Debian Bug report logs - #736360
lintian: do not emit source-is-missing for doxygen embedding jquery

version graph

Package: lintian; Maintainer for lintian is Debian Lintian Maintainers <[email protected]>; Source for lintian is src:lintian (PTS, buildd, popcon).

Reported by: Helmut Grohne <[email protected]>

Date: Wed, 22 Jan 2014 18:36:01 UTC

Severity: normal

Found in versions lintian/2.5.2, lintian/2.5.60

Fixed in version lintian/2.5.57

Full log

🔗 View this message in rfc822 format

X-Loop: [email protected]
Subject: Bug#736360: lintian: do not warn about doxygen embedding jquery
Reply-To: Helmut Grohne <[email protected]>, [email protected]
Resent-From: Helmut Grohne <[email protected]>
Resent-To: [email protected]
Resent-CC: Debian Lintian Maintainers <[email protected]>
X-Loop: [email protected]
Resent-Date: Mon, 03 Feb 2014 12:36:04 +0000
Resent-Message-ID: <[email protected]>
Resent-Sender: [email protected]
X-Debian-PR-Message: followup 736360
X-Debian-PR-Package: lintian
X-Debian-PR-Keywords: 
X-Debian-PR-Source: lintian
Received: via spool by [email protected] id=B736360.13914308113813
          (code B ref 736360); Mon, 03 Feb 2014 12:36:04 +0000
Received: (at 736360) by bugs.debian.org; 3 Feb 2014 12:33:31 +0000
X-Spam-Checker-Version: SpamAssassin 3.3.2-bugs.debian.org_2005_01_02
	(2011-06-06) on buxtehude.debian.org
X-Spam-Level: 
X-Spam-Status: No, score=-7.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
	autolearn=ham version=3.3.2-bugs.debian.org_2005_01_02
X-Spam-Bayes: score:0.0000 Tokens: new, 5; hammy, 104; neutral, 46; spammy, 0.
	spammytokens: hammytokens:0.000-+--H*u:1.5.21, 0.000-+--H*UA:1.5.21,
	0.000-+--H*u:2010-09-15, 0.000-+--H*UA:2010-09-15, 0.000-+--lintian
Received: from isilmar-3.linta.de ([188.40.101.200] helo=linta.de)
	by buxtehude.debian.org with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA1:256)
	(Exim 4.80)
	(envelope-from <[email protected]>)
	id 1WAIiR-0000zC-EC
	for [email protected]; Mon, 03 Feb 2014 12:33:31 +0000
Received: (qmail 9909 invoked from network); 3 Feb 2014 12:33:26 -0000
Received: from localhost (HELO isilmar-3.linta.de) (127.0.0.1)
  by localhost with SMTP; 3 Feb 2014 12:33:26 -0000
Date: Mon, 3 Feb 2014 13:33:15 +0100
From: Helmut Grohne <[email protected]>
To: Jakub Wilk <[email protected]>
Cc: [email protected]
Message-ID: <20140203123315.GA2640@localhost>
Mail-Followup-To: Helmut Grohne <[email protected]>,
	Jakub Wilk <[email protected]>, [email protected]
References: <[email protected]>
 <[email protected]>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[email protected]>
User-Agent: Mutt/1.5.21 (2010-09-15)

On Mon, Feb 03, 2014 at 12:39:10PM +0100, Jakub Wilk wrote:
> Security is not the only issue here. jquery.js created by Doxygen is
> minified, so there's a risk that we ship it without source.

Thanks for highlighting the issue. Fortunately we already have a tool to
work around this issue. It is called Built-Using. Last time I checked
whether (dh_)doxygen should be simplifying the process of adding the
Built-Using headers, I achieved no consensus on the value of such a
change and discussion on what Built-Using is supposed to mean was still
ongoing. If there is consensus now, we can use that tool to address this
particular issue.

Do you think that this would adequately address the availability of
source? Do you happen to have an alternative proposal in mind?

Helmut

Send a report that this bug log contains spam.

Debian bug tracking system administrator <[email protected]>. Last modified: Tue May 13 11:26:52 2025; Machine Name: bembo

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU General Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.