</para>
<para>
There are several possible values for this field: <literal>stable</literal>,
-<literal>unstable</literal>, <litersl>testing-proposed-updates</literal> and
+<literal>unstable</literal>, <literal>testing-proposed-updates</literal> and
<literal>experimental</literal>. Normally, packages are uploaded into
<literal>unstable</literal>.
</para>
time.
</para>
<section id="upload-stable">
-<title>Special case: uploads to the <literal>stable</literal> distribution</title>
+<title>Special case: uploads to the <literal>stable</literal> and
+<literal>oldstable</literal> distributions</title>
<para>
Uploading to <literal>stable</literal> means that the package will transfered
-to the <literal>proposed-updates-new</literal>-queue for review by the stable
+to the <literal>proposed-updates-new</literal> queue for review by the stable
release managers, and if approved will be installed in
<filename>stable-proposed-updates</filename> directory of the Debian archive.
From there, it will be included in <literal>stable</literal> with the next
point release.
</para>
<para>
+To ensure that your upload will be accepted, you should discuss the changes
+with the stable release team before you upload. For that, send a mail to
+the &email-debian-release; mailing list, including the patch you want to
+apply to the package version currently in <literal>stable</literal>. Always
+be verbose and detailed in your changelog entries for uploads to the
+<literal>stable</literal> distribution.
+</para>
+<para>
Extra care should be taken when uploading to <literal>stable</literal>.
Basically, a package should only be uploaded to <literal>stable</literal> if
one of the following happens:
used for Debian security advisories are automatically copied to the appropriate
<filename>proposed-updates</filename> archive when the advisory is released.
See <xref linkend="bug-security"/> for detailed information on handling
-security problems.
+security problems. If the security teams deems the problem to be too
+benign to be fixed through a <literal>DSA</literal>, the stable release
+managers are usually willing to include your fix nonetheless in a regular
+upload to <literal>stable</literal>.
</para>
<para>
Changing anything else in the package that isn't important is discouraged,
making those other packages uninstallable, is strongly discouraged.
</para>
<para>
-The Release Team (which can be reached at
-&email-debian-release;) will regularly evaluate the uploads to
-<literal>stable-proposed-updates</literal> and decide if your package can be
-included in <literal>stable</literal>. Please be clear (and verbose, if
-necessary) in your changelog entries for uploads to
-<literal>stable</literal>, because otherwise the package won't be considered
-for inclusion.
-</para>
-<para>
-It's best practice to speak with the stable release manager
-<emphasis>before</emphasis> uploading to
-<literal>stable</literal>/<literal>stable-proposed-updates</literal>, so
-that the uploaded package fits the needs of the next point release.
+Uploads to the <literal>oldstable</literal> distributions are possible as
+long as it hasn't been archived. The same rules as for <literal>stable
+</literal> apply.
</para>
</section>
If the bug is real but it's caused by another package, just reassign the bug to
the right package. If you don't know which package it should be reassigned to,
you should ask for help on <link linkend="irc-channels">IRC</link> or
-on &email-debian-devel;. Please make sure that the
-maintainer(s) of the package the bug is reassigned to know why you reassigned
-it.
+on &email-debian-devel;. Please inform the maintainer(s) of the package
+you reassign the bug to, for example by Cc:ing the message that does the
+reassign to <email>packagename@packages.debian.org</email> and explaining
+your reasons in that mail. Please note that a simple reassignment is
+<emphasis>not</emphasis> e-mailed to the maintainers of the package
+being reassigned to, so they won't know about it until they look at
+a bug overview for their packages.
</para>
<para>
+If the bug affects the operation of your package, please consider
+cloning the bug and reassigning the clone to the package that really
+causes the behavior. Otherwise, the bug will not be shown in your
+package's bug list, possibly causing users to report the same bug over
+and over again. You should block "your" bug with the reassigned, cloned
+bug to document the relationship.
+</para>
+</listitem>
+<listitem>
+<para>
Sometimes you also have to adjust the severity of the bug so that it matches
our definition of the severity. That's because people tend to inflate the
severity of bugs to make sure their bugs are fixed quickly. Some bugs may even
Unless the upstream source has been uploaded to <literal>security.debian.org
</literal> before (by a previous security update), build the upload with full
upstream source (<literal>dpkg-buildpackage -sa</literal>). If there has been
-a previous upload to </literal>security.debian.org</literal> with the same
+a previous upload to <literal>security.debian.org</literal> with the same
upstream version, you may upload without upstream source (<literal>
dpkg-buildpackage -sd</literal>).
</para>
If for some reason you want to completely remove a package (say, if it is an
old compatibility library which is no longer required), you need to file a bug
against <literal>ftp.debian.org</literal> asking that the package be removed;
-as all bugs, this bug should normally have normal severity. Make sure you
-indicate which distribution the package should be removed from. Normally, you
-can only have packages removed from <literal>unstable</literal> and
-<literal>experimental</literal>. Packages are not removed from
+as all bugs, this bug should normally have normal severity.
+The bug title should be in the form <literal>RM: <replaceable>package
+</replaceable> <replaceable>[architecture list]</replaceable> --
+<replaceable>reason</replaceable></literal>, where <replaceable>package</replaceable>
+is the package to be removed and <replaceable>reason</replaceable> is a
+short summary of the reason for the removal request.
+<replaceable>[architecture list]</replaceable> is optional and only needed
+if the removal request only applies to some architectures, not all. Note
+that the <command>reportbug</command> will create a title conforming
+to these rules when you use it to report a bug against the <literal>
+ftp.debian.org</literal> pseudo-package.
+</para>
+
+<para>
+If you want to remove a package you maintain, you should note this in
+the bug title by prepending <literal>ROM</literal> (Request Of Maintainer).
+There are several other standard acronyms used in the reasoning for a package
+removal, see <ulink url="http://&ftp-master-host;/removals.html"></ulink>
+for a complete list. That page also provides a convenient overview of
+pending removal requests.
+</para>
+
+<para>
+Note that removals can only be done for the <literal>unstable
+</literal>, <literal>experimental</literal> and <literal>stable
+</literal> distribution. Packages are not removed from
<literal>testing</literal> directly. Rather, they will be removed
automatically after the package has been removed from
-<literal>unstable</literal> and no package in <literal>testing</literal>
-depends on it.
+<literal>unstable</literal> and no package in <literal>testing
+</literal> depends on it.
</para>
<para>
There is one exception when an explicit removal request is not necessary: If a
<para>
Usually you only ask for the removal of a package maintained by yourself. If
you want to remove another package, you have to get the approval of its
-maintainer.
+maintainer. Should the package be orphaned and thus have no maintainer,
+you should first discuss the removal request on &email-debian-qa;. If
+there is a consensus that the package should be removed, you should
+reassign and retitle the <literal>O:</literal> bug filed against the
+<literal>wnpp</literal> package instead of filing a new bug as
+removal request.
</para>
<para>
Further information relating to these and other package removal related topics
showpkg <replaceable>package</replaceable></literal>, the program will show
details for <replaceable>package</replaceable>, including reverse depends.
Other useful programs include <literal>apt-cache rdepends</literal>,
-<command>apt-rdepends</command> and <command>grep-dctrl</command>. Removal of
+<command>apt-rdepends</command>, <command>build-rdeps</command> (in the
+<systemitem role="package">devscripts</systemitem> package) and
+<command>grep-dctrl</command>. Removal of
orphaned packages is discussed on &email-debian-qa;.
</para>
<para>
<section id="s5.9.3">
<title>Replacing or renaming packages</title>
<para>
-When you make a mistake naming your package, you should follow a two-step
-process to rename it. First, set your <filename>debian/control</filename> file
-to replace and conflict with the obsolete name of the package (see the <ulink
-url="&url-debian-policy;">Debian Policy Manual</ulink> for
-details). Once you've uploaded the package and the package has moved into the
-archive, file a bug against <literal>ftp.debian.org</literal> asking to remove
-the package with the obsolete name. Do not forget to properly reassign the
-package's bugs at the same time.
+When the upstream maintainers for one of your packages chose to
+rename their software (or you made a mistake naming your package),
+you should follow a two-step process to rename it. In the first
+step, change the <filename>debian/control</filename> file to
+reflect the new name and to replace, provide and conflict with the
+obsolete package name (see the <ulink url="&url-debian-policy;">
+Debian Policy Manual</ulink> for details). Please note that you
+should only add a <literal>Provides</literal> relation if all
+packages depending on the obsolete package name continue to work
+after the renaming. Once you've uploaded the package and the package
+has moved into the archive, file a bug against <literal>
+ftp.debian.org</literal> asking to remove the package with the
+obsolete name (see <xref linkend="removing-pkgs"/>). Do not forget
+to properly reassign the package's bugs at the same time.
</para>
<para>
At other times, you may make a mistake in constructing your package and wish to
Porting is the act of building Debian packages for architectures that are
different from the original architecture of the package maintainer's binary
package. It is a unique and essential activity. In fact, porters do most of
-the actual compiling of Debian packages. For instance, for a single
-<literal>i386</literal> binary package, there must be a recompile for each
-architecture, which amounts to &number-of-arches; more builds.
+the actual compiling of Debian packages. For instance, when a maintainer
+uploads a (portable) source packages with binaries for the <literal>i386
+</literal> architecture, it will be built for each of the other architectures,
+amounting to &number-of-arches; more builds.
</para>
<section id="kind-to-porters">
<title>Being kind to porters</title>
</listitem>
<listitem>
<para>
-Don't set architecture to a value other than ``all'' or ``any'' unless you
-really mean it. In too many cases, maintainers don't follow the instructions
-in the <ulink url="&url-debian-policy;">Debian Policy
-Manual</ulink>. Setting your architecture to ``i386'' is usually incorrect.
+Don't set architecture to a value other than <literal>all</literal> or
+<literal>any</literal> unless you really mean it. In too many cases,
+maintainers don't follow the instructions in the <ulink
+url="&url-debian-policy;">Debian Policy Manual</ulink>. Setting your
+architecture to only one architecture (such as <literal>i386</literal>
+or <literal>amd64</literal>) is usually incorrect.
</para>
</listitem>
<listitem>
<para>
Make sure you don't ship your source package with the
<filename>debian/files</filename> or <filename>debian/substvars</filename>
-files. They should be removed by the `clean' target of
+files. They should be removed by the <literal>clean</literal> target of
<filename>debian/rules</filename>.
</para>
</listitem>
<listitem>
<para>
Don't depend on the package you're building being installed already (a sub-case
-of the above issue).
+of the above issue). There are, of course, exceptions to this rule, but be
+aware that any case like this needs manual bootstrapping and cannot be done
+by automated package builders.
</para>
</listitem>
<listitem>
</listitem>
<listitem>
<para>
-Make sure your debian/rules contains separate ``binary-arch'' and
-``binary-indep'' targets, as the Debian Policy Manual requires. Make sure that
-both targets work independently, that is, that you can call the target without
-having called the other before. To test this, try to run
-<literal>dpkg-buildpackage -B</literal>.
+Make sure your debian/rules contains separate <literal>binary-arch</literal>
+and <literal>binary-indep</literal> targets, as the Debian Policy Manual
+requires. Make sure that both targets work independently, that is, that you
+can call the target without having called the other before. To test this,
+try to run <command>dpkg-buildpackage -B</command>.
</para>
</listitem>
</orderedlist>
-m<replaceable>porter-email</replaceable></literal>. Of course, set
<replaceable>porter-email</replaceable> to your email address. This will do a
binary-only build of only the architecture-dependent portions of the package,
-using the `binary-arch' target in <filename>debian/rules</filename>.
+using the <literal>binary-arch</literal> target in <filename>debian/rules
+</filename>.
</para>
<para>
If you are working on a Debian machine for your porting efforts and you need to
bad compiler, ...). Then you may just need to recompile it in an updated
environment. However, you have to bump the version number in this case, so
that the old bad package can be replaced in the Debian archive
-(<command>katie</command> refuses to install new packages if they don't have a
+(<command>dak</command> refuses to install new packages if they don't have a
version number greater than the currently available one).
</para>
<para>
You have to make sure that your binary-only NMU doesn't render the package
uninstallable. This could happen when a source package generates
-arch-dependent and arch-independent packages that depend on each other via
-$(Source-Version).
+arch-dependent and arch-independent packages that have inter-dependencies
+generated using dpkg's substitution variable <literal>$(Source-Version)
+</literal>.
</para>
<para>
Despite the required modification of the changelog, these are called
</para>
<para>
The ``magic'' for a recompilation-only NMU is triggered by using a suffix
-appended to the package version number, following the form b<number>.
+appended to the package version number, following the form <literal>
+b<replaceable>number</replaceable></literal>.
For instance, if the latest version you are recompiling against was version
-``2.9-3'', your NMU should carry a version of ``2.9-3+b1''. If the latest
-version was ``3.4+b1'' (i.e, a native package with a previous recompilation
-NMU), your NMU should have a version number of ``3.4+b2''. <footnote><para> In
-the past, such NMUs used the third-level number on the Debian part of the
-revision to denote their recompilation-only status; however, this syntax was
-ambiguous with native packages and did not allow proper ordering of
-recompile-only NMUs, source NMUs, and security NMUs on the same package, and
-has therefore been abandoned in favor of this new syntax. </para> </footnote>
+<literal>2.9-3</literal>, your binary-only NMU should carry a version of
+<literal>2.9-3+b1</literal>. If the latest version was <literal>3.4+b1
+</literal> (i.e, a native package with a previous recompilation NMU), your
+binary-only NMU should have a version number of <literal>3.4+b2</literal>.
+<footnote><para> In the past, such NMUs used the third-level number on the
+Debian part of the revision to denote their recompilation-only status;
+however, this syntax was ambiguous with native packages and did not allow
+proper ordering of recompile-only NMUs, source NMUs, and security NMUs on
+the same package, and has therefore been abandoned in favor of this new syntax.
+</para> </footnote>
</para>
<para>
Similar to initial porter uploads, the correct way of invoking
</para>
<para>
Secondly, porters doing source NMUs should make sure that the bug they submit
-to the BTS should be of severity `serious' or greater. This ensures that a
-single source package can be used to compile every supported Debian
-architecture by release time. It is very important that we have one version of
-the binary and source package for all architecture in order to comply with many
-licenses.
+to the BTS should be of severity <literal>serious</literal> or greater. This
+ensures that a single source package can be used to compile every supported
+Debian architecture by release time. It is very important that we have one
+version of the binary and source package for all architectures in order to
+comply with many licenses.
</para>
<para>
Porters should try to avoid patches which simply kludge around bugs in the
</para>
</section>
-<section id="buildd">
-<title><systemitem role="package">buildd</systemitem></title>
+<section id="wanna-build">
+<title><systemitem role="package">wanna-build</systemitem></title>
<para>
-The <systemitem role="package">buildd</systemitem> system is used as a
+The <systemitem role="package">wanna-build</systemitem> system is used as a
distributed, client-server build distribution system. It is usually used in
-conjunction with <literal>build daemons</literal>, which are ``slave'' hosts
-which simply check out and attempt to auto-build packages which need to be
-ported. There is also an email interface to the system, which allows porters
-to ``check out'' a source package (usually one which cannot yet be auto-built)
-and work on it.
+conjunction with build daemons running the <systemitem role="package">buildd
+</systemitem> program. <literal>Build daemons</literal> are ``slave'' hosts
+which contact the central <systemitem role="package"> wanna-build</systemitem>
+system to receive a list of packages that need to be built.
</para>
<para>
-<systemitem role="package">buildd</systemitem> is not yet available as a
-package; however, most porting efforts are either using it currently or
-planning to use it in the near future. The actual automated builder is
-packaged as <systemitem role="package">sbuild</systemitem>, see its description
-in <xref linkend="sbuild"/> . The complete <systemitem
-role="package">buildd</systemitem> system also collects a number of as yet
-unpackaged components which are currently very useful and in use continually,
-such as <command>andrea</command> and <command>wanna-build</command>.
+<systemitem role="package">wanna-build</systemitem> is not yet available as a
+package; however, all Debian porting efforts are using it for automated
+package building. The tool used to do the actual package builds, <systemitem
+role="package">sbuild</systemitem> is available as a package, see its
+description in <xref linkend="sbuild"/> . Please note that the packaged
+version is not the same as the one used on build daemons, but it is close
+enough to reproduce problems.
</para>
<para>
-Some of the data produced by <systemitem role="package">buildd</systemitem>
-which is generally useful to porters is available on the web at <ulink
-url="&url-buildd;"></ulink>. This data includes nightly updated
-information from <command>andrea</command> (source dependencies) and
-<systemitem role="package">quinn-diff</systemitem> (packages needing
-recompilation).
+Most of the data produced by <systemitem role="package">wanna-build
+</systemitem> which is generally useful to porters is available on the
+web at <ulink url="&url-buildd;"></ulink>. This data includes nightly
+updated statistics, queueing information and logs for build attempts.
</para>
<para>
We are quite proud of this system, since it has so many possible uses.
Some packages still have issues with building and/or working on some of the
architectures supported by Debian, and cannot be ported at all, or not within a
reasonable amount of time. An example is a package that is SVGA-specific (only
-i386), or uses other hardware-specific features not supported on all
-architectures.
+available for <literal>i386</literal> and <literal>amd64</literal>), or uses
+other hardware-specific features not supported on all architectures.
</para>
<para>
In order to prevent broken packages from being uploaded to the archive, and
</para>
<para>
Additionally, if you believe the list of supported architectures is pretty
-constant, you should change 'any' to a list of supported architectures in
-debian/control. This way, the build will fail also, and indicate this to a
-human reader without actually trying.
+constant, you should change <literal>any</literal> to a list of supported
+architectures in <filename>debian/control</filename>. This way, the build will
+fail also, and indicate this to a human reader without actually trying.
</para>
</listitem>
<listitem>
This section handles only source NMUs, i.e. NMUs which upload a new version of
the package. For binary-only NMUs by porters or QA members, please see <xref
linkend="binary-only-nmu"/> . If a buildd builds and uploads a package, that
-too is strictly speaking a binary NMU. See <xref linkend="buildd"/> for some
-more information.
+too is strictly speaking a binary NMU. See <xref linkend="wanna-build"/> for
+some more information.
</para>
<para>
The main reason why NMUs are done is when a developer needs to fix another
They must be in sync on all architectures and mustn't have dependencies that
make them uninstallable; they also have to have generally no known
release-critical bugs at the time they're installed into <literal>testing
-<literal>. This way, <literal>testing</literal> should always be close to
+</literal>. This way, <literal>testing</literal> should always be close to
being a release candidate. Please see below for details.
</para>
</section>
<title>Updates from unstable</title>
<para>
The scripts that update the <literal>testing</literal> distribution are run
-each day after the installation of the updated packages; these scripts are
-called <literal>britney</literal>. They generate the
+twice each day, right after the installation of the updated packages; these
+scripts are called <literal>britney</literal>. They generate the
<filename>Packages</filename> files for the <literal>testing</literal>
distribution, but they do so in an intelligent manner; they try to avoid any
inconsistency and to use only non-buggy packages.
</para>
<para>
Some further dependency analysis is shown on <ulink
-url="http://bjorn.haxx.se/debian/"></ulink> — but be warned, this page also
+url="http://release.debian.org/migration/"></ulink> — but be warned, this page also
shows build dependencies which are not considered by britney.
</para>
<section id="outdated">
</informaltable>
<para>
The package is out of date on alpha in <literal>unstable</literal>, and will
-not go to <literal>testing. Removing the package would not help at all, the
+not go to <literal>testing</literal>. Removing the package would not help at all, the
package is still out of date on <literal>alpha</literal>, and will not
propagate to testing.
</para>
</para>
<para>
Now, the more complex part happens: Britney tries to update <literal>testing
-</literal> with the valid candidates; first, each package alone, and then
-larger and even larger sets of packages together. Each try is accepted if
-<literal>testing</literal> is not more uninstallable after the update than
-before. (Before and after this part, some hints are processed; but as only
-release masters can hint, this is probably not so important for you.)
+</literal> with the valid candidates. For that, britney tries to add each
+valid candidate to the testing distribution. If the number of uninstallable
+packages in <literal>testing</literal> doesn't increase, the package is
+accepted. From that point on, the accepted package is considered to be part
+of <literal>testing</literal>, such that all subsequent installability
+tests include this package. Hints from the release team are processed
+before or after this main run, depending on the exact type.
</para>
<para>
If you want to see more details, you can look it up on
<title>What are release-critical bugs, and how do they get counted?</title>
<para>
All bugs of some higher severities are by default considered release-critical;
-currently, these are critical, grave, and serious bugs.
+currently, these are <literal>critical</literal>, <literal>grave</literal> and
+<literal>serious</literal> bugs.
</para>
<para>
Such bugs are presumed to have an impact on the chances that the package will
stable</literal>.
</para>
<para>
-The <literal>unstable</literal> bug count are all release-critical bugs without
-either any release-tag (such as potato, woody) or with release-tag sid; also,
-only if they are neither fixed nor set to sarge-ignore. The <literal>testing
-</literal> bug count for a package is considered to be roughly the bug count of
-<literal>unstable</literal> count at the last point when the <literal>testing
-</literal>version equalled the <literal>unstable</literal> version.
-</para>
-<para>
-This will change post-sarge, as soon as we have versions in the bug tracking
-system.
+The <literal>unstable</literal> bug count are all release-critical bugs which
+are marked to apply to <replaceable>package</replaceable>/<replaceable>version
+</replaceable> combinations that are available in unstable for a release
+architecture. The <literal>testing</literal> bug count is defined analogously.
</para>
</section>