2767 "If you upload a package to testing or stable, you sometimes need to \"fork\" "
2768 "the version number tree. This is the case for security uploads, for "
2769 "example. For this, a version of the form "
2770 "<literal>+deb<replaceable>XY</replaceable>u<replaceable>Z</replaceable></literal> "
2771 "should be used, where <replaceable>X</replaceable> and "
2772 "<replaceable>Y</replaceable> are the major and minor release numbers, and "
2773 "<replaceable>Z</replaceable> is a counter starting at <literal>1</literal>. "
2774 "When the release number is not yet known (often the case for "
2775 "<literal>testing</literal>, at the beginning of release cycles), the lowest "
2776 "release number higher than the last stable release number must be used. For "
2777 "example, while Lenny (Debian 5.0) is stable, a security NMU to stable for a "
2778 "package at version <literal>1.5-3</literal> would have version "
2779 "<literal>1.5-3+deb50u1</literal>, whereas a security NMU to Squeeze would "
2780 "get version <literal>1.5-3+deb60u1</literal>. After the release of Squeeze, "
2781 "security uploads to the <literal>testing</literal> distribution will be "
2782 "versioned <literal>+deb61uZ</literal>, until it is known whether that "
2783 "release will be Debian 6.1 or Debian 7.0 (if that becomes the case, uploads "
2784 "will be versioned as <literal>+deb70uZ</literal>)."
2787 #. type: Content of: <chapter><section><section><title>
2789 msgid "Using the <literal>DELAYED/</literal> queue"
2792 #. type: Content of: <chapter><section><section><para>
2795 "Having to wait for a response after you request permission to NMU is "
2796 "inefficient, because it costs the NMUer a context switch to come back to the "
2797 "issue. The <literal>DELAYED</literal> queue (see <xref "
2798 "linkend=\"delayed-incoming\"/>) allows the developer doing the NMU to "
2799 "perform all the necessary tasks at the same time. For instance, instead of "
2800 "telling the maintainer that you will upload the updated package in 7 days, "
2801 "you should upload the package to <literal>DELAYED/7</literal> and tell the "
2802 "maintainer that he has 7 days to react. During this time, the maintainer "
2803 "can ask you to delay the upload some more, or cancel your upload."
2806 #. type: Content of: <chapter><section><section><para>
2809 "The <literal>DELAYED</literal> queue should not be used to put additional "
2810 "pressure on the maintainer. In particular, it's important that you are "
2811 "available to cancel or delay the upload before the delay expires since the "
2812 "maintainer cannot cancel the upload himself."
2815 #. type: Content of: <chapter><section><section><para>
2818 "If you make an NMU to <literal>DELAYED</literal> and the maintainer updates "
2819 "his package before the delay expires, your upload will be rejected because a "
2820 "newer version is already available in the archive. Ideally, the maintainer "
2821 "will take care to include your proposed changes (or at least a solution for "
2822 "the problems they address) in that upload."
2825 #. type: Content of: <chapter><section><section><title>
2827 msgid "NMUs from the maintainer's point of view"
2830 #. type: Content of: <chapter><section><section><para>
2833 "When someone NMUs your package, this means they want to help you to keep it "
2834 "in good shape. This gives users fixed packages faster. You can consider "
2835 "asking the NMUer to become a co-maintainer of the package. Receiving an NMU "
2836 "on a package is not a bad thing; it just means that the package is "
2837 "interesting enough for other people to work on it."
2840 #. type: Content of: <chapter><section><section><para>
2843 "To acknowledge an NMU, include its changes and changelog entry in your next "
2844 "maintainer upload. If you do not acknowledge the NMU by including the NMU "
2845 "changelog entry in your changelog, the bugs will remain closed in the BTS "
2846 "but will be listed as affecting your maintainer version of the package."
2849 #. type: Content of: <chapter><section><section><title>
2851 msgid "Source NMUs vs Binary-only NMUs (binNMUs)"
2854 #. type: Content of: <chapter><section><section><para>
2857 "The full name of an NMU is <emphasis>source NMU</emphasis>. There is also "
2858 "another type, namely the <emphasis>binary-only NMU</emphasis>, or "
2859 "<emphasis>binNMU</emphasis>. A binNMU is also a package upload by someone "
2860 "other than the package's maintainer. However, it is a binary-only upload."
2863 #. type: Content of: <chapter><section><section><para>
2866 "When a library (or other dependency) is updated, the packages using it may "
2867 "need to be rebuilt. Since no changes to the source are needed, the same "
2868 "source package is used."
2871 #. type: Content of: <chapter><section><section><para>
2874 "BinNMUs are usually triggered on the buildds by wanna-build. An entry is "
2875 "added to <filename>debian/changelog</filename>, explaining why the upload "
2876 "was needed and increasing the version number as described in <xref "
2877 "linkend=\"binary-only-nmu\"/>. This entry should not be included in the "
2881 #. type: Content of: <chapter><section><section><para>
2884 "Buildds upload packages for their architecture to the archive as binary-only "
2885 "uploads. Strictly speaking, these are binNMUs. However, they are not "
2886 "normally called NMU, and they don't add an entry to "
2887 "<filename>debian/changelog</filename>."
2890 #. type: Content of: <chapter><section><section><title>
2892 msgid "NMUs vs QA uploads"
2895 #. type: Content of: <chapter><section><section><para>
2898 "NMUs are uploads of packages by somebody else than their assigned "
2899 "maintainer. There is another type of upload where the uploaded package is "
2900 "not yours: QA uploads. QA uploads are uploads of orphaned packages."
2903 #. type: Content of: <chapter><section><section><para>
2906 "QA uploads are very much like normal maintainer uploads: they may fix "
2907 "anything, even minor issues; the version numbering is normal, and there is "
2908 "no need to use a delayed upload. The difference is that you are not listed "
2909 "as the <literal>Maintainer</literal> or <literal>Uploader</literal> for the "
2910 "package. Also, the changelog entry of a QA upload has a special first line:"
2913 #. type: Content of: <chapter><section><section><screen>
2916 msgid " * QA upload.\n"
2919 #. type: Content of: <chapter><section><section><para>
2922 "If you want to do an NMU, and it seems that the maintainer is not active, it "
2923 "is wise to check if the package is orphaned (this information is displayed "
2924 "on the package's Package Tracking System page). When doing the first QA "
2925 "upload to an orphaned package, the maintainer should be set to "
2926 "<literal>Debian QA Group <packages@qa.debian.org></literal>. Orphaned "
2927 "packages which did not yet have a QA upload still have their old maintainer "
2928 "set. There is a list of them at <ulink url=\"&url-orphaned-not-qa;\"/>."
2931 #. type: Content of: <chapter><section><section><para>
2934 "Instead of doing a QA upload, you can also consider adopting the package by "
2935 "making yourself the maintainer. You don't need permission from anybody to "
2936 "adopt an orphaned package, you can just set yourself as maintainer and "
2937 "upload the new version (see <xref linkend=\"adopting\"/>)."
2940 #. type: Content of: <chapter><section><section><title>
2942 msgid "NMUs vs team uploads"
2945 #. type: Content of: <chapter><section><section><para>
2948 "Sometimes you are fixing and/or updating a package because you are member of "
2949 "a packaging team (which uses a mailing list as <literal>Maintainer</literal> "
2950 "or <literal>Uploader</literal>, see <xref linkend=\"collaborative-maint\"/>) "
2951 "but you don't want to add yourself to <literal>Uploaders</literal> because "
2952 "you do not plan to contribute regularly to this specific package. If it "
2953 "conforms with your team's policy, you can perform a normal upload without "
2954 "being listed directly as <literal>Maintainer</literal> or "
2955 "<literal>Uploader</literal>. In that case, you should start your changelog "
2956 "entry with the following line:"
2959 #. type: Content of: <chapter><section><section><screen>
2962 msgid " * Team upload.\n"
2965 #. type: Content of: <chapter><section><title>
2967 msgid "Collaborative maintenance"
2970 #. type: Content of: <chapter><section><para>
2973 "Collaborative maintenance is a term describing the sharing of Debian package "
2974 "maintenance duties by several people. This collaboration is almost always a "
2975 "good idea, since it generally results in higher quality and faster bug fix "
2976 "turnaround times. It is strongly recommended that packages with a priority "
2977 "of <literal>standard</literal> or which are part of the base set have "
2981 #. type: Content of: <chapter><section><para>
2984 "Generally there is a primary maintainer and one or more co-maintainers. The "
2985 "primary maintainer is the person whose name is listed in the "
2986 "<literal>Maintainer</literal> field of the "
2987 "<filename>debian/control</filename> file. Co-maintainers are all the other "
2988 "maintainers, usually listed in the <literal>Uploaders</literal> field of the "
2989 "<filename>debian/control</filename> file."
2992 #. type: Content of: <chapter><section><para>
2995 "In its most basic form, the process of adding a new co-maintainer is quite "
2999 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
3002 "Setup the co-maintainer with access to the sources you build the package "
3003 "from. Generally this implies you are using a network-capable version "
3004 "control system, such as <literal>CVS</literal> or "
3005 "<literal>Subversion</literal>. Alioth (see <xref linkend=\"alioth\"/>) "
3006 "provides such tools, amongst others."
3009 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
3012 "Add the co-maintainer's correct maintainer name and address to the "
3013 "<literal>Uploaders</literal> field in the first paragraph of the "
3014 "<filename>debian/control</filename> file."
3017 #. type: Content of: <chapter><section><itemizedlist><listitem><screen>
3021 "Uploaders: John Buzz <jbuzz@debian.org>, Adam Rex "
3022 "<arex@debian.org>\n"
3025 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
3028 "Using the PTS (<xref linkend=\"pkg-tracking-system\"/>), the co-maintainers "
3029 "should subscribe themselves to the appropriate source package."
3032 #. type: Content of: <chapter><section><para>
3035 "Another form of collaborative maintenance is team maintenance, which is "
3036 "recommended if you maintain several packages with the same group of "
3037 "developers. In that case, the <literal>Maintainer</literal> and "
3038 "<literal>Uploaders</literal> field of each package must be managed with "
3039 "care. It is recommended to choose between one of the two following schemes:"
3042 #. type: Content of: <chapter><section><orderedlist><listitem><para>
3045 "Put the team member mainly responsible for the package in the "
3046 "<literal>Maintainer</literal> field. In the <literal>Uploaders</literal>, "
3047 "put the mailing list address, and the team members who care for the package."
3050 #. type: Content of: <chapter><section><orderedlist><listitem><para>
3053 "Put the mailing list address in the <literal>Maintainer</literal> field. In "
3054 "the <literal>Uploaders</literal> field, put the team members who care for "
3055 "the package. In this case, you must make sure the mailing list accept bug "
3056 "reports without any human interaction (like moderation for non-subscribers)."
3059 #. type: Content of: <chapter><section><para>
3062 "In any case, it is a bad idea to automatically put all team members in the "
3063 "<literal>Uploaders</literal> field. It clutters the Developer's Package "
3064 "Overview listing (see <xref linkend=\"ddpo\"/>) with packages one doesn't "
3065 "really care for, and creates a false sense of good maintenance. For the same "
3066 "reason, team members do not need to add themselves to the "
3067 "<literal>Uploaders</literal> field just because they are uploading the "
3068 "package once, they can do a “Team upload” (see <xref "
3069 "linkend=\"nmu-team-upload\"/>). Conversely, it is a bad idea to keep a "
3070 "package with only the mailing list address as a "
3071 "<literal>Maintainer</literal> and no <literal>Uploaders</literal>."
3074 #. type: Content of: <chapter><section><title>
3076 msgid "The testing distribution"
3079 #. type: Content of: <chapter><section><section><title>
3084 #. type: Content of: <chapter><section><section><para>
3087 "Packages are usually installed into the <literal>testing</literal> "
3088 "distribution after they have undergone some degree of "
3089 "<literal>testing</literal> in <literal>unstable</literal>."
3092 #. type: Content of: <chapter><section><section><para>
3095 "They must be in sync on all architectures and mustn't have dependencies that "
3096 "make them uninstallable; they also have to have generally no known "
3097 "release-critical bugs at the time they're installed into "
3098 "<literal>testing</literal>. This way, <literal>testing</literal> should "
3099 "always be close to being a release candidate. Please see below for details."
3102 #. type: Content of: <chapter><section><section><title>
3104 msgid "Updates from unstable"
3107 #. type: Content of: <chapter><section><section><para>
3110 "The scripts that update the <literal>testing</literal> distribution are run "
3111 "twice each day, right after the installation of the updated packages; these "
3112 "scripts are called <literal>britney</literal>. They generate the "
3113 "<filename>Packages</filename> files for the <literal>testing</literal> "
3114 "distribution, but they do so in an intelligent manner; they try to avoid any "
3115 "inconsistency and to use only non-buggy packages."
3118 #. type: Content of: <chapter><section><section><para>
3121 "The inclusion of a package from <literal>unstable</literal> is conditional "
3125 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3128 "The package must have been available in <literal>unstable</literal> for 2, 5 "
3129 "or 10 days, depending on the urgency (high, medium or low). Please note "
3130 "that the urgency is sticky, meaning that the highest urgency uploaded since "
3131 "the previous <literal>testing</literal> transition is taken into account. "
3132 "Those delays may be doubled during a freeze, or <literal>testing</literal> "
3133 "transitions may be switched off altogether;"
3136 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3139 "It must not have new release-critical bugs (RC bugs affecting the version "
3140 "available in <literal>unstable</literal>, but not affecting the version in "
3141 "<literal>testing</literal>);"
3144 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3147 "It must be available on all architectures on which it has previously been "
3148 "built in <literal>unstable</literal>. <link linkend=\"dak-ls\">dak ls</link> "
3149 "may be of interest to check that information;"
3152 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3155 "It must not break any dependency of a package which is already available in "
3156 "<literal>testing</literal>;"
3159 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3162 "The packages on which it depends must either be available in "
3163 "<literal>testing</literal> or they must be accepted into "
3164 "<literal>testing</literal> at the same time (and they will be if they "
3165 "fulfill all the necessary criteria)."
3168 #. type: Content of: <chapter><section><section><para>
3171 "To find out whether a package is progressing into <literal>testing</literal> "
3172 "or not, see the <literal>testing</literal> script output on the <ulink "
3173 "url=\"&url-testing-maint;\">web page of the testing distribution</ulink>, or "
3174 "use the program <command>grep-excuses</command> which is in the <systemitem "
3175 "role=\"package\">devscripts</systemitem> package. This utility can easily "
3176 "be used in a <citerefentry> <refentrytitle>crontab</refentrytitle> "
3177 "<manvolnum>5</manvolnum> </citerefentry> to keep yourself informed of the "
3178 "progression of your packages into <literal>testing</literal>."
3181 #. type: Content of: <chapter><section><section><para>
3184 "The <filename>update_excuses</filename> file does not always give the "
3185 "precise reason why the package is refused; you may have to find it on your "
3186 "own by looking for what would break with the inclusion of the package. The "
3187 "<ulink url=\"&url-testing-maint;\">testing web page</ulink> gives some more "
3188 "information about the usual problems which may be causing such troubles."
3191 #. type: Content of: <chapter><section><section><para>
3194 "Sometimes, some packages never enter <literal>testing</literal> because the "
3195 "set of interrelationship is too complicated and cannot be sorted out by the "
3196 "scripts. See below for details."
3199 #. type: Content of: <chapter><section><section><para>
3202 "Some further dependency analysis is shown on <ulink "
3203 "url=\"http://release.debian.org/migration/\"></ulink> — but be warned, this "
3204 "page also shows build dependencies which are not considered by britney."
3207 #. type: Content of: <chapter><section><section><section><title>
3212 #. FIXME: better rename this file than document rampant professionalism?
3213 #. type: Content of: <chapter><section><section><section><para>
3216 "For the <literal>testing</literal> migration script, outdated means: There "
3217 "are different versions in <literal>unstable</literal> for the release "
3218 "architectures (except for the architectures in fuckedarches; fuckedarches is "
3219 "a list of architectures that don't keep up (in "
3220 "<filename>update_out.py</filename>), but currently, it's empty). outdated "
3221 "has nothing whatsoever to do with the architectures this package has in "
3222 "<literal>testing</literal>."
3225 #. type: Content of: <chapter><section><section><section><para>
3227 msgid "Consider this example:"
3230 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3231 #: pkgs.dbk:2465 pkgs.dbk:2498
3235 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3236 #: pkgs.dbk:2466 pkgs.dbk:2499
3240 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3241 #: pkgs.dbk:2471 pkgs.dbk:2505 pkgs.dbk:2567
3245 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3246 #: pkgs.dbk:2472 pkgs.dbk:2477 pkgs.dbk:2506 pkgs.dbk:2507 pkgs.dbk:2514
3250 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3251 #: pkgs.dbk:2473 pkgs.dbk:2508 pkgs.dbk:2513
3255 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3256 #: pkgs.dbk:2476 pkgs.dbk:2511 pkgs.dbk:2568
3260 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3261 #: pkgs.dbk:2478 pkgs.dbk:2512
3265 #. type: Content of: <chapter><section><section><section><para>
3268 "The package is out of date on <literal>alpha</literal> in "
3269 "<literal>unstable</literal>, and will not go to "
3270 "<literal>testing</literal>. Removing the package would not help at all, the "
3271 "package is still out of date on <literal>alpha</literal>, and will not "
3272 "propagate to <literal>testing</literal>."
3275 #. type: Content of: <chapter><section><section><section><para>
3278 "However, if ftp-master removes a package in <literal>unstable</literal> "
3279 "(here on <literal>arm</literal>):"
3282 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3287 #. type: Content of: <chapter><section><section><section><para>
3290 "In this case, the package is up to date on all release architectures in "
3291 "<literal>unstable</literal> (and the extra <literal>hurd-i386</literal> "
3292 "doesn't matter, as it's not a release architecture)."
3295 #. type: Content of: <chapter><section><section><section><para>
3298 "Sometimes, the question is raised if it is possible to allow packages in "
3299 "that are not yet built on all architectures: No. Just plainly no. (Except "
3300 "if you maintain glibc or so.)"
3303 #. type: Content of: <chapter><section><section><section><title>
3305 msgid "Removals from testing"
3308 #. type: Content of: <chapter><section><section><section><para>
3311 "Sometimes, a package is removed to allow another package in: This happens "
3312 "only to allow <emphasis>another</emphasis> package to go in if it's ready in "
3313 "every other sense. Suppose e.g. that <literal>a</literal> cannot be "
3314 "installed with the new version of <literal>b</literal>; then "
3315 "<literal>a</literal> may be removed to allow <literal>b</literal> in."
3318 #. type: Content of: <chapter><section><section><section><para>
3321 "Of course, there is another reason to remove a package from "
3322 "<literal>testing</literal>: It's just too buggy (and having a single RC-bug "
3323 "is enough to be in this state)."
3326 #. type: Content of: <chapter><section><section><section><para>
3329 "Furthermore, if a package has been removed from <literal>unstable</literal>, "
3330 "and no package in <literal>testing</literal> depends on it any more, then it "
3331 "will automatically be removed."
3334 #. type: Content of: <chapter><section><section><section><title>
3336 msgid "Circular dependencies"
3339 #. type: Content of: <chapter><section><section><section><para>
3342 "A situation which is not handled very well by britney is if package "
3343 "<literal>a</literal> depends on the new version of package "
3344 "<literal>b</literal>, and vice versa."
3347 #. type: Content of: <chapter><section><section><section><para>
3349 msgid "An example of this is:"
3352 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3357 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3359 msgid "1; depends: b=1"
3362 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3364 msgid "2; depends: b=2"
3367 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3372 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3374 msgid "1; depends: a=1"
3377 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3379 msgid "2; depends: a=2"
3382 #. type: Content of: <chapter><section><section><section><para>
3385 "Neither package <literal>a</literal> nor package <literal>b</literal> is "
3386 "considered for update."
3389 #. type: Content of: <chapter><section><section><section><para>
3392 "Currently, this requires some manual hinting from the release team. Please "
3393 "contact them by sending mail to &email-debian-release; if this happens to "
3394 "one of your packages."
3397 #. type: Content of: <chapter><section><section><section><title>
3399 msgid "Influence of package in testing"
3402 #. type: Content of: <chapter><section><section><section><para>
3405 "Generally, there is nothing that the status of a package in "
3406 "<literal>testing</literal> means for transition of the next version from "
3407 "<literal>unstable</literal> to <literal>testing</literal>, with two "
3408 "exceptions: If the RC-bugginess of the package goes down, it may go in even "
3409 "if it is still RC-buggy. The second exception is if the version of the "
3410 "package in <literal>testing</literal> is out of sync on the different "
3411 "arches: Then any arch might just upgrade to the version of the source "
3412 "package; however, this can happen only if the package was previously forced "
3413 "through, the arch is in fuckedarches, or there was no binary package of that "
3414 "arch present in <literal>unstable</literal> at all during the "
3415 "<literal>testing</literal> migration."
3418 #. type: Content of: <chapter><section><section><section><para>
3421 "In summary this means: The only influence that a package being in "
3422 "<literal>testing</literal> has on a new version of the same package is that "
3423 "the new version might go in easier."
3426 #. type: Content of: <chapter><section><section><section><title>
3431 #. type: Content of: <chapter><section><section><section><para>
3433 msgid "If you are interested in details, this is how britney works:"
3436 #. type: Content of: <chapter><section><section><section><para>
3439 "The packages are looked at to determine whether they are valid candidates. "
3440 "This gives the update excuses. The most common reasons why a package is not "
3441 "considered are too young, RC-bugginess, and out of date on some arches. For "
3442 "this part of britney, the release managers have hammers of various sizes to "
3443 "force britney to consider a package. (Also, the base freeze is coded in "
3444 "that part of britney.) (There is a similar thing for binary-only updates, "
3445 "but this is not described here. If you're interested in that, please peruse "
3449 #. type: Content of: <chapter><section><section><section><para>
3452 "Now, the more complex part happens: Britney tries to update "
3453 "<literal>testing</literal> with the valid candidates. For that, britney "
3454 "tries to add each valid candidate to the testing distribution. If the number "
3455 "of uninstallable packages in <literal>testing</literal> doesn't increase, "
3456 "the package is accepted. From that point on, the accepted package is "
3457 "considered to be part of <literal>testing</literal>, such that all "
3458 "subsequent installability tests include this package. Hints from the "
3459 "release team are processed before or after this main run, depending on the "
3463 #. type: Content of: <chapter><section><section><section><para>
3466 "If you want to see more details, you can look it up on <ulink "
3467 "url=\"http://&ftp-master-host;/testing/update_output/\"></ulink>."
3470 #. type: Content of: <chapter><section><section><section><para>
3473 "The hints are available via <ulink "
3474 "url=\"http://&ftp-master-host;/testing/hints/\"></ulink>."
3477 #. type: Content of: <chapter><section><section><title>
3479 msgid "Direct updates to testing"
3482 #. type: Content of: <chapter><section><section><para>
3485 "The <literal>testing</literal> distribution is fed with packages from "
3486 "<literal>unstable</literal> according to the rules explained above. "
3487 "However, in some cases, it is necessary to upload packages built only for "
3488 "<literal>testing</literal>. For that, you may want to upload to "
3489 "<literal>testing-proposed-updates</literal>."
3492 #. type: Content of: <chapter><section><section><para>
3495 "Keep in mind that packages uploaded there are not automatically processed, "
3496 "they have to go through the hands of the release manager. So you'd better "
3497 "have a good reason to upload there. In order to know what a good reason is "
3498 "in the release managers' eyes, you should read the instructions that they "
3499 "regularly give on &email-debian-devel-announce;."
3502 #. type: Content of: <chapter><section><section><para>
3505 "You should not upload to <literal>testing-proposed-updates</literal> when "
3506 "you can update your packages through <literal>unstable</literal>. If you "
3507 "can't (for example because you have a newer development version in "
3508 "<literal>unstable</literal>), you may use this facility, but it is "
3509 "recommended that you ask for authorization from the release manager first. "
3510 "Even if a package is frozen, updates through <literal>unstable</literal> are "
3511 "possible, if the upload via <literal>unstable</literal> does not pull in any "
3515 #. type: Content of: <chapter><section><section><para>
3518 "Version numbers are usually selected by adding the codename of the "
3519 "<literal>testing</literal> distribution and a running number, like "
3520 "<literal>1.2squeeze1</literal> for the first upload through "
3521 "<literal>testing-proposed-updates</literal> of package version "
3522 "<literal>1.2</literal>."
3525 #. type: Content of: <chapter><section><section><para>
3527 msgid "Please make sure you didn't miss any of these items in your upload:"
3530 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3533 "Make sure that your package really needs to go through "
3534 "<literal>testing-proposed-updates</literal>, and can't go through "
3535 "<literal>unstable</literal>;"
3538 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3540 msgid "Make sure that you included only the minimal amount of changes;"
3543 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3545 msgid "Make sure that you included an appropriate explanation in the changelog;"
3548 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3551 "Make sure that you've written <literal>testing</literal> or "
3552 "<literal>testing-proposed-updates</literal> into your target distribution;"
3555 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3558 "Make sure that you've built and tested your package in "
3559 "<literal>testing</literal>, not in <literal>unstable</literal>;"
3562 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3565 "Make sure that your version number is higher than the version in "
3566 "<literal>testing</literal> and <literal>testing-proposed-updates</literal>, "
3567 "and lower than in <literal>unstable</literal>;"
3570 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3573 "After uploading and successful build on all platforms, contact the release "
3574 "team at &email-debian-release; and ask them to approve your upload."
3577 #. type: Content of: <chapter><section><section><title>
3579 msgid "Frequently asked questions"
3582 #. type: Content of: <chapter><section><section><section><title>
3584 msgid "What are release-critical bugs, and how do they get counted?"
3587 #. type: Content of: <chapter><section><section><section><para>
3590 "All bugs of some higher severities are by default considered "
3591 "release-critical; currently, these are <literal>critical</literal>, "
3592 "<literal>grave</literal> and <literal>serious</literal> bugs."
3595 #. type: Content of: <chapter><section><section><section><para>
3598 "Such bugs are presumed to have an impact on the chances that the package "
3599 "will be released with the <literal>stable</literal> release of Debian: in "
3600 "general, if a package has open release-critical bugs filed on it, it won't "
3601 "get into <literal>testing</literal>, and consequently won't be released in "
3602 "<literal>stable</literal>."
3605 #. type: Content of: <chapter><section><section><section><para>
3608 "The <literal>unstable</literal> bug count are all release-critical bugs "
3609 "which are marked to apply to "
3610 "<replaceable>package</replaceable>/<replaceable>version</replaceable> "
3611 "combinations that are available in unstable for a release architecture. The "
3612 "<literal>testing</literal> bug count is defined analogously."
3615 #. type: Content of: <chapter><section><section><section><title>
3618 "How could installing a package into <literal>testing</literal> possibly "
3619 "break other packages?"
3622 #. type: Content of: <chapter><section><section><section><para>
3625 "The structure of the distribution archives is such that they can only "
3626 "contain one version of a package; a package is defined by its name. So when "
3627 "the source package <literal>acmefoo</literal> is installed into "
3628 "<literal>testing</literal>, along with its binary packages "
3629 "<literal>acme-foo-bin</literal>, <literal>acme-bar-bin</literal>, "
3630 "<literal>libacme-foo1</literal> and <literal>libacme-foo-dev</literal>, the "
3631 "old version is removed."
3634 #. type: Content of: <chapter><section><section><section><para>
3637 "However, the old version may have provided a binary package with an old "
3638 "soname of a library, such as <literal>libacme-foo0</literal>. Removing the "
3639 "old <literal>acmefoo</literal> will remove <literal>libacme-foo0</literal>, "
3640 "which will break any packages which depend on it."
3643 #. type: Content of: <chapter><section><section><section><para>
3646 "Evidently, this mainly affects packages which provide changing sets of "
3647 "binary packages in different versions (in turn, mainly libraries). However, "
3648 "it will also affect packages upon which versioned dependencies have been "
3649 "declared of the ==, <=, or << varieties."
3652 #. type: Content of: <chapter><section><section><section><para>
3655 "When the set of binary packages provided by a source package change in this "
3656 "way, all the packages that depended on the old binaries will have to be "
3657 "updated to depend on the new binaries instead. Because installing such a "
3658 "source package into <literal>testing</literal> breaks all the packages that "
3659 "depended on it in <literal>testing</literal>, some care has to be taken now: "
3660 "all the depending packages must be updated and ready to be installed "
3661 "themselves so that they won't be broken, and, once everything is ready, "
3662 "manual intervention by the release manager or an assistant is normally "
3666 #. type: Content of: <chapter><section><section><section><para>
3669 "If you are having problems with complicated groups of packages like this, "
3670 "contact &email-debian-devel; or &email-debian-release; for help."