Lintian v2.116.3 Options: -i -I -E --pedantic --profile debian N: X: odr-audioenc source: debian-watch-does-not-check-openpgp-signature [debian/watch] N: N: This watch file does not specify a means to verify the upstream tarball N: using a cryptographic signature. N: N: If upstream distributions provides such signatures, please use the N: pgpsigurlmangle options in this watch file's opts= to generate the URL of N: an upstream OpenPGP signature. This signature is automatically downloaded N: and verified against a keyring stored in debian/upstream/signing-key.asc N: N: Of course, not all upstreams provide such signatures but you could request N: them as a way of verifying that no third party has modified the code after N: its release (projects such as phpmyadmin, unrealircd, and proftpd have N: suffered from this kind of attack). N: N: Please refer to the uscan(1) manual page for details. N: N: Visibility: pedantic N: Show-Always: no N: Check: debian/watch N: Renamed from: debian-watch-does-not-check-gpg-signature N: debian-watch-may-check-gpg-signature N: This tag is experimental. N: N: X: odr-audioenc source: prefer-uscan-symlink filenamemangle s%(?:.*?)?v?(\d[\d.]*@ARCHIVE_EXT@)%@PACKAGE@-$1% [debian/watch:4] N: N: Please consider setting USCAN_SYMLINK=rename in your ~/.devscripts N: configuration file instead of using the option filenamemangle in N: debian/watch. N: N: Please check with your team before making changes to sources you maintain N: together. There are circumstances when the filenamemangle option is N: better. N: N: Please refer to the uscan(1) manual page for details. N: N: Visibility: pedantic N: Show-Always: no N: Check: debian/watch N: This tag is experimental. N: N: X: odr-audioenc source: very-long-line-length-in-source-file 22998 > 512 [libtoolame-dab/freqtable.h:1] N: N: The source file includes a line length that is well beyond the normally N: human made code line length. N: N: This very long line length does not allow Lintian to do correctly some N: source file checks. N: N: This line could also be the result of some text injected by a computer N: program, and thus could lead to FTBFS bugs. N: N: Last but not least, long line in source code could be used to obfuscate N: the source code and to hide stuff like backdoors or security problems. N: N: It could be due to jslint source comments or other build tool comments. N: N: You may report this issue upstream. N: N: Visibility: pedantic N: Show-Always: no N: Check: files/contents/line-length N: Renamed from: insane-line-length-in-source-file N: This tag is experimental. N: N: Screen: autotools/long-lines N: Advocates: "Russ Allbery" N: Reason: N: Upstream sources using autoconf have traditionally been N: distributed with generated ./configure scripts as well as N: other third-party m4 macro files such as libtool. N: N: When paired with automake, there may also be some intermediate N: Makefile.in files. N: N: A lot of sources potentially contain such files, but they are N: not actionable by either the Debian distributor or by the N: upstream maintainer. N: N: As a side note, modern Debian build protocols will re-create N: many of those files via dh_autoreconf. They are present merely N: to aid in bootstrapping systems where the GNU suite may not yet N: be available. N: N: Read more in Bug#996740. N: N: X: odr-audioenc source: very-long-line-length-in-source-file 555 > 512 [libtoolame-dab/html/psycho.html:15]