X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=developers-reference.git;a=blobdiff_plain;f=pkgs.dbk;h=5a34b950251cfa603fddece657ba553e4f4e8561;hp=814c6ff8d129b15f00da1b411c7e94393aace207;hb=97f8e71c422c4951a94d4f10bfe2c0a3b026e078;hpb=f622f4691ccc7746b4702ee89f55dc97c505c89d
diff --git a/pkgs.dbk b/pkgs.dbk
index 814c6ff..5a34b95 100644
--- a/pkgs.dbk
+++ b/pkgs.dbk
@@ -23,8 +23,9 @@ pages for more information.
Assuming no one else is already working on your prospective package, you must
then submit a bug report () against the
pseudo-package wnpp describing your
-plan to create a new package, including, but not limiting yourself to, a
-description of the package, the license of the prospective package, and the
+plan to create a new package, including, but not limiting yourself to, the
+description of the package (so that others can review it),
+the license of the prospective package, and the
current URL where it can be downloaded from.
@@ -100,7 +101,7 @@ of what is going on, and what is new, in the project.
-Please see
+Please see
for common rejection reasons for a new package.
@@ -424,7 +425,7 @@ you might want to give the maintainer a few days to react.
An upload to the delayed directory keeps the package in
-the deferred uploads queue.
+the deferred uploads queue.
When the specified waiting time is over, the package is moved into
the regular incoming directory for processing.
This is done through automatic uploading to
@@ -573,7 +574,7 @@ If you want to be a good maintainer, you should periodically check the Debian bug tracking system (BTS) for
your packages. The BTS contains all the open bugs against your packages. You
can check them by browsing this page:
-http://&bugs-host;/yourlogin@debian.org.
+https://&bugs-host;/yourlogin@debian.org.
Maintainers interact with the BTS via email addresses at
@@ -843,10 +844,9 @@ fixing them themselves, sending security advisories, and maintaining
When you become aware of a security-related bug in a Debian package, whether or
not you are the maintainer, collect pertinent information about the problem,
-and promptly contact the security team, preferably by filing a ticket in
-their Request Tracker.
-See .
-Alternatively you may email &email-security-team;.
+and promptly contact the security team by emailing &email-security-team;. If
+desired, email can be encrypted with the Debian Security Contact key, see
+ for details.
DO NOT UPLOAD any packages for
stable without contacting the team. Useful information
includes, for example:
@@ -898,7 +898,7 @@ below on how to prepare packages for the Security Team to handle.
The Security Tracker
The security team maintains a central database, the
-Debian Security Tracker.
+Debian Security Tracker.
This contains all public information that is known about security issues:
which packages and versions are affected or fixed, and thus whether stable,
testing and/or unstable are vulnerable. Information that is still confidential
@@ -983,7 +983,7 @@ has become public.
The Security Team has a PGP-key to enable encrypted communication about
-sensitive issues. See the Security Team FAQ for details.
+sensitive issues. See the Security Team FAQ for details.
@@ -1055,7 +1055,7 @@ security archive)
References to upstream advisories, CVE identifiers, and any other information
+url="https://cve.mitre.org">CVE identifiers, and any other information
useful in cross-referencing the vulnerability
@@ -1297,7 +1297,7 @@ to these rules when you use it to report a bug against the
If you want to remove a package you maintain, you should note this in
the bug title by prepending ROM (Request Of Maintainer).
There are several other standard acronyms used in the reasoning for a package
-removal, see
+removal, see
for a complete list. That page also provides a convenient overview of
pending removal requests.
@@ -1341,7 +1341,7 @@ removal request.
Further information relating to these and other package removal related topics
-may be found at
+may be found at
and .
@@ -1498,7 +1498,7 @@ doing some historical research first.
You should check why the package was removed in the first place. This
information can be found in the removal item in the news section of the PTS
page for the package or by browsing the log of
-removals.
+removals.
The removal bug will tell you why the package was removed and will give some
indication of what you will need to work on in order to reintroduce the package.
It may indicate that the best way forward is to switch to some other piece of
@@ -1976,8 +1976,20 @@ Before doing an NMU, consider the following questions:
-Does your NMU really fix bugs? Fixing cosmetic issues or changing the
-packaging style in NMUs is discouraged.
+Have you geared the NMU towards helping the maintainer? As there might
+be disagreement on the notion of whether the maintainer actually needs
+help on not, the DELAYED queue exists to give time to the maintainer to
+react and has the beneficial side-effect of allowing for independent
+reviews of the NMU diff.
+
+
+
+
+Does your NMU really fix bugs? ("Bugs" means any kind of bugs, e.g.
+wishlist bugs for packaging a new upstream version, but care should be
+taken to minimize the impact to the maintainer.) Fixing cosmetic issues
+or changing the packaging style (e.g. switching from cdbs to dh) in NMUs
+is discouraged.
@@ -2060,7 +2072,7 @@ Other NMUs: 10 days
Those delays are only examples. In some cases, such as uploads fixing security
-issues, or fixes for trivial bugs that blocking a transition, it is desirable
+issues, or fixes for trivial bugs that block a transition, it is desirable
that the fixed package reaches unstable sooner.
@@ -2489,7 +2501,7 @@ scripts. See below for details.
Some further dependency analysis is shown on â but be warned, this page also
+url="https://release.debian.org/migration/"> â but be warned, this page also
shows build dependencies which are not considered by britney.
@@ -2687,13 +2699,13 @@ before or after this main run, depending on the exact type.
If you want to see more details, you can look it up on .
+url="https://&ftp-master-host;/testing/update_output/">.
The hints are available via , where you can find
+url="https://&ftp-master-host;/testing/hints/">, where you can find
the
-description
+description
as well. With the hints, the Debian Release team can block or unblock
packages, ease or force packages into testing, remove
packages from testing, approve uploads to