Lintian v2.121.1+nmu1 Options: -i -I -E --pedantic --profile debian N: W: debomatic source: newer-standards-version 4.7.2 (current is 4.7.0) N: N: The source package refers to a Standards-Version which is newer than the N: highest one Lintian is programmed to check. N: N: If the source package is correct, please upgrade Lintian to the newest N: version. N: N: Visibility: warning N: Show-Always: no N: Check: fields/standards-version N: N: I: debomatic source: quilt-patch-missing-description [debian/patches/ro_po.patch] N: N: quilt patch files should start with a description of patch. All lines N: before the start of the patch itself are considered part of the N: description. You can edit the description with quilt header -e when the N: patch is at the top of the stack. N: N: As well as a description of the purpose and function of the patch, the N: description should ideally contain author information, a URL for the bug N: report (if any), Debian or upstream bugs fixed by it, upstream status, the N: Debian version and date the patch was first included, and any other N: information that would be useful if someone were investigating the patch N: and underlying problem. Please consider using the DEP 3 format for this N: information. N: N: Please refer to https://dep-team.pages.debian.net/deps/dep3/ for details. N: N: Visibility: info N: Show-Always: no N: Check: debian/patches/quilt N: N: X: debomatic source: debian-watch-does-not-check-openpgp-signature [debian/watch] N: N: This watch file does not specify a means to verify the upstream tarball N: using a cryptographic signature. N: N: If upstream distributions provides such signatures, please use the N: pgpsigurlmangle options in this watch file's opts= to generate the URL of N: an upstream OpenPGP signature. This signature is automatically downloaded N: and verified against a keyring stored in debian/upstream/signing-key.asc N: N: Of course, not all upstreams provide such signatures but you could request N: them as a way of verifying that no third party has modified the code after N: its release (projects such as phpmyadmin, unrealircd, and proftpd have N: suffered from this kind of attack). N: N: Please refer to the uscan(1) manual page for details. N: N: Visibility: pedantic N: Show-Always: no N: Check: debian/watch N: Renamed from: debian-watch-does-not-check-gpg-signature N: debian-watch-may-check-gpg-signature N: This tag is experimental. N: N: X: debomatic source: prefer-uscan-symlink filenamemangle s/.+\/v?(\d\S*)\.tar\.gz/debomatic-$1\.tar\.gz/ [debian/watch:3] N: N: Please consider setting USCAN_SYMLINK=rename in your ~/.devscripts N: configuration file instead of using the option filenamemangle in N: debian/watch. N: N: Please check with your team before making changes to sources you maintain N: together. There are circumstances when the filenamemangle option is N: better. N: N: Please refer to the uscan(1) manual page for details. N: N: Visibility: pedantic N: Show-Always: no N: Check: debian/watch N: This tag is experimental. N: N: X: debomatic: systemd-service-file-missing-hardening-features [usr/lib/systemd/system/debomatic.service] N: N: The specified systemd .service file does not appear to enable any N: hardening options. N: N: systemd has support for many security-oriented features such as isolating N: services from the network, private /tmp directories, as well as control N: over making directories appear read-only or even inaccessible, etc. N: N: Please consider supporting some options, collaborating upstream where N: necessary about any potential changes. N: N: Please refer to the systemd.service(5) manual page and N: http://0pointer.de/blog/projects/security.html for details. N: N: Visibility: pedantic N: Show-Always: no N: Check: systemd N: This tag is experimental. N: