From 9f82b2668204df053d12d1a8017a7a1fb5f3eeed Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Thu, 1 Jan 2026 16:05:40 +0000 Subject: [PATCH] Demote sudo to Recommends ... and indicate which tools need it in the package description. At least on current Debian testing, `run0` is an adequate non-setuid replacement for `sudo` for typical interactive purposes. The only obstacle to me removing `sudo` from my system entirely is that `ubuntu-dev-tools` depends on it, but only for tools that I don't need any more. Given that a significant subset of this package is useful without `sudo` (e.g. `pull-debian-source` and friends, `syncpackage`, `backportpackage` provided that you aren't asking it to build using `pbuilder`, and so on), I think Recommends would be more appropriate than Depends. This won't affect Ubuntu systems at present since `sudo` is still in the minimal seed, and it also won't affect typical users who install with Recommends, but it would make it easier for some users to choose to reduce their security exposure. --- debian/changelog | 7 +++++++ debian/control | 9 +++++---- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/debian/changelog b/debian/changelog index 3d8e0cc..1ab3423 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +ubuntu-dev-tools (0.209) UNRELEASED; urgency=medium + + * Demote sudo to Recommends, and indicate which tools need it in the + package description. + + -- Colin Watson Thu, 01 Jan 2026 16:05:08 +0000 + ubuntu-dev-tools (0.208) unstable; urgency=medium [ Gianfranco Costamagna ] diff --git a/debian/control b/debian/control index eabd95b..ea9be4a 100644 --- a/debian/control +++ b/debian/control @@ -60,7 +60,6 @@ Depends: python3-ubuntutools (= ${binary:Version}), python3-yaml, sensible-utils, - sudo, tzdata, ${misc:Depends}, ${perl:Depends}, @@ -77,6 +76,7 @@ Recommends: quilt, reportbug (>= 3.39ubuntu1), sbuild | pbuilder | cowbuilder, + sudo, ubuntu-keyring | ubuntu-archive-keyring, Suggests: bzr | brz, @@ -93,7 +93,7 @@ Description: useful tools for Ubuntu developers willing to help fix it. - check-mir - check support status of build/binary dependencies - check-symbols - will compare and give you a diff of the exported symbols of - all .so files in a binary package. + all .so files in a binary package. [sudo] - dch-repeat - used to repeat a change log into an older release. - grab-merge - grabs a merge from merges.ubuntu.com easily. - grep-merges - search for pending merges from Debian. @@ -101,9 +101,10 @@ Description: useful tools for Ubuntu developers - merge-changelog - manually merges two Debian changelogs with the same base version. - mk-sbuild - script to create LVM snapshot chroots via schroot and - sbuild. + sbuild. [sbuild, sudo] - pbuilder-dist, cowbuilder-dist - wrapper script for managing several build chroots (for different Ubuntu and Debian releases) on the same system. + [pbuilder | cowbuilder, sudo] - pull-debian-debdiff - attempts to find and download a specific version of a Debian package and its immediate parent to generate a debdiff. - pull-debian-source - downloads the latest source package available in @@ -123,7 +124,7 @@ Description: useful tools for Ubuntu developers autopkgtests on the Ubuntu autopkgtest infrastructure - seeded-in-ubuntu - query if a package is safe to upload during a freeze. - setup-packaging-environment - assistant to get an Ubuntu installation - ready for packaging work. + ready for packaging work. [sudo] - sponsor-patch - Downloads a patch from a Launchpad bug, patches the source package, and uploads it (to Ubuntu or a PPA) - submittodebian - automatically send your changes to Debian as a bug report.