If you were to submit a package to Arch they recommend you run namcap.....normally this means run namcap against your PKGBUILD
https://wiki.archlinux.org/index.php/Ar ... _standards
rootVerify the package dependencies (eg, run ldd on dynamic executables, check tools required by scripts, etc). The TU team strongly recommend the use of the namcap utility, written by Jason Chu (firstname.lastname@example.org), to analyze the sanity of packages. namcap will warn you about bad permissions, missing dependencies, un-needed dependencies, and other common mistakes. You can install the namcap package with pacman. Remember namcap can be used to check both pkg.tar.gz files and PKGBUILDs
Code: Select all
pman -S namcap
Code: Select all
namcap -L -------------------- Namcap rule list -------------------- anyelf : Check for ELF files to see if a package should be 'any' architecture array : Verifies that array variables are actually arrays badbackups : Checks for bad backup entries capsnamespkg : Verifies package name in package does not include upper case letters carch : Verifies that no specific host type is used checksums : Verifies checksums are included in a PKGBUILD description : Verifies that the description is set in a PKGBUILD directoryname : Checks for standard directories. elfexecstack : Check for executable stacks in ELF files. elfpaths : Check about ELF files outside some standard paths. elftextrel : Check for text relocations in ELF files. emptydir : Warns about empty directories in a package extravars : Verifies that extra variables start with an underscore fhs-infopages : Verifies correct installation of info pages fhs-manpages : Verifies correct installation of man pages filenames : Checks for invalid filenames. fileownership : Checks file ownership. giomodules : Check that GIO modules are registered glibschemas : Check that dconf schemas are compiled gnomemime : Checks for generated GNOME mime files hardlinks : Look for cross-directory/partition hard links hicoloricons : Checks whether the hicolor icon cache is updated. infodirectory : Checks for info directory file. infoinstall : Checks that info files are correctly installed. invalidstartdir : Looks for references to $startdir javafiles : Check for existence of Java classes or JARs kdeprograms : Checks that KDE programs have kdebase-runtime as a dependency libtool : Checks for libtool (*.la) files. license : Verifies license is included in a PKGBUILD licensepkg : Verifies license is included in a package file lots-of-docs : See if a package is carrying more documentation than it should mimedesktop : Check that MIME associations are updated mimefiles : Check for files in /usr/share/mime missingbackups : Backup files listed in package should exist perllocal : Verifies the absence of perllocal.pod. permissions : Checks file permissions. pkgnameindesc : Verifies if the package name is included on package description rpath : Verifies correct and secure RPATH for files. rubypaths : Verifies correct usage of folders by ruby packages scrollkeeper : Verifies that there aren't any scrollkeeper directories. sfurl : Checks for proper sourceforge URLs shebangdepends : Checks dependencies semi-smartly. sodepends : Checks dependencies caused by linked shared libraries splitpkgfunctions : Checks that all package_* functions exist. splitpkgmakedeps : Checks that a split PKGBUILD has enough makedeps. symlink : Checks that symlinks point to the right place tags : Looks for Maintainer and Contributor comments unusedsodepends : Checks for unused dependencies caused by linked shared libraries urlpkg : Verifies url is included in a package file
It has wiki here
Of relevance are the types of output by running namcap -i PKGBUILD
tags are of three types, errors (denoted by E), warnings (denoted by W) and informational (denoted by I). An error is important and should be fixed immediately; mostly they relate to insufficient security, missing licenses or permission problems.
Normally namcap prints a human-readable explanation (sometimes with suggestions on how to fix the problem). If you want output which can be easily parsed by a program, then pass the -m (machine-readable) flag to namcap (this feature is currently in the development branch).