[Bug 2005123] Re: Upgrade Cargo to 0.67.1
Simon Chopin
2005123 at bugs.launchpad.net
Thu Feb 16 15:36:19 UTC 2023
Alright. It looks fairly good, but lintian seems fairly angry:
E: cargo changes: inconsistent-maintainer Simon Chopin <simon.chopin at canonical.com> (changes vs. source) Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
W: cargo source: debian-watch-not-mangling-version opts="filenamemangle=s%(?:.*?)?v?(\d[\d.]*)\.tar\.gz%cargo-$1.tar.gz%" https://github.com/rust-lang/cargo/tags (?:.*?/)?v?(\d[\d.]*)\.tar\.gz [debian/watch:4]
W: cargo-doc: embedded-javascript-library please use libjs-normalize [usr/share/doc/cargo/doc/normalize.css]
W: cargo source: file-without-copyright-information vendor/num-traits/.cargo-checksum.json [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/Cargo.toml [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/LICENSE-APACHE [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/LICENSE-MIT [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/README.md [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/RELEASES.md [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/build.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/debian/patches/dont-run-mipsel-failing-doctests.diff [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/debian/patches/series [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/bounds.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/cast.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/float.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/identities.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/int.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/lib.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/macros.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/ops/checked.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/ops/euclid.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/ops/inv.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/ops/mod.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/ops/mul_add.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/ops/overflowing.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/ops/saturating.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/ops/wrapping.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/pow.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/real.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/src/sign.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/num-traits/tests/cast.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/ordered-float/.cargo-checksum.json [debian/copyright]
W: cargo source: file-without-copyright-information vendor/ordered-float/Cargo.toml [debian/copyright]
W: cargo source: file-without-copyright-information vendor/ordered-float/LICENSE-MIT [debian/copyright]
W: cargo source: file-without-copyright-information vendor/ordered-float/README.md [debian/copyright]
W: cargo source: file-without-copyright-information vendor/ordered-float/debian/patches/drop-features.patch [debian/copyright]
W: cargo source: file-without-copyright-information vendor/ordered-float/debian/patches/series [debian/copyright]
W: cargo source: file-without-copyright-information vendor/ordered-float/rustfmt.toml [debian/copyright]
W: cargo source: file-without-copyright-information vendor/ordered-float/src/lib.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/ordered-float/tests/test.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/serde-value/.cargo-checksum.json [debian/copyright]
W: cargo source: file-without-copyright-information vendor/serde-value/Cargo.toml [debian/copyright]
W: cargo source: file-without-copyright-information vendor/serde-value/README.md [debian/copyright]
W: cargo source: file-without-copyright-information vendor/serde-value/src/de.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/serde-value/src/lib.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/serde-value/src/ser.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/toml_datetime/.cargo-checksum.json [debian/copyright]
W: cargo source: file-without-copyright-information vendor/toml_datetime/Cargo.toml [debian/copyright]
W: cargo source: file-without-copyright-information vendor/toml_datetime/LICENSE-APACHE [debian/copyright]
W: cargo source: file-without-copyright-information vendor/toml_datetime/LICENSE-MIT [debian/copyright]
W: cargo source: file-without-copyright-information vendor/toml_datetime/README.md [debian/copyright]
W: cargo source: file-without-copyright-information vendor/toml_datetime/src/datetime.rs [debian/copyright]
W: cargo source: file-without-copyright-information vendor/toml_datetime/src/lib.rs [debian/copyright]
W: cargo source: mismatched-override missing-license-paragraph-in-dep5-copyright debian/copyright mpl-2.0+ (*) [debian/source/lintian-overrides:3]
W: cargo source: mismatched-override superfluous-file-pattern debian/copyright * (*) [debian/source/lintian-overrides:6]
W: cargo source: missing-license-paragraph-in-dep5-copyright mpl-2.0+ [debian/copyright:287]
W: cargo-doc: privacy-breach-generic [<img alt="xid_continue bitmap" width="256" src="https://user-images.githubusercontent.com/1940490/168647367-f447cca7-2362-4d7d-8cd7-d21c011d329b.png">] (https://user-images.githubusercontent.com/1940490/168647367-f447cca7-2362-4d7d-8cd7-d21c011d329b.png) [usr/share/doc/cargo/doc/unicode_ident/index.html]
W: cargo-doc: privacy-breach-generic [<img alt="xid_start bitmap" width="256" src="https://user-images.githubusercontent.com/1940490/168647353-c6eeb922-afec-49b2-9ef5-c03e9d1e0760.png">] (https://user-images.githubusercontent.com/1940490/168647353-c6eeb922-afec-49b2-9ef5-c03e9d1e0760.png) [usr/share/doc/cargo/doc/unicode_ident/index.html]
W: cargo-doc: privacy-breach-generic [<img src="https://img.shields.io/badge/crates.io-fc8d62?style=for-the-badge&labelcolor=555555&logo=rust" alt="crates-io" />] (https://img.shields.io/badge/crates.io-fc8d62?style=for-the-badge&labelcolor=555555&logo=rust) [usr/share/doc/cargo/doc/proc_macro2/index.html]
W: cargo-doc: privacy-breach-generic [<img src="https://img.shields.io/badge/crates.io-fc8d62?style=for-the-badge&labelcolor=555555&logo=rust" alt="crates-io" />] (https://img.shields.io/badge/crates.io-fc8d62?style=for-the-badge&labelcolor=555555&logo=rust) [usr/share/doc/cargo/doc/quote/index.html]
W: cargo-doc: privacy-breach-generic [<img src="https://img.shields.io/badge/crates.io-fc8d62?style=for-the-badge&labelcolor=555555&logo=rust" alt="crates-io" />] (https://img.shields.io/badge/crates.io-fc8d62?style=for-the-badge&labelcolor=555555&logo=rust) [usr/share/doc/cargo/doc/syn/index.html]
W: cargo-doc: privacy-breach-generic [<img src="https://img.shields.io/badge/crates.io-fc8d62?style=for-the-badge&labelcolor=555555&logo=rust" alt="crates-io" />] (https://img.shields.io/badge/crates.io-fc8d62?style=for-the-badge&labelcolor=555555&logo=rust) [usr/share/doc/cargo/doc/unicode_ident/index.html]
W: cargo-doc: privacy-breach-generic [<img src="https://img.shields.io/badge/docs.rs-66c2a5?style=for-the-badge&labelcolor=555555&logo=docs.rs" alt="docs-rs" />] (https://img.shields.io/badge/docs.rs-66c2a5?style=for-the-badge&labelcolor=555555&logo=docs.rs) [usr/share/doc/cargo/doc/proc_macro2/index.html]
W: cargo-doc: privacy-breach-generic [<img src="https://img.shields.io/badge/docs.rs-66c2a5?style=for-the-badge&labelcolor=555555&logo=docs.rs" alt="docs-rs" />] (https://img.shields.io/badge/docs.rs-66c2a5?style=for-the-badge&labelcolor=555555&logo=docs.rs) [usr/share/doc/cargo/doc/quote/index.html]
W: cargo-doc: privacy-breach-generic [<img src="https://img.shields.io/badge/docs.rs-66c2a5?style=for-the-badge&labelcolor=555555&logo=docs.rs" alt="docs-rs" />] (https://img.shields.io/badge/docs.rs-66c2a5?style=for-the-badge&labelcolor=555555&logo=docs.rs) [usr/share/doc/cargo/doc/syn/index.html]
W: cargo-doc: privacy-breach-generic [<img src="https://img.shields.io/badge/docs.rs-66c2a5?style=for-the-badge&labelcolor=555555&logo=docs.rs" alt="docs-rs" />] (https://img.shields.io/badge/docs.rs-66c2a5?style=for-the-badge&labelcolor=555555&logo=docs.rs) [usr/share/doc/cargo/doc/unicode_ident/index.html]
W: cargo-doc: privacy-breach-generic [<img src="https://img.shields.io/badge/github-8da0cb?style=for-the-badge&labelcolor=555555&logo=github" alt="github" />] (https://img.shields.io/badge/github-8da0cb?style=for-the-badge&labelcolor=555555&logo=github) [usr/share/doc/cargo/doc/proc_macro2/index.html]
W: cargo-doc: privacy-breach-generic [<img src="https://img.shields.io/badge/github-8da0cb?style=for-the-badge&labelcolor=555555&logo=github" alt="github" />] (https://img.shields.io/badge/github-8da0cb?style=for-the-badge&labelcolor=555555&logo=github) [usr/share/doc/cargo/doc/quote/index.html]
W: cargo-doc: privacy-breach-generic [<img src="https://img.shields.io/badge/github-8da0cb?style=for-the-badge&labelcolor=555555&logo=github" alt="github" />] (https://img.shields.io/badge/github-8da0cb?style=for-the-badge&labelcolor=555555&logo=github) [usr/share/doc/cargo/doc/syn/index.html]
W: cargo-doc: privacy-breach-generic [<img src="https://img.shields.io/badge/github-8da0cb?style=for-the-badge&labelcolor=555555&logo=github" alt="github" />] (https://img.shields.io/badge/github-8da0cb?style=for-the-badge&labelcolor=555555&logo=github) [usr/share/doc/cargo/doc/unicode_ident/index.html]
W: cargo source: superfluous-file-pattern vendor/bstr-*/* [debian/copyright:139]
W: cargo source: superfluous-file-pattern vendor/crossbeam-utils/* [debian/copyright:203]
W: cargo source: superfluous-file-pattern vendor/num_cpus/* [debian/copyright:348]
W: cargo source: superfluous-file-pattern vendor/textwrap/* [debian/copyright:486]
W: cargo source: unknown-field Original-Vcs-Browser
W: cargo source: unknown-field Original-Vcs-Git
W: cargo source: unknown-field Vendored-Sources-Rust
W: cargo: unknown-field Original-Vcs-Browser
W: cargo: unknown-field Original-Vcs-Git
W: cargo-dbgsym: unknown-field Original-Vcs-Browser
W: cargo-dbgsym: unknown-field Original-Vcs-Git
W: cargo-doc: unknown-field Original-Vcs-Browser
W: cargo-doc: unknown-field Original-Vcs-Git
vs this output for the 0.66 currently in the archive:
E: cargo changes: inconsistent-maintainer Simon Chopin <simon.chopin at canonical.com> (changes vs. source) Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
W: cargo source: debian-watch-not-mangling-version opts="filenamemangle=s%(?:.*?)?v?(\d[\d.]*)\.tar\.gz%cargo-$1.tar.gz%" https://github.com/rust-lang/cargo/tags (?:.*?/)?v?(\d[\d.]*)\.tar\.gz [debian/watch:4]
W: cargo-doc: embedded-javascript-library please use libjs-normalize [usr/share/doc/cargo/doc/normalize.css]
W: cargo source: mismatched-override missing-license-paragraph-in-dep5-copyright debian/copyright mpl-2.0+ (*) [debian/source/lintian-overrides:3]
W: cargo source: mismatched-override superfluous-file-pattern debian/copyright * (*) [debian/source/lintian-overrides:6]
W: cargo source: missing-license-paragraph-in-dep5-copyright mpl-2.0+ [debian/copyright:287]
W: cargo source: superfluous-file-pattern vendor/crossbeam-utils/* [debian/copyright:203]
W: cargo source: superfluous-file-pattern vendor/num_cpus/* [debian/copyright:348]
W: cargo source: unknown-field Original-Vcs-Browser
W: cargo source: unknown-field Original-Vcs-Git
W: cargo source: unknown-field Vendored-Sources-Rust
W: cargo: unknown-field Original-Vcs-Browser
W: cargo: unknown-field Original-Vcs-Git
W: cargo-dbgsym: unknown-field Original-Vcs-Browser
W: cargo-dbgsym: unknown-field Original-Vcs-Git
W: cargo-doc: unknown-field Original-Vcs-Browser
W: cargo-doc: unknown-field Original-Vcs-Git
I don't expect the package to be lintian-clean, far from it (especially since some of those warnings are for things that are purposefully done), but could you update the copyright information, and maybe patch out the GH badge thingies in the doc?
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cargo in Ubuntu.
https://bugs.launchpad.net/bugs/2005123
Title:
Upgrade Cargo to 0.67.1
Status in cargo package in Ubuntu:
New
Bug description:
Upgrade Cargo to 0.67.1. This version properly addresses
CVE-2022-46176 and does not require patching.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cargo/+bug/2005123/+subscriptions
More information about the foundations-bugs
mailing list