umegaya/ todo

To do

  • Failures to download the debian/upstream file should trigger a refractory period using YAML-REFRESH-DATE so that umegaya-refresh-blends does not hammer Alioth uselessly when a large number of binary packages correspond to a single source package that has no debian/upstream file.

  • Keep an eye on https://joinup.ec.europa.eu/asset/adms_foss/description

  • umegaya-refresh-blends should log warnings instead of sending them to root via the cron job.

  • Make sure the cron job can work when the package is removed but not purged.

  • Make umegaya-adm case-insensitive

  • Safeguards to that umegaya only works on source package names.

  • Cleanups to remove bogus files.

    for package in $(for file in $(find . -name '*.upstream') ; do basename $file .upstream ; done) ; do echo -ne "$package\t" ; apt-cache showsrc $package | grep Package -m1 | awk '{print $2}'; done

    The above prints the package name according to the file, and the source package name. Mismatches should be errors, but there are false positives, such as 'dialign-tx dialign-t'

  • Prevent the creation of arbitrary file names (with spaces) that are not package names.

  • Do not create empty file if contents were not retrieved.
  • Check if there is no buggy package names with spaces in the berkeley DB.

  • Do not create 404 Gitweb files nor '500 read timeout' files.

  • See the example file 'example-push-metadata' on how to clean a package-metadata repository before pushing

  • Die gracefully if package is not found.

  • Make sure two processes can run at the same time.

  • Support HTTP DELETE method.

  • Ignore safely the reserved YAML-* field names.
  • Warn if debcheckout fails.
  • User-Agent HTTP header.
  • A Lintian check.
  • dh_bibref ?
  • Regression tests.
  • Store YAML load errors.
  • An example debian/upstream/metadata file, that illustrates YAML syntax.

  • Use a proper installation script instead of debian/install.

  • umegaya-adm: return package list when invoked with -k and -v Useful for searching for NA YAML-URLs.

  • Make help page of umegaya accessible when ran through a path (not from the current directory).

  • Sanitize input of the CGI program; it looks completely insecure.

  • Read http://perldoc.perl.org/CGI.html#Avoiding-Denial-of-Service-Attacks

  • URL-encode pacakge (and perhaps key) names.

  • Warn when VCS URL does not point at a directory (lack a trailing slash).

  • Integrate in the PTS.

  • Detect all source packages that contain a debian/upstream/metadata file, for instance using apt-file's "-a source" option (see "#632254").

  • Provide an index of all packages in the Umegaya database (or with upstream metadata in the UDD).

  • Accept new debian/upstream/metadata files from the public.

  • Integrate with http://duck.debian.net/

  • Report better errors when a package does not contain upstream medatdata.