1 # SOME DESCRIPTIVE TITLE
2 # Copyright (C) YEAR Free Software Foundation, Inc.
3 # FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
8 "Project-Id-Version: PACKAGE VERSION\n"
9 "POT-Creation-Date: 2007-07-01 21:01+0000\n"
10 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
11 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
12 "Language-Team: LANGUAGE <LL@li.org>\n"
14 "Content-Type: text/plain; charset=utf-8\n"
15 "Content-Transfer-Encoding: ENCODING"
17 # type: Content of: <chapter><title>
19 msgid "Managing Packages"
22 # type: Content of: <chapter><para>
25 "This chapter contains information related to creating, uploading, "
26 "maintaining, and porting packages."
29 # type: Content of: <chapter><section><title>
34 # type: Content of: <chapter><section><para>
37 "If you want to create a new package for the Debian distribution, you should "
38 "first check the <ulink url=\"&url-wnpp;\">Work-Needing and Prospective "
39 "Packages (WNPP)</ulink> list. Checking the WNPP list ensures that no one is "
40 "already working on packaging that software, and that effort is not "
41 "duplicated. Read the <ulink url=\"&url-wnpp;\">WNPP web pages</ulink> for "
45 # type: Content of: <chapter><section><para>
48 "Assuming no one else is already working on your prospective package, you "
49 "must then submit a bug report (<xref linkend=\"submit-bug\"/> ) against the "
50 "pseudo-package <systemitem role=\"package\">wnpp</systemitem> describing "
51 "your plan to create a new package, including, but not limiting yourself to, "
52 "a description of the package, the license of the prospective package, and "
53 "the current URL where it can be downloaded from."
56 # type: Content of: <chapter><section><para>
59 "You should set the subject of the bug to ``ITP: "
60 "<replaceable>foo</replaceable> -- <replaceable>short "
61 "description</replaceable>'', substituting the name of the new package for "
62 "<replaceable>foo</replaceable>. The severity of the bug report must be set "
63 "to <emphasis>wishlist</emphasis>. If you feel it's necessary, send a copy "
64 "to &email-debian-devel; by putting the address in the "
65 "<literal>X-Debbugs-CC:</literal> header of the message (no, don't use "
66 "<literal>CC:</literal>, because that way the message's subject won't "
67 "indicate the bug number)."
70 # type: Content of: <chapter><section><para>
73 "Please include a <literal>Closes: "
74 "bug#<replaceable>nnnnn</replaceable></literal> entry in the changelog of the "
75 "new package in order for the bug report to be automatically closed once the "
76 "new package is installed in the archive (see <xref "
77 "linkend=\"upload-bugfix\"/> )."
80 # type: Content of: <chapter><section><para>
83 "When closing security bugs include CVE numbers as well as the Closes: "
84 "#nnnnn. This is useful for the security team to track vulnerabilities. If "
85 "an upload is made to fix the bug before the advisory ID is known, it is "
86 "encouraged to modify the historical changelog entry with the next upload. "
87 "Even in this case, please include all available pointers to background "
88 "information in the original changelog entry."
91 # type: Content of: <chapter><section><para>
94 "There are a number of reasons why we ask maintainers to announce their "
98 # type: Content of: <chapter><section><itemizedlist><listitem><para>
101 "It helps the (potentially new) maintainer to tap into the experience of "
102 "people on the list, and lets them know if anyone else is working on it "
106 # type: Content of: <chapter><section><itemizedlist><listitem><para>
109 "It lets other people thinking about working on the package know that there "
110 "already is a volunteer, so efforts may be shared."
113 # type: Content of: <chapter><section><itemizedlist><listitem><para>
116 "It lets the rest of the maintainers know more about the package than the one "
117 "line description and the usual changelog entry ``Initial release'' that gets "
118 "posted to <literal>debian-devel-changes</literal>."
121 # type: Content of: <chapter><section><itemizedlist><listitem><para>
124 "It is helpful to the people who live off unstable (and form our first line "
125 "of testers). We should encourage these people."
128 # type: Content of: <chapter><section><itemizedlist><listitem><para>
131 "The announcements give maintainers and other interested parties a better "
132 "feel of what is going on, and what is new, in the project."
135 # type: Content of: <chapter><section><para>
138 "Please see <ulink url=\"http://&ftp-master-host;/REJECT-FAQ.html\"></ulink> "
139 "for common rejection reasons for a new package."
142 # type: Content of: <chapter><section><title>
144 msgid "Recording changes in the package"
147 # type: Content of: <chapter><section><para>
150 "Changes that you make to the package need to be recorded in the "
151 "<filename>debian/changelog</filename>. These changes should provide a "
152 "concise description of what was changed, why (if it's in doubt), and note if "
153 "any bugs were closed. They also record when the package was completed. "
154 "This file will be installed in "
155 "<filename>/usr/share/doc/<replaceable>package</replaceable>/changelog.Debian.gz</filename>, "
157 "<filename>/usr/share/doc/<replaceable>package</replaceable>/changelog.gz</filename> "
158 "for native packages."
161 # type: Content of: <chapter><section><para>
164 "The <filename>debian/changelog</filename> file conforms to a certain "
165 "structure, with a number of different fields. One field of note, the "
166 "<emphasis>distribution</emphasis>, is described in <xref "
167 "linkend=\"distribution\"/> . More information about the structure of this "
168 "file can be found in the Debian Policy section titled "
169 "<filename>debian/changelog</filename>."
172 # type: Content of: <chapter><section><para>
175 "Changelog entries can be used to automatically close Debian bugs when the "
176 "package is installed into the archive. See <xref "
177 "linkend=\"upload-bugfix\"/> ."
180 # type: Content of: <chapter><section><para>
183 "It is conventional that the changelog entry of a package that contains a new "
184 "upstream version of the software looks like this:"
187 # type: Content of: <chapter><section><screen>
190 msgid "* new upstream version"
193 # type: Content of: <chapter><section><para>
196 "There are tools to help you create entries and finalize the "
197 "<filename>changelog</filename> for release — see <xref "
198 "linkend=\"devscripts\"/> and <xref linkend=\"dpkg-dev-el\"/> ."
201 # type: Content of: <chapter><section><para>
203 msgid "See also <xref linkend=\"bpp-debian-changelog\"/> ."
206 # type: Content of: <chapter><section><title>
208 msgid "Testing the package"
211 # type: Content of: <chapter><section><para>
214 "Before you upload your package, you should do basic testing on it. At a "
215 "minimum, you should try the following activities (you'll need to have an "
216 "older version of the same Debian package around):"
219 # type: Content of: <chapter><section><itemizedlist><listitem><para>
222 "Install the package and make sure the software works, or upgrade the package "
223 "from an older version to your new version if a Debian package for it already "
227 # type: Content of: <chapter><section><itemizedlist><listitem><para>
230 "Run <command>lintian</command> over the package. You can run "
231 "<command>lintian</command> as follows: <literal>lintian -v "
232 "<replaceable>package-version</replaceable>.changes</literal>. This will "
233 "check the source package as well as the binary package. If you don't "
234 "understand the output that <command>lintian</command> generates, try adding "
235 "the <literal>-i</literal> switch, which will cause "
236 "<command>lintian</command> to output a very verbose description of the "
240 # type: Content of: <chapter><section><itemizedlist><listitem><para>
243 "Normally, a package should <emphasis>not</emphasis> be uploaded if it causes "
244 "lintian to emit errors (they will start with <literal>E</literal>)."
247 # type: Content of: <chapter><section><itemizedlist><listitem><para>
250 "For more information on <command>lintian</command>, see <xref "
251 "linkend=\"lintian\"/> ."
254 # type: Content of: <chapter><section><itemizedlist><listitem><para>
257 "Optionally run <xref linkend=\"debdiff\"/> to analyze changes from an older "
258 "version, if one exists."
261 # type: Content of: <chapter><section><itemizedlist><listitem><para>
264 "Downgrade the package to the previous version (if one exists) — this tests "
265 "the <filename>postrm</filename> and <filename>prerm</filename> scripts."
268 # type: Content of: <chapter><section><itemizedlist><listitem><para>
270 msgid "Remove the package, then reinstall it."
273 # type: Content of: <chapter><section><itemizedlist><listitem><para>
276 "Copy the source package in a different directory and try unpacking it and "
277 "rebuilding it. This tests if the package relies on existing files outside "
278 "of it, or if it relies on permissions being preserved on the files shipped "
279 "inside the .diff.gz file."
282 # type: Content of: <chapter><section><title>
284 msgid "Layout of the source package"
287 # type: Content of: <chapter><section><para>
289 msgid "There are two types of Debian source packages:"
292 # type: Content of: <chapter><section><itemizedlist><listitem><para>
295 "the so-called <emphasis>native</emphasis> packages, where there is no "
296 "distinction between the original sources and the patches applied for Debian"
299 # type: Content of: <chapter><section><itemizedlist><listitem><para>
302 "the (more common) packages where there's an original source tarball file "
303 "accompanied by another file that contains the patches applied for Debian"
306 # type: Content of: <chapter><section><para>
309 "For the native packages, the source package includes a Debian source control "
310 "file (<literal>.dsc</literal>) and the source tarball "
311 "(<literal>.tar.gz</literal>). A source package of a non-native package "
312 "includes a Debian source control file, the original source tarball "
313 "(<literal>.orig.tar.gz</literal>) and the Debian patches "
314 "(<literal>.diff.gz</literal>)."
317 # type: Content of: <chapter><section><para>
320 "Whether a package is native or not is determined when it is built by "
321 "<citerefentry> <refentrytitle>dpkg-buildpackage</refentrytitle> "
322 "<manvolnum>1</manvolnum> </citerefentry>. The rest of this section relates "
323 "only to non-native packages."
326 # type: Content of: <chapter><section><para>
329 "The first time a version is uploaded which corresponds to a particular "
330 "upstream version, the original source tar file should be uploaded and "
331 "included in the <filename>.changes</filename> file. Subsequently, this very "
332 "same tar file should be used to build the new diffs and "
333 "<filename>.dsc</filename> files, and will not need to be re-uploaded."
336 # type: Content of: <chapter><section><para>
339 "By default, <command>dpkg-genchanges</command> and "
340 "<command>dpkg-buildpackage</command> will include the original source tar "
341 "file if and only if the Debian revision part of the source version number is "
342 "0 or 1, indicating a new upstream version. This behavior may be modified by "
343 "using <literal>-sa</literal> to always include it or <literal>-sd</literal> "
344 "to always leave it out."
347 # type: Content of: <chapter><section><para>
350 "If no original source is included in the upload, the original source "
351 "tar-file used by <command>dpkg-source</command> when constructing the "
352 "<filename>.dsc</filename> file and diff to be uploaded "
353 "<emphasis>must</emphasis> be byte-for-byte identical with the one already in "
357 # type: Content of: <chapter><section><para>
360 "Please notice that, in non-native packages, permissions on files that are "
361 "not present in the .orig.tar.gz will not be preserved, as diff does not "
362 "store file permissions in the patch."
365 # type: Content of: <chapter><section><title>
367 msgid "Picking a distribution"
370 # type: Content of: <chapter><section><para>
373 "Each upload needs to specify which distribution the package is intended "
374 "for. The package build process extracts this information from the first "
375 "line of the <filename>debian/changelog</filename> file and places it in the "
376 "<literal>Distribution</literal> field of the <literal>.changes</literal> "
380 # type: Content of: <chapter><section><para>
383 "There are several possible values for this field: `stable', `unstable', "
384 "`testing-proposed-updates' and `experimental'. Normally, packages are "
385 "uploaded into <emphasis>unstable</emphasis>."
388 # type: Content of: <chapter><section><para>
391 "Actually, there are two other possible distributions: `stable-security' and "
392 "`testing-security', but read <xref linkend=\"bug-security\"/> for more "
393 "information on those."
396 # type: Content of: <chapter><section><para>
399 "It is not possible to upload a package into several distributions at the "
403 # type: Content of: <chapter><section><section><title>
405 msgid "Special case: uploads to the <emphasis>stable</emphasis> distribution"
408 # type: Content of: <chapter><section><section><para>
411 "Uploading to <emphasis>stable</emphasis> means that the package will "
412 "transfered to the <emphasis>p-u-new</emphasis>-queue for review by the "
413 "stable release managers, and if approved will be installed in "
414 "<filename>stable-proposed-updates</filename> directory of the Debian "
415 "archive. From there, it will be included in <emphasis>stable</emphasis> "
416 "with the next point release."
419 # type: Content of: <chapter><section><section><para>
422 "Extra care should be taken when uploading to <emphasis>stable</emphasis>. "
423 "Basically, a package should only be uploaded to stable if one of the "
427 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
429 msgid "a truly critical functionality problem"
432 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
434 msgid "the package becomes uninstallable"
437 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
439 msgid "a released architecture lacks the package"
442 # type: Content of: <chapter><section><section><para>
445 "In the past, uploads to <emphasis>stable</emphasis> were used to address "
446 "security problems as well. However, this practice is deprecated, as uploads "
447 "used for Debian security advisories are automatically copied to the "
448 "appropriate <filename>proposed-updates</filename> archive when the advisory "
449 "is released. See <xref linkend=\"bug-security\"/> for detailed information "
450 "on handling security problems."
453 # type: Content of: <chapter><section><section><para>
456 "Changing anything else in the package that isn't important is discouraged, "
457 "because even trivial fixes can cause bugs later on."
460 # type: Content of: <chapter><section><section><para>
463 "Packages uploaded to <emphasis>stable</emphasis> need to be compiled on "
464 "systems running <emphasis>stable</emphasis>, so that their dependencies are "
465 "limited to the libraries (and other packages) available in "
466 "<emphasis>stable</emphasis>; for example, a package uploaded to "
467 "<emphasis>stable</emphasis> that depends on a library package that only "
468 "exists in unstable will be rejected. Making changes to dependencies of "
469 "other packages (by messing with <literal>Provides</literal> or shlibs "
470 "files), possibly making those other packages uninstallable, is strongly "
474 # type: Content of: <chapter><section><section><para>
477 "The Release Team (which can be reached at &email-debian-release;) will "
478 "regularly evaluate the uploads To "
479 "<emphasis>stable-proposed-updates</emphasis> and decide if your package can "
480 "be included in <emphasis>stable</emphasis>. Please be clear (and verbose, "
481 "if necessary) in your changelog entries for uploads to "
482 "<emphasis>stable</emphasis>, because otherwise the package won't be "
483 "considered for inclusion."
486 # type: Content of: <chapter><section><section><para>
489 "It's best practice to speak with the stable release manager "
490 "<emphasis>before</emphasis> uploading to "
491 "<emphasis>stable</emphasis>/<emphasis>stable-proposed-updates</emphasis>, so "
492 "that the uploaded package fits the needs of the next point release."
495 # type: Content of: <chapter><section><section><title>
498 "Special case: uploads to "
499 "<emphasis>testing/testing-proposed-updates</emphasis>"
502 # type: Content of: <chapter><section><section><para>
505 "Please see the information in the <link linkend=\"t-p-u\">testing "
506 "section</link> for details."
509 # type: Content of: <chapter><section><title>
511 msgid "Uploading a package"
514 # type: Content of: <chapter><section><section><title>
516 msgid "Uploading to <literal>ftp-master</literal>"
519 # type: Content of: <chapter><section><section><para>
522 "To upload a package, you should upload the files (including the signed "
523 "changes and dsc-file) with anonymous ftp to "
524 "<literal>&ftp-master-host;</literal> in the directory <ulink "
525 "url=\"ftp://&ftp-master-host;&upload-queue;\">&upload-queue;</ulink>. To "
526 "get the files processed there, they need to be signed with a key in the "
530 # type: Content of: <chapter><section><section><para>
533 "Please note that you should transfer the changes file last. Otherwise, your "
534 "upload may be rejected because the archive maintenance software will parse "
535 "the changes file and see that not all files have been uploaded."
538 # type: Content of: <chapter><section><section><para>
541 "You may also find the Debian packages <xref linkend=\"dupload\"/> or <xref "
542 "linkend=\"dput\"/> useful when uploading packages. These handy programs "
543 "help automate the process of uploading packages into Debian."
546 # type: Content of: <chapter><section><section><para>
549 "For removing packages, please see the README file in that ftp directory, and "
550 "the Debian package <xref linkend=\"dcut\"/> ."
553 # type: Content of: <chapter><section><section><title>
555 msgid "Uploading to <literal>non-US</literal>"
558 # type: Content of: <chapter><section><section><para>
561 "<emphasis>Note:</emphasis> non-us was discontinued with the release of "
565 # type: Content of: <chapter><section><section><title>
567 msgid "Delayed uploads"
570 # type: Content of: <chapter><section><section><para>
573 "Delayed uploads are done for the moment via the delayed queue at gluck. The "
574 "upload-directory is "
575 "<literal>gluck:~tfheen/DELAYED/[012345678]-day</literal>. 0-day is uploaded "
576 "multiple times per day to ftp-master."
579 # type: Content of: <chapter><section><section><para>
581 msgid "With a fairly recent dput, this section"
584 # type: Content of: <chapter><section><section><screen>
590 "fqdn = gluck.debian.org\n"
594 # type: Content of: <chapter><section><section><para>
596 msgid "in ~/.dput.cf should work fine for uploading to the DELAYED queue."
599 # type: Content of: <chapter><section><section><para>
602 "<emphasis>Note:</emphasis> Since this upload queue goes to "
603 "<literal>ftp-master</literal>, the prescription found in <xref "
604 "linkend=\"upload-ftp-master\"/> applies here as well."
607 # type: Content of: <chapter><section><section><title>
609 msgid "Security uploads"
612 # type: Content of: <chapter><section><section><para>
615 "Do <emphasis role=\"strong\">NOT</emphasis> upload a package to the security "
616 "upload queue (oldstable-security, stable-security, etc.) without prior "
617 "authorization from the security team. If the package does not exactly meet "
618 "the team's requirements, it will cause many problems and delays in dealing "
619 "with the unwanted upload. For details, please see section <xref "
620 "linkend=\"bug-security\"/> ."
623 # type: Content of: <chapter><section><section><title>
625 msgid "Other upload queues"
628 # type: Content of: <chapter><section><section><para>
631 "The scp queues on ftp-master, and security are mostly unusable due to the "
632 "login restrictions on those hosts."
635 # type: Content of: <chapter><section><section><para>
638 "The anonymous queues on ftp.uni-erlangen.de and ftp.uk.debian.org are "
639 "currently down. Work is underway to resurrect them."
642 # type: Content of: <chapter><section><section><para>
645 "The queues on master.debian.org, samosa.debian.org, master.debian.or.jp, and "
646 "ftp.chiark.greenend.org.uk are down permanently, and will not be "
647 "resurrected. The queue in Japan will be replaced with a new queue on "
648 "hp.debian.or.jp some day."
651 # type: Content of: <chapter><section><section><para>
654 "For the time being, the anonymous ftp queue on auric.debian.org (the former "
655 "ftp-master) works, but it is deprecated and will be removed at some point in "
659 # type: Content of: <chapter><section><section><title>
661 msgid "Notification that a new package has been installed"
664 # type: Content of: <chapter><section><section><para>
667 "The Debian archive maintainers are responsible for handling package "
668 "uploads. For the most part, uploads are automatically handled on a daily "
669 "basis by the archive maintenance tools, <command>katie</command>. "
670 "Specifically, updates to existing packages to the `unstable' distribution "
671 "are handled automatically. In other cases, notably new packages, placing "
672 "the uploaded package into the distribution is handled manually. When "
673 "uploads are handled manually, the change to the archive may take up to a "
674 "month to occur. Please be patient."
677 # type: Content of: <chapter><section><section><para>
680 "In any case, you will receive an email notification indicating that the "
681 "package has been added to the archive, which also indicates which bugs will "
682 "be closed by the upload. Please examine this notification carefully, "
683 "checking if any bugs you meant to close didn't get triggered."
686 # type: Content of: <chapter><section><section><para>
689 "The installation notification also includes information on what section the "
690 "package was inserted into. If there is a disparity, you will receive a "
691 "separate email notifying you of that. Read on below."
694 # type: Content of: <chapter><section><section><para>
697 "Note that if you upload via queues, the queue daemon software will also send "
698 "you a notification by email."
701 # type: Content of: <chapter><section><title>
703 msgid "Specifying the package section, subsection and priority"
706 # type: Content of: <chapter><section><para>
709 "The <filename>debian/control</filename> file's <literal>Section</literal> "
710 "and <literal>Priority</literal> fields do not actually specify where the "
711 "file will be placed in the archive, nor its priority. In order to retain "
712 "the overall integrity of the archive, it is the archive maintainers who have "
713 "control over these fields. The values in the "
714 "<filename>debian/control</filename> file are actually just hints."
717 # type: Content of: <chapter><section><para>
720 "The archive maintainers keep track of the canonical sections and priorities "
721 "for packages in the <emphasis>override file</emphasis>. If there is a "
722 "disparity between the <emphasis>override file</emphasis> and the package's "
723 "fields as indicated in <filename>debian/control</filename>, then you will "
724 "receive an email noting the divergence when the package is installed into "
725 "the archive. You can either correct your "
726 "<filename>debian/control</filename> file for your next upload, or else you "
727 "may wish to make a change in the <emphasis>override file</emphasis>."
730 # type: Content of: <chapter><section><para>
733 "To alter the actual section that a package is put in, you need to first make "
734 "sure that the <filename>debian/control</filename> file in your package is "
735 "accurate. Next, send an email &email-override; or submit a bug against "
736 "<systemitem role=\"package\">ftp.debian.org</systemitem> requesting that the "
737 "section or priority for your package be changed from the old section or "
738 "priority to the new one. Be sure to explain your reasoning."
741 # type: Content of: <chapter><section><para>
744 "For more information about <emphasis>override files</emphasis>, see "
745 "<citerefentry> <refentrytitle>dpkg-scanpackages</refentrytitle> "
746 "<manvolnum>1</manvolnum> </citerefentry> and <ulink "
747 "url=\"&url-bts-devel;#maintincorrect\"></ulink>."
750 # type: Content of: <chapter><section><para>
753 "Note that the <literal>Section</literal> field describes both the section as "
754 "well as the subsection, which are described in <xref "
755 "linkend=\"archive-sections\"/> . If the section is main, it should be "
756 "omitted. The list of allowable subsections can be found in <ulink "
757 "url=\"&url-debian-policy;ch-archive.html#s-subsections\"></ulink>."
760 # type: Content of: <chapter><section><title>
762 msgid "Handling bugs"
765 # type: Content of: <chapter><section><para>
768 "Every developer has to be able to work with the Debian <ulink "
769 "url=\"&url-bts;\">bug tracking system</ulink>. This includes knowing how to "
770 "file bug reports properly (see <xref linkend=\"submit-bug\"/> ), how to "
771 "update them and reorder them, and how to process and close them."
774 # type: Content of: <chapter><section><para>
777 "The bug tracking system's features are described in the <ulink "
778 "url=\"&url-bts-devel;\">BTS documentation for developers</ulink>. This "
779 "includes closing bugs, sending followup messages, assigning severities and "
780 "tags, marking bugs as forwarded, and other issues."
783 # type: Content of: <chapter><section><para>
786 "Operations such as reassigning bugs to other packages, merging separate bug "
787 "reports about the same issue, or reopening bugs when they are prematurely "
788 "closed, are handled using the so-called control mail server. All of the "
789 "commands available on this server are described in the <ulink "
790 "url=\"&url-bts-control;\">BTS control server documentation</ulink>."
793 # type: Content of: <chapter><section><section><title>
795 msgid "Monitoring bugs"
798 # type: Content of: <chapter><section><section><para>
801 "If you want to be a good maintainer, you should periodically check the "
802 "<ulink url=\"&url-bts;\">Debian bug tracking system (BTS)</ulink> for your "
803 "packages. The BTS contains all the open bugs against your packages. You "
804 "can check them by browsing this page: "
805 "<literal>http://&bugs-host;/<replaceable>yourlogin</replaceable>@debian.org</literal>."
808 # type: Content of: <chapter><section><section><para>
811 "Maintainers interact with the BTS via email addresses at "
812 "<literal>&bugs-host;</literal>. Documentation on available commands can be "
813 "found at <ulink url=\"&url-bts;\"></ulink>, or, if you have installed the "
814 "<systemitem role=\"package\">doc-debian</systemitem> package, you can look "
815 "at the local files &file-bts-docs;."
818 # type: Content of: <chapter><section><section><para>
821 "Some find it useful to get periodic reports on open bugs. You can add a "
822 "cron job such as the following if you want to get a weekly email outlining "
823 "all the open bugs against your packages:"
826 # type: Content of: <chapter><section><section><screen>
830 "# ask for weekly reports of bugs in my packages\n"
834 # type: Content of: <chapter><section><section><para>
837 "Replace <replaceable>address</replaceable> with your official Debian "
838 "maintainer address."
841 # type: Content of: <chapter><section><section><title>
843 msgid "Responding to bugs"
846 # type: Content of: <chapter><section><section><para>
849 "When responding to bugs, make sure that any discussion you have about bugs "
850 "is sent both to the original submitter of the bug, and to the bug itself "
851 "(e.g., <email>123@&bugs-host;</email>). If you're writing a new mail and "
852 "you don't remember the submitter email address, you can use the "
853 "<email>123-submitter@&bugs-host;</email> email to contact the submitter "
854 "<emphasis>and</emphasis> to record your mail within the bug log (that means "
855 "you don't need to send a copy of the mail to "
856 "<email>123@&bugs-host;</email>)."
859 # type: Content of: <chapter><section><section><para>
862 "If you get a bug which mentions FTBFS, this means Fails to build from "
863 "source. Porters frequently use this acronym."
866 # type: Content of: <chapter><section><section><para>
869 "Once you've dealt with a bug report (e.g. fixed it), mark it as "
870 "<emphasis>done</emphasis> (close it) by sending an explanation message to "
871 "<email>123-done@&bugs-host;</email>. If you're fixing a bug by changing and "
872 "uploading the package, you can automate bug closing as described in <xref "
873 "linkend=\"upload-bugfix\"/> ."
876 # type: Content of: <chapter><section><section><para>
879 "You should <emphasis>never</emphasis> close bugs via the bug server "
880 "<literal>close</literal> command sent to &email-bts-control;. If you do so, "
881 "the original submitter will not receive any information about why the bug "
885 # type: Content of: <chapter><section><section><title>
887 msgid "Bug housekeeping"
890 # type: Content of: <chapter><section><section><para>
893 "As a package maintainer, you will often find bugs in other packages or have "
894 "bugs reported against your packages which are actually bugs in other "
895 "packages. The bug tracking system's features are described in the <ulink "
896 "url=\"&url-bts-devel;\">BTS documentation for Debian developers</ulink>. "
897 "Operations such as reassigning, merging, and tagging bug reports are "
898 "described in the <ulink url=\"&url-bts-control;\">BTS control server "
899 "documentation</ulink>. This section contains some guidelines for managing "
900 "your own bugs, based on the collective Debian developer experience."
903 # type: Content of: <chapter><section><section><para>
906 "Filing bugs for problems that you find in other packages is one of the civic "
907 "obligations of maintainership, see <xref linkend=\"submit-bug\"/> for "
908 "details. However, handling the bugs in your own packages is even more "
912 # type: Content of: <chapter><section><section><para>
914 msgid "Here's a list of steps that you may follow to handle a bug report:"
917 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
920 "Decide whether the report corresponds to a real bug or not. Sometimes users "
921 "are just calling a program in the wrong way because they haven't read the "
922 "documentation. If you diagnose this, just close the bug with enough "
923 "information to let the user correct their problem (give pointers to the good "
924 "documentation and so on). If the same report comes up again and again you "
925 "may ask yourself if the documentation is good enough or if the program "
926 "shouldn't detect its misuse in order to give an informative error message. "
927 "This is an issue that may need to be brought up with the upstream author."
930 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
933 "If the bug submitter disagrees with your decision to close the bug, they may "
934 "reopen it until you find an agreement on how to handle it. If you don't "
935 "find any, you may want to tag the bug <literal>wontfix</literal> to let "
936 "people know that the bug exists but that it won't be corrected. If this "
937 "situation is unacceptable, you (or the submitter) may want to require a "
938 "decision of the technical committee by reassigning the bug to <systemitem "
939 "role=\"package\">tech-ctte</systemitem> (you may use the clone command of "
940 "the BTS if you wish to keep it reported against your package). Before doing "
941 "so, please read the <ulink url=\"&url-tech-ctte;\">recommended "
945 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
948 "If the bug is real but it's caused by another package, just reassign the bug "
949 "to the right package. If you don't know which package it should be "
950 "reassigned to, you should ask for help on <link "
951 "linkend=\"irc-channels\">IRC</link> or on &email-debian-devel;. Please make "
952 "sure that the maintainer(s) of the package the bug is reassigned to know why "
956 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
959 "Sometimes you also have to adjust the severity of the bug so that it matches "
960 "our definition of the severity. That's because people tend to inflate the "
961 "severity of bugs to make sure their bugs are fixed quickly. Some bugs may "
962 "even be dropped to wishlist severity when the requested change is just "
966 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
969 "If the bug is real but the same problem has already been reported by someone "
970 "else, then the two relevant bug reports should be merged into one using the "
971 "merge command of the BTS. In this way, when the bug is fixed, all of the "
972 "submitters will be informed of this. (Note, however, that emails sent to "
973 "one bug report's submitter won't automatically be sent to the other report's "
974 "submitter.) For more details on the technicalities of the merge command and "
975 "its relative, the unmerge command, see the BTS control server documentation."
978 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
981 "The bug submitter may have forgotten to provide some information, in which "
982 "case you have to ask them for the required information. You may use the "
983 "<literal>moreinfo</literal> tag to mark the bug as such. Moreover if you "
984 "can't reproduce the bug, you tag it <literal>unreproducible</literal>. "
985 "Anyone who can reproduce the bug is then invited to provide more information "
986 "on how to reproduce it. After a few months, if this information has not "
987 "been sent by someone, the bug may be closed."
990 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
993 "If the bug is related to the packaging, you just fix it. If you are not "
994 "able to fix it yourself, then tag the bug as <literal>help</literal>. You "
995 "can also ask for help on &email-debian-devel; or &email-debian-qa;. If it's "
996 "an upstream problem, you have to forward it to the upstream author. "
997 "Forwarding a bug is not enough, you have to check at each release if the bug "
998 "has been fixed or not. If it has, you just close it, otherwise you have to "
999 "remind the author about it. If you have the required skills you can prepare "
1000 "a patch that fixes the bug and send it to the author at the same time. Make "
1001 "sure to send the patch to the BTS and to tag the bug as "
1002 "<literal>patch</literal>."
1005 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1008 "If you have fixed a bug in your local copy, or if a fix has been committed "
1009 "to the CVS repository, you may tag the bug as <literal>pending</literal> to "
1010 "let people know that the bug is corrected and that it will be closed with "
1011 "the next upload (add the <literal>closes:</literal> in the "
1012 "<filename>changelog</filename>). This is particularly useful if you are "
1013 "several developers working on the same package."
1016 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1019 "Once a corrected package is available in the <emphasis>unstable</emphasis> "
1020 "distribution, you can close the bug. This can be done automatically, read "
1021 "<xref linkend=\"upload-bugfix\"/> ."
1024 # type: Content of: <chapter><section><section><title>
1026 msgid "When bugs are closed by new uploads"
1029 # type: Content of: <chapter><section><section><para>
1032 "As bugs and problems are fixed in your packages, it is your responsibility "
1033 "as the package maintainer to close these bugs. However, you should not "
1034 "close a bug until the package which fixes the bug has been accepted into the "
1035 "Debian archive. Therefore, once you get notification that your updated "
1036 "package has been installed into the archive, you can and should close the "
1037 "bug in the BTS. Also, the bug should be closed with the correct version."
1040 # type: Content of: <chapter><section><section><para>
1043 "However, it's possible to avoid having to manually close bugs after the "
1044 "upload — just list the fixed bugs in your "
1045 "<filename>debian/changelog</filename> file, following a certain syntax, and "
1046 "the archive maintenance software will close the bugs for you. For example:"
1049 # type: Content of: <chapter><section><section><screen>
1053 "acme-cannon (3.1415) unstable; urgency=low\n"
1055 " * Frobbed with options (closes: Bug#98339)\n"
1056 " * Added safety to prevent operator dismemberment, closes: bug#98765,\n"
1057 " bug#98713, #98714.\n"
1058 " * Added man page. Closes: #98725."
1061 # type: Content of: <chapter><section><section><para>
1064 "Technically speaking, the following Perl regular expression describes how "
1065 "bug closing changelogs are identified:"
1068 # type: Content of: <chapter><section><section><screen>
1071 msgid "/closes:\\s*(?:bug)?\\#\\s*\\d+(?:,\\s*(?:bug)?\\#\\s*\\d+)*/ig"
1074 # type: Content of: <chapter><section><section><para>
1077 "We prefer the <literal>closes: #<replaceable>XXX</replaceable></literal> "
1078 "syntax, as it is the most concise entry and the easiest to integrate with "
1079 "the text of the <filename>changelog</filename>. Unless specified different "
1080 "by the <replaceable>-v</replaceable>-switch to "
1081 "<command>dpkg-buildpackage</command>, only the bugs closed in the most "
1082 "recent changelog entry are closed (basically, exactly the bugs mentioned in "
1083 "the changelog-part in the <filename>.changes</filename> file are closed)."
1086 # type: Content of: <chapter><section><section><para>
1089 "Historically, uploads identified as <link linkend=\"nmu\">Non-maintainer "
1090 "upload (NMU)</link> were tagged <literal>fixed</literal> instead of being "
1091 "closed, but that practice was ceased with the advent of version-tracking. "
1092 "The same applied to the tag <literal>fixed-in-experimental</literal>."
1095 # type: Content of: <chapter><section><section><para>
1098 "If you happen to mistype a bug number or forget a bug in the changelog "
1099 "entries, don't hesitate to undo any damage the error caused. To reopen "
1100 "wrongly closed bugs, send a <literal>reopen "
1101 "<replaceable>XXX</replaceable></literal> command to the bug tracking "
1102 "system's control address, &email-bts-control;. To close any remaining bugs "
1103 "that were fixed by your upload, email the <filename>.changes</filename> file "
1104 "to <email>XXX-done@&bugs-host;</email>, where <replaceable>XXX</replaceable> "
1105 "is the bug number, and put Version: YYY and an empty line as the first two "
1106 "lines of the body of the email, where <replaceable>YYY</replaceable> is the "
1107 "first version where the bug has been fixed."
1110 # type: Content of: <chapter><section><section><para>
1113 "Bear in mind that it is not obligatory to close bugs using the changelog as "
1114 "described above. If you simply want to close bugs that don't have anything "
1115 "to do with an upload you made, do it by emailing an explanation to "
1116 "<email>XXX-done@&bugs-host;</email>. Do <emphasis "
1117 "role=\"strong\">not</emphasis> close bugs in the changelog entry of a "
1118 "version if the changes in that version of the package don't have any bearing "
1122 # type: Content of: <chapter><section><section><para>
1125 "For general information on how to write your changelog entries, see <xref "
1126 "linkend=\"bpp-debian-changelog\"/> ."
1129 # type: Content of: <chapter><section><section><title>
1131 msgid "Handling security-related bugs"
1134 # type: Content of: <chapter><section><section><para>
1137 "Due to their sensitive nature, security-related bugs must be handled "
1138 "carefully. The Debian Security Team exists to coordinate this activity, "
1139 "keeping track of outstanding security problems, helping maintainers with "
1140 "security problems or fixing them themselves, sending security advisories, "
1141 "and maintaining security.debian.org."
1144 # type: Content of: <chapter><section><section><para>
1147 "When you become aware of a security-related bug in a Debian package, whether "
1148 "or not you are the maintainer, collect pertinent information about the "
1149 "problem, and promptly contact the security team at &email-security-team; as "
1150 "soon as possible. <emphasis role=\"strong\">DO NOT UPLOAD</emphasis> any "
1151 "packages for stable; the security team will do that. Useful information "
1152 "includes, for example:"
1155 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1158 "Which versions of the package are known to be affected by the bug. Check "
1159 "each version that is present in a supported Debian release, as well as "
1160 "testing and unstable."
1163 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1165 msgid "The nature of the fix, if any is available (patches are especially helpful)"
1168 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1171 "Any fixed packages that you have prepared yourself (send only the "
1172 "<literal>.diff.gz</literal> and <literal>.dsc</literal> files and read <xref "
1173 "linkend=\"bug-security-building\"/> first)"
1176 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1179 "Any assistance you can provide to help with testing (exploits, regression "
1183 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1186 "Any information needed for the advisory (see <xref "
1187 "linkend=\"bug-security-advisories\"/> )"
1190 # type: Content of: <chapter><section><section><section><title>
1192 msgid "Confidentiality"
1195 # type: Content of: <chapter><section><section><section><para>
1198 "Unlike most other activities within Debian, information about security "
1199 "issues must sometimes be kept private for a time. This allows software "
1200 "distributors to coordinate their disclosure in order to minimize their "
1201 "users' exposure. Whether this is the case depends on the nature of the "
1202 "problem and corresponding fix, and whether it is already a matter of public "
1206 # type: Content of: <chapter><section><section><section><para>
1208 msgid "There are several ways developers can learn of a security problem:"
1211 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1213 msgid "they notice it on a public forum (mailing list, web site, etc.)"
1216 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1218 msgid "someone files a bug report"
1221 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1223 msgid "someone informs them via private email"
1226 # type: Content of: <chapter><section><section><section><para>
1229 "In the first two cases, the information is public and it is important to "
1230 "have a fix as soon as possible. In the last case, however, it might not be "
1231 "public information. In that case there are a few possible options for "
1232 "dealing with the problem:"
1235 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1238 "If the security exposure is minor, there is sometimes no need to keep the "
1239 "problem a secret and a fix should be made and released."
1242 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1245 "If the problem is severe, it is preferable to share the information with "
1246 "other vendors and coordinate a release. The security team keeps in contact "
1247 "with the various organizations and individuals and can take care of that."
1250 # type: Content of: <chapter><section><section><section><para>
1253 "In all cases if the person who reports the problem asks that it not be "
1254 "disclosed, such requests should be honored, with the obvious exception of "
1255 "informing the security team in order that a fix may be produced for a stable "
1256 "release of Debian. When sending confidential information to the security "
1257 "team, be sure to mention this fact."
1260 # type: Content of: <chapter><section><section><section><para>
1263 "Please note that if secrecy is needed you may not upload a fix to unstable "
1264 "(or anywhere else, such as a public CVS repository). It is not sufficient "
1265 "to obfuscate the details of the change, as the code itself is public, and "
1266 "can (and will) be examined by the general public."
1269 # type: Content of: <chapter><section><section><section><para>
1272 "There are two reasons for releasing information even though secrecy is "
1273 "requested: the problem has been known for a while, or the problem or exploit "
1274 "has become public."
1277 # type: Content of: <chapter><section><section><section><title>
1279 msgid "Security Advisories"
1282 # type: Content of: <chapter><section><section><section><para>
1285 "Security advisories are only issued for the current, released stable "
1286 "distribution, and <emphasis>not</emphasis> for testing or unstable. When "
1287 "released, advisories are sent to the &email-debian-security-announce; "
1288 "mailing list and posted on <ulink "
1289 "url=\"&url-debian-security-advisories;\">the security web page</ulink>. "
1290 "Security advisories are written and posted by the security team. However "
1291 "they certainly do not mind if a maintainer can supply some of the "
1292 "information for them, or write part of the text. Information that should be "
1293 "in an advisory includes:"
1296 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1298 msgid "A description of the problem and its scope, including:"
1301 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1303 msgid "The type of problem (privilege escalation, denial of service, etc.)"
1306 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1308 msgid "What privileges may be gained, and by whom (if any)"
1311 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1313 msgid "How it can be exploited"
1316 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1318 msgid "Whether it is remotely or locally exploitable"
1321 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1323 msgid "How the problem was fixed"
1326 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1328 msgid "This information allows users to assess the threat to their systems."
1331 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1333 msgid "Version numbers of affected packages"
1336 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1338 msgid "Version numbers of fixed packages"
1341 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1344 "Information on where to obtain the updated packages (usually from the Debian "
1348 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1351 "References to upstream advisories, <ulink "
1352 "url=\"http://cve.mitre.org\">CVE</ulink> identifiers, and any other "
1353 "information useful in cross-referencing the vulnerability"
1356 # type: Content of: <chapter><section><section><section><title>
1358 msgid "Preparing packages to address security issues"
1361 # type: Content of: <chapter><section><section><section><para>
1364 "One way that you can assist the security team in their duties is to provide "
1365 "them with fixed packages suitable for a security advisory for the stable "
1369 # type: Content of: <chapter><section><section><section><para>
1372 "When an update is made to the stable release, care must be taken to avoid "
1373 "changing system behavior or introducing new bugs. In order to do this, make "
1374 "as few changes as possible to fix the bug. Users and administrators rely on "
1375 "the exact behavior of a release once it is made, so any change that is made "
1376 "might break someone's system. This is especially true of libraries: make "
1377 "sure you never change the API or ABI, no matter how small the change."
1380 # type: Content of: <chapter><section><section><section><para>
1383 "This means that moving to a new upstream version is not a good solution. "
1384 "Instead, the relevant changes should be back-ported to the version present "
1385 "in the current stable Debian release. Generally, upstream maintainers are "
1386 "willing to help if needed. If not, the Debian security team may be able to "
1390 # type: Content of: <chapter><section><section><section><para>
1393 "In some cases, it is not possible to back-port a security fix, for example "
1394 "when large amounts of source code need to be modified or rewritten. If this "
1395 "happens, it may be necessary to move to a new upstream version. However, "
1396 "this is only done in extreme situations, and you must always coordinate that "
1397 "with the security team beforehand."
1400 # type: Content of: <chapter><section><section><section><para>
1403 "Related to this is another important guideline: always test your changes. "
1404 "If you have an exploit available, try it and see if it indeed succeeds on "
1405 "the unpatched package and fails on the fixed package. Test other, normal "
1406 "actions as well, as sometimes a security fix can break seemingly unrelated "
1407 "features in subtle ways."
1410 # type: Content of: <chapter><section><section><section><para>
1413 "Do <emphasis role=\"strong\">NOT</emphasis> include any changes in your "
1414 "package which are not directly related to fixing the vulnerability. These "
1415 "will only need to be reverted, and this wastes time. If there are other "
1416 "bugs in your package that you would like to fix, make an upload to "
1417 "proposed-updates in the usual way, after the security advisory is issued. "
1418 "The security update mechanism is not a means for introducing changes to your "
1419 "package which would otherwise be rejected from the stable release, so please "
1420 "do not attempt to do this."
1423 # type: Content of: <chapter><section><section><section><para>
1426 "Review and test your changes as much as possible. Check the differences "
1427 "from the previous version repeatedly (<command>interdiff</command> from the "
1428 "<systemitem role=\"package\">patchutils</systemitem> package and "
1429 "<command>debdiff</command> from <systemitem "
1430 "role=\"package\">devscripts</systemitem> are useful tools for this, see "
1431 "<xref linkend=\"debdiff\"/> )."
1434 # type: Content of: <chapter><section><section><section><para>
1436 msgid "Be sure to verify the following items:"
1439 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1442 "Target the right distribution in your "
1443 "<filename>debian/changelog</filename>. For stable this is "
1444 "<literal>stable-security</literal> and for testing this is "
1445 "<literal>testing-security</literal>, and for the previous stable release, "
1446 "this is <literal>oldstable-security</literal>. Do not target "
1447 "<replaceable>distribution</replaceable>-proposed-updates or "
1448 "<literal>stable</literal>!"
1451 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1453 msgid "The upload should have urgency=high."
1456 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1459 "Make descriptive, meaningful changelog entries. Others will rely on them to "
1460 "determine whether a particular bug was fixed. Always include an external "
1461 "reference, preferably a CVE identifier, so that it can be cross-referenced. "
1462 "Include the same information in the changelog for unstable, so that it is "
1463 "clear that the same bug was fixed, as this is very helpful when verifying "
1464 "that the bug is fixed in the next stable release. If a CVE identifier has "
1465 "not yet been assigned, the security team will request one so that it can be "
1466 "included in the package and in the advisory."
1469 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1472 "Make sure the version number is proper. It must be greater than the current "
1473 "package, but less than package versions in later distributions. If in "
1474 "doubt, test it with <literal>dpkg --compare-versions</literal>. Be careful "
1475 "not to re-use a version number that you have already used for a previous "
1476 "upload. For <emphasis>testing</emphasis>, there must be a higher version in "
1477 "<emphasis>unstable</emphasis>. If there is none yet (for example, if "
1478 "<emphasis>testing</emphasis> and <emphasis>unstable</emphasis> have the same "
1479 "version) you must upload a new version to unstable first."
1482 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1485 "Do not make source-only uploads if your package has any binary-all packages "
1486 "(do not use the <literal>-S</literal> option to "
1487 "<command>dpkg-buildpackage</command>). The <command>buildd</command> "
1488 "infrastructure will not build those. This point applies to normal package "
1492 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1495 "Unless the upstream source has been uploaded to security.debian.org before "
1496 "(by a previous security update), build the upload with full upstream source "
1497 "(<literal>dpkg-buildpackage -sa</literal>). If there has been a previous "
1498 "upload to security.debian.org with the same upstream version, you may upload "
1499 "without upstream source (<literal>dpkg-buildpackage -sd</literal>)."
1502 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1505 "Be sure to use the exact same <filename>*.orig.tar.gz</filename> as used in "
1506 "the normal archive, otherwise it is not possible to move the security fix "
1507 "into the main archives later."
1510 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1513 "Build the package on a clean system which only has packages installed from "
1514 "the distribution you are building for. If you do not have such a system "
1515 "yourself, you can use a debian.org machine (see <xref "
1516 "linkend=\"server-machines\"/> ) or setup a chroot (see <xref "
1517 "linkend=\"pbuilder\"/> and <xref linkend=\"debootstrap\"/> )."
1520 # type: Content of: <chapter><section><section><section><title>
1522 msgid "Uploading the fixed package"
1525 # type: Content of: <chapter><section><section><section><para>
1528 "Do <emphasis role=\"strong\">NOT</emphasis> upload a package to the security "
1529 "upload queue (oldstable-security, stable-security, etc.) without prior "
1530 "authorization from the security team. If the package does not exactly meet "
1531 "the team's requirements, it will cause many problems and delays in dealing "
1532 "with the unwanted upload."
1535 # type: Content of: <chapter><section><section><section><para>
1538 "Do <emphasis role=\"strong\">NOT</emphasis> upload your fix to "
1539 "proposed-updates without coordinating with the security team. Packages from "
1540 "security.debian.org will be copied into the proposed-updates directory "
1541 "automatically. If a package with the same or a higher version number is "
1542 "already installed into the archive, the security update will be rejected by "
1543 "the archive system. That way, the stable distribution will end up without a "
1544 "security update for this package instead."
1547 # type: Content of: <chapter><section><section><section><para>
1550 "Once you have created and tested the new package and it has been approved by "
1551 "the security team, it needs to be uploaded so that it can be installed in "
1552 "the archives. For security uploads, the place to upload to is "
1553 "<literal>ftp://security-master.debian.org/pub/SecurityUploadQueue/</literal> "
1557 # type: Content of: <chapter><section><section><section><para>
1560 "Once an upload to the security queue has been accepted, the package will "
1561 "automatically be rebuilt for all architectures and stored for verification "
1562 "by the security team."
1565 # type: Content of: <chapter><section><section><section><para>
1568 "Uploads which are waiting for acceptance or verification are only accessible "
1569 "by the security team. This is necessary since there might be fixes for "
1570 "security problems that cannot be disclosed yet."
1573 # type: Content of: <chapter><section><section><section><para>
1576 "If a member of the security team accepts a package, it will be installed on "
1577 "security.debian.org as well as proposed for the proper "
1578 "<replaceable>distribution</replaceable>-proposed-updates on ftp-master."
1581 # type: Content of: <chapter><section><title>
1583 msgid "Moving, removing, renaming, adopting, and orphaning packages"
1586 # type: Content of: <chapter><section><para>
1589 "Some archive manipulation operations are not automated in the Debian upload "
1590 "process. These procedures should be manually followed by maintainers. This "
1591 "chapter gives guidelines on what to do in these cases."
1594 # type: Content of: <chapter><section><section><title>
1596 msgid "Moving packages"
1599 # type: Content of: <chapter><section><section><para><footnote>
1602 "Sometimes a package will change its section. For instance, a package from "
1603 "the `non-free' section might be GPL'd in a later version, in which case the "
1604 "package should be moved to `main' or `contrib'.<footnote>"
1607 # type: Content of: <chapter><section><section><para><footnote><para>
1610 "See the <ulink url=\"&url-debian-policy;\">Debian Policy Manual</ulink> for "
1611 "guidelines on what section a package belongs in."
1614 # type: Content of: <chapter><section><section><para>
1617 "If you need to change the section for one of your packages, change the "
1618 "package control information to place the package in the desired section, and "
1619 "re-upload the package (see the <ulink url=\"&url-debian-policy;\">Debian "
1620 "Policy Manual</ulink> for details). You must ensure that you include the "
1621 "<filename>.orig.tar.gz</filename> in your upload (even if you are not "
1622 "uploading a new upstream version), or it will not appear in the new section "
1623 "together with the rest of the package. If your new section is valid, it "
1624 "will be moved automatically. If it does not, then contact the ftpmasters in "
1625 "order to understand what happened."
1628 # type: Content of: <chapter><section><section><para>
1631 "If, on the other hand, you need to change the "
1632 "<emphasis>subsection</emphasis> of one of your packages (e.g., ``devel'', "
1633 "``admin''), the procedure is slightly different. Correct the subsection as "
1634 "found in the control file of the package, and re-upload that. Also, you'll "
1635 "need to get the override file updated, as described in <xref "
1636 "linkend=\"override-file\"/> ."
1639 # type: Content of: <chapter><section><section><title>
1641 msgid "Removing packages"
1644 # type: Content of: <chapter><section><section><para>
1647 "If for some reason you want to completely remove a package (say, if it is an "
1648 "old compatibility library which is no longer required), you need to file a "
1649 "bug against <literal>ftp.debian.org</literal> asking that the package be "
1650 "removed; as all bugs, this bug should normally have normal severity. Make "
1651 "sure you indicate which distribution the package should be removed from. "
1652 "Normally, you can only have packages removed from "
1653 "<emphasis>unstable</emphasis> and <emphasis>experimental</emphasis>. "
1654 "Packages are not removed from <emphasis>testing</emphasis> directly. "
1655 "Rather, they will be removed automatically after the package has been "
1656 "removed from <emphasis>unstable</emphasis> and no package in "
1657 "<emphasis>testing</emphasis> depends on it."
1660 # type: Content of: <chapter><section><section><para>
1663 "There is one exception when an explicit removal request is not necessary: If "
1664 "a (source or binary) package is an orphan, it will be removed "
1665 "semi-automatically. For a binary-package, this means if there is no longer "
1666 "any source package producing this binary package; if the binary package is "
1667 "just no longer produced on some architectures, a removal request is still "
1668 "necessary. For a source-package, this means that all binary packages it "
1669 "refers to have been taken over by another source package."
1672 # type: Content of: <chapter><section><section><para>
1675 "In your removal request, you have to detail the reasons justifying the "
1676 "request. This is to avoid unwanted removals and to keep a trace of why a "
1677 "package has been removed. For example, you can provide the name of the "
1678 "package that supersedes the one to be removed."
1681 # type: Content of: <chapter><section><section><para>
1684 "Usually you only ask for the removal of a package maintained by yourself. "
1685 "If you want to remove another package, you have to get the approval of its "
1689 # type: Content of: <chapter><section><section><para>
1692 "Further information relating to these and other package removal related "
1693 "topics may be found at <ulink "
1694 "url=\"http://wiki.debian.org/ftpmaster_Removals\"></ulink> and <ulink "
1695 "url=\"&url-debian-qa;howto-remove.html\"></ulink>."
1698 # type: Content of: <chapter><section><section><para>
1701 "If in doubt concerning whether a package is disposable, email "
1702 "&email-debian-devel; asking for opinions. Also of interest is the "
1703 "<command>apt-cache</command> program from the <systemitem "
1704 "role=\"package\">apt</systemitem> package. When invoked as "
1705 "<literal>apt-cache showpkg <replaceable>package</replaceable></literal>, the "
1706 "program will show details for <replaceable>package</replaceable>, including "
1707 "reverse depends. Other useful programs include <literal>apt-cache "
1708 "rdepends</literal>, <command>apt-rdepends</command> and "
1709 "<command>grep-dctrl</command>. Removal of orphaned packages is discussed on "
1710 "&email-debian-qa;."
1713 # type: Content of: <chapter><section><section><para>
1716 "Once the package has been removed, the package's bugs should be handled. "
1717 "They should either be reassigned to another package in the case where the "
1718 "actual code has evolved into another package (e.g. "
1719 "<literal>libfoo12</literal> was removed because <literal>libfoo13</literal> "
1720 "supersedes it) or closed if the software is simply no longer part of Debian."
1723 # type: Content of: <chapter><section><section><section><title>
1725 msgid "Removing packages from <filename>Incoming</filename>"
1728 # type: Content of: <chapter><section><section><section><para>
1731 "In the past, it was possible to remove packages from "
1732 "<filename>incoming</filename>. However, with the introduction of the new "
1733 "incoming system, this is no longer possible. Instead, you have to upload a "
1734 "new revision of your package with a higher version than the package you want "
1735 "to replace. Both versions will be installed in the archive but only the "
1736 "higher version will actually be available in <emphasis>unstable</emphasis> "
1737 "since the previous version will immediately be replaced by the higher. "
1738 "However, if you do proper testing of your packages, the need to replace a "
1739 "package should not occur too often anyway."
1742 # type: Content of: <chapter><section><section><title>
1744 msgid "Replacing or renaming packages"
1747 # type: Content of: <chapter><section><section><para>
1750 "When you make a mistake naming your package, you should follow a two-step "
1751 "process to rename it. First, set your <filename>debian/control</filename> "
1752 "file to replace and conflict with the obsolete name of the package (see the "
1753 "<ulink url=\"&url-debian-policy;\">Debian Policy Manual</ulink> for "
1754 "details). Once you've uploaded the package and the package has moved into "
1755 "the archive, file a bug against <literal>ftp.debian.org</literal> asking to "
1756 "remove the package with the obsolete name. Do not forget to properly "
1757 "reassign the package's bugs at the same time."
1760 # type: Content of: <chapter><section><section><para>
1763 "At other times, you may make a mistake in constructing your package and wish "
1764 "to replace it. The only way to do this is to increase the version number "
1765 "and upload a new version. The old version will be expired in the usual "
1766 "manner. Note that this applies to each part of your package, including the "
1767 "sources: if you wish to replace the upstream source tarball of your package, "
1768 "you will need to upload it with a different version. An easy possibility is "
1769 "to replace <filename>foo_1.00.orig.tar.gz</filename> with "
1770 "<filename>foo_1.00+0.orig.tar.gz</filename>. This restriction gives each "
1771 "file on the ftp site a unique name, which helps to ensure consistency across "
1772 "the mirror network."
1775 # type: Content of: <chapter><section><section><title>
1777 msgid "Orphaning a package"
1780 # type: Content of: <chapter><section><section><para>
1783 "If you can no longer maintain a package, you need to inform others, and see "
1784 "that the package is marked as orphaned. You should set the package "
1785 "maintainer to <literal>Debian QA Group &orphan-address;</literal> and submit "
1786 "a bug report against the pseudo package <systemitem "
1787 "role=\"package\">wnpp</systemitem>. The bug report should be titled "
1788 "<literal>O: <replaceable>package</replaceable> -- <replaceable>short "
1789 "description</replaceable></literal> indicating that the package is now "
1790 "orphaned. The severity of the bug should be set to "
1791 "<emphasis>normal</emphasis>; if the package has a priority of standard or "
1792 "higher, it should be set to important. If you feel it's necessary, send a "
1793 "copy to &email-debian-devel; by putting the address in the X-Debbugs-CC: "
1794 "header of the message (no, don't use CC:, because that way the message's "
1795 "subject won't indicate the bug number)."
1798 # type: Content of: <chapter><section><section><para>
1801 "If you just intend to give the package away, but you can keep maintainership "
1802 "for the moment, then you should instead submit a bug against <systemitem "
1803 "role=\"package\">wnpp</systemitem> and title it <literal>RFA: "
1804 "<replaceable>package</replaceable> -- <replaceable>short "
1805 "description</replaceable></literal>. <literal>RFA</literal> stands for "
1806 "<emphasis>Request For Adoption</emphasis>."
1809 # type: Content of: <chapter><section><section><para>
1811 msgid "More information is on the <ulink url=\"&url-wnpp;\">WNPP web pages</ulink>."
1814 # type: Content of: <chapter><section><section><title>
1816 msgid "Adopting a package"
1819 # type: Content of: <chapter><section><section><para>
1822 "A list of packages in need of a new maintainer is available in the <ulink "
1823 "url=\"&url-wnpp;\">Work-Needing and Prospective Packages list "
1824 "(WNPP)</ulink>. If you wish to take over maintenance of any of the packages "
1825 "listed in the WNPP, please take a look at the aforementioned page for "
1826 "information and procedures."
1829 # type: Content of: <chapter><section><section><para>
1832 "It is not OK to simply take over a package that you feel is neglected — that "
1833 "would be package hijacking. You can, of course, contact the current "
1834 "maintainer and ask them if you may take over the package. If you have "
1835 "reason to believe a maintainer has gone AWOL (absent without leave), see "
1836 "<xref linkend=\"mia-qa\"/> ."
1839 # type: Content of: <chapter><section><section><para>
1842 "Generally, you may not take over the package without the assent of the "
1843 "current maintainer. Even if they ignore you, that is still not grounds to "
1844 "take over a package. Complaints about maintainers should be brought up on "
1845 "the developers' mailing list. If the discussion doesn't end with a positive "
1846 "conclusion, and the issue is of a technical nature, consider bringing it to "
1847 "the attention of the technical committee (see the <ulink "
1848 "url=\"&url-tech-ctte;\">technical committee web page</ulink> for more "
1852 # type: Content of: <chapter><section><section><para>
1855 "If you take over an old package, you probably want to be listed as the "
1856 "package's official maintainer in the bug system. This will happen "
1857 "automatically once you upload a new version with an updated "
1858 "<literal>Maintainer:</literal> field, although it can take a few hours after "
1859 "the upload is done. If you do not expect to upload a new version for a "
1860 "while, you can use <xref linkend=\"pkg-tracking-system\"/> to get the bug "
1861 "reports. However, make sure that the old maintainer has no problem with the "
1862 "fact that they will continue to receive the bugs during that time."
1865 # type: Content of: <chapter><section><title>
1867 msgid "Porting and being ported"
1870 # type: Content of: <chapter><section><para>
1873 "Debian supports an ever-increasing number of architectures. Even if you are "
1874 "not a porter, and you don't use any architecture but one, it is part of your "
1875 "duty as a maintainer to be aware of issues of portability. Therefore, even "
1876 "if you are not a porter, you should read most of this chapter."
1879 # type: Content of: <chapter><section><para>
1882 "Porting is the act of building Debian packages for architectures that are "
1883 "different from the original architecture of the package maintainer's binary "
1884 "package. It is a unique and essential activity. In fact, porters do most "
1885 "of the actual compiling of Debian packages. For instance, for a single "
1886 "<emphasis>i386</emphasis> binary package, there must be a recompile for each "
1887 "architecture, which amounts to &number-of-arches; more builds."
1890 # type: Content of: <chapter><section><section><title>
1892 msgid "Being kind to porters"
1895 # type: Content of: <chapter><section><section><para>
1898 "Porters have a difficult and unique task, since they are required to deal "
1899 "with a large volume of packages. Ideally, every source package should build "
1900 "right out of the box. Unfortunately, this is often not the case. This "
1901 "section contains a checklist of ``gotchas'' often committed by Debian "
1902 "maintainers — common problems which often stymie porters, and make their "
1903 "jobs unnecessarily difficult."
1906 # type: Content of: <chapter><section><section><para>
1909 "The first and most important thing is to respond quickly to bug or issues "
1910 "raised by porters. Please treat porters with courtesy, as if they were in "
1911 "fact co-maintainers of your package (which, in a way, they are). Please be "
1912 "tolerant of succinct or even unclear bug reports; do your best to hunt down "
1913 "whatever the problem is."
1916 # type: Content of: <chapter><section><section><para>
1919 "By far, most of the problems encountered by porters are caused by "
1920 "<emphasis>packaging bugs</emphasis> in the source packages. Here is a "
1921 "checklist of things you should check or be aware of."
1924 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1927 "Make sure that your <literal>Build-Depends</literal> and "
1928 "<literal>Build-Depends-Indep</literal> settings in "
1929 "<filename>debian/control</filename> are set properly. The best way to "
1930 "validate this is to use the <systemitem "
1931 "role=\"package\">debootstrap</systemitem> package to create an unstable "
1932 "chroot environment (see <xref linkend=\"debootstrap\"/> ). Within that "
1933 "chrooted environment, install the <systemitem "
1934 "role=\"package\">build-essential</systemitem> package and any package "
1935 "dependencies mentioned in <literal>Build-Depends</literal> and/or "
1936 "<literal>Build-Depends-Indep</literal>. Finally, try building your package "
1937 "within that chrooted environment. These steps can be automated by the use "
1938 "of the <command>pbuilder</command> program which is provided by the package "
1939 "of the same name (see <xref linkend=\"pbuilder\"/> )."
1942 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1945 "If you can't set up a proper chroot, <command>dpkg-depcheck</command> may be "
1946 "of assistance (see <xref linkend=\"dpkg-depcheck\"/> )."
1949 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1952 "See the <ulink url=\"&url-debian-policy;\">Debian Policy Manual</ulink> for "
1953 "instructions on setting build dependencies."
1956 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1959 "Don't set architecture to a value other than ``all'' or ``any'' unless you "
1960 "really mean it. In too many cases, maintainers don't follow the "
1961 "instructions in the <ulink url=\"&url-debian-policy;\">Debian Policy "
1962 "Manual</ulink>. Setting your architecture to ``i386'' is usually incorrect."
1965 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1968 "Make sure your source package is correct. Do <literal>dpkg-source -x "
1969 "<replaceable>package</replaceable>.dsc</literal> to make sure your source "
1970 "package unpacks properly. Then, in there, try building your package from "
1971 "scratch with <command>dpkg-buildpackage</command>."
1974 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1977 "Make sure you don't ship your source package with the "
1978 "<filename>debian/files</filename> or <filename>debian/substvars</filename> "
1979 "files. They should be removed by the `clean' target of "
1980 "<filename>debian/rules</filename>."
1983 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1986 "Make sure you don't rely on locally installed or hacked configurations or "
1987 "programs. For instance, you should never be calling programs in "
1988 "<filename>/usr/local/bin</filename> or the like. Try not to rely on "
1989 "programs being setup in a special way. Try building your package on another "
1990 "machine, even if it's the same architecture."
1993 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1996 "Don't depend on the package you're building being installed already (a "
1997 "sub-case of the above issue)."
2000 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
2003 "Don't rely on the compiler being a certain version, if possible. If not, "
2004 "then make sure your build dependencies reflect the restrictions, although "
2005 "you are probably asking for trouble, since different architectures sometimes "
2006 "standardize on different compilers."
2009 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
2012 "Make sure your debian/rules contains separate ``binary-arch'' and "
2013 "``binary-indep'' targets, as the Debian Policy Manual requires. Make sure "
2014 "that both targets work independently, that is, that you can call the target "
2015 "without having called the other before. To test this, try to run "
2016 "<literal>dpkg-buildpackage -B</literal>."
2019 # type: Content of: <chapter><section><section><title>
2021 msgid "Guidelines for porter uploads"
2024 # type: Content of: <chapter><section><section><para>
2027 "If the package builds out of the box for the architecture to be ported to, "
2028 "you are in luck and your job is easy. This section applies to that case; it "
2029 "describes how to build and upload your binary package so that it is properly "
2030 "installed into the archive. If you do have to patch the package in order to "
2031 "get it to compile for the other architecture, you are actually doing a "
2032 "source NMU, so consult <xref linkend=\"nmu-guidelines\"/> instead."
2035 # type: Content of: <chapter><section><section><para>
2038 "For a porter upload, no changes are being made to the source. You do not "
2039 "need to touch any of the files in the source package. This includes "
2040 "<filename>debian/changelog</filename>."
2043 # type: Content of: <chapter><section><section><para>
2046 "The way to invoke <command>dpkg-buildpackage</command> is as "
2047 "<literal>dpkg-buildpackage -B "
2048 "-m<replaceable>porter-email</replaceable></literal>. Of course, set "
2049 "<replaceable>porter-email</replaceable> to your email address. This will do "
2050 "a binary-only build of only the architecture-dependent portions of the "
2051 "package, using the `binary-arch' target in "
2052 "<filename>debian/rules</filename>."
2055 # type: Content of: <chapter><section><section><para>
2058 "If you are working on a Debian machine for your porting efforts and you need "
2059 "to sign your upload locally for its acceptance in the archive, you can run "
2060 "<command>debsign</command> on your <filename>.changes</filename> file to "
2061 "have it signed conveniently, or use the remote signing mode of "
2062 "<command>dpkg-sig</command>."
2065 # type: Content of: <chapter><section><section><section><title>
2067 msgid "Recompilation or binary-only NMU"
2070 # type: Content of: <chapter><section><section><section><para>
2073 "Sometimes the initial porter upload is problematic because the environment "
2074 "in which the package was built was not good enough (outdated or obsolete "
2075 "library, bad compiler, ...). Then you may just need to recompile it in an "
2076 "updated environment. However, you have to bump the version number in this "
2077 "case, so that the old bad package can be replaced in the Debian archive "
2078 "(<command>katie</command> refuses to install new packages if they don't have "
2079 "a version number greater than the currently available one)."
2082 # type: Content of: <chapter><section><section><section><para>
2085 "You have to make sure that your binary-only NMU doesn't render the package "
2086 "uninstallable. This could happen when a source package generates "
2087 "arch-dependent and arch-independent packages that depend on each other via "
2088 "$(Source-Version)."
2091 # type: Content of: <chapter><section><section><section><para>
2094 "Despite the required modification of the changelog, these are called "
2095 "binary-only NMUs — there is no need in this case to trigger all other "
2096 "architectures to consider themselves out of date or requiring recompilation."
2099 # type: Content of: <chapter><section><section><section><para>
2102 "Such recompilations require special ``magic'' version numbering, so that the "
2103 "archive maintenance tools recognize that, even though there is a new Debian "
2104 "version, there is no corresponding source update. If you get this wrong, "
2105 "the archive maintainers will reject your upload (due to lack of "
2106 "corresponding source code)."
2109 # type: Content of: <chapter><section><section><section><para><footnote>
2112 "The ``magic'' for a recompilation-only NMU is triggered by using a suffix "
2113 "appended to the package version number, following the form b<number>. "
2114 "For instance, if the latest version you are recompiling against was version "
2115 "``2.9-3'', your NMU should carry a version of ``2.9-3+b1''. If the latest "
2116 "version was ``3.4+b1'' (i.e, a native package with a previous recompilation "
2117 "NMU), your NMU should have a version number of ``3.4+b2''. <footnote>"
2120 # type: Content of: <chapter><section><section><section><para><footnote><para>
2123 "In the past, such NMUs used the third-level number on the Debian part of the "
2124 "revision to denote their recompilation-only status; however, this syntax was "
2125 "ambiguous with native packages and did not allow proper ordering of "
2126 "recompile-only NMUs, source NMUs, and security NMUs on the same package, and "
2127 "has therefore been abandoned in favor of this new syntax."
2130 # type: Content of: <chapter><section><section><section><para>
2133 "Similar to initial porter uploads, the correct way of invoking "
2134 "<command>dpkg-buildpackage</command> is <literal>dpkg-buildpackage "
2135 "-B</literal> to only build the architecture-dependent parts of the package."
2138 # type: Content of: <chapter><section><section><section><title>
2140 msgid "When to do a source NMU if you are a porter"
2143 # type: Content of: <chapter><section><section><section><para>
2146 "Porters doing a source NMU generally follow the guidelines found in <xref "
2147 "linkend=\"nmu\"/> , just like non-porters. However, it is expected that the "
2148 "wait cycle for a porter's source NMU is smaller than for a non-porter, since "
2149 "porters have to cope with a large quantity of packages. Again, the "
2150 "situation varies depending on the distribution they are uploading to. It "
2151 "also varies whether the architecture is a candidate for inclusion into the "
2152 "next stable release; the release managers decide and announce which "
2153 "architectures are candidates."
2156 # type: Content of: <chapter><section><section><section><para>
2159 "If you are a porter doing an NMU for `unstable', the above guidelines for "
2160 "porting should be followed, with two variations. Firstly, the acceptable "
2161 "waiting period — the time between when the bug is submitted to the BTS and "
2162 "when it is OK to do an NMU — is seven days for porters working on the "
2163 "unstable distribution. This period can be shortened if the problem is "
2164 "critical and imposes hardship on the porting effort, at the discretion of "
2165 "the porter group. (Remember, none of this is Policy, just mutually agreed "
2166 "upon guidelines.) For uploads to stable or testing, please coordinate with "
2167 "the appropriate release team first."
2170 # type: Content of: <chapter><section><section><section><para>
2173 "Secondly, porters doing source NMUs should make sure that the bug they "
2174 "submit to the BTS should be of severity `serious' or greater. This ensures "
2175 "that a single source package can be used to compile every supported Debian "
2176 "architecture by release time. It is very important that we have one version "
2177 "of the binary and source package for all architecture in order to comply "
2178 "with many licenses."
2181 # type: Content of: <chapter><section><section><section><para>
2184 "Porters should try to avoid patches which simply kludge around bugs in the "
2185 "current version of the compile environment, kernel, or libc. Sometimes such "
2186 "kludges can't be helped. If you have to kludge around compiler bugs and the "
2187 "like, make sure you <literal>#ifdef</literal> your work properly; also, "
2188 "document your kludge so that people know to remove it once the external "
2189 "problems have been fixed."
2192 # type: Content of: <chapter><section><section><section><para>
2195 "Porters may also have an unofficial location where they can put the results "
2196 "of their work during the waiting period. This helps others running the port "
2197 "have the benefit of the porter's work, even during the waiting period. Of "
2198 "course, such locations have no official blessing or status, so buyer beware."
2201 # type: Content of: <chapter><section><section><title>
2203 msgid "Porting infrastructure and automation"
2206 # type: Content of: <chapter><section><section><para>
2209 "There is infrastructure and several tools to help automate package porting. "
2210 "This section contains a brief overview of this automation and porting to "
2211 "these tools; see the package documentation or references for full "
2215 # type: Content of: <chapter><section><section><section><title>
2217 msgid "Mailing lists and web pages"
2220 # type: Content of: <chapter><section><section><section><para>
2223 "Web pages containing the status of each port can be found at <ulink "
2224 "url=\"&url-debian-ports;\"></ulink>."
2227 # type: Content of: <chapter><section><section><section><para>
2230 "Each port of Debian has a mailing list. The list of porting mailing lists "
2231 "can be found at <ulink url=\"&url-debian-port-lists;\"></ulink>. These "
2232 "lists are used to coordinate porters, and to connect the users of a given "
2233 "port with the porters."
2236 # type: Content of: <chapter><section><section><section><title>
2238 msgid "Porter tools"
2241 # type: Content of: <chapter><section><section><section><para>
2244 "Descriptions of several porting tools can be found in <xref "
2245 "linkend=\"tools-porting\"/> ."
2248 # type: Content of: <chapter><section><section><section><para>
2251 "The <systemitem role=\"package\">buildd</systemitem> system is used as a "
2252 "distributed, client-server build distribution system. It is usually used in "
2253 "conjunction with <emphasis>auto-builders</emphasis>, which are ``slave'' "
2254 "hosts which simply check out and attempt to auto-build packages which need "
2255 "to be ported. There is also an email interface to the system, which allows "
2256 "porters to ``check out'' a source package (usually one which cannot yet be "
2257 "auto-built) and work on it."
2260 # type: Content of: <chapter><section><section><section><para>
2263 "<systemitem role=\"package\">buildd</systemitem> is not yet available as a "
2264 "package; however, most porting efforts are either using it currently or "
2265 "planning to use it in the near future. The actual automated builder is "
2266 "packaged as <systemitem role=\"package\">sbuild</systemitem>, see its "
2267 "description in <xref linkend=\"sbuild\"/> . The complete <systemitem "
2268 "role=\"package\">buildd</systemitem> system also collects a number of as yet "
2269 "unpackaged components which are currently very useful and in use "
2270 "continually, such as <command>andrea</command> and "
2271 "<command>wanna-build</command>."
2274 # type: Content of: <chapter><section><section><section><para>
2277 "Some of the data produced by <systemitem "
2278 "role=\"package\">buildd</systemitem> which is generally useful to porters is "
2279 "available on the web at <ulink url=\"&url-buildd;\"></ulink>. This data "
2280 "includes nightly updated information from <command>andrea</command> (source "
2281 "dependencies) and <systemitem role=\"package\">quinn-diff</systemitem> "
2282 "(packages needing recompilation)."
2285 # type: Content of: <chapter><section><section><section><para>
2288 "We are quite proud of this system, since it has so many possible uses. "
2289 "Independent development groups can use the system for different sub-flavors "
2290 "of Debian, which may or may not really be of general interest (for instance, "
2291 "a flavor of Debian built with <command>gcc</command> bounds checking). It "
2292 "will also enable Debian to recompile entire distributions quickly."
2295 # type: Content of: <chapter><section><section><section><para>
2298 "The buildds admins of each arch can be contacted at the mail address "
2299 "$arch@buildd.debian.org."
2302 # type: Content of: <chapter><section><section><title>
2304 msgid "When your package is <emphasis>not</emphasis> portable"
2307 # type: Content of: <chapter><section><section><para>
2310 "Some packages still have issues with building and/or working on some of the "
2311 "architectures supported by Debian, and cannot be ported at all, or not "
2312 "within a reasonable amount of time. An example is a package that is "
2313 "SVGA-specific (only i386), or uses other hardware-specific features not "
2314 "supported on all architectures."
2317 # type: Content of: <chapter><section><section><para>
2320 "In order to prevent broken packages from being uploaded to the archive, and "
2321 "wasting buildd time, you need to do a few things:"
2324 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2327 "First, make sure your package <emphasis>does</emphasis> fail to build on "
2328 "architectures that it cannot support. There are a few ways to achieve "
2329 "this. The preferred way is to have a small testsuite during build time that "
2330 "will test the functionality, and fail if it doesn't work. This is a good "
2331 "idea anyway, as this will prevent (some) broken uploads on all "
2332 "architectures, and also will allow the package to build as soon as the "
2333 "required functionality is available."
2336 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2339 "Additionally, if you believe the list of supported architectures is pretty "
2340 "constant, you should change 'any' to a list of supported architectures in "
2341 "debian/control. This way, the build will fail also, and indicate this to a "
2342 "human reader without actually trying."
2345 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2348 "In order to prevent autobuilders from needlessly trying to build your "
2349 "package, it must be included in <filename>packages-arch-specific</filename>, "
2350 "a list used by the <command>wanna-build</command> script. The current "
2351 "version is available as <ulink "
2352 "url=\"&url-cvsweb;srcdep/Packages-arch-specific?cvsroot=dak\"></ulink>; "
2353 "please see the top of the file for whom to contact for changes."
2356 # type: Content of: <chapter><section><section><para>
2359 "Please note that it is insufficient to only add your package to "
2360 "Packages-arch-specific without making it fail to build on unsupported "
2361 "architectures: A porter or any other person trying to build your package "
2362 "might accidently upload it without noticing it doesn't work. If in the past "
2363 "some binary packages were uploaded on unsupported architectures, request "
2364 "their removal by filing a bug against <systemitem "
2365 "role=\"package\">ftp.debian.org</systemitem>"
2368 # type: Content of: <chapter><section><title>
2370 msgid "Non-Maintainer Uploads (NMUs)"
2373 # type: Content of: <chapter><section><para>
2376 "Under certain circumstances it is necessary for someone other than the "
2377 "official package maintainer to make a release of a package. This is called "
2378 "a non-maintainer upload, or NMU."
2381 # type: Content of: <chapter><section><para>
2384 "This section handles only source NMUs, i.e. NMUs which upload a new version "
2385 "of the package. For binary-only NMUs by porters or QA members, please see "
2386 "<xref linkend=\"binary-only-nmu\"/> . If a buildd builds and uploads a "
2387 "package, that too is strictly speaking a binary NMU. See <xref "
2388 "linkend=\"buildd\"/> for some more information."
2391 # type: Content of: <chapter><section><para>
2394 "The main reason why NMUs are done is when a developer needs to fix another "
2395 "developer's package in order to address serious problems or crippling bugs "
2396 "or when the package maintainer is unable to release a fix in a timely "
2400 # type: Content of: <chapter><section><para>
2403 "First and foremost, it is critical that NMU patches to source should be as "
2404 "non-disruptive as possible. Do not do housekeeping tasks, do not change the "
2405 "name of modules or files, do not move directories; in general, do not fix "
2406 "things which are not broken. Keep the patch as small as possible. If "
2407 "things bother you aesthetically, talk to the Debian maintainer, talk to the "
2408 "upstream maintainer, or submit a bug. However, aesthetic changes must "
2409 "<emphasis>not</emphasis> be made in a non-maintainer upload."
2412 # type: Content of: <chapter><section><para>
2415 "And please remember the Hippocratic Oath: Above all, do no harm. It is "
2416 "better to leave a package with an open grave bug than applying a "
2417 "non-functional patch, or one that hides the bug instead of resolving it."
2420 # type: Content of: <chapter><section><section><title>
2422 msgid "How to do a NMU"
2425 # type: Content of: <chapter><section><section><para>
2428 "NMUs which fix important, serious or higher severity bugs are encouraged and "
2429 "accepted. You should endeavor to reach the current maintainer of the "
2430 "package; they might be just about to upload a fix for the problem, or have a "
2434 # type: Content of: <chapter><section><section><para>
2437 "NMUs should be made to assist a package's maintainer in resolving bugs. "
2438 "Maintainers should be thankful for that help, and NMUers should respect the "
2439 "decisions of maintainers, and try to personally help the maintainer by their "
2443 # type: Content of: <chapter><section><section><para>
2446 "A NMU should follow all conventions, written down in this section. For an "
2447 "upload to testing or unstable, this order of steps is recommended:"
2450 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2453 "Make sure that the package's bugs that the NMU is meant to address are all "
2454 "filed in the Debian Bug Tracking System (BTS). If they are not, submit them "
2458 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2461 "Wait a few days for the response from the maintainer. If you don't get any "
2462 "response, you may want to help them by sending the patch that fixes the "
2463 "bug. Don't forget to tag the bug with the patch keyword."
2466 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2469 "Wait a few more days. If you still haven't got an answer from the "
2470 "maintainer, send them a mail announcing your intent to NMU the package. "
2471 "Prepare an NMU as described in this section, and test it carefully on your "
2472 "machine (cf. <xref linkend=\"sanitycheck\"/> ). Double check that your "
2473 "patch doesn't have any unexpected side effects. Make sure your patch is as "
2474 "small and as non-disruptive as it can be."
2477 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2480 "Upload your package to incoming in <filename>DELAYED/7-day</filename> (cf. "
2481 "<xref linkend=\"delayed-incoming\"/> ), send the final patch to the "
2482 "maintainer via the BTS, and explain to them that they have 7 days to react "
2483 "if they want to cancel the NMU."
2486 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2489 "Follow what happens, you're responsible for any bug that you introduced with "
2490 "your NMU. You should probably use <xref linkend=\"pkg-tracking-system\"/> "
2491 "(PTS) to stay informed of the state of the package after your NMU."
2494 # type: Content of: <chapter><section><section><para>
2497 "At times, the release manager or an organized group of developers can "
2498 "announce a certain period of time in which the NMU rules are relaxed. This "
2499 "usually involves shortening the period during which one is to wait before "
2500 "uploading the fixes, and shortening the DELAYED period. It is important to "
2501 "notice that even in these so-called bug squashing party times, the NMU'er "
2502 "has to file bugs and contact the developer first, and act later. Please see "
2503 "<xref linkend=\"qa-bsp\"/> for details."
2506 # type: Content of: <chapter><section><section><para>
2509 "For the testing distribution, the rules may be changed by the release "
2510 "managers. Please take additional care, and acknowledge that the usual way "
2511 "for a package to enter testing is through unstable."
2514 # type: Content of: <chapter><section><section><para>
2517 "For the stable distribution, please take extra care. Of course, the release "
2518 "managers may also change the rules here. Please verify before you upload "
2519 "that all your changes are OK for inclusion into the next stable release by "
2520 "the release manager."
2523 # type: Content of: <chapter><section><section><para>
2526 "When a security bug is detected, the security team may do an NMU, using "
2527 "their own rules. Please refer to <xref linkend=\"bug-security\"/> for more "
2531 # type: Content of: <chapter><section><section><para>
2534 "For the differences for Porters NMUs, please see <xref "
2535 "linkend=\"source-nmu-when-porter\"/> ."
2538 # type: Content of: <chapter><section><section><para>
2541 "Of course, it is always possible to agree on special rules with a maintainer "
2542 "(like the maintainer asking please upload this fix directly for me, and no "
2546 # type: Content of: <chapter><section><section><title>
2548 msgid "NMU version numbering"
2551 # type: Content of: <chapter><section><section><para>
2554 "Whenever you have made a change to a package, no matter how trivial, the "
2555 "version number needs to change. This enables our packing system to "
2559 # type: Content of: <chapter><section><section><para>
2562 "If you are doing a non-maintainer upload (NMU), you should add a new minor "
2563 "version number to the <replaceable>debian-revision</replaceable> part of the "
2564 "version number (the portion after the last hyphen). This extra minor number "
2565 "will start at `1'. For example, consider the package `foo', which is at "
2566 "version 1.1-3. In the archive, the source package control file would be "
2567 "<filename>foo_1.1-3.dsc</filename>. The upstream version is `1.1' and the "
2568 "Debian revision is `3'. The next NMU would add a new minor number `.1' to "
2569 "the Debian revision; the new source control file would be "
2570 "<filename>foo_1.1-3.1.dsc</filename>."
2573 # type: Content of: <chapter><section><section><para>
2576 "The Debian revision minor number is needed to avoid stealing one of the "
2577 "package maintainer's version numbers, which might disrupt their work. It "
2578 "also has the benefit of making it visually clear that a package in the "
2579 "archive was not made by the official maintainer."
2582 # type: Content of: <chapter><section><section><para>
2585 "If there is no <replaceable>debian-revision</replaceable> component in the "
2586 "version number then one should be created, starting at `0.1' (but in case of "
2587 "a debian native package still upload it as native package). If it is "
2588 "absolutely necessary for someone other than the usual maintainer to make a "
2589 "release based on a new upstream version then the person making the release "
2590 "should start with the <replaceable>debian-revision</replaceable> value "
2591 "`0.1'. The usual maintainer of a package should start their "
2592 "<replaceable>debian-revision</replaceable> numbering at `1'."
2595 # type: Content of: <chapter><section><section><para>
2598 "If you upload a package to testing or stable, sometimes, you need to fork "
2599 "the version number tree. For this, version numbers like 1.1-3sarge0.1 could "
2603 # type: Content of: <chapter><section><section><title>
2605 msgid "Source NMUs must have a new changelog entry"
2608 # type: Content of: <chapter><section><section><para>
2611 "Anyone who is doing a source NMU must create a changelog entry, describing "
2612 "which bugs are fixed by the NMU, and generally why the NMU was required and "
2613 "what it fixed. The changelog entry will have the email address of the "
2614 "person who uploaded it in the log entry and the NMU version number in it."
2617 # type: Content of: <chapter><section><section><para>
2619 msgid "By convention, source NMU changelog entries start with the line"
2622 # type: Content of: <chapter><section><section><screen>
2625 msgid "* Non-maintainer upload"
2628 # type: Content of: <chapter><section><section><title>
2630 msgid "Source NMUs and the Bug Tracking System"
2633 # type: Content of: <chapter><section><section><para>
2636 "Maintainers other than the official package maintainer should make as few "
2637 "changes to the package as possible, and they should always send a patch as a "
2638 "unified context diff (<literal>diff -u</literal>) detailing their changes to "
2639 "the Bug Tracking System."
2642 # type: Content of: <chapter><section><section><para>
2645 "What if you are simply recompiling the package? If you just need to "
2646 "recompile it for a single architecture, then you may do a binary-only NMU as "
2647 "described in <xref linkend=\"binary-only-nmu\"/> which doesn't require any "
2648 "patch to be sent. If you want the package to be recompiled for all "
2649 "architectures, then you do a source NMU as usual and you will have to send a "
2653 # type: Content of: <chapter><section><section><para>
2656 "Bugs fixed by source NMUs used to be tagged fixed instead of closed, but "
2657 "since version tracking is in place, such bugs are now also closed with the "
2661 # type: Content of: <chapter><section><section><para>
2664 "Also, after doing an NMU, you have to send the information to the existing "
2665 "bugs that are fixed by your NMU, including the unified diff. Historically, "
2666 "it was custom to open a new bug and include a patch showing all the changes "
2667 "you have made. The normal maintainer will either apply the patch or employ "
2668 "an alternate method of fixing the problem. Sometimes bugs are fixed "
2669 "independently upstream, which is another good reason to back out an NMU's "
2670 "patch. If the maintainer decides not to apply the NMU's patch but to "
2671 "release a new version, the maintainer needs to ensure that the new upstream "
2672 "version really fixes each problem that was fixed in the non-maintainer "
2676 # type: Content of: <chapter><section><section><para>
2679 "In addition, the normal maintainer should <emphasis>always</emphasis> retain "
2680 "the entry in the changelog file documenting the non-maintainer upload -- and "
2681 "of course, also keep the changes. If you revert some of the changes, please "
2682 "reopen the relevant bug reports."
2685 # type: Content of: <chapter><section><section><title>
2687 msgid "Building source NMUs"
2690 # type: Content of: <chapter><section><section><para>
2693 "Source NMU packages are built normally. Pick a distribution using the same "
2694 "rules as found in <xref linkend=\"distribution\"/> , follow the other "
2695 "instructions in <xref linkend=\"upload\"/> ."
2698 # type: Content of: <chapter><section><section><para>
2701 "Make sure you do <emphasis>not</emphasis> change the value of the maintainer "
2702 "in the <filename>debian/control</filename> file. Your name as given in the "
2703 "NMU entry of the <filename>debian/changelog</filename> file will be used for "
2704 "signing the changes file."
2707 # type: Content of: <chapter><section><section><title>
2709 msgid "Acknowledging an NMU"
2712 # type: Content of: <chapter><section><section><para>
2715 "If one of your packages has been NMU'ed, you have to incorporate the changes "
2716 "in your copy of the sources. This is easy, you just have to apply the patch "
2717 "that has been sent to you. Once this is done, you have to close the bugs "
2718 "that have been tagged fixed by the NMU. The easiest way is to use the "
2719 "<literal>-v</literal> option of <command>dpkg-buildpackage</command>, as "
2720 "this allows you to include just all changes since your last maintainer "
2721 "upload. Alternatively, you can close them manually by sending the required "
2722 "mails to the BTS or by adding the required <literal>closes: #nnnn</literal> "
2723 "in the changelog entry of your next upload."
2726 # type: Content of: <chapter><section><section><para>
2729 "In any case, you should not be upset by the NMU. An NMU is not a personal "
2730 "attack against the maintainer. It is a proof that someone cares enough "
2731 "about the package that they were willing to help you in your work, so you "
2732 "should be thankful. You may also want to ask them if they would be "
2733 "interested in helping you on a more frequent basis as co-maintainer or "
2734 "backup maintainer (see <xref linkend=\"collaborative-maint\"/> )."
2737 # type: Content of: <chapter><section><section><title>
2739 msgid "NMU vs QA uploads"
2742 # type: Content of: <chapter><section><section><para>
2745 "Unless you know the maintainer is still active, it is wise to check the "
2746 "package to see if it has been orphaned. The current list of orphaned "
2747 "packages which haven't had their maintainer set correctly is available at "
2748 "<ulink url=\"&url-debian-qa-orphaned;\"></ulink>. If you perform an NMU on "
2749 "an improperly orphaned package, please set the maintainer to <literal>Debian "
2750 "QA Group <packages@qa.debian.org></literal>."
2753 # type: Content of: <chapter><section><section><title>
2755 msgid "Who can do an NMU"
2758 # type: Content of: <chapter><section><section><para>
2761 "Only official, registered Debian Developers can do binary or source NMUs. A "
2762 "Debian Developer is someone who has their key in the Debian key ring. "
2763 "Non-developers, however, are encouraged to download the source package and "
2764 "start hacking on it to fix problems; however, rather than doing an NMU, they "
2765 "should just submit worthwhile patches to the Bug Tracking System. "
2766 "Maintainers almost always appreciate quality patches and bug reports."
2769 # type: Content of: <chapter><section><section><title>
2774 # type: Content of: <chapter><section><section><para>
2777 "There are two new terms used throughout this section: ``binary-only NMU'' "
2778 "and ``source NMU''. These terms are used with specific technical meaning "
2779 "throughout this document. Both binary-only and source NMUs are similar, "
2780 "since they involve an upload of a package by a developer who is not the "
2781 "official maintainer of that package. That is why it's a "
2782 "<emphasis>non-maintainer</emphasis> upload."
2785 # type: Content of: <chapter><section><section><para>
2788 "A source NMU is an upload of a package by a developer who is not the "
2789 "official maintainer, for the purposes of fixing a bug in the package. "
2790 "Source NMUs always involves changes to the source (even if it is just a "
2791 "change to <filename>debian/changelog</filename>). This can be either a "
2792 "change to the upstream source, or a change to the Debian bits of the "
2793 "source. Note, however, that source NMUs may also include "
2794 "architecture-dependent packages, as well as an updated Debian diff."
2797 # type: Content of: <chapter><section><section><para>
2800 "A binary-only NMU is a recompilation and upload of a binary package for a "
2801 "given architecture. As such, it is usually part of a porting effort. A "
2802 "binary-only NMU is a non-maintainer uploaded binary version of a package, "
2803 "with no source changes required. There are many cases where porters must "
2804 "fix problems in the source in order to get them to compile for their target "
2805 "architecture; that would be considered a source NMU rather than a "
2806 "binary-only NMU. As you can see, we don't distinguish in terminology "
2807 "between porter NMUs and non-porter NMUs."
2810 # type: Content of: <chapter><section><section><para>
2813 "Both classes of NMUs, source and binary-only, can be lumped under the term "
2814 "``NMU''. However, this often leads to confusion, since most people think "
2815 "``source NMU'' when they think ``NMU''. So it's best to be careful: always "
2816 "use ``binary NMU'' or ``binNMU'' for binary-only NMUs."
2819 # type: Content of: <chapter><section><title>
2821 msgid "Collaborative maintenance"
2824 # type: Content of: <chapter><section><para>
2827 "Collaborative maintenance is a term describing the sharing of Debian package "
2828 "maintenance duties by several people. This collaboration is almost always a "
2829 "good idea, since it generally results in higher quality and faster bug fix "
2830 "turnaround times. It is strongly recommended that packages with a priority "
2831 "of <literal>Standard</literal> or which are part of the base set have "
2835 # type: Content of: <chapter><section><para>
2838 "Generally there is a primary maintainer and one or more co-maintainers. The "
2839 "primary maintainer is the person whose name is listed in the "
2840 "<literal>Maintainer</literal> field of the "
2841 "<filename>debian/control</filename> file. Co-maintainers are all the other "
2845 # type: Content of: <chapter><section><para>
2848 "In its most basic form, the process of adding a new co-maintainer is quite "
2852 # type: Content of: <chapter><section><itemizedlist><listitem><para>
2855 "Setup the co-maintainer with access to the sources you build the package "
2856 "from. Generally this implies you are using a network-capable version "
2857 "control system, such as <command>CVS</command> or "
2858 "<command>Subversion</command>. Alioth (see <xref linkend=\"alioth\"/> ) "
2859 "provides such tools, amongst others."
2862 # type: Content of: <chapter><section><itemizedlist><listitem><para>
2865 "Add the co-maintainer's correct maintainer name and address to the "
2866 "<literal>Uploaders</literal> field in the global part of the "
2867 "<filename>debian/control</filename> file."
2870 # type: Content of: <chapter><section><itemizedlist><listitem><screen>
2874 "Uploaders: John Buzz <jbuzz@debian.org>, Adam Rex "
2875 "<arex@debian.org>"
2878 # type: Content of: <chapter><section><itemizedlist><listitem><para>
2881 "Using the PTS (<xref linkend=\"pkg-tracking-system\"/> ), the co-maintainers "
2882 "should subscribe themselves to the appropriate source package."
2885 # type: Content of: <chapter><section><para>
2888 "Another form of collaborative maintenance is team maintenance, which is "
2889 "recommended if you maintain several packages with the same group of "
2890 "developers. In that case, the Maintainer and Uploaders field of each "
2891 "package must be managed with care. It is recommended to choose between one "
2892 "of the two following schemes:"
2895 # type: Content of: <chapter><section><orderedlist><listitem><para>
2898 "Put the team member mainly responsible for the package in the Maintainer "
2899 "field. In the Uploaders, put the mailing list address, and the team members "
2900 "who care for the package."
2903 # type: Content of: <chapter><section><orderedlist><listitem><para>
2906 "Put the mailing list address in the Maintainer field. In the Uploaders "
2907 "field, put the team members who care for the package. In this case, you "
2908 "must make sure the mailing list accept bug reports without any human "
2909 "interaction (like moderation for non-subscribers)."
2912 # type: Content of: <chapter><section><para>
2915 "In any case, it is a bad idea to automatically put all team members in the "
2916 "Uploaders field. It clutters the Developer's Package Overview listing (see "
2917 "<xref linkend=\"ddpo\"/> ) with packages one doesn't really care for, and "
2918 "creates a false sense of good maintenance."
2921 # type: Content of: <chapter><section><title>
2923 msgid "The testing distribution"
2926 # type: Content of: <chapter><section><section><title>
2931 # type: Content of: <chapter><section><section><para>
2934 "Packages are usually installed into the `testing' distribution after they "
2935 "have undergone some degree of testing in unstable."
2938 # type: Content of: <chapter><section><section><para>
2941 "They must be in sync on all architectures and mustn't have dependencies that "
2942 "make them uninstallable; they also have to have generally no known "
2943 "release-critical bugs at the time they're installed into testing. This way, "
2944 "`testing' should always be close to being a release candidate. Please see "
2945 "below for details."
2948 # type: Content of: <chapter><section><section><title>
2950 msgid "Updates from unstable"
2953 # type: Content of: <chapter><section><section><para>
2956 "The scripts that update the <emphasis>testing</emphasis> distribution are "
2957 "run each day after the installation of the updated packages; these scripts "
2958 "are called <emphasis>britney</emphasis>. They generate the "
2959 "<filename>Packages</filename> files for the <emphasis>testing</emphasis> "
2960 "distribution, but they do so in an intelligent manner; they try to avoid any "
2961 "inconsistency and to use only non-buggy packages."
2964 # type: Content of: <chapter><section><section><para>
2967 "The inclusion of a package from <emphasis>unstable</emphasis> is conditional "
2971 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2974 "The package must have been available in <emphasis>unstable</emphasis> for 2, "
2975 "5 or 10 days, depending on the urgency (high, medium or low). Please note "
2976 "that the urgency is sticky, meaning that the highest urgency uploaded since "
2977 "the previous testing transition is taken into account. Those delays may be "
2978 "doubled during a freeze, or testing transitions may be switched off "
2982 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2985 "It must have the same number or fewer release-critical bugs than the version "
2986 "currently available in <emphasis>testing</emphasis>;"
2989 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2992 "It must be available on all architectures on which it has previously been "
2993 "built in unstable. <xref linkend=\"madison\"/> may be of interest to check "
2997 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3000 "It must not break any dependency of a package which is already available in "
3001 "<emphasis>testing</emphasis>;"
3004 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3007 "The packages on which it depends must either be available in "
3008 "<emphasis>testing</emphasis> or they must be accepted into "
3009 "<emphasis>testing</emphasis> at the same time (and they will be if they "
3010 "fulfill all the necessary criteria);"
3013 # type: Content of: <chapter><section><section><para>
3016 "To find out whether a package is progressing into testing or not, see the "
3017 "testing script output on the <ulink url=\"&url-testing-maint;\">web page of "
3018 "the testing distribution</ulink>, or use the program "
3019 "<command>grep-excuses</command> which is in the <systemitem "
3020 "role=\"package\">devscripts</systemitem> package. This utility can easily "
3021 "be used in a <citerefentry> <refentrytitle>crontab</refentrytitle> "
3022 "<manvolnum>5</manvolnum> </citerefentry> to keep yourself informed of the "
3023 "progression of your packages into <emphasis>testing</emphasis>."
3026 # type: Content of: <chapter><section><section><para>
3029 "The <filename>update_excuses</filename> file does not always give the "
3030 "precise reason why the package is refused; you may have to find it on your "
3031 "own by looking for what would break with the inclusion of the package. The "
3032 "<ulink url=\"&url-testing-maint;\">testing web page</ulink> gives some more "
3033 "information about the usual problems which may be causing such troubles."
3036 # type: Content of: <chapter><section><section><para>
3039 "Sometimes, some packages never enter <emphasis>testing</emphasis> because "
3040 "the set of inter-relationship is too complicated and cannot be sorted out by "
3041 "the scripts. See below for details."
3044 # type: Content of: <chapter><section><section><para>
3047 "Some further dependency analysis is shown on <ulink "
3048 "url=\"http://bjorn.haxx.se/debian/\"></ulink> — but be warned, this page "
3049 "also shows build dependencies which are not considered by britney."
3052 # type: Content of: <chapter><section><section><section><title>
3057 #. FIXME: better rename this file than document rampant professionalism?
3058 # type: Content of: <chapter><section><section><section><para>
3061 "For the testing migration script, outdated means: There are different "
3062 "versions in unstable for the release architectures (except for the "
3063 "architectures in fuckedarches; fuckedarches is a list of architectures that "
3064 "don't keep up (in update_out.py), but currently, it's empty). outdated has "
3065 "nothing whatsoever to do with the architectures this package has in testing."
3068 # type: Content of: <chapter><section><section><section><para>
3070 msgid "Consider this example:"
3073 # type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3074 #: pkgs.dbk:2284 pkgs.dbk:2315
3078 # type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3079 #: pkgs.dbk:2285 pkgs.dbk:2316
3083 # type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3084 #: pkgs.dbk:2290 pkgs.dbk:2322 pkgs.dbk:2382
3088 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3089 #: pkgs.dbk:2291 pkgs.dbk:2296 pkgs.dbk:2323 pkgs.dbk:2324 pkgs.dbk:2331
3093 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3094 #: pkgs.dbk:2292 pkgs.dbk:2325 pkgs.dbk:2330
3098 # type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3099 #: pkgs.dbk:2295 pkgs.dbk:2328 pkgs.dbk:2383
3103 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3104 #: pkgs.dbk:2297 pkgs.dbk:2329
3108 # type: Content of: <chapter><section><section><section><para>
3111 "The package is out of date on alpha in unstable, and will not go to "
3112 "testing. And removing foo from testing would not help at all, the package "
3113 "is still out of date on alpha, and will not propagate to testing."
3116 # type: Content of: <chapter><section><section><section><para>
3118 msgid "However, if ftp-master removes a package in unstable (here on arm):"
3121 # type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3126 # type: Content of: <chapter><section><section><section><para>
3129 "In this case, the package is up to date on all release architectures in "
3130 "unstable (and the extra hurd-i386 doesn't matter, as it's not a release "
3134 # type: Content of: <chapter><section><section><section><para>
3137 "Sometimes, the question is raised if it is possible to allow packages in "
3138 "that are not yet built on all architectures: No. Just plainly no. (Except "
3139 "if you maintain glibc or so.)"
3142 # type: Content of: <chapter><section><section><section><title>
3144 msgid "Removals from testing"
3147 # type: Content of: <chapter><section><section><section><para>
3150 "Sometimes, a package is removed to allow another package in: This happens "
3151 "only to allow <emphasis>another</emphasis> package to go in if it's ready in "
3152 "every other sense. Suppose e.g. that <emphasis>a</emphasis> cannot be "
3153 "installed with the new version of <emphasis>b</emphasis>; then "
3154 "<emphasis>a</emphasis> may be removed to allow <emphasis>b</emphasis> in."
3157 # type: Content of: <chapter><section><section><section><para>
3160 "Of course, there is another reason to remove a package from testing: It's "
3161 "just too buggy (and having a single RC-bug is enough to be in this state)."
3164 # type: Content of: <chapter><section><section><section><para>
3167 "Furthermore, if a package has been removed from unstable, and no package in "
3168 "testing depends on it any more, then it will automatically be removed."
3171 # type: Content of: <chapter><section><section><section><title>
3173 msgid "circular dependencies"
3176 # type: Content of: <chapter><section><section><section><para>
3179 "A situation which is not handled very well by britney is if package "
3180 "<emphasis>a</emphasis> depends on the new version of package "
3181 "<emphasis>b</emphasis>, and vice versa."
3184 # type: Content of: <chapter><section><section><section><para>
3186 msgid "An example of this is:"
3189 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3194 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3196 msgid "1; depends: b=1"
3199 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3201 msgid "2; depends: b=2"
3204 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3209 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3211 msgid "1; depends: a=1"
3214 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3216 msgid "2; depends: a=2"
3219 # type: Content of: <chapter><section><section><section><para>
3222 "Neither package <emphasis>a</emphasis> nor package <emphasis>b</emphasis> is "
3223 "considered for update."
3226 # type: Content of: <chapter><section><section><section><para>
3229 "Currently, this requires some manual hinting from the release team. Please "
3230 "contact them by sending mail to &email-debian-release; if this happens to "
3231 "one of your packages."
3234 # type: Content of: <chapter><section><section><section><title>
3236 msgid "influence of package in testing"
3239 # type: Content of: <chapter><section><section><section><para>
3242 "Generally, there is nothing that the status of a package in testing means "
3243 "for transition of the next version from unstable to testing, with two "
3244 "exceptions: If the RC-bugginess of the package goes down, it may go in even "
3245 "if it is still RC-buggy. The second exception is if the version of the "
3246 "package in testing is out of sync on the different arches: Then any arch "
3247 "might just upgrade to the version of the source package; however, this can "
3248 "happen only if the package was previously forced through, the arch is in "
3249 "fuckedarches, or there was no binary package of that arch present in "
3250 "unstable at all during the testing migration."
3253 # type: Content of: <chapter><section><section><section><para>
3256 "In summary this means: The only influence that a package being in testing "
3257 "has on a new version of the same package is that the new version might go in "
3261 # type: Content of: <chapter><section><section><section><title>
3266 # type: Content of: <chapter><section><section><section><para>
3268 msgid "If you are interested in details, this is how britney works:"
3271 # type: Content of: <chapter><section><section><section><para>
3274 "The packages are looked at to determine whether they are valid candidates. "
3275 "This gives the update excuses. The most common reasons why a package is not "
3276 "considered are too young, RC-bugginess, and out of date on some arches. For "
3277 "this part of britney, the release managers have hammers of various sizes to "
3278 "force britney to consider a package. (Also, the base freeze is coded in "
3279 "that part of britney.) (There is a similar thing for binary-only updates, "
3280 "but this is not described here. If you're interested in that, please peruse "
3284 # type: Content of: <chapter><section><section><section><para>
3287 "Now, the more complex part happens: Britney tries to update testing with the "
3288 "valid candidates; first, each package alone, and then larger and even larger "
3289 "sets of packages together. Each try is accepted if testing is not more "
3290 "uninstallable after the update than before. (Before and after this part, "
3291 "some hints are processed; but as only release masters can hint, this is "
3292 "probably not so important for you.)"
3295 # type: Content of: <chapter><section><section><section><para>
3298 "If you want to see more details, you can look it up on "
3299 "merkel:/org/&ftp-debian-org;/testing/update_out/ (or there in "
3300 "~aba/testing/update_out to see a setup with a smaller packages file). Via "
3301 "web, it's at <ulink "
3302 "url=\"http://&ftp-master-host;/testing/update_out_code/\"></ulink>"
3305 # type: Content of: <chapter><section><section><section><para>
3308 "The hints are available via <ulink "
3309 "url=\"http://&ftp-master-host;/testing/hints/\"></ulink>."
3312 # type: Content of: <chapter><section><section><title>
3314 msgid "Direct updates to testing"
3317 # type: Content of: <chapter><section><section><para>
3320 "The testing distribution is fed with packages from unstable according to the "
3321 "rules explained above. However, in some cases, it is necessary to upload "
3322 "packages built only for testing. For that, you may want to upload to "
3323 "<emphasis>testing-proposed-updates</emphasis>."
3326 # type: Content of: <chapter><section><section><para>
3329 "Keep in mind that packages uploaded there are not automatically processed, "
3330 "they have to go through the hands of the release manager. So you'd better "
3331 "have a good reason to upload there. In order to know what a good reason is "
3332 "in the release managers' eyes, you should read the instructions that they "
3333 "regularly give on &email-debian-devel-announce;."
3336 # type: Content of: <chapter><section><section><para>
3339 "You should not upload to <emphasis>testing-proposed-updates</emphasis> when "
3340 "you can update your packages through <emphasis>unstable</emphasis>. If you "
3341 "can't (for example because you have a newer development version in "
3342 "unstable), you may use this facility, but it is recommended that you ask for "
3343 "authorization from the release manager first. Even if a package is frozen, "
3344 "updates through unstable are possible, if the upload via unstable does not "
3345 "pull in any new dependencies."
3348 # type: Content of: <chapter><section><section><para>
3351 "Version numbers are usually selected by adding the codename of the testing "
3352 "distribution and a running number, like 1.2sarge1 for the first upload "
3353 "through testing-proposed-updates of package version 1.2."
3356 # type: Content of: <chapter><section><section><para>
3358 msgid "Please make sure you didn't miss any of these items in your upload:"
3361 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3364 "Make sure that your package really needs to go through "
3365 "<emphasis>testing-proposed-updates</emphasis>, and can't go through "
3369 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3371 msgid "Make sure that you included only the minimal amount of changes;"
3374 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3376 msgid "Make sure that you included an appropriate explanation in the changelog;"
3379 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3382 "Make sure that you've written <emphasis>testing</emphasis> or "
3383 "<emphasis>testing-proposed-updates</emphasis> into your target distribution;"
3386 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3389 "Make sure that you've built and tested your package in "
3390 "<emphasis>testing</emphasis>, not in <emphasis>unstable</emphasis>;"
3393 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3396 "Make sure that your version number is higher than the version in "
3397 "<emphasis>testing</emphasis> and "
3398 "<emphasis>testing-proposed-updates</emphasis>, and lower than in "
3399 "<emphasis>unstable</emphasis>;"
3402 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3405 "After uploading and successful build on all platforms, contact the release "
3406 "team at &email-debian-release; and ask them to approve your upload."
3409 # type: Content of: <chapter><section><section><title>
3411 msgid "Frequently asked questions"
3414 # type: Content of: <chapter><section><section><section><title>
3416 msgid "What are release-critical bugs, and how do they get counted?"
3419 # type: Content of: <chapter><section><section><section><para>
3422 "All bugs of some higher severities are by default considered "
3423 "release-critical; currently, these are critical, grave, and serious bugs."
3426 # type: Content of: <chapter><section><section><section><para>
3429 "Such bugs are presumed to have an impact on the chances that the package "
3430 "will be released with the stable release of Debian: in general, if a package "
3431 "has open release-critical bugs filed on it, it won't get into testing, and "
3432 "consequently won't be released in stable."
3435 # type: Content of: <chapter><section><section><section><para>
3438 "The unstable bug count are all release-critical bugs without either any "
3439 "release-tag (such as potato, woody) or with release-tag sid; also, only if "
3440 "they are neither fixed nor set to sarge-ignore. The testing bug count for a "
3441 "package is considered to be roughly the bug count of unstable count at the "
3442 "last point when the testing version equalled the unstable version."
3445 # type: Content of: <chapter><section><section><section><para>
3448 "This will change post-sarge, as soon as we have versions in the bug tracking "
3452 # type: Content of: <chapter><section><section><section><title>
3454 msgid "How could installing a package into testing possibly break other packages?"
3457 # type: Content of: <chapter><section><section><section><para>
3460 "The structure of the distribution archives is such that they can only "
3461 "contain one version of a package; a package is defined by its name. So when "
3462 "the source package acmefoo is installed into testing, along with its binary "
3463 "packages acme-foo-bin, acme-bar-bin, libacme-foo1 and libacme-foo-dev, the "
3464 "old version is removed."
3467 # type: Content of: <chapter><section><section><section><para>
3470 "However, the old version may have provided a binary package with an old "
3471 "soname of a library, such as libacme-foo0. Removing the old acmefoo will "
3472 "remove libacme-foo0, which will break any packages which depend on it."
3475 # type: Content of: <chapter><section><section><section><para>
3478 "Evidently, this mainly affects packages which provide changing sets of "
3479 "binary packages in different versions (in turn, mainly libraries). However, "
3480 "it will also affect packages upon which versioned dependencies have been "
3481 "declared of the ==, <=, or << varieties."
3484 # type: Content of: <chapter><section><section><section><para>
3487 "When the set of binary packages provided by a source package change in this "
3488 "way, all the packages that depended on the old binaries will have to be "
3489 "updated to depend on the new binaries instead. Because installing such a "
3490 "source package into testing breaks all the packages that depended on it in "
3491 "testing, some care has to be taken now: all the depending packages must be "
3492 "updated and ready to be installed themselves so that they won't be broken, "
3493 "and, once everything is ready, manual intervention by the release manager or "
3494 "an assistant is normally required."
3497 # type: Content of: <chapter><section><section><section><para>
3500 "If you are having problems with complicated groups of packages like this, "
3501 "contact debian-devel or debian-release for help."