<div dir="ltr"><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">Hello Lukas,</span><br><div><br></div><div>thank you for the detailed review, especially for noticing that CPPFLAGS must be used.<br></div><div><br></div><div>I applied your patch and the changes you proposed.<br>The "formatting" typo is fixed upstream [1] and will appear in the next version.</div><div><br></div><div>I've put the updated package to mentors [2] to seek for a brave uploader.</div><div><br></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">[1] <a href="https://github.com/rhash/RHash/commit/9069daee36a70726753976499c77ee543cda1871" target="_blank">https://github.com/rhash/<wbr>RHash/commit/<wbr>9069daee36a70726753976499c77ee<wbr>543cda1871</a></span><br></div><div>[2] <a href="https://mentors.debian.net/package/rhash">https://mentors.debian.net/package/rhash</a></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><br></span></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"> Thanks,</span></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"> Aleksey.</span></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Feb 13, 2018 at 1:24 AM, Lukas Schwaighofer <span dir="ltr"><<a href="mailto:lukas@schwaighofer.name" target="_blank">lukas@schwaighofer.name</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi Aleksey,<br>
<br>
thanks for working on the Debian package of your software! :)<br>
<span><br>
On Mon, 12 Feb 2018 14:21:33 +0300<br>
Aleksey Kravchenko <<a href="mailto:rhash.admin@gmail.com" target="_blank">rhash.admin@gmail.com</a>> wrote:<br>
<br>
> I've recently finished packaging new RHash version [1] for the Debian<br>
> Security Tools Packaging Team, and now I need a sponsor to review and<br>
> upload it.<br>
><br>
> Could you please help me with this?<br>
><br>
> [1] <a href="https://mentors.debian.net/package/rhash" rel="noreferrer" target="_blank">https://mentors.debian.net/pac<wbr>kage/rhash</a><br>
<br>
</span>I cannot sponsor your package, since I'm not a Debian Developer. But<br>
I'll try to help with the reviewing part :) .<br>
<br>
<br>
All your changes look very reasonable. Things I noticed:<br>
<br>
* Since you are migrating from a manual -dbg package to an automatic<br>
dbgsym package, I believe you need to use the "--debug-migration"<br>
option from dh_strip. See dh_strip(1) for more information.<br>
<br>
* The "Change Maintainer field" changelog entry could be more<br>
informative. How about mentioning that it's now under pkg-security's<br>
umbrella?<br>
<br>
* Debhelper compatibility level 11 is stable now, so why not upgrade to<br>
that? :)<br>
<br>
* debian/rules suggestions<br>
- From my pkg-security experience, we usually use "hardening=+all"<br>
for the DEB_BUILD_MAINT_OPTIONS. This is currently equivalent to<br>
what you are using ("hardening=+bindnow"), but it's conceivable<br>
that new hardening features will be added in the future and then<br>
we'll automatically enable them in a rebuild.<br>
- Since upstream's build system does not support CPPFLAGS, Debian's<br>
CPPFLAGS are not applied; it makes sense to pass those as CFLAGS to<br>
make (together with the actual CFLAGS).<br>
- The file is quite hard to read, so I'd suggest a bit of<br>
housekeeping:<br>
. The `-g` flag is already in CFLAGS and does not need to be added a<br>
second time if DEB_BUILD_OPTIONS contains "debug".<br>
. Newer debhelper versions already support parallelism, no need for<br>
manual quirks<br>
. No need to set the unchanged "LDFLAGS" variable (instead set the<br>
LIBLDFLAGS explicitly with `dpkg-buidlflags`)<br>
. The value LIB_LD is set to looks plain wrong: nothing is<br>
installed to debian/tmp and the LD_LIBRARY_PATH variable is not<br>
set. Dropping it completely does not seem to affect the tests.<br>
I've attached a patch for the debian/rules containing all these<br>
suggestions (but not my first point about dh_strip). Feel free<br>
to disregard any of it if you disagree.<br>
<br>
* Nit: The word "formatting" is misspelled in several places, maybe you<br>
can correct that upstream :) .<br>
<br>
<br>
I hope that helps. If anything is unclear don't hesitate to ask. I see<br>
you had asked for sponsorhip ~6 weeks ago. If no one responds I'd<br>
recommend you just re-ping after some time. I believe the people here<br>
don't ignore these requests intentionally and won't mind the reminder.<br>
<br>
Regards<br>
<span class="gmail-m_-5738279237533147922HOEnZb"><font color="#888888">Lukas<br>
</font></span></blockquote></div><br></div></div>