A source NMU should have a Debian revision of "-x.x" (or "+nmuX" for a native package). This is to prevent stealing version numbers from the maintainer. Maybe you didn't intend this upload to be a NMU, in that case, please double-check that the most recent entry in the changelog is byte-for-byte identical to the maintainer or one of the uploaders. If this is a local package (not intended for Debian), you can suppress this warning by putting "local" in the version number or "local package" on the first line of the changelog entry. Please refer to NMUs and debian/changelog (Section 5.11.2) in the Debian Developer's Reference for details. Visibility: warning Show-Always: no Check: nmu
[debian/changelog:1]
The version= line in the debian/watch file in this package declares an older version. Please upgrade when you have a chance. Please refer to the uscan(1) manual page for details. Visibility: info Show-Always: no Check: debian/watch/standard
[debian/watch]
The source package refers to a Standards-Version older than the one that was current at the time the package was created (according to the timestamp of the latest debian/changelog entry). Please consider updating the package to current Policy and setting this control field appropriately. If the package is already compliant with the current standards, you don't have to re-upload the package just to adjust the Standards-Version control field. However, please remember to update this field next time you upload the package. See /usr/share/doc/debian-policy/upgrading-checklist.txt.gz in the debian-policy package for a summary of changes in newer versions of Policy. Please refer to https://www.debian.org/doc/debian-policy/upgrading-checklist.html for details. Visibility: info Show-Always: no Check: fields/standards-version
The DEP 12 metadata file does not specify any upstream bug tracking information (ie. the Bug-Database or Bug-Submit fields are missing). The upstream metadata can be found in the source package in the file debian/upstream/metadata. Please refer to https://dep-team.pages.debian.net/deps/dep12/ for details. Visibility: info Show-Always: no Check: debian/upstream/metadata
[debian/upstream/metadata]
This package does not use a machine-readable debian/copyright file. This format makes it easier to review licenses and can be easily parsed by Lintian. Please refer to https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ for details. Visibility: pedantic Show-Always: no Check: debian/copyright/dep5
[debian/copyright]
The field Rules-Requires-Root is missing from the file debian/control. Over time, Debian has successively narrowed the steps for which elevated privileges are required. It speeds up the building of installation packages in the archive. Eventually, Debian will switch the default archive-wide behaviour to expedite the build process further. Please declare explicitly that the sources do not require root privileges. You can use the setting Rules-Requires-Root: no in the source stanza of debian/control, but please verify with diffoscope(1) that the installation packages produced are in fact identical. Please refer to usr/share/doc/dpkg/spec/rootless-builds.txt, debian/rules and Rules-Requires-Root (Section 4.9.2) in the Debian Policy Manual, and Rules-Requires-Root (Section 5.6.31) in the Debian Policy Manual for details. Visibility: pedantic Show-Always: no Check: debian/control/field/rules-requires-root Renamed from: rules-requires-root-missing
[debian/control]
[debian/changelog:102]
[debian/changelog:110]
[debian/changelog:153]
This watch file does not specify a means to verify the upstream tarball using a cryptographic signature. If upstream distributions provides such signatures, please use the pgpsigurlmangle options in this watch file's opts= to generate the URL of an upstream OpenPGP signature. This signature is automatically downloaded and verified against a keyring stored in debian/upstream/signing-key.asc Of course, not all upstreams provide such signatures but you could request them as a way of verifying that no third party has modified the code after its release (projects such as phpmyadmin, unrealircd, and proftpd have suffered from this kind of attack). Please refer to the uscan(1) manual page for details. Visibility: pedantic Show-Always: no Check: debian/watch Renamed from: debian-watch-does-not-check-gpg-signature debian-watch-may-check-gpg-signature This tag is experimental.
[debian/watch]
This is the debhelper compat level used specified by this package. Visibility: classification Show-Always: no Check: debhelper This tag is a classification. There is no issue in your package.
This package is using the debhelper-compat virtual package as a build-dependency. Visibility: classification Show-Always: no Check: debhelper This tag is a classification. There is no issue in your package.
[debian/control]
This is the build system that Lintian believes the package is using. Visibility: classification Show-Always: no Check: debhelper This tag is a classification. There is no issue in your package.
[debian/rules]
The watch file uses this version standard. The currently known watch file versions are 2, 3 and 4. Version 1 means it was undeclared. Please refer to the uscan(1) manual page for details. Visibility: classification Show-Always: no Check: debian/watch/standard This tag is a classification. There is no issue in your package.
[debian/watch]
This package uses the specified patch system (eg. "quilt" or "dpatch"). Visibility: classification Show-Always: no Check: debian/patches This tag is a classification. There is no issue in your package.
This is the source format declared in the package. Visibility: classification Show-Always: no Check: debian/source-dir This tag is a classification. There is no issue in your package.
The standards version of the package according to Standards-Version field in the debian/control file. Visibility: classification Show-Always: no Check: fields/standards-version This tag is a classification. There is no issue in your package.
[debian/control:5]
[debian/control:11]
[debian/control:4]
[debian/control:3]
[debian/control:2]
[debian/control:1]
[debian/control:10]
[debian/control:14]
[debian/control:19]
[debian/control:15]
[debian/control:20]
[debian/control:13]
[debian/control:17]
[debian/control:18]
[debian/upstream/metadata]
[debian/upstream/metadata]
[debian/upstream/metadata]
[debian/upstream/metadata]
The sources contain a DEP 12 metadata file. Please refer to https://dep-team.pages.debian.net/deps/dep12/ for details. Visibility: classification Show-Always: no Check: debian/upstream/metadata This tag is a classification. There is no issue in your package.
[debian/upstream/metadata]
The latest entry in NEWS.Debian appears to use asterisks to present changes in a bulleted list, similar to the normal changelog syntax. The Debian Developer's Reference recommends using regular paragraphs in NEWS.Debian rather than a bulleted list. Please refer to Common errors in changelog entries (Section 6.3.4) in the Debian Developer's Reference for details. Visibility: info Show-Always: no Check: debian/changelog
[usr/share/doc/libtemplate-perl/NEWS.Debian.gz:1]
This package provides an ELF binary that lacks the "bindnow" linker flag. This is needed (together with "relro") to make the "Global Offset Table" (GOT) fully read-only. The bindnow feature trades startup time for improved security. Please consider enabling this feature or consider overriding the tag (possibly with a comment about why). If you use dpkg-buildflags, you may have to add hardening=+bindnow or hardening=+all to DEB_BUILD_MAINT_OPTIONS. The relevant compiler flags are set in LDFLAGS. Please refer to https://wiki.debian.org/Hardening for details. Visibility: info Show-Always: no Check: binaries/hardening
[usr/lib/arm-linux-gnueabi/perl5/5.40/auto/Template/Stash/XS/XS.so]
[usr/share/man/man3/Template::Stash::Context.3pm.gz:64]
[usr/share/man/man3/Template::Manual::Filters.3pm.gz:349]
[usr/bin/tpage]
[usr/bin/ttree]
[usr/bin/tpage]
[usr/bin/ttree]