Re: MBF: valgrind-if-available

[Ansgar Burchardt]

On Sun, 2022-02-27 at 03:40 +0100, Adam Borowski wrote:
> Among others, "command -v"
[...]
> * built-ins get reported as available.  And busybox has even "dpkg"
>   built-in, with a pretty bad implementation.

Like this?

+---
| % which which
| which: shell built-in command
+---

I suggest to implement a new utility named
`/usr/bin/posix-which2` utility if you do not want that ;-)
(Only after proper standardization of course.)

Ansgar

Accepted dune-pdelab 2.6~20180302-2 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 23 Oct 2019 19:13:24 +0200
Source: dune-pdelab
Architecture: source
Version: 2.6~20180302-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Ansgar Burchardt 
Changes:
 dune-pdelab (2.6~20180302-2) unstable; urgency=medium
 .
   * d/control: Build-Depend on libalberta-dev instead of libalberta2-dev.
   * Bumped Standards-Version to 4.4.1.
Checksums-Sha1:
 bfad7f2bc9e079f78ccdeea4a6734f3d4710fa11 2595 dune-pdelab_2.6~20180302-2.dsc
 b40947af3a311542924a64f728b1067a8195f12f 5308 
dune-pdelab_2.6~20180302-2.debian.tar.xz
Checksums-Sha256:
 f3c710057046d6a7f4f8ab987f6af18178ef47982141dc2f705287b6ce1ae742 2595 
dune-pdelab_2.6~20180302-2.dsc
 d9844131862c3e696cc17a3be32d4bf4e5e66cf969555f9b0a315e27f3044b07 5308 
dune-pdelab_2.6~20180302-2.debian.tar.xz
Files:
 0f154b058fa612c28d5d2f16bc139ba5 2595 libs optional 
dune-pdelab_2.6~20180302-2.dsc
 1ab00eed68107a0101c56eea9b7b843f 5308 libs optional 
dune-pdelab_2.6~20180302-2.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAl2wjcYSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTBxUP/Rtf2iDBF7C6yQwEYZU50TZjny9olLQG
nKJiuK8uKXwnL84ZMvHfM09FKPK0Z4xee45UyHCCZA5JqnfOdCiSoBa1E2Y3xArV
8k85S+6lWCbeK6KKlqf6EU03MGt1oh3HDm4WoNjJcgj0Ol0EvyJ18lVaVrt7ILkQ
7rWt6EOxTEH808Bn6bC1r0SkXNXX1/Isok2y0aqgKBDizIPriJjJa1bozeMij7Zk
svu8PTSjt4DQrNpQhSshcmdN59qSfWj2xSrccAMBIhR6XSIYISjh51TXp/mrlJwF
87SbYsD2vWP04TmzKXpuKGedj2G3AN13l5DH0rFPjj2zt0c+Edp6PytTg7byVNHm
YGewSb7OE7k+qUtFaFoK6rY2AEabDldG1wgCxuIzp/hXLQNjo/YktZEKbF1ge1I8
xDiZxGAsXPmEg9Eb3XtZdX3dMv2SEOQCZ7WUQMczcU87Fl0AwWXsMYOZeKN1nqCP
0aQjoYM27hBXZ21kaFNg8im5m+H3tuiNJAj4APT74xtwC/o1phfjaq1HkIqDE8Pa
Hm+yEzKmHf+0sSBArbZ4vLtkCfAKpvrY0L1is+XWWelUK/9ph6oDRWjljxyLp3Ht
8JrWDqUck00Ya1OZeGEqyGqNMkD3WHoVxKAXwmZmsTCY9iNsp4MIkPa6wa9AraB2
hVDH/0WVDuZl
=cz/N
-END PGP SIGNATURE-

Accepted dune-common 2.6.0-4 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 14 Oct 2019 23:27:35 +0200
Source: dune-common
Architecture: source
Version: 2.6.0-4
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Ansgar Burchardt 
Closes: 936456
Changes:
 dune-common (2.6.0-4) unstable; urgency=medium
 .
   * no longer ship dune-am2cmake and remove dependency on python2.
 (Closes: #936456)
   * Bumped Standards-Version to 4.4.1.
Checksums-Sha1:
 12caaa723a1e6ad0e009d254328cad17fe5e9846 2677 dune-common_2.6.0-4.dsc
 9fe927bcfdf795c582f626f08a0c18b289b13bfd 9356 dune-common_2.6.0-4.debian.tar.xz
Checksums-Sha256:
 edde9b59c364536af2b56e977dacef38edf3ce4c4648ab384483abac997c2139 2677 
dune-common_2.6.0-4.dsc
 b93a7a18e20fb349b9209b9e8a96a4b84c1d914d162b70e5a435f96cc858693f 9356 
dune-common_2.6.0-4.debian.tar.xz
Files:
 8c9d21455296116116539cb1c19165a8 2677 libs optional dune-common_2.6.0-4.dsc
 5cfdffefec2260fb07d94a9c4c00e141 9356 libs optional 
dune-common_2.6.0-4.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAl2k6iYSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTZKUQALAqB+7hUMBVyp3Dzyk2WXWG2pMFHxF+
P4pnQktdWuxxsQdrLG26Nhv2CeT98tZ0OHVcma/hmK49O1BmtjiZe9MixcChyLsb
966MY6amN87m5o0XoQrQS1WXTrEmf/JPpk7y1cIrLpUIiFLSnQclHTQRBw35ONXk
ZJ/n+ppyetRDfmMDUUrB5nTUYQM/UqMc5LO7fkpoJUsRFMCgg6AfctJ/wbW/Y6eT
2w0MZ+mYBq2CYn32p6U3iWo5ldJs+Wpt/iSTmpXmZKw+yyeskwDZ86SQIoHHq4vl
84YJV41lgTgmeo/f9C2LuWzT4FnObtoWOkOf+BPLZeJ1i0VaFnJLy+5onAApPaMK
fk9+vZn/gscJtanV/BfSshBliiZWRigHbL444f18ADl9XmNyCTv6rAOThsW6qH8l
ctU90cEMo3hKgGlgdVsNndSxVM8DChQopy7HK+Fh1bLLzjelTRL0DM7vl5bhHBmA
fW+HQlLc3AGf405+RWb+wXbTlvgp675wpmBXrptQp7+zkZVJr9p0j+RRvTjjVL6c
I0lf94iF3T2jIqHUTf6NDwDePqELyYEoCJeqkiF0s3BQeC36bsyDkRovBvhFeS/i
vVF2tQRGeSj5UVi7rzC+8+iiCNMZ/iO7zKi03hSS/25N+HX/vEdG+IChcybIvKrv
Vmyr9dxb3QoY
=0987
-END PGP SIGNATURE-

Accepted dune-grid 2.6.0-5 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 13 Oct 2019 15:17:06 +0200
Source: dune-grid
Architecture: source
Version: 2.6.0-5
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Ansgar Burchardt 
Changes:
 dune-grid (2.6.0-5) unstable; urgency=medium
 .
   * Backport patch to fix float comparison on i386.
 + new patch: i386-fpu-tolerance.patch
Checksums-Sha1:
 d48bde7664f4388f249e6ed417d81ee61bfc2752 2531 dune-grid_2.6.0-5.dsc
 ddde3c251fdb6ac8651c8a06875064ca0f6e5f34 8372 dune-grid_2.6.0-5.debian.tar.xz
Checksums-Sha256:
 973153b8113dd1fd04059145c7df116b0daa2d6385cfd6d6764ed7f16b616281 2531 
dune-grid_2.6.0-5.dsc
 a4d3582eb8c32d286d61943b07ac719367332214191371b763775ff697b58580 8372 
dune-grid_2.6.0-5.debian.tar.xz
Files:
 d91ea91a720abca646156a149bd11433 2531 libs optional dune-grid_2.6.0-5.dsc
 95d730324aa1f4aef64e6a513904988d 8372 libs optional 
dune-grid_2.6.0-5.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAl2jKKgSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTMdIQAJ2SrFmm2Uf95osKlwPUfHeFF3omSuH9
ZifLpmzYpH/r8w+WUEsmuah2My6/aXrAFkhFTmwdYL7Q9vDNg4a3gz9HS511k2QP
HXG1MTRnM/Zlzk9l+oOL+ovzPwfS6BZbg3bo4x68T0DUETYQfQGA7Alv1xdL5Kv+
ACJbzU1hF1vn8hZRf4GHDFpzn3ze54gbHXpayfQdJG82NCL21+24LKPZcyLNOeSL
OMez2R7da7Q78OQT1ivIcLvq+5qaYDLm+K1knLGG2Rz6IvFBqvYciWZNk8BQcu/b
JqE4y2u165pVGdMlFJHgiUvYuWQkPjs3P9JvGHIQ2iZOqFR+nygzXlHWADqH9sEQ
FZDEW2q1On0eYht4WhLsqZYSFQwCDeD9QRLr1c4NEoC8jKg5IzEKwSSzunDiOWnb
NfasYcDcwR0p+UhovxwfMwpFW7/uK2faBm8rpTkut5bbSFTF0XMH4zslTzcLkNaf
OuzlPXvr9+/QqO2NLBh0w0iv+y8/I/tX80JyOj5opR2/cEuSVqyTgdLnoNUi7LRy
mfuNIHrzg3ijXE/hx7GRIRv9pkk1L7bqN9mapXZjUlFSmwZN3atfznE6//AtqFpx
8RATkxQibcL1xaqrmtPqZd/XARKzlQL+cC4xZsYvWrNRucDbjUYSU6ULxPnwJo5P
Pnueo7aaeOAz
=WEif
-END PGP SIGNATURE-

Accepted alberta 3.0.1-2 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 13 Oct 2019 11:58:26 +0200
Source: alberta
Architecture: source
Version: 3.0.1-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Ansgar Burchardt 
Closes: 878199
Changes:
 alberta (3.0.1-2) unstable; urgency=medium
 .
   * Drop transitional package libalberta2-dev. (Closes: #878199)
   * Switch to automatic -dbgsym packages and drop libalberta-dbg.
   * debian/control: Use `Rules-Requires-Root: no`.
   * debian/control: Update Vcs-* fields for move to salsa.d.o.
   * Bumped Standards-Version to 4.4.1.
Checksums-Sha1:
 4a4463c4bc129a1e52848cc0a9617e1f6505c8f0 2065 alberta_3.0.1-2.dsc
 5d24108cff3eab57eb34c199ffe5fea2f9e6aedb 3988 alberta_3.0.1-2.debian.tar.xz
Checksums-Sha256:
 3f7f04cc899913f4c4dc77d09fb29e1ed513bea72da7a8250f055a4c67997119 2065 
alberta_3.0.1-2.dsc
 17c6fe38a93ebc5c8840ec897e7b1e57b661701e2fbb495fb676665b0f579794 3988 
alberta_3.0.1-2.debian.tar.xz
Files:
 d7192905d921bdebed2e08b1c486784a 2065 libs optional alberta_3.0.1-2.dsc
 6cbd710fdcfdd07e3c828e3a9d9e44a4 3988 libs optional 
alberta_3.0.1-2.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAl2i9xISHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTaQ4P+wUu7DRR2uBr0yh6m+sX3LlNj+QJTtla
9rfhg3Bs0PlgR8jpIA1TWRc6UWvGn89jM9MlgE+066Z+/4ttZxTYIIQkeCWyTjIz
42+Hvqm+VqwiJoKb9wwkgxTvCqM9iUN7Si89i+StimjQx8wVKQmS38vlTazTC9m6
RalpgpHtwsUoCQy96sEha2QoyVNnocJHq0kTC8wDUQJD16vEyTBlLmK0f91Onr/Y
T1bJgBPXu6kv4szYE8GETbtUy7RLr0ylPWK1uQPqpXgkmCXvSYiqY6N+YfD4JI4y
g4KNV+0CUAZ9w7JkOwo1JMASj9s6dCcvThLujWjlpJnA9xIxozncoNTsRwMTil5j
VfinFie5+EWI26rXPMmDLEt5KGkYR2TJvbSiXbZkq61jenIupS4cMQ6Wd2D+ApK7
WsBIu2eUN2RaCQCn/VHSfBxEtUyXdFwuzwGaD15hoOemc3RgltYuaykT+qhtf/qU
SO6PUVyUG0vIdTl/ZdBkPjWC+5vJ0O2G8UG2VWnYwvqDFwUJfKVamjHhQmHZiFtH
EeB5SqMl5d0X3zRRYWmVUBQcNmWYQLTEORZ2qZHRn245U0SriZ7yxwtU8tyaEFHk
NeQzw9TbFm75tw+Ot3//226sSudP54S+vSgIkrcEAC8nsFCU2LURnfvq6ahI18+g
d+qBKT4v3VRU
=Phs0
-END PGP SIGNATURE-

Accepted dune-grid 2.6.0-4 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 09 Oct 2019 17:57:13 +0200
Source: dune-grid
Architecture: source
Version: 2.6.0-4
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Ansgar Burchardt 
Closes: 942000
Changes:
 dune-grid (2.6.0-4) unstable; urgency=medium
 .
   * Use python3-vtk7 for tests. (Closes: #942000)
 + new patch: use-python3.patch
   * Bumped Standards-Version to 4.4.1 (no changes).
Checksums-Sha1:
 70759928ae4af49293ef3ae618fe539a21ac6977 2531 dune-grid_2.6.0-4.dsc
 8d458e7a19b29832ee6a2c9012c77eae1f0c2d5b 7720 dune-grid_2.6.0-4.debian.tar.xz
Checksums-Sha256:
 b91622061fde0fb1c121a9f30cffb1ea25fdd533cf53b7869d7fd9f21f5dc2a0 2531 
dune-grid_2.6.0-4.dsc
 9d25e5f790ce8255e96237635285d8f90b08b52fea4ea783fc29de5bf7135af4 7720 
dune-grid_2.6.0-4.debian.tar.xz
Files:
 a0365f6dde232279fd790d439542e377 2531 libs optional dune-grid_2.6.0-4.dsc
 57788b72acc1da6f3259c4b2e7a8cf89 7720 libs optional 
dune-grid_2.6.0-4.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAl2eWMASHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTGbwP/Ay9QHVntrmayr5IzNs8wT1YXoc548V4
Zn4jR45+f0LB14oDd95AcDFpIrB0+CX0kkdaqP+AKRwcrfFijcAUGt2XivpGfWOH
YhUG9NeY7eeJrg5G+Uo8CY45E8Og3QOqoytvIghydvVQ5m9ghHRj46OUNE3/vILk
NhnlCWFVu6Eyy66Cfa9Ydm9BFOF+LUDsR6E3G8quw1KghVALqVZJAXU1cNh6m/RQ
Sh5BDCkG8f0bFBh1gFA/1PyYmFVV05WlfN9xJwV+tciIcLb7ZX9Uh2fPLIWeDRh3
858L8bh7TA8+gorVpj6wadzNjhVBkFlTzX0kWu2JAARoXXQL5YxggPq8IV7dqCU7
+8Z0WkHoI/23SYtIHayYk7RjRTl8Rw99J2QmqZ65Lz4gr4k3jaJQZugHvMScXjhZ
G1Hw9ZRHwNrygsaL41zdzauu1RvOhAGeenhFZv9uNpQZ98K7HHQUZn6GnF924pE7
RGKuQ/+6lBeDtmpdeIZSPBOvj2Qymz0ejahce942UWYjpvZB4WnUTq6fdiMTwMoS
dzrrjLduq+Tma/HAhWozRhg3uvAlet/RSzqkJMzUt6YURQkrRghH3MhBibUMTv3/
PlZHFmRhaXs9wLvii20keTV1LehucST7xcLeUvrIV8hCBLDkLdDQtS2/sWu0mxxd
YFZqJjEMsInz
=h/wL
-END PGP SIGNATURE-

Re: git & Debian packaging sprint report

[Ansgar Burchardt]

Russ Allbery writes:
> Scott Kitterman  writes:
>> Except that we have different requirements than git.  Git isn't looking
>> for security properties from SHA-1, so it's highly likely it'll meet
>> their accident avoidance requirements long after it's no longer
>> appropriate for security related assertions.
>
>> I don't think adding more SHA-1 in a security sensitive context is a
>> good plan.
>
> I talked this over briefly in the security pod at work with some other
> security engineers who know more crypto than I do to sanity-check my
> initial opinion.
>
> The consensus among all of us was that if you have an opportunity to pick
> something other than SHA-1 when designing a new protocol, you should.

We have that opportunity here, so I guess we should then? :-)

There are also other useful properties the current implementation has:
for example the archive contains the artifact that was signed.  This can
be checked at a later time unlike a Git tag on salsa.d.o that may or may
not exist in the future.  It is always possible to go back to the key
that was used to introduce an artifact without having to trust any
system.

> But
> if it's not simple to pick a different hash, SHA-1 preimage resistance is
> reasonable and the other design properties of the system should dominate
> any concern about SHA-1 preimage attacks.

What about MD5's preimage resistance?  We don't really care about
collision attacks after all.

We have most infrastructure already using SHA-2 and there are
preparations to support newer hashes as well; it is a regression to
introduce a new system bound to SHA1 for the foreseeable future (and
given Git's use of SHA1 their need to require a strong hash is far
less).

Ansgar

Re: git & Debian packaging sprint report

[Ansgar Burchardt]

On Tue, 2019-07-16 at 08:29 +0100, Sean Whitton wrote:
> We also rely on git for security elsewhere.  For example, dak is
> deployed by ftpmasters pushing a signed git tag to salsa; a cronjob on
> ftpmaster then deploys that code.  That's relying on SHA-1 in pretty
> much the same way as tag2upload does, AFAICT.

That is true and I don't like it.  I should probably add a sha2 hash
somewhere.  (Note that we *can* just change it...)

> On Mon 15 Jul 2019 at 10:43PM +02, Ansgar Burchardt wrote:
> > It also has one downside: `git tag` alone won't be enough to generate
> > the required information, but then a special-purpose tool was proposed
> > here already.
> > 
> > The client tool could possibly also just create the .dsc and .changes,
> > except for hashes of the compressed files, and the web service just
> > recreate the tarball and compress them.  That would require near zero
> > trust in the web service, but still allow developers to no longer upload
> > source packages which might be large.  (A bit similar to not having to
> > trust buildds by making packages reproducible.)
> 
> This is certainly an interesting proposal and it would be better for
> users than using dput, as you say.
> 
> An important advantage of the tag2upload solution over such a thing,
> aside from just the fact that it already exists today, is that it allows
> us to move (slowly!) towards replacing source packages with git trees,
> like the rest of the world has.
> 
> git-debpush is such a simple wrapper around git-tag and git-push that
> its users really are uploading only by pushing a signed tag.  Your
> proposal would bake source packages back into the upload process in a
> way that will make it harder to ever get rid of them.

No, my proposal allows to stop generating the "source package" as a set
of real files at any given time.

A "source package" generally consists of:
 - a set of upstream artifacts (currently one or more tarballs,
   signatures); can be the empty set for native packages
 - Debian-specific artifacts
 - the .dsc artifact (generated from the Debian part); consists of:
   - strong cryptographic hashes of all other artifacts
 (Checksum-*, Files, ...)
   - convenience information extracted from Debian-specific artifacts
 (Build-Depends, ...)

Currently we represent all of these as real files that need to be
provided by the uploader.

If you no longer want "source packages" as we have currently, you just
define another representation as the canonical one.

So I would like to just change how developers can provide artifacts to
the archive: upstream artifacts can be specified as either a set of
URLs to retrieve them from or a Git tree; Debian-specific artifacts can
be a Git tree or (for source format 1.0) a diff between two Git trees.

All artifacts provided must be covered by a strong cryptographic hash
which is signed by a developer.  The hash must not only cover the Git
tree object itself, but also all content covered by it.

We currently have "tar" as the serialization format covered by the
strong cryptographic hash and, as I value having a representation of
upstream artifacts in the published archive, believe we should continue
to provide the "tar" files.  However this is not necessary; we could
instead provide only the Git tree.

Currently this proposal should also allow multi-package repositories,
packaging-only repositories, packages using multiple upstream
artifacts, and ensuring Debian uses the same artifact as upstream.  It
does not require any integrity from the VCS system.

I think the .dsc artifact should eventually be split into the two
parts: the list of artifacts (together with strong cryptographic hashes
and where to locate them) signed by the uploader, and the convenience
information extracted from these.  The second part should be generated
by the archive software.

Ansgar

Re: git & Debian packaging sprint report

[Ansgar Burchardt]

Russ Allbery writes:
> Ansgar Burchardt  writes:
>> The client tool could possibly also just create the .dsc and .changes,
>> except for hashes of the compressed files, and the web service just
>> recreate the tarball and compress them.
>
> I think experience with pristine-tar indicates that recreating tarballs is
> unfortunately not trivial.

pristine-tar tries to recreate an arbitrary tarball that was created by
a third-party; in this case both sides are controlled by the same party.
Using the uncompressed tarballs also avoids possible problems from the
compression algorithm.

This is a simpler problem than what pristine-tar tries to solve.

For upstream tarballs, one can fetch them from the upstream source if
matching the upstream release is desired.

Ansgar

Re: git & Debian packaging sprint report

[Ansgar Burchardt]

Russ Allbery writes:
> Ansgar Burchardt writes:
>> Russ Allbery writes:
>>> If so, I think that security model is roughly equivalent to the
>>> automatic signing of binary packages by buildds, so probably doesn't
>>> introduce a new vulnerability,
>
>> It doesn't rely on strong cryptographic hashes to guarantee integrity.
>> To quote Wikipedia:
>
>> +---
>> | Revision control systems such as Git, Mercurial, and Monotone use
>> | SHA-1 not for security but to identify revisions and to ensure that
>> | the data has not changed due to accidental corruption.
>> +---[ https://en.wikipedia.org/wiki/SHA-1#Data_integrity ]
>
>> But developers could instead just sign artifacts using a strong
>> cryptographic hash that will be included in the source package; for
>> example the .orig.tar and .debian.tar which can be made reproducible
>> (git-archive is supposed to be reproducible; compression might not be so
>> just sign the uncompressed version).
>
>> We shouldn't go back to trusting SHA-1.
>
> I'm dubious that we really care that much about a preimage attack on
> SHA-1, but sure, if there's some easy way to use something different, that
> would be more future-proof.

SHA-1 isn't going to get stronger in the future.  The TLS world has
already moved on, OpenPGP is still in the slow process to move on,
Release/Packages stopped using it[1], there is no reason to continue
using it.

There is another advantage to developers signing the artifacts: one
would need much less trust in the service building the source files as
it could only manipulate the .dsc, .changes and compression used.

It also has one downside: `git tag` alone won't be enough to generate
the required information, but then a special-purpose tool was proposed
here already.

The client tool could possibly also just create the .dsc and .changes,
except for hashes of the compressed files, and the web service just
recreate the tarball and compress them.  That would require near zero
trust in the web service, but still allow developers to no longer upload
source packages which might be large.  (A bit similar to not having to
trust buildds by making packages reproducible.)

Ansgar

  [1] Though we still have MD5sum for some suites for jigdo...

Re: git & Debian packaging sprint report

[Ansgar Burchardt]

Russ Allbery writes:
> If so, I think that security model is roughly equivalent to the automatic
> signing of binary packages by buildds, so probably doesn't introduce a new
> vulnerability,

It doesn't rely on strong cryptographic hashes to guarantee integrity.
To quote Wikipedia:

+---
| Revision control systems such as Git, Mercurial, and Monotone use
| SHA-1 not for security but to identify revisions and to ensure that
| the data has not changed due to accidental corruption.
+---[ https://en.wikipedia.org/wiki/SHA-1#Data_integrity ]

But developers could instead just sign artifacts using a strong
cryptographic hash that will be included in the source package; for
example the .orig.tar and .debian.tar which can be made reproducible
(git-archive is supposed to be reproducible; compression might not be so
just sign the uncompressed version).

We shouldn't go back to trusting SHA-1.

> There are also some interesting nuances here around handling DM packages,
> where not everyone with a key in the keyring can upload every package,
> although the obvious way to address that is probably for this service to
> do the same DM checks that ftpmaster would normally do.

We have other permissions checks as well; they shouldn't be
reimplemented in different places.  Instead the archive (dak) should
know who signed the package.

Ansgar

Re: Is it the job of Lintian to push an agenda?

[Ansgar Burchardt]

Russ Allbery writes:
> Matthias Klumpp writes:
>> With two Debian stable releases defaulting to systemd now, I think a
>> solid case could be made to at least relax the "must" requirement to a
>> "should" in policy (but that should better go to the respective bug
>> report).
>
> The Policy process is not equipped to deal with this because that process
> requires fairly consensus, and I don't believe that's possible to reach on
> this topic.

If we have no consensus that doing something is the right thing, then
lintian should probably not start raising a warning about it and one
should keep in mind that Policy might not reflect consensus when
referring to it.

Ansgar

Re: git & Debian packaging sprint report

[Ansgar Burchardt]

On Thu, 2019-07-11 at 17:58 -0300, Antonio Terceiro wrote:
> > We designed and implemented a system to make it possible for DDs to
> > upload new versions of packages by simply pushing a specially
> > formatted git tag to salsa.
[...]
> If the uploads will be done by a service, this means that all of them
> will be signed by a single key and not by the DD key. Is ftp-master
> ok with that?

Depends on a lot of things.  As far as I understand this work is in a
very early stage and a first brainstorming session on what problem this
is intended to solve, why one should consider doing it, and possible
requirements is planned for DebConf[1].

Without having any of these, it is hard to comment on anything.

Ansgar

  [1] 
https://debconf19.debconf.org/talks/68-one-git-to-package-them-all-and-on-the-salsa-find-them/

Re: The Difference between debcheckout and dgit and what they try to accomplish

[Ansgar Burchardt]

On Thu, 2019-06-20 at 10:52 +0200, Enrico Zini wrote:
> This reminds me of something that popped up in a dinner discussion a few
> days ago: mandate documenting workflow in debian/README.source no matter
> what, and allow to symlink that file to a repository in
> /usr/share/doc/somewhere/ as we do for common licenses.

My workflow also includes getting changes merged upstream, so any such
documentation would need to include the upstream workflow. Information
how to contribute also includes code style (spaces vs tabs), naming
conventions and so on.

I'm not willing to write such things down for Debian for the rare case
someone might read it; there are enough other things that need to be
done.

Ansgar

Re: The Difference between debcheckout and dgit and what they try to accomplish

[Ansgar Burchardt]

Russ Allbery writes:
> Colin Watson writes:
>> Is it at all likely that the ftpmaster api service might migrate away
>> from Let's Encrypt at this point?  I would assume probably not.  In that
>> case, you could at least make the situation substantially better with no
>> further DSA work required by pinning the appropriate LE root certificate
>> in dgit.
>
> debian.org already publishes a CAA record, which conveys that information
> (although has its own verification concerns, but I think debian.org is
> using DNSSEC so you can verify the record that way).  It says that all
> debian.org hosts will only use certificates from either LE or Amazon:

The CAA record does not indicate a future commitment and could change at
any time.  If you want to rely on debian.org to use some specific CAs,
you would have to ask DSA.

(Nor does the CAA record indicate that all currently valid certificates
must come from the listed CAs; the CAA record could have been different
when those were issued.)

Ansgar

Re: .deb format: let's use 0.939, zstd, drop bzip2

[Ansgar Burchardt]

Ian Jackson writes:
> Ansgar writes ("Re: .deb format: let's use 0.939, zstd, drop bzip2"):
>> `ar` needs to be replaced for the file size limitation mentioned in the
>> initial mail: ar represents file size as a 10 digit decimal number[1]
>> which limits the members (control.tar.*, data.tar.*) to ~10G.
> ...
>> Replacing `ar` is an incompatible format change.  So if we already do
>> an incompatible change, it is an appropriate time to bundle any other
>> incompatible changes (if there are any).  That is why I suggested that
>> it might be useful to also replace the `tar` archives with another
>> format.
>
> As has been pointed out, we have done many incompatible format
> changes.  Every new compression algorithm is one.  It isn't really a
> big problem, when managed properly.
>
> So I strongly disagree.  The archive size limit is getting more and
> more annoying.  We should not let fixing that be entangled with some
> random other nice-to-haves.

Changing container formats is a more invasive change than just
compression algorithms (of which there are already several anyway);
I believe it is a bad idea to create too many new formats that
would require long-term support in dpkg.

Ansgar

Re: Preferred git branch structure when upstream moves from tarballs to git

[Ansgar Burchardt]

Sam Hartman  writes:
>> "Ansgar" == Ansgar   writes:
>
> Ansgar> Sam Hartman  writes:
> >> I'm having a bit of trouble here and am hoping you can help us
> >> out.  Ian asked what git workflow it is that you're talking about
> >> where people can deal with commit push and pull and don't need to
> >> know more.
> >> 
> >> I didn't see a clear answer to that.  Which debian packaging
> >> workflow do you believe has that property?
>
> Ansgar> There is no need for a vendor branch if only the packaging
> Ansgar> information is kept in the repository, i.e. only debian/.
> Ansgar> In particular there is no need for branches or merges for
> Ansgar> regular updates (i.e. not based on an older release).
>
> OK, I didn't hear that as an answer but think I'm coming to the same
> conclusion that Ian did after reading your mail.
> It sounds like you are talking about having the Debian packaging in a
> separate repository from upstream.
> Do I correctly understand the model you are talking about?

Sure.

I'll point to [1] for what complexity this avoids.  Try explaining that
to someone without advanced Git knowledge...

  [1] https://manpages.debian.org/unstable/git-debrebase/git-debrebase.5.en.html

Note that CVS already had a mechanism for tracking upstream releases
(vendor branches); I'm not sure how widely they were used, but as far as
I understand they were usually seen as advanced use of CVS.  Git makes
maintaining such vendor branches easier (better merging), and some
workflows for Debian packaging result in trivial merges, but it is very
confusing when something unexpected happens.

Ansgar

Re: Preferred git branch structure when upstream moves from tarballs to git

[Ansgar Burchardt]

On Tue, 2019-04-30 at 16:00 -0700, Sean Whitton wrote:
> 
> On Tue 30 Apr 2019 at 08:05AM +02, Ansgar wrote:
> 
> > As an example: to update to a new upstream release, I ideally just have
> > to drop the new upstream tarball, update d/changelog and am done.
> > Compare with [1] which is much more complicated, even ignoring the extra
> > complexity using dgit adds compared to just using git.
> > 
> >   [1] 
> > https://manpages.debian.org/stretch-backports/dgit/dgit-maint-merge.7.en.html#NEW_UPSTREAM_RELEASES
> 
> As a package maintainer, if you don't keep the whole source package in
> git, you're giving up on a lot of the power of git.

I think keeping entry barriers low is more important than being able to
use all the power of Git.  That's sadly one of the main problems with
Dgit: it raises entry barriers by making packaging more complicated. 
Packaging shouldn't be complicated: it's just a build recipe plus some
metadata.

> The most
> significant thing is that you cannot manipulate quilt patches as commits
> on a branch.  It is also much more involved to cherry pick commits from
> upstream branches, and quickly obtain diffs between Debian's version of
> the code and arbitrary other branches, to mention a few other things.

Most packages don't need that either: for me most changes are either
fairly static (no merge conflict) or are just backports of upstream
commits (in which case they can just be removed when using a new
upstream version).

It does get easier when most fixes are applied upstream instead of
staying only in Debian :-)

> I also think that you're doing a disservice to downstream users.  If
> you're trying to fix a bug in the packaged version of some software on
> your computer, you don't care about the distinction between Debian's
> packaging scripts and the upstream code.

Either the bug is in upstream code, then you just need the upstream
source (and the patch should be pushed upstream anyway).  Or it is in
the (ideally smalll) Debian-specific parts which hopefully don't need a
long history to understand.

If you have large, invasive changes from upstream, you effectively fork
the package.  Maybe one should release it as a "fork" then so non-
Debian distributions can benefit from the changes in the fork.  That is
arguable a disservice to users...

Ansgar

Accepted mumps 5.1.2-5 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 18 Mar 2019 09:17:24 +0100
Source: mumps
Architecture: source
Version: 5.1.2-5
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Ansgar Burchardt 
Changes:
 mumps (5.1.2-5) unstable; urgency=medium
 .
   * Team upload.
   * debian/Makefile.*.inc: get OPTF, OPTL, OPTC from dpkg-buildflags.
 This should make debug symbols usable.
   * debian/Makefile.*.inc: remove `-I/usr/include/mpi` from compiler flags.
 This caused compiler warnings as the directory does not exist.
   * debian/rules: remove redundant `--parallel` option from `dh`
 invocation.  Building in parallel is already the default since
 debhelper 10.
   * debian/control: update Vcs-* fields
   * debian/control: remove newline from uploader name
Checksums-Sha1:
 85b225e02d6e55191eec5fb05323118fdcc97048 2740 mumps_5.1.2-5.dsc
 b73841da32b8d4c18fa817f1819f413c9d2d2eaf 11428 mumps_5.1.2-5.debian.tar.xz
Checksums-Sha256:
 cf06a50648dd4e5e10725d1ffd76d26f3366be3f878c7bae8eee7c211c83b047 2740 
mumps_5.1.2-5.dsc
 59759fb2a216f52e99ee68a4f21b18acaa005e0eff02b60734a8602d299bf0f0 11428 
mumps_5.1.2-5.debian.tar.xz
Files:
 4fddf3b1b0199768a5a4958f0ab2375c 2740 devel optional mumps_5.1.2-5.dsc
 4a3b8e4e84cef6d442dae48ea15b14ff 11428 devel optional 
mumps_5.1.2-5.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlyPVKASHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiT0eYQAKayLM61FkC0MlRUGYAiXfFsv3oFsoHA
VTADvtCH8vSwPlj/OKMgfJEkSlhHzx/wCKSUtj66YKherDdnS2MKZl1lJINe8RuF
opZN0W5QAAEG9D+UWn3rohFPKgukguMJxXegSfmeUKzPQsX+6v/s/QT+TY0J1YCJ
ki+TIVKQR7mEEKR1pY0T9jiIUo5nmJpsAT170+l0udcobrHdq3kj2y3bzb+WT93O
/+xRR+4r2yInQDn5KWdQ0HadCLlw8HtxiIPjr/gu8WRK6C0+tzyvwKMO99Y/naO+
+GLLF8xV9OEKc5jrmxgfkDVXjyfXD7IJN5R0HTpp3zyzcTdpBiIp2J0f3cU38h9Q
vKNgPNCH4dEh9tRFDZdJ8sDsMRgV7dF86L0nQCIpsNcd2Q3S5cwEPVX+tkG4IHlt
p5ekaxKf8RZJK7ETQjtGUA61xUj/Zp9QV8KEaOeSJcGOobMvzO7DmsKQc94flIls
2nwfATLjPjXuFwz44iN3AFopMAG5ytwtJFiNtjahCgSolbvirF2fYLXxIXCpceTB
cxUud3tVeC3ZhzYhtda/1ZIrhpLt3ELDPALx5veiMtrj7N4ChfJhc9FdOQaGCImC
lbCeHsHmwKRoJOJDSPsANFdJ4hI1BWhbN0Ov37sfy+3QF/pSx4dcJKrUUGbg2RNI
x4t7bX7q8LcF
=hiwz
-END PGP SIGNATURE-

Re: introduction of x-www-browser virtual package

[Ansgar Burchardt]

Paul Wise writes:
> On Tue, 2019-01-08 at 13:20 +0100, Bastien ROUCARIES wrote:
>> I could add a sensible-x-www-browser to be more nice to our user to
>> sensible-utils
>
> We already have a x-www-browser alternative, so sensible-x-www-browser
> would just duplicate that and is thus not needed.

No, the alternatives system is not really useful for users (as only root
can choose an alternative).  Having root choose a single
{editor,pager,browser,...} for all users is not a good solution.

Ansgar

Re: [Pkg-julia-devel] julia_1.0.0-1_amd64.changes REJECTED

[Ansgar Burchardt]

Hi,

Mo Zhou writes:
> Another fortnight has passed. Any update?

Sorry for taking so long; I wanted to put this on our meeting agenda,
but currently don't find much time...

Anyway, the package is now marked to be accepted.

There were some misunderstandings on our side why debug symbols weren't
stripped and from discussion I'm not sure it is clear why, but we agree
that this shouldn't block the current version and should better be
discussed in a bug report.

Ansgar

Re: Extension of Built-Using:

[Ansgar Burchardt]

On Wed, 2018-12-12 at 15:12 +, Alastair McKinstry wrote:
> I've been looking at using the "Built-Using" tag for dh-fortran-mod.

Why not a

  Fortran-Mod: gfortran-7, gfortran-8, flang-42

field or so?

As another example Python has `Python-Version: 3.6, 3.7` (for packages
where this matters; don't ask me about details, I don't know much).

Ansgar

Accepted nvi 1.81.6-14 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 01 Dec 2018 16:20:05 +0100
Source: nvi
Binary: nvi nvi-doc
Architecture: source
Version: 1.81.6-14
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group 
Changed-By: Ansgar Burchardt 
Description:
 nvi- 4.4BSD re-implementation of vi
 nvi-doc- 4.4BSD re-implementation of vi - documentation files
Closes: 915170
Changes:
 nvi (1.81.6-14) unstable; urgency=medium
 .
   * QA upload.
   * Explicit pass vi_cv_path_shell=/bin/sh to configure to make build
 reproducible between merged-usr and non-merged-usr systems.
 (Closes: #915170)
Checksums-Sha1:
 5c05bcd255b51d487aaf370e0f1300f56495ea77 1834 nvi_1.81.6-14.dsc
 e42d4ac3fb4be9001621b471cae6f8a2d02325b0 76960 nvi_1.81.6-14.debian.tar.xz
Checksums-Sha256:
 c9c5e9912d484bcfd053973a4ff233da219a17223cdd169bd1554778accac833 1834 
nvi_1.81.6-14.dsc
 fd317b4ddb09b527da1dbd340be6f0854446c5a09f9ba2930f5bec1c86560121 76960 
nvi_1.81.6-14.debian.tar.xz
Files:
 3ba784c84b387e6a7b0a9758930c60fb 1834 editors optional nvi_1.81.6-14.dsc
 6d0eb7baf439aa8d9ab3b8e1c36f342c 76960 editors optional 
nvi_1.81.6-14.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlwCqagSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTUdgP/3dxie8pNbWYCE6FFLMNjb60Cl++hg5R
6W5dEaPi7OenC+QF23l/QhB3FBcQk1EHrEVu2RJVyIujxMAQx5AlEY1Q83CNyxLJ
YhVqpArLBeiaNCrQ/d33QGkpt7Yo/xB0Rps2TZFuzxf0Wi+7MGjceR2HPDAijoFT
vcYKzf6DK+bZB2pFYkTXGatbfzxBSvxmE3Fe+FLVhrcdxe+JLpuD6QpF7tRssFAD
mtzcjr/e7Ufx9bCVseIGwCnwaWK/gqwOcGGt4LiKA1ymsZ6agD3sn0G9EFdOHks4
S1wVeyp2H5xXEUpwxQPpRdpJWPcqUmlNIOM8IAPQPnh+fk4eHIQwXkMxjfypl460
2K7tuZZJT9M097dAXy1KLbYMe2cewMuJJD3t1zFFbgglOW5kXw5mzLkS67B8yHVH
3IVJOT4gNLTwWQFCESwwJm9o0ZGJzC4HFTPnp9QdgLVBi1LvPiGx99GxrpUsZsfS
GX/ys1yDGNfmK/9bJ8MPtMkaxUgOC+ZP8a4wpADswUZRFg+rmjeqlu/vvoe0A73n
Wk/ygXJuq4RM7B/733YJLmXDxO3CM3c1+1ccYZlSav2U64IzKwiRIBVl6iSlPaQV
mkzJZLLI0R/iJQ+3R5/F7n8Txq9hCaIhj5YWFRTv54whq4GBlpr99z0zMu0yxrav
jxX6pLakkA4q
=Z1kl
-END PGP SIGNATURE-

Accepted apsfilter 7.2.6-2 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 01 Dec 2018 16:28:30 +0100
Source: apsfilter
Binary: apsfilter
Architecture: source
Version: 7.2.6-2
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group 
Changed-By: Ansgar Burchardt 
Description:
 apsfilter  - Magic print filter with automatic file type recognition
Closes: 915166
Changes:
 apsfilter (7.2.6-2) unstable; urgency=medium
 .
   * QA upload.
   * Change maintainer to QA group.
   * d/control: Change Priority to optional.
   * Explicit pass `--with-shell=/bin/bash` to configure to make build
 reproducible between merged-usr and non-merged-usr systems.
 (Closes: #915166)
Checksums-Sha1:
 b96d8a460068247b3a01387eb4a8d85f9e30bcc2 1679 apsfilter_7.2.6-2.dsc
 20e2ef19c4020f94a886761689d78aae30af299b 10660 apsfilter_7.2.6-2.diff.gz
Checksums-Sha256:
 2a36a2dfe6e7dbe025872d83589877a5584e55b8f578c1038877edc97daf35a9 1679 
apsfilter_7.2.6-2.dsc
 36c442fafe3be7c057437b517cf54189ecefde9a6c6fd53abc85887d6cca15d7 10660 
apsfilter_7.2.6-2.diff.gz
Files:
 854cfcad27cd4c40cefdc352c613dbe6 1679 text optional apsfilter_7.2.6-2.dsc
 e7a5a8ee4084159934d79f4da46ef75c 10660 text optional apsfilter_7.2.6-2.diff.gz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlwCqbISHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiT3E0P+wf/EKTK7ZiI2+YWH1D8v0k3pVpaixE0
9xxsF4qVE6JX5/eMSF4OCapgDad/uSxaDfwb0/Sy+vME42PPS7bhc2pese8HBV2E
YEKh/s3pwiN3VMHYqpIrPJU210lI+V1lUhdxyEYOfVRW/VBLHJ1S+QncMLLATF/9
xrKHRJcnl7ogQXjQn9yYL+CWBmvPmjqtLk5hHZ7X2e8EKOfWVsy84I2mP8G5bG2C
KsGdHEOzKtCbC9PcC8IeW3DhHElRWZVazdbz3Css/QoLSrB8Z6OPQ8uQPjB15pR0
MFShGMzUp6qauNgMGpGRR2tzOIwldscC/elNwCEIYCEQ4OcdPK5gBnI6sIXu9xEA
LXXn6MjEzASRVpUmfQwAcrqMECYvL/7HPnceyakCpQrNFIsCajmZjGuVRuZUBMNt
KRlC90FnE9TXX34LHD4Ks1hoGYa0Rk3HIC08uzK7XmNQ1EVX4uZClkWCrF6jQkRU
g7FSYuCvCuzHR2J9nPMwUaHXllRDSLnDUwZHUflaV90Rocb7eOlDu4KBTReIP1a8
qO20o9/nNgUZ/7YdxVM2IVJ/c3NYz2FidBZzKaLsEdEe+ZnxlCi3JFEIuHuI2ibg
6Cg/mLSwPDYV5jjYW+v5EAjugkvjHRYfP9/VNnk6j2yX0PWPb8PPU5yel0SmHtut
mI8xTMGuVn1U
=LoOn
-END PGP SIGNATURE-

Re: wicd-daemon-run_1.0_amd64.changes REJECTED

[Ansgar Burchardt]

Lorenz writes:
> Ansgar Burchardt:
>>As a possible alternative: ship the runscript and some metadata (which
>>systemd service(s) and/or sysvinit script(s) this corresponds with;
>>which system users would be needed; ...) either in the service package
>>(preferred long-term) or a "runscripts" package (maybe easier for
>>initial experiments).
>
>>Then have runit provide a command that creates the system users, sets up
>>the runit service and disables the systemd service (which I think was
>>still missing from the *-run packages).
>
> That will work for runit-init, but what about runit-sysv and runit-systemd?
> Let's say I have systemd (as init), runit-systemd and a foo daemon installed;
> and 'runscripts' package ship a run script for foo. How can I detect
> if the user wants to manage foo with runit or with systemd?

You let the user configure it.

Ansgar

Re: wicd-daemon-run_1.0_amd64.changes REJECTED

[Ansgar Burchardt]

Dmitry Bogatov writes:
> I believed (and still believe, despite of REJECT), that best way is
>
> 0. One source package, providing single binary package per runscript.
>
>src:{foo}-run -> bin:{foo}-run -> /etc/sv/{foo}

We generally try to avoid tiny packages in the archive; having 1000+
automatically generated source and binary packages in the archive seems
like a suboptimal solution.

Neither systemd, sysvinit or upstart required extra binary packages.

> 2. Add bin:{foo}-run into {foo}.
>
>It is infeasible due same social consideration.

That would still result in many tiny binary packages.
>
> 3. Make single src:runscripts, providing many bin:{foo}-run

Same.

As a possible alternative: ship the runscript and some metadata (which
systemd service(s) and/or sysvinit script(s) this corresponds with;
which system users would be needed; ...) either in the service package
(preferred long-term) or a "runscripts" package (maybe easier for
initial experiments).

Then have runit provide a command that creates the system users, sets up
the runit service and disables the systemd service (which I think was
still missing from the *-run packages).

Ansgar

Re: Re: usrmerge -- plan B?

[Ansgar Burchardt]

On Wed, 2018-11-28 at 09:45 +, Holger Levsen wrote:
> On Wed, Nov 28, 2018 at 07:52:08AM +0500, Alexander E. Patrakov
> wrote:
>  As long as there is one Debian Developer (or any other person who has the
> > right to upload binary packages) who has a merged /usr on his system used
> > for building packages, there is a risk of reintroducing the bug through his
> > package. Maybe we should somehow, in the short term, modify dpkg to add
> > something like "Tainted-By: usr-merge" control field to all binary packages
> > produced, if a package is built on a system with merged /usr (detected via
> > /bin being a symlink). 

There are far more annoying problems that are caused by, for example,
building in a really outdated chroot or a chroot for the wrong
distribution and so on.

(Also the test is wrong, /bin can be a symlink without the system
having merged-/usr when the local admin just moved some files around to
a more preferred location...)

> we have .buildinfo files now which document the packages installed
> during build time. If usrmerge is installed it will be there.

usrmerge being installed doesn't tell you if a system has merged-/usr
or not.  Newly installed systems will have merged-/usr, but no usrmerge
(as debootstrap creates the symlinks), or usrmerge could be removed
after the system has been converted (I did that for my systems).

Ansgar

Re: usrmerge -- plan B?

[Ansgar Burchardt]

On Fri, 2018-11-23 at 12:45 +, Ian Jackson wrote:
> Russ Allbery writes ("Re: usrmerge -- plan B?"):
> > This is a much better summary of the thread, and I wish that you would
> > have said this instead of claiming incorrectly that those same people are
> > the ones advocating for a full merge of all systems.
> 
> Marco d'Itri writes ("Re: usrmerge -- plan B?"):
> > If you are seriously concerned with the small issuses caused by the 
> > transition to merged-/usr then I have a better proposal.
> > Plan C: just stop supporting non-merged-/usr systems since these 
> > problems are caused by having to support both, and there is no real 
> > benefit in doing that other than pleasing the few people who are scared 
> > by changes.

What is this quote supposed to tell us?

Ansgar

individual packages moving binaries from /bin to /usr/bin (was: Re: usrmerge -- plan B?)

[Ansgar Burchardt]

Russ Allbery writes:
> Ansgar Burchardt  writes:
>> Moving files around in such a matter that they are still available in
>> the old location (via a symlink) is not a very invasive change, so there
>> is only a small risk of problems.
>
> I think it's fair to note that our past experience in Debian doesn't
> really support this.  I've run into multiple problems in unstable with
> uninstallable packages due to various bugs in this sort of change, most
> recently with iptables.  We repeatedly get the details of this change
> wrong in various subtle ways that create issues in some upgrade paths and
> not others.

Well, the iptables case is different: those are compat symlinks created
by the package's maintainer scripts, not the /bin -> /usr/bin symlinks
that merged-/usr sets up.

If we want to support packages such as iptables moving binaries from
/{s,}bin to /usr/{s,}bin while setting up compat symlinks on
non-merged-/usr systems, it might be useful to have a dh-usrmerge
package creating the maintainer scripts.  (Also for some files below
/lib, but most libraries could just be moved without compat symlinks.)

This should be similar to what OpenSUSE has done; see the section around
`#UsrMerge` on https://en.opensuse.org/openSUSE:Usr_merge

This could also be seen as a slower path to merged-/usr: programs such
as `sed` would be in both /bin and /usr/bin and hard-coding either would
be fine (as with merged-/usr, but not without).  Less static files would
be on a read-write root file system (if /usr is a separate read-only
fs).

In case a later Debian release would merged-/usr mandatory, the
conversion process would be less problematic as no files would be left
to move (just replace individual symlinks with a directory symlink).

Ansgar

Re: usrmerge -- plan B?

[Ansgar Burchardt]

On Thu, 2018-11-22 at 13:56 +, Ian Jackson wrote:
> Marco d'Itri writes ("Re: usrmerge -- plan B?"):
> > On Nov 22, Ian Jackson  wrote:
> > > Marco d'Itri writes ("Re: usrmerge -- plan B?"):
> > > > So far nobody reported anything significant.
> > > 
> > > I hear there was a major free software project who accidentally
> > > usrmerged their build systems and discovered that they then built
> > > broken packgaes.
> > 
> > And it was quickly fixed, so no big deal.
> 
> I think this allows us to calibrate what you consider `anything
> significant'.

Causing problems with a few packages is not a significant problem.  We
should stop upgrading GCC to newer versions otherwise as doing so
generates tons of RC bugs every time.

> There is tradeoff here between risk of breakage, and reduction of
> future work (as most clearly explained by Russ).  The argument that
> is
> being made is that the risk is low because of a lack of reports of
> breakage.

Moving files around in such a matter that they are still available in
the old location (via a symlink) is not a very invasive change, so
there is only a small risk of problems.  That matches what was reported
so far.

Very few changes come with zero problems.

> Others have observed that systems most likely to experience trouble
> will not have been upgraded.  For example, chiark was first installed
> with Debian 0.93R5 in 1993.  Obviously I haven't usrmerged it.  No-
> one sensible in my position would do so.

Why should "originally installed in 1993" make moving files from one
location to another more difficult?  It's not different than having to
add LSB init headers to local init scripts (or just replace them with
systemd units these days), having to purge leftover conffiles from
removed packages or similar changes on upgrades.

If the system is prone to breakage on upgrades in general, I would
expect anyone sensible to fix that.

Ansgar

Re: Q: secure boot

[Ansgar Burchardt]

On Tue, 2018-11-06 at 09:14 +0800, Paul Wise wrote:
> AFAICT the Debian Secure Boot packages are not designed for the
> scenario where only Debian keys or per-user keys are trusted by the
> firmware, if they were then shim-signed would be named
> shim-signed-microsoft and there would be a shim-signed-debian package
> too.

This was discussed: you can attach multiple signatures to a UEFI binary
such as shim, so all this would need is to add an additional signature.
Maybe also a legacy version with only the MS signature in case some
implementations don't like multiple signatures (it was added in a later
UEFI version as far as I understand).

> In addition, the revocation situation is just ridiculous. There is no
> way to revoke known-insecure (but still validly signed) software from
> every vendor that supports secure boot.

I agree.  You can probably always get something with a valid signature
and a code execution bug running...

Ansgar

Re: Q: secure boot

[Ansgar Burchardt]

On Tue, 2018-11-06 at 10:42 +, Holger Levsen wrote:
> On Tue, Nov 06, 2018 at 10:08:10AM +0100, Bastian Blank wrote:
> > On Tue, Nov 06, 2018 at 01:09:50AM +0100, Adam Borowski wrote:
> > > But only the stock kernel, which turns it non-free software.
> > What is non-free?  Signing stuff does not change the freeness of
> > the
> > software.
> 
> it does introduce https://en.wikipedia.org/wiki/Tivoisation however.

I don't think it does as `shim` allows to either register your own
signing keys or disable secure boot verification (as long as you have
physical access to the machine).

Ansgar

Re: Debian Buster release to partially drop non-systemd support

[Ansgar Burchardt]

Paul Wise writes:
> On Fri, Oct 19, 2018 at 7:30 PM Martin Steigerwald wrote:
>> As long as people choose to strip of dependencies to libsystemd from
>> packages like util-linux, avoiding a fork would not work with how Debian
>> and Debian based distributions are built.
>
> It might be feasible to introduce nosystemd build profiles to Debian
> source packages and then create a shed/bikeshed/PPA (once that
> infrastructure exists) that contains rebuilds using that build
> profile.

Why should Debian spend resources on implementing and maintaining the
changes needed for the "systemd is cancer" trip of the Devuan lead
developers?

Should Debian also support "noalsa", "noavahi", "nocups",
"nopulseaudio", "nosysvinit", "nodbus", "nopam", "nowayland",
... profiles because there are people who do not like these projects and
would like to not see them used?

Or an "ubuntu" build profile so Ubuntu can merge all their changes
(branding, Ubuntu-specific choices, integration, ...) and would no
longer have to rebase them?

If one really cares about which shared libraries one wants to use, this
is *much* easier in source-based distributions such as Gentoo which
already have implemented this (USE flags).

See https://www.gentoo.org/support/use-flags/ for more build profiles ;-)

(The nosystemd build profile was already suggested in the past.)

> That would allow Devuan's libsystemd stripping to be
> completely merged into Debian source packages and infrastructure. I
> guess Devuan have other changes that might be easier or harder to
> merge too though.

And if we also build packages for them, they wouldn't even have to fix
their package-building infrastructure which seems to no longer work for
some time already now ;-) (A datapoint for how much interest in working
on stuff there is?)

But why spend work on implementing and, more importantly, maintaining
all of this for a derivative distribution which already had 498 active
developers(!) back in 2015 according to a presentation by Devuan
developer Alberto Zuin and Devuan founder Jaromil, and which represents
an exodus for half of the active Debian user base (according to a Devuan
lead developer in a publication in 2018)?  They certainly should have
enough resources.

Ansgar

Re: Debian Buster release to partially drop non-systemd support

[Ansgar Burchardt]

On Fri, 2018-10-19 at 11:35 +0200, Martin Steigerwald wrote:
> Martin Steigerwald - 19.10.18, 10:57:
> > That written, I estimate or guess that the people preferring to use
> > another initialization system than the initialization system in
> > Systemd are in the minority. Yet, this minority might be larger
> > than
> > you think. Especially as popularity contest does not count the ones
> > who switched over to Devuan:
> […]
> 
> Okay, let's add some numbers:
> 
> Debian and all the other Debian derived distributions:
> - 3109 (=1,55%) installations of sysvinit-core
> - 2031 (=1,01%) installations of runit -68 runit-systemd -6 of runit-
> sysv (counted above already)
> - 110 (=0,05) installations of openrc, but it works on top of
> sysvinit
> - https://qa.debian.org/popcon.php?package=sysvinit (and so on)

I think you forgot Ubuntu as a Debian-derived distribution...  If you
already include extra data, one shouldn't neglect that one.

> Devuan:
> - 2578 installations of sysvinit-core (and I just added two more by 
> installing popularity-contest on my Devuan based server VMs)
> - 27 installations of runit
> - 141 installations of openrc, installations of openrc, but it works
> on 
> top of sysvinit
> - http://popcon.devuan.org/tmp-www/by_inst.html
> 
> So Devuan almost doubles the percentage of sysvinit-
> core  installations.

And Ubuntu probably reduces it again by more than that.

Statistics are fun :-)

Ansgar

Re: "debian.pool.ntp.org" for Debian derivatives?

[Ansgar Burchardt]

On Thu, 2018-10-18 at 13:57 +0200, Philipp Hahn wrote:
> So my question is more like "is it okay to not change Debians default
> NTP server selection", so the initial setup and those lazy enough to
> not change the default get a sane time?

I don't think Debian can answer that question and suggest to ask the
pool operators.  This seems to be the correct list:
  https://lists.ntp.org/listinfo/pool

A related question is the use of API keys that are included in some
packages (e.g. chromium).  These are also vendor-specific, but cannot
be really secret (as they are included in the binaries and could be
extracted even for proprietary software).

Ansgar

Re: You are not seriously considering dropping the support of sysVinit?!

[Ansgar Burchardt]

free...@tango.lu writes:
> If Debian drops sysVinit support I will drop Debian
[...]
> This is your last chance to do the right thing and announce the
> removal of this fucking piece of shit malware(D) from Debian and go
> back to sysVinit or openrc!

So dropping sysvinit support will make you go away?  That sounds like a
positive effect to me, but for some reason you seem to try and use it as
a threat?

Ansgar
  (SCNR)

Re: Debian Buster release to partially drop non-systemd support

[Ansgar Burchardt]

On Tue, 2018-10-16 at 14:48 +0200, Philipp Kern wrote:
> The question is: Is 
> the package buggy if it does not contain an init script but a systemd 
> unit and it seems to be the case. Note that there are a *lot* of useful 
> options in a systemd unit that would need emulation to make properly 
> work with sysvinit.

Shipping a systemd unit without a corresponding init script with the
same name is forbidden by policy:

| However, any package integrating with other init systems must also
| be backwards-compatible with sysvinit by providing a SysV-style init
| script with the same name as and equivalent functionality to any
| init-specific job
+---[ Debian Policy, section 9.11 ]

In practice this is ignored.

Note that this also forbids, for example, ssh.socket/ssh@.service or
tor@.service which all don't have a corresponding init script of the
same name.  Also cases where the init script starts multiple services,
but there are individual units for each service in systemd is
forbidden.

I think this requirement isn't a good idea these days for various
reasons and will file a bug asking to drop it.

Ansgar

Re: Debian Buster release to partially drop non-systemd support

[Ansgar Burchardt]

On Tue, 2018-10-16 at 09:57 +0200, Martin Steigerwald wrote:
> Ansgar Burchardt - 16.10.18, 08:53:
> > If some people consistently call others a "cancer", accuse them of
> > "vandalizing" open source, spread obvious FUD and so on, then I don't
> > think they would fit in well in Debian's culture where they would have
> > to accept that packages such as systemd exist.
> 
> I disagree. So far I saw none of the Devuan developers (!) I had contact 
> with doing any of the stuff you accuse them of. I think it is important 
> to see the difference between the comments on random people in some 
> mailing list or IRC channel and *actual* Devuan *developers*.

Let me see how some actual Devuan developers think about systemd:

+---
| I personally find hilarious that most of the people out there are
| still convinced that the systemd-nonsense is just a replacement for
| sysv-init, while it should be clear by now that it is already
| becoming a pervasive cancer...
+---[ Enzo Nicosia aka KatolaZ in 20150330170221.gm22...@katolaz.homeunix.net ]

+---
| that's exactly what I referred to when I talked of the
| systemd-nonsense as a "cancer". The damage is not merely technical and
| localised to the relatively minor issue of replacing PID 1, as you
| correctly pointed out, but "systemic" and "social". And that's exactly
| why we should be more concerned about it.
+---[ Enzo Nicosia aka KatolaZ in 20150331093754.go22...@katolaz.homeunix.net ]

+---
| What we really need is to build sufficient maintainer capacity and
| capability to fork more packages and excise this systemd cancer once and
| for all. [...] If we don't slay the beast, it will continue to
| grow and infect more components ever more invasively,
+---[ Daniel Reurich in 
https://lists.dyne.org/lurker/message/20180619.232314.a3229d06.html ]

As a lazy person I was just grepping for "cancer" in the mail archive
and picked a few examples.  Too lazy to search for other insults.

I'm not alone in seeing this as a problem in the Devuan community.  A
certain Martin Steigerwald pointed out:

+---
| As a honest feedback:
|
| Currently I do not read much of the threads here.
|
| Cause again and again I see language like systemd being like a cancer or 
| infecting people´s systems.
+---[ Martin Steigerwald in 24625919.fzpRARYAEh@merkaba ]

Tolerating this *does* reflect back on project leaders, more so if some
of them also engage in the behavior.

Debian already had a systemd maintainer step back because of abuse from
a certain group of people[1].  As I would like to see systemd still
maintained in the future, I don't think it's worth to try to integrate
the abusers in Debian as package maintainers.

Given that the systemd maintainers also have to deal with sysvinit,
maintainership of sysvinit is probably especially problematic.

  [1] 
https://err.no/personal/blog/tech/debian/2014-11-16-23-55_resigning_from_pkg-systemd/

> > And no, it's not just that infobot factoid or just random people that
> > are totally unrelated to Devuan.
> 
> A claim without facts. So FUD in itself. I let go on spending energy to 
> prove otherwise.

See above for a few examples.

> In addition to that the infobot factiod may easily have not been from a 
> Devuan developer or someone else related to Devuan:
> 
> goli...@dyne.org - 16.10.18, 03:32:
> > infobot is a bot with a database that references 119770 factoids that
> > can be queried. Each one has it's own individual author and literally
> > anybody can add new factoids to the bot. It has been around for about
> > 20 years. It *allows* Devuan to use the bot services and would allow
> > Debian to do exactly same.�
> 
> https://lists.dyne.org/lurker/message/20181016.013255.cada93dc.en.html
>
> I put the emphasis on *anybody* here.

Dunno, I saw it used by IRC channel operators.  I would assume that IRC
channel ops are not totally unrelated people...
 
> So I close with a snippet from the post of KatolaZ mentioned above:
> 
> KatolaZ - 16.10.18, 06:23:
> > Let's try to reduce the useless chit-chat and drama to a minimum,
> > please (and the minimum is zero, in this case), since that's not
> > helpful at all, and does not build packages. I subscribed to
> > debian-devel as well, and will reach out later.
> 
> https://lists.dyne.org/lurker/message/20181016.042148.1688fecb.en.html
> 
> Drama is not helpful to get anything done. KatolaZ already reached out.

Ah, one of the people calling systemd a cancer. Great.

Ansgar

Re: Debian Buster release to partially drop non-systemd support

[Ansgar Burchardt]

Martin Steigerwald writes:
> Ansgar Burchardt - 15.10.18, 16:03:
>> Please no.  I don't think it would help Debian to have toxic people
>> maintain packages.
>> 
>> (As an example, Devuan's infobot has fun facts like this one:
>> "<+infobot> 'sth is poettering' means it acts invasive, possessive,
>> destructive, and generally in an egocentric exacerbating negative way.
>> ``this cancer is extremely poettering'' [...]")
>
> Calling people "toxic" IMHO is quite similar to what Devuan's infobot 
> displays: Both are attacks on persons. And both are not helpful.

I'm also guilty of calling MikeeUSA a toxic person, also a horrible
personal attack.  For me enough Devuan-related people have managed to
end up in the same category by hard work.  I don't think it's
coincidence that the "VUA" liked MikeeUSA's writings about why systemd
is so evil.

If some people consistently call others a "cancer", accuse them of
"vandalizing" open source, spread obvious FUD and so on, then I don't
think they would fit in well in Debian's culture where they would have
to accept that packages such as systemd exist.

And no, it's not just that infobot factoid or just random people that are
totally unrelated to Devuan.

(Yes, I know Devuan eventually banned MikeeUSA for his writings.)

Ansgar

Re: Debian Buster release to partially drop non-systemd support

[Ansgar Burchardt]

On Mon, 2018-10-15 at 14:20 +0100, Jonathan Dowland wrote:
> On Mon, Oct 15, 2018 at 06:56:50AM +0200, Petter Reinholdtsen wrote:
> > I believe Andreas Henriksson is right, the packages are going to be
> > removed unless someone with time and interest show up to take care of
> > them.  A good start would be to split initscripts off from the sysvinit
> > binary packages, to let them live separate lives.  It will be sad, but
> > the proper way for Debian to handle unmaintained packages in a sad
> > state.
> 
> Is it worth interested parties reaching out to the Devuan project
> regarding person-power for sysvinit maintenance?

Please no.  I don't think it would help Debian to have toxic people
maintain packages.

(As an example, Devuan's infobot has fun facts like this one:
"<+infobot> 'sth is poettering' means it acts invasive, possessive,
destructive, and generally in an egocentric exacerbating negative way.
``this cancer is extremely poettering'' [...]")

Ansgar

Accepted dune-istl 2.6.0-2 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 28 Sep 2018 21:05:16 +0200
Source: dune-istl
Binary: libdune-istl-dev libdune-istl-doc
Architecture: source
Version: 2.6.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Ansgar Burchardt 
Description:
 libdune-istl-dev - toolbox for solving PDEs -- iterative solvers (development 
files)
 libdune-istl-doc - toolbox for solving PDEs -- iterative solvers 
(documentation)
Closes: 906351
Changes:
 dune-istl (2.6.0-2) unstable; urgency=medium
 .
   * backport patches to fix compiler error and warnings with GCC 8.
 (Closes: #906351)
 + new patch: 0001-CompPair-make-operator-a-const-method.patch
 + new patch: 0002-do-not-catch-polymorphic-types-by-value.patch
 + new patch: 0003-silence-warnings-about-unused-variables.patch
Checksums-Sha1:
 8a98ef4d87fb5259ccfb8f60752c01ab0915baca 2599 dune-istl_2.6.0-2.dsc
 166bbaa1bfc3cc88f93fb2edff6f907de71fa631 6700 dune-istl_2.6.0-2.debian.tar.xz
Checksums-Sha256:
 008ba726c7a238316a9d27f14af672c2508db359435e5e5b578fe6c500c4e420 2599 
dune-istl_2.6.0-2.dsc
 5ffdebfbdb25a4563b6e372819c3824926a5d48393272702d0a0689bf0a8045f 6700 
dune-istl_2.6.0-2.debian.tar.xz
Files:
 1282bba2d805021dc34b84f852e0e896 2599 libs optional dune-istl_2.6.0-2.dsc
 00e80ec8c20c022af39777d29fae7c26 6700 libs optional 
dune-istl_2.6.0-2.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAluufMISHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiT9qgP/AnJbdhGXgk2g9xHa1QuZ6RWJIjWC73T
81f0Jo7B2pQuRo1aaLn1Ss2XfCjBEsGxNHRy5daWYZWA5F6GG5a0cDvgE5UcKRiv
8HfsZ50IX70Bs9XRbEYOpeWtQ/xaKJ572viri85+06IIcEzMFYU214csiKN1nucj
asPzgOA1J5qBsSGPrp64Vrw4zZ8wxI6NB4lX7k+q3CPWb9CfI0LUqBuNZuTbdnS8
qtV35LIku3L73Byrx0/jiD6eE0ftQO34gXm98vp4aszRZBT5m1T0k8AHZ1OBI4E5
F8mpKlS6NgKKhQe1lFzvu2groILcxkfUVSjsQR76VvXasGKewGMt575TWjd+Hr58
igBn3oAT8nflfrxCKm/BK9meJGBkSstXFIbquZa+YZvXlDGkg5EWrJBrIgYBLfcs
9xAjFz+iLV+h3U5jNohNDecCvFKSd4apupi3PXqyvJ0L1gefWoa2soCrj3OTuUef
18alWELixHHFrH6wvaRtvKlxzLKY89JN8EXCF2DGMTJI7zGthlgZnARNF5RVmZ0b
aPWMXDx94lRYMbIdM45DL2XVhbCrhHmmRHxd3h+PNdxzdx9d9VMr1x2NAy4ucdB9
yFZCZiqkpqtWXUhWqSbHPNhI5Dk8u7oRDMMOXURz2wSQOvuyvDeDt9VZgZFGLKHS
h7xrILgOGaSU
=chTn
-END PGP SIGNATURE-

Re: Package not compatible with old systemd

[Ansgar Burchardt]

On Wed, 2018-09-19 at 10:07 +0200, Wouter Verhelst wrote:
> On Tue, Sep 18, 2018 at 10:45:45AM +0200, Ondrej Novy wrote:
> > for example when files are overwritten. This is not case and Breaks
> > "is enough".
> 
> "Breaks" means "will cause the other package to fail". That isn't the
> case here. Additionally, Breaks isn't supported very well by some
> tools, so it's better to be avoided.

It is usally recommended to avoid Conflicts in favor of Breaks: Policy
says "Normally, Breaks should be used instead of Conflicts"[1].

  [1] 


> "Conflicts" *can* mean "shares pathnames with other package", but it
> doesn't have to; it can also mean "doesn't work well with other
> package".

Policy specifically says to use Breaks in this case: "Breaks should be
used [...] when the breaking package exposes a bug in or interacts
badly with particular versions of the broken package." (same section as
above)

> You're claiming that the systemd support of your package won't work
> correctly unless you have a particular version of systemd on your
> system. If that's the case, then you should Depend on the correct
> version of systemd. If you also support other init systems, you can
> add
> an alternate dependency on those other systems; or you can use
> Recommends: rather than Depends: if you don't want it to be absolute.

Depending on an init system is definitely wrong as it is perfectly fine
to use some service without any init, such as in Docker containers, or
under other supervisors such as runit.

Ansgar

Re: Should the weboob package stay in Debian?

[Ansgar Burchardt]

Hi Jonathan,

On Fri, 2018-07-20 at 07:47 +0100, Jonathan Dowland wrote:
> On Fri, Jul 20, 2018 at 01:34:19PM +1000, Dmitry Smirnov wrote:
> > On Friday, 20 July 2018 12:50:12 AM AEST Jonathan Dowland wrote:
> > > Have you read Matthew Vernon's reply to OP in this thread? Does
> > > that not
> > > explain it?
> > 
> > Matthew did not convince me. IMHO his explanation is weak as it
> > boils down to
> > "there are many problems like this and we should fix this problem
> > because
> > there are other similar ones"...
> 
> This suggests that you did understand Matthew's reply, but the rest of
> your message implies that you didn't. Honestly I'm not sure I've got the
> skill to explain it to you, I'm not sure I could do a better job than
> Matthew at summarizing the issue. I'm afraid I must bow out, focus on
> fixing the problem, and leave it to others or to self-study for you to
> understand it, if you wish to.

I can't help but understand your message as "if you don't agree, you
haven't understood" which I don't find very helpful.

Is that what you wanted to say?

Ansgar

Re: Should the weboob package stay in Debian?

[Ansgar Burchardt]

Matthew Vernon writes:
> We shouldn't need to have numbers of people having to justify why a
> particular thing is offensive before we (as a project) try and fix
> it.

That works if Debian was a non-diverse groups where everyone had similar
views on what is offensive.  In that case the maintainer could just have
done whatever or would not have uploaded the package at all.

Sadly(?) Debian is too diverse and "we (as a project)" won't agree on
what is offensive or where what level of offensive content is okay.

In this case I feel like we might as well try to reach a consensus on
whether pride parades are a display of sexual depravity, sexual
liberation or self-objectification; or skipping that part any trying to
agree if and how pride parades should be fixed.

The current policy[1] leaves it up to the maintainers to make this
judgement and I don't think a discussion on -devel@ will reach a
consensus that would take away the responsibility here.

Ansgar

  [1] 
https://www.debian.org/doc/debian-policy/#packages-with-potentially-offensive-content

Accepted valgrind 1:3.13.0-2.1 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 18 Jul 2018 23:21:57 +0200
Source: valgrind
Binary: valgrind valgrind-dbg valgrind-mpi
Architecture: source
Version: 1:3.13.0-2.1
Distribution: unstable
Urgency: high
Maintainer: Alessandro Ghedini 
Changed-By: Ansgar Burchardt 
Description:
 valgrind   - instrumentation framework for building dynamic analysis tools
 valgrind-dbg - instrumentation framework for building dynamic analysis tools 
(de
 valgrind-mpi - instrumentation framework for building dynamic analysis tools 
(MP
Closes: 903389
Changes:
 valgrind (1:3.13.0-2.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * backport: Accept read-only PT_LOAD segments and .rodata (Closes: #903389)
 + new patch: 12_Accept-read-only-PT_LOAD-segments-and-.rodata.patch
Checksums-Sha1:
 e874c9d07204ddbcc4390e1511bece09400bf4e0 2448 valgrind_3.13.0-2.1.dsc
 d66a839b9ec5432e20fe9b7647f252a5916cf802 28300 
valgrind_3.13.0-2.1.debian.tar.xz
Checksums-Sha256:
 ce9f54d5d12b377c1a8554369c4366a94bc2a9a819ac2283d02f035a47c3ad45 2448 
valgrind_3.13.0-2.1.dsc
 d353075b6faa7054451f21c294da1c156defff8137a14d27e0b8e7aaf5169f7c 28300 
valgrind_3.13.0-2.1.debian.tar.xz
Files:
 f7dd84aa5a73039f7cac4c8d4eb1b7f1 2448 devel optional valgrind_3.13.0-2.1.dsc
 6e8b66ce0e7298f0579a840cc24f4ad3 28300 devel optional 
valgrind_3.13.0-2.1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAltPuFESHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTAuEP/j211d17lbrbg+98dEsec1ruuWc8++Wv
1HxOwwLBGFySrdb5QZe1GTQqO+deFiQ72d1lt+VygUpetka8kX8OTCzIqknQjRbu
VinRah2J/edrwT/mLSzyoQpxa3NbKUNtkZQ9POIlJf53lqYvKQYWNGCg2X6lHQX/
7KaUZV4EEOXbk8aJnImwad4Zi5Fzra5c4ZuXTGk4GAXjKs1zF/SXWbR2Ce8xZkUQ
EF+3Cyaskr4GM0CURp9qCOQL4R7C9chrU1AyaXZm02Ttf3B8hLSh++4j9EztmCPr
QASTWvLXWGwBx9ML/1q1zk4Z8gyA/6ei6gCgoDKPZ/w/ZuzVVIvcKg2uWMi0PfLj
Xn3qdcOUsVW5u74RotcU+pPSGDbJ5l6NUkQgi8IGadBCzC/AwOrtgeU55R8Q/YPX
TDBMDAAkgaEE817yE7er8Poi/Ryj26HkLv1X69u0861cfoHRb581liMVJ1DyywHw
WdQ3fi90HUzUb6deoUXn/1Kc3rWJJrhA5J+eax0wUZS1YNKFiJX0RkSuKo3xgfOj
xG/wA/7EWp7FWtdAMy6TWH5eMYACLZ7wnD11DocBb+hLxvTvz8cMOFKSQJQi0/o3
/91bGGwExt5YCyoJwNAVloTAaGHmcnuNRGGuXH5c7h5Qp0+gwKnU3+2PTZHVP/jg
jxCFYOSs6gYa
=nrQt
-END PGP SIGNATURE-

Accepted dune-grid 2.6.0-3 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 21 Jun 2018 23:43:09 +0200
Source: dune-grid
Binary: libdune-grid-dev libdune-grid-doc
Architecture: source
Version: 2.6.0-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Ansgar Burchardt 
Description:
 libdune-grid-dev - toolbox for solving PDEs -- grid interface (development 
files)
 libdune-grid-doc - toolbox for solving PDEs -- grid interface (documentation)
Changes:
 dune-grid (2.6.0-3) unstable; urgency=medium
 .
   * Backport patch to fix base64 encoder on big endian.
 + new patch: 0001-fix-base64-encoder.patch
Checksums-Sha1:
 52ee9d41b257ca4b8faa20c13d99b1248fa85c77 2530 dune-grid_2.6.0-3.dsc
 93c53880f1bf40f185819c16b7a80f201da435dc 7488 dune-grid_2.6.0-3.debian.tar.xz
Checksums-Sha256:
 443bc3fd5f288bddb9fd86fbc2b0ed18ef009a60b5dae96fa0d1f51d2e319412 2530 
dune-grid_2.6.0-3.dsc
 9d64b079f574c7999a5d1ce90c1c3320947a9c0cbc9447098c63acfc5fd0b6cc 7488 
dune-grid_2.6.0-3.debian.tar.xz
Files:
 0c83518defa359924cec838ccb69313a 2530 libs optional dune-grid_2.6.0-3.dsc
 6f08cffe9c6b234a82c57fadaf7659f7 7488 libs optional 
dune-grid_2.6.0-3.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlssHqYSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTatEP/1b1F5lwI9TOhXFYYzuWqUvC+c+7G7Bh
h8Rhy6adzFMNnVXras1tsQWz+TiPn+BAO1Rn+lEMkyn4WStez8/7NWOnL3h1zwDr
I63oHhM0W/ugRGDZjoRHKCk6ugK9vVuF3N0hKy/St/6e3j7K+FlNjCo+vXvOJJRO
loGeXjWeykSVWDoE0UsZthaQwP69suTZxkNP1WzfGeMg+zGNhTTnlk5wpXiX/1bd
brVyWisMZw5WqL5LQbo6RMsb8BD9NH2HITZ3rC/Xj1v7lRi/+ujAGPwEEHLRDR2L
UPeoV7uyJS4LR8gDZFT3su6Z1BwZie5kYSOdPuS1L0vDkx4MrpM/GeMpNmR0sMDJ
ekFm+ihMY5JviL0R3d+6PvkUtVupJ+YlztfrjD9+QvM8bm17Nzsp/2MtgxAkkCO5
4IjsdFCceA+LU7MBzT59OZ9Zib4PpNIeba5fY8X8OioyyKrQbcr4PurgR63N8SUI
eQRCckZQwQk0OLXclJPIBEC8WEkTI+JYdyTW0tBLIGc4/j4NoPPddDSDN+If1QUt
ULgsrVca/mds8nl86sNEZnG7Rb6GIG6Wd3WjPlPeOb1qLwKHPadsr+YBhAW5j0Z/
hdICKitSV1xH/ygTLgFaBXAXSIg7K4+RajU51U3y1OeuOz7zjO0ALgT3IkmvTVBc
Gy0DXJGFXoj1
=UkLg
-END PGP SIGNATURE-

Accepted dune-grid 2.6.0-2 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 21 Jun 2018 11:24:46 +0200
Source: dune-grid
Binary: libdune-grid-dev libdune-grid-doc
Architecture: source
Version: 2.6.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Ansgar Burchardt 
Description:
 libdune-grid-dev - toolbox for solving PDEs -- grid interface (development 
files)
 libdune-grid-doc - toolbox for solving PDEs -- grid interface (documentation)
Changes:
 dune-grid (2.6.0-2) unstable; urgency=medium
 .
   * Add a simple autopkgtest.
Checksums-Sha1:
 0bfb2f53828bf84a47b407be4530232576799b44 2530 dune-grid_2.6.0-2.dsc
 19a8edd925e36038133baf18ecabc54ccc703aa4 6236 dune-grid_2.6.0-2.debian.tar.xz
Checksums-Sha256:
 b76a2f44d5b0f036f2ae820e3c240fdf512095ef01a3a78db402bb3cb4fd2538 2530 
dune-grid_2.6.0-2.dsc
 91b49316a456e27fad5b91ec0e729d0374349bd6b27ea0db86c21d7a05f8985f 6236 
dune-grid_2.6.0-2.debian.tar.xz
Files:
 d735828343593a3cde03631750275ab3 2530 libs optional dune-grid_2.6.0-2.dsc
 413a7f9f9d7c546705b2f5abb34477e3 6236 libs optional 
dune-grid_2.6.0-2.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlsrcuYSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTxBYP/38nGm/7XoPANarNoZlLfA++46Mhn+vn
X0D4ozjnreFXEzo4bpM/tJXCNlXVA7QG6vIQ8ghKXMuq4J055xqPz8jFYdCCsEn3
UA1ElImsstqUVlk4+fZNLpCnlsW7wrkWCKMuFKr5wZdwApkthJ+QJRbKLaw1Uazb
mDDg7mQiYvPonowpHml8gigtwb3w7l0mLIH6Oa5oJ0XJwV/l+UITXjGsbwhdS0pR
eHggY2BAgo2FRWX2JxYE0Mjn4gRqb1MPSrpyPiXXJPPgLrmnUAo2/GceShQLJanF
F0PCGk6U5vjM9X9Fr0fqCfT5MU0/qC1zlpkRSnlP0AgxMQ3DB/gZ5BAZyHqu4yYz
YcWWDTcMgkjtliIVuZFoDfDVMSuIDr0Y1ANhlmGo6KYhGrRXkCS+3qO38FSUJn9g
XnV2Z+4vtzwKmzz/M/ZO1wbYRo+IH/5pn1Z3hu5qx1zXQbV83da9dgMvGM63FsAA
uZpTO20VmeeEyl9SBf9XG5deawBZgtJFrf9rC1hr9CAgte+1aok0XNtiViEyy6qr
1+HZf8tOG5OLyOMjPZpJLIlUWQq/9OB0mtuLJ6t6ZoPdBW3q2WCT0TmTWDHfJq5H
TaO8x5rohlK0hkiQzLEaY8MGHxVFDKS9UkHHmiZZmn4J3KUngt7iTZDXwMMLNmhe
DIBVE6/kKg+F
=8cJZ
-END PGP SIGNATURE-

Accepted dune-common 2.6.0-3 (all amd64 source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 21 Jun 2018 09:17:17 +0200
Source: dune-common
Binary: libdune-common-dev libdune-common-doc
Architecture: all amd64 source
Version: 2.6.0-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Ansgar Burchardt 
Description: 
 libdune-common-dev - toolbox for solving PDEs -- basic classes (development 
files)
 libdune-common-doc - toolbox for solving PDEs -- basic classes (documentation)
Changes:
 dune-common (2.6.0-3) unstable; urgency=medium
 .
   * Add runtime dependency on gfortran. Configuring a DUNE project without
 a Fortran compiler fails.
   * autopkgtest: Add dependency on MPI as the test builds and runs an MPI
 program.
Checksums-Sha1: 
 3b312e49b6af9a7ee12f813a0e65dc06834daa0d 2677 dune-common_2.6.0-3.dsc
 c21188d9edfff3f42d0c80616e31b95ffd8b5b28 9308 dune-common_2.6.0-3.debian.tar.xz
 652fcd42006a0d7d4a4914338b0df6b465126b02 12683 
dune-common_2.6.0-3_amd64.buildinfo
 347a25d37a16053c58cc85c22c1a00fa78c5498d 523560 
libdune-common-dev-dbgsym_2.6.0-3_amd64.deb
 41d5d769067e4c9cd92a223934795c032dd9b102 303960 
libdune-common-dev_2.6.0-3_amd64.deb
 6c11151d10e5dfd5a4af06f084effe5c867a73ab 2390224 
libdune-common-doc_2.6.0-3_all.deb
Checksums-Sha256: 
 216b272537878f38ae54430f72148949678f7aa5ea5ef47caaacd623a3392d8a 2677 
dune-common_2.6.0-3.dsc
 67e9e8abaf242dfe4db30441bf1265f4b54b97de2f5173c3943fc6a143a831e2 9308 
dune-common_2.6.0-3.debian.tar.xz
 4ee8d91640b973638414aa75bb41800506ab25bb6adc88cc595202ec14760e51 12683 
dune-common_2.6.0-3_amd64.buildinfo
 2cbedce2cfcfaa15316af43b534c0accc9df492452337758d071e992f586fdf9 523560 
libdune-common-dev-dbgsym_2.6.0-3_amd64.deb
 b2855f8e964f54dedaa5281ee42543a866bcb1ff74dfd5bf770742338df3d6fe 303960 
libdune-common-dev_2.6.0-3_amd64.deb
 3dcf75825814e3e61d66c048c7aaafae8a231ee347fed3b9f34cf539d891722f 2390224 
libdune-common-doc_2.6.0-3_all.deb
Files: 
 dbf34c644b130170a5b0b538f0707776 2677 libs optional dune-common_2.6.0-3.dsc
 e0e88efa8b4b54cb61560623b6eda19f 9308 libs optional 
dune-common_2.6.0-3.debian.tar.xz
 ed045c201253a80431b1b3cf4204234c 12683 libs optional 
dune-common_2.6.0-3_amd64.buildinfo
 3c6e8dd50f3774b72fefb93268922527 523560 debug optional 
libdune-common-dev-dbgsym_2.6.0-3_amd64.deb
 5f884d8973d1caa8752c8540afbfb7cf 303960 libdevel optional 
libdune-common-dev_2.6.0-3_amd64.deb
 112af2eea656ba45ef97e3c61093e2bc 2390224 doc optional 
libdune-common-doc_2.6.0-3_all.deb

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlsrU1ASHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTWPYP/jItWvRT3bro9QQqQLE4SPb4hdpaufsu
BpmeodgpcrHkLZ3XepFZQgt2wul7ydTRuwapin2bcovCjqZtBn6B9F4kODFaFMlr
mu7K6gweuD0Go+WTHk1p4xCnq5y6a064dnnzanjC+pPoCgxalfJInySDBOMpBehS
V1anW5/TTz1uDSl/vlJJii8J76+oFtvnw3lORLe1DNKgiVzD2uiVc2F/25FgEWtw
7qCHSUvLCc9FsXlbTTTrt1mo2dnsjjI89sl6Xxm5e26GrQUES6ggj4D4NR9QlTuR
IF8siujlASC8IjnVfBSO2gSD9Knsa0LeB+gRYLmWQq8itY6TWII/L7JQbfOgxKsf
sNq98xFgTW9M3hi5iQHsjhiAxnKTOnGU73PQ4ZRKeiFQ/vB1PoNFlPkkn4vLrB+a
IgCbNG6D6zeuiQwzkDxJ6U+K5MZs6eELfCo8WkThb6AAwD+XU4KquhGtOSiFknM2
zisyd/c6hZMt876Fmgt7cXdXHBLDlq6ZCUlf4baQzKWyq01zwMbNuCb25Q4LdNvE
LJCwPAAe+pZ8y+L/q3QHyQtR8t62Q6h+vGW7lVDpqqYLfX5Kbi1i5Q3xQF3/7pZ7
ri9aRzgvUFOiL18IeUmg4rcSAm6LRXMMzRxOXh3kZSEyJe8xi9X0FcxeI07ZLA2G
X3OtUEwrjqYh
=/pEe
-END PGP SIGNATURE-

Re: Which checks should we mandate for source operations in shell scripts

[Ansgar Burchardt]

Marc Haber writes:
> back in the sysvinit days, we used to have the following construct as
> a common idiom in init scripts:
>
> |if [ -f /etc/default/foo ]; then
> |  . /etc/default/foo
> |fi
>
> This is an immediate privilege escalation vulnerability in the case
> that /etc/default/foo or /etc/default itself is/are writeable for
> non-root users.

That seems to be the same class of issue as init scripts, systemd units
(in /etc/systemd/system) or /bin/bash writable by non-root.  I don't
think Debian should try to "fix" this.

(Now, let me mention my favorite
  chown -R non-root /var/lib/service
in maintainer scripts...)

Ansgar

Accepted dune-common 2.6.0-2 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 20 Jun 2018 23:37:32 +0200
Source: dune-common
Binary: libdune-common-dev libdune-common-doc
Architecture: source
Version: 2.6.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Ansgar Burchardt 
Description:
 libdune-common-dev - toolbox for solving PDEs -- basic classes (development 
files)
 libdune-common-doc - toolbox for solving PDEs -- basic classes (documentation)
Changes:
 dune-common (2.6.0-2) unstable; urgency=medium
 .
   * Add a simple autopkgtest.  The driver (dune-autopkgtest) is also
 usable by other DUNE modules.
   * Promote CMake from Recommends to Depends.
   * Bumped Standards-Version to 4.1.4 (no changes).
Checksums-Sha1:
 256df7fef871605539165a54f61ccfa1ec5e683b 2643 dune-common_2.6.0-2.dsc
 ad1cde7671c8e2ccf4cf152ddf33ea87034c87c3 9232 dune-common_2.6.0-2.debian.tar.xz
Checksums-Sha256:
 cb448fcf000d7609f19e7d2a7cb3961fc42014ebaa0beed7b68832b797b945df 2643 
dune-common_2.6.0-2.dsc
 7d5b69bd43b887b06895e50c135005b94baf75afe510ad162640d52ad21913b1 9232 
dune-common_2.6.0-2.debian.tar.xz
Files:
 53de51b4bf3150e3c7ccc29a13fc5495 2643 libs optional dune-common_2.6.0-2.dsc
 6e8ed41745b4ef6eaf98e3ecafc0f7b8 9232 libs optional 
dune-common_2.6.0-2.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlsqzRMSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTYhcQAK+YbF0zHN3NUF4/na6elBo59lq3VkDQ
I/Rrl2kSVRlnBFhAmRDlhGg4neyxzS2vej7xbGbi8u4wGhOxHEnTxd7CU47mtoOU
zLsDQSJB3TUX1vk0haPdqdGdptjyATH4vc3Z5hkubhfKA8sUhgVvxU6mOcFBI2PS
pqQllZkvP/k+pP3/FrivYIq05KML6m7HFU+6JjC83hf9mvEdwDYJgOWWlH39VbU8
+PPXdRF8hl/JTR0oUM6oLb3SeJab1UJj/w6lhY3IqozIQpK/pabemCSr2ckgPzGZ
8otYP8mYS/m7e12fHdIg3w1pTfaNsCLoOwZb1Jb78ZWBYzPDsOMobXaBrICN8Ly/
HHgUb2eXCd5IkQOn32YUHH6SxWoKbHDWEj2FqqXvQ3J4N0sztPGFB22ZhJtHIpqT
IXEgWBsbu74vSPgXVXSRS0aNS4y2GhGMGbcRd+cAofVNKbRh3+zloU2XB/v3uYDg
PH4oiAKHQ4Q4Ez9kCB8ajeTk653w3StCu2/7YCiID+/UP/vzZNm31XvUkAlzZ/zh
LZuxEmo6+c5mjgW9YdjPKI7/yKHe8X9tJzaTn9L3+c2YJ6JdoiJwxlOBz8tcaNkY
JxK+3kzwwVd7ZwUjvsO2F6DE3fUM1Jnc7MYIKlHj6CAkc44v3mDxzqG1ZKnlzZ/T
ShjNyg5sxo+z
=q7Mb
-END PGP SIGNATURE-

Re: rkt

[Ansgar Burchardt]

Dmitry Smirnov writes:
> On Tuesday, 5 June 2018 5:11:31 PM AEST Ansgar Burchardt wrote:
>> rkt is neither in testing nor stable...
>
> Unfortunately... However it is a static Golang binary with minimum external 
> run-time dependencies which makes it possible to reasonably safely install 
> rkt on Stretch straight from "unstable"...

Yay, build systems that will be a nightmare to maintain later...

Though I admit golang is a crappy language to support given one has to
rebuild everything all the time there is a security update.  Just
imagine libc (or worse: linux) was written in Go and there was a
security update: just rebuild the distribution ;-) (And for third-party
providers wait for the vendored libc (or linux) to get updated, if that
will happen at all.)  So I'm not surprised many Golang things don't make
it to testing.

Ansgar

Re: concerns about Salsa

[Ansgar Burchardt]

Dmitry Smirnov writes:
> Do you think there will be a potential to move services to containers, 
> probably on "rkt" runtime[*] ?

rkt is neither in testing nor stable...

> [*]: Because Docker sucks...

Does rkt then suck more because it depends on docker stuff (at least in
Debian)? *scnr*

Ansgar

Re: Bug#900286: ITP: spm -- simple password manager

[Ansgar Burchardt]

On Tue, 2018-05-29 at 13:11 -0400, Nicholas D Steeves wrote:
> On Mon, May 28, 2018 at 07:46:59PM +0200, Jakub Wilk wrote:
> > * Paride Legovini , 2018-05-28, 17:33:
> > > spm is a single fully POSIX shell compliant script
> 
> [...]
> > > In Debian the script will be installed as 'spm.sh'
> > 
> > That would be against Policy §10.4.
> > Please talk to upstream about choosing a different name.
> 
> Are there any reasons why a debian/spm.install like this one wouldn't
> be an appropriate solution to §10.4?
> 
> #!/usr/bin/dh-exec
> spm.sh => /usr/bin/spm

/usr/bin/spm is already shipped by another package as noted in the
initial report.

Renaming the binary to simple-password-manager or so would probably
work.

Ansgar

Re: Want to make salsa advertise contact and source code details [and 1 more messages]

[Ansgar Burchardt]

On Fri, 2018-05-25 at 18:57 +0100, Ian Jackson wrote:
> Another way to achieve the effect I want would be to do it post-hoc in
> a reverse proxy.  I see that salsa is using Apache as a reverse proxy.
> So perhaps the right answer is to do this in Apache.  It seems quite
> hacky, but if it's thought easier to maintain then fine...

That seems like an horrible maintenance nightmare just to avoid even
talking to upstream...

Ansgar

Re: Want to make salsa advertise contact and source code details

[Ansgar Burchardt]

On Fri, 2018-05-25 at 17:16 +0200, Geert Stappers wrote:
> Not knowing who is "we", but the thing I want to says is
> 
>   Do not ask for a lighter load,
>   but ask for more shoulders to carry the load.

Asking for a lighter load has given us the wheel, washing machines,
dishwashers, computers, and so on though. :-)

Sorry, could not resist.

Ansgar

Re: Salsa Questions

[Ansgar Burchardt]

On Wed, 2018-05-02 at 14:11 +0200, Jörg Frings-Fürst wrote:
> - Becomes salsa the permissions as an open system like Alioth or does
> it stay so steady?

Sorry, I can't parse this question.

> The background to the question is that at the moment I can not even
> draw attention to the one project that has already moved to Salsa
> because of "Permission denied (publickey)".

Did you register your ssh public key on salsa?

Did you specify the `git` user when cloning the project?  All Git
accesses via ssh have to use that user.  It's also possible to use
https:// for accessing Git repository; that also works without an
account (for public projects).

Ansgar

Re: problems in gjots2 and Debian

[Ansgar Burchardt]

On Wed, 2018-04-18 at 10:45 -0400, The Wanderer wrote:
> On 2018-04-18 at 05:55, Andrey Rahmatullin wrote:
> 
> > On Wed, Apr 18, 2018 at 11:23:23AM +0200, Martin Steigerwald wrote:
> > 
> > > As just someone who mostly maintains one package (fio - flexible
> > > I/O tester) I can certainly understand how you feel about that
> > > Lucas removed you as a maintainer.
> > 
> > But that didn't happen, unless you put different meaning into
> > Maintainer and Uploaders.
> 
> If you don't assign different meanings to "Maintainer:" and
> "Uploaders:", what's the point in both fields existing?

The Maintainer field is only allowed to list one person for historic
reasons.  So a new field was added to list additional maintainers.

Ansgar

Re: Lucas Kanashiro and Athos Ribeiro salvaged my package

[Ansgar Burchardt]

Scott Kitterman writes:
> Personally, I think people should be more annoyed at the people doing
> the hijacking than the one they did it to.

I thought this is called "salvage" now?

There might have been some miscommunications, but given an acceptable
alternative is just requesting the removal of a package with open RC
bugs that hasn't been uploaded for a time, isn't just salvaging the
package by adding oneself as a maintainer better?

And if this is the preferred outcome, shouldn't the salvaging be
"easier" than just requesting removal (which is just one bug report
away)?

Ansgar

Accepted dune-pdelab 2.6~20180302-1 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 13 Apr 2018 08:47:01 +0200
Source: dune-pdelab
Binary: libdune-pdelab-dev libdune-pdelab-doc
Architecture: source
Version: 2.6~20180302-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-pdelab-dev - toolbox for solving PDEs -- discretization module 
(development fi
 libdune-pdelab-doc - toolbox for solving PDEs -- discretization module 
(documentation)
Changes:
 dune-pdelab (2.6~20180302-1) unstable; urgency=medium
 .
   * New upstream snapshot (commit: e88a57a22a0d42084255eeaa38ac716ab98be96a)
   * d/control: add `Rules-Requires-Root: no`
   * d/control: add explicit (build-)dep on libdune-common-dev
   * libdune-pdelab-doc: add Built-Using: doxygen (for jquery.js)
   * Bumped Standards-Version to 4.1.4 (no changes).
Checksums-Sha1:
 4c5f1df50233819c433f1a1693c5bb19d0fac18d 2596 dune-pdelab_2.6~20180302-1.dsc
 45c3c42c1e8ad15aae9c8879e5e58739e8f6c961 528512 
dune-pdelab_2.6~20180302.orig.tar.xz
 c55cc070bc2ef93d52def9068e08cb191ceafe49 5276 
dune-pdelab_2.6~20180302-1.debian.tar.xz
Checksums-Sha256:
 be5c10b4673e3f8513284ceea49449613c05ae2822d3ec21db26ec52af0f1fff 2596 
dune-pdelab_2.6~20180302-1.dsc
 ad98f2ac6d27e6a7baf3d468c747014cd70c4a6d5ca18f79635835bfa093c79c 528512 
dune-pdelab_2.6~20180302.orig.tar.xz
 b3f782471efca9ec4aa0607a38195223c51172893a94b027e77be039a56973be 5276 
dune-pdelab_2.6~20180302-1.debian.tar.xz
Files:
 452ed58501d483c0cbdea5274a321513 2596 libs optional 
dune-pdelab_2.6~20180302-1.dsc
 daaeb9092b68ba3c8eadcc79fc6a01e2 528512 libs optional 
dune-pdelab_2.6~20180302.orig.tar.xz
 7f1e4c028fa4a6d860b09cb09cb0e030 5276 libs optional 
dune-pdelab_2.6~20180302-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlrQVj0SHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiT5z8P/1TpwTbMqRLS47RmPoUXT4DlkKDRMIB7
tfWGIN9EEwPE7pSb5e/pCuqAtdBraV/PCb7Xn0x2Tm6n5nvFuMl7LuZNAAtbOkNA
GENv/WhlmtQHjnlAS0C/HKM0SJzbZZZeJYMM7gZG6JzRHRUizqAk4n5QMjmGQomL
OXSaaZ/TxfJ5lmMZXTlnKgULaQ6Unmy+0C320jmxL1u3BJBspx/FbvPNw3LUgA4B
ClS2iz+3iBsEvLqefaWm9MG43tnkvO7y1iyshkOO/S3VN6hGsCVYxdknFPpJu/En
0pX9QprY+KAO4SnuNlmKdmQguVpSbyLAS+60MRTliWuhYJZIde+B0dSzWcZ/V3jE
AaniEE/2Pz0dKUQRLvCchUMULbCaDxx0hhEkYsQfRUuJq9e7+6cv1tKTlGvSSRNf
YlGHJ9RsDzR1ALMzgDYxz08lGkbXFP4Bb4L7ELa45GJWHuQjYlCdtH0K1tdgqL7k
XYNT9IIzldylRI0stomfLrfj0OT5akNCV09TMhhO1+7pinLReDo9vXYN+ap7c+RJ
4ZdtrSabhxKtijJmumX/x9Q7KtcYPeRUXQvcOyAqvciiUF42UbWVwPRomX+OpyGy
pWYwx0TzbEfYTGDsMnNPswaovnt40vXme5SGREXlqvdkD+znE1jK/jXmipbhOiet
5I/bh4fIlPlx
=GMT1
-END PGP SIGNATURE-

Accepted dune-functions 2.6~20180228-1 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 10 Apr 2018 21:42:07 +0200
Source: dune-functions
Binary: libdune-functions-dev libdune-functions-doc
Architecture: source
Version: 2.6~20180228-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-functions-dev - toolbox for solving PDEs -- interface for functions 
(development
 libdune-functions-doc - toolbox for solving PDEs -- interface for functions 
(documentatio
Changes:
 dune-functions (2.6~20180228-1) unstable; urgency=medium
 .
   * New upstream snapshot.
   * Bumped Standards-Version to 4.1.4 (no changes).
Checksums-Sha1:
 3b17000672e9ae453c6d46cb31a9c2e34489d9cd 2516 dune-functions_2.6~20180228-1.dsc
 93d5bf1c16634061aef3885cec85ec8b28a532c3 262964 
dune-functions_2.6~20180228.orig.tar.xz
 45cf0e0b6f2e6690c6e4ce95af405c2fe5d79103 2900 
dune-functions_2.6~20180228-1.debian.tar.xz
Checksums-Sha256:
 26631fcfc031e445fdadc3ea9b712236287dfabf53422f41baaedf4cbef63a33 2516 
dune-functions_2.6~20180228-1.dsc
 b8755a88a7c36cf3689c7b75c9469f20a89afef9fd52c172d5f532ccc54fb5b4 262964 
dune-functions_2.6~20180228.orig.tar.xz
 ad18f3a33350a0b983e16cb196731706c11aec949e924b0bfd1ab2d8499d2fd2 2900 
dune-functions_2.6~20180228-1.debian.tar.xz
Files:
 10b3c68d92835f0ae63bd154157a7b5c 2516 libs optional 
dune-functions_2.6~20180228-1.dsc
 c2118abb4c42931e44a2ceebcd16af5d 262964 libs optional 
dune-functions_2.6~20180228.orig.tar.xz
 d16b468f937cc9db5699c501cf12cc34 2900 libs optional 
dune-functions_2.6~20180228-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlrNIO0SHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTm2sP/0+M05LhmdnyvMZg9YP5cUCmrWgTPbY9
Axk9jvpZcSDYiYsW7CHtgq+XZlpcqG8qLtjOtXc9xIlsu0GIP5HqWWHmc0SJfRrw
oaLnzr1JN+iqi7mAG8krhA14rYDHt7ww9qjj+LdSxXu7DM0jFDN+ggSSqPdeqgv+
8IouXojtXK/1bpNGbGGcXK+BrtTCZeMAj8imf6R8xntL6dhu9T+U7hzO5JxPtcDh
NRiK1PNuL0QNGoVcyXqyoa2DeBMJpkIuef3seJQzh6ScwDLQS+OVqzrc98ZJ0l6P
jTvpi2/fQkGD+Ak8BRzZYkVxr3lMPQMYL/i7OV9b3m9/HW0JjytRw+5Nn+/P1/BP
zBN0Xm9onuVLMrkcBnIwrfqL8DyARtG/3MD1/P7M5K3tq5KZzf/xwjrRfrCL78NR
V34pbKgBA0AL0ApA7HVpgC5cCLULyCq2kMwMGhiGPtNOtA9oTVxQ9UBKQNqfoJll
1isv1MSgKOwNoXSqhO/M2hVlsZP3RdMsQCEuJ3ftSFneRr8ddnfpN2ssYz+1416I
GgS+yaMgXzNtaypTqRev5bgln6xkyRpfjffsJmepM1PVFO02XUDVKyaOpnF6NNSC
j/+iRQUbNyvRX0eMkGUz16cSHYPk5b827yMUg7YIq+lV7OSFj3/doW5XyI8p2t0O
TUgXdW/aToAO
=4Vh6
-END PGP SIGNATURE-

Accepted dune-grid-glue 2.6~20180130-1 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 10 Apr 2018 10:51:19 +0200
Source: dune-grid-glue
Binary: libdune-grid-glue-dev libdune-grid-glue-doc
Architecture: source
Version: 2.6~20180130-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-grid-glue-dev - toolbox for solving PDEs -- compute couplings between 
grids (deve
 libdune-grid-glue-doc - toolbox for solving PDEs -- compute couplings between 
grids (docu
Changes:
 dune-grid-glue (2.6~20180130-1) unstable; urgency=medium
 .
   * New upstream snapshot.
   * Bumped Standards-Version to 4.1.4 (no changes).
Checksums-Sha1:
 62af0a3544afef17d85029650691052e0f009fe3 2393 dune-grid-glue_2.6~20180130-1.dsc
 995be7f0f9690e9fdd35fce713ecec35a804e494 67620 
dune-grid-glue_2.6~20180130.orig.tar.xz
 fd785c74945ceb70d1c954f7dac8939356276708 3580 
dune-grid-glue_2.6~20180130-1.debian.tar.xz
Checksums-Sha256:
 b64be6216e7a27a3d48868662e1e53f8347b68bc9ab1b3b669f9b338180ce53f 2393 
dune-grid-glue_2.6~20180130-1.dsc
 eec362de59ac57fc8168112352d42a65965fc36091abfc4fdc51429fd33460b5 67620 
dune-grid-glue_2.6~20180130.orig.tar.xz
 68e6d167b74419ae17ec49ef1a20e93751aee68afcd48acabc917e46ad845da5 3580 
dune-grid-glue_2.6~20180130-1.debian.tar.xz
Files:
 6a4a433f0a5b0fa28dfa5e3b3bfdff39 2393 libs optional 
dune-grid-glue_2.6~20180130-1.dsc
 dfa2034e0c9c4053b3ba639ae9d7bedc 67620 libs optional 
dune-grid-glue_2.6~20180130.orig.tar.xz
 6ef896ee34fc6a5c1afdef1c3bfe5353 3580 libs optional 
dune-grid-glue_2.6~20180130-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlrMh3sSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTfpYQALLk8Ni3RJwVuDCqQlfZC/jpiCNaHPh4
po7SzN4F6+gWIBKpqLuUqkeCWMHPmQmGRtM7g0ldy9FMmQ5zTgM1PUrdQ5mbMdO3
ZREqUX1M54LsHqj2EwDJBsCvW5vSH+rBhFGgV1FGmxuJ1Z8q2BAhsynqUQxGpqUT
ZfUETY9c1tSJU3zxlyqRFAFtQvQl+U+b4DC4In85t95lNq8irBTDmtakMZSTQKZM
9vGlZOJdEhcLueddlbCJJj+Z5TG1xE+9TA4khvFyaJYfQ8MrFWvBNHFgcoJTsuUZ
YXKdC24WEYHD2NLbkY+y7FwBzxDYjLxeJUhhUap89F7GLbWwpee16FnVgE7/fUZA
4Ub7cOzmcy6tQbuXlv6G8M/AhddZELvGQ+cCYiSHj983AdJaZcU7KSf2NeDROHfu
ooLY0ze7dkkBhn/nNZf8nU2zz/mxVYTGrV1w0fFcJ/JF3bxHN+aN8n0DZ+O9ugiz
VBfCGdYHfiWcNtAeqROZejvpftwUnZxVMYtz5DIeT+5RQssylebarWRSPc5T1fLP
dFXFbhIM7WJCXHTD8CXbZZoVhpNKoivM/GSR/7QTfMCmzeFGX3I6SjNgVlJkRVOC
OVqprH7Xu1XMpwXdSrDeB7HB9Go9DDaFTzFjBHkH2cidq7TpnUchVgYzlTQAwspg
jNO1FeCBNeOp
=atAv
-END PGP SIGNATURE-

nmap license is incompatible with GPL

[Ansgar Burchardt]

Hi,

[ BCC'ed maintainers of packages mentioned below ]

Chris Lamb pointed out that nmap uses a special version of the GPL-2
which is incompatible with the standard GPL license:

+---
| Because this license imposes special exceptions to the GPL, Covered
| work may not be combined (even as part of a larger work) with plain
| GPL software."
+---

The license in particular also forbids front-ends parsing nmap's output
that are released under a license not compatible with nmap's:

+---
| For example, we consider an application to constitute a
| derivative work for the purpose of this license if it does any of the
| following with any software or content covered by this license
| ("Covered Software"):
| [...]
| - Is designed specifically to execute Covered Software and parse the
|   results (as opposed to typical shell or execution-menu apps, which
|   will execute anything you tell them to).
+---

This means packages such as `nmapsi4`, `python-nmap`, `lsat`, `nikto`,
`zabbix`, `oscinventory-agent`, `fusioninventory-agent-task-network` and
possibly others which are licensed under the GPL-2 (some with or-later)
do not conform to nmap's license requirements...

I plan to file RC bugs against these packages soon; this thread can
serve as a central place for discussions.

Ansgar

Accepted dune-typetree 2.6~20180215-1 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 10 Apr 2018 08:39:18 +0200
Source: dune-typetree
Binary: libdune-typetree-dev libdune-typetree-doc
Architecture: source
Version: 2.6~20180215-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-typetree-dev - toolbox for solving PDEs -- typed tree template library 
(developm
 libdune-typetree-doc - toolbox for solving PDEs -- typed tree template library 
(document
Changes:
 dune-typetree (2.6~20180215-1) unstable; urgency=medium
 .
   * New upstream snapshot.
   * d/control: now requires cmake >= 3.1
   * Bumped Standards-Version to 4.1.4 (no changes).
Checksums-Sha1:
 4d7ec995e506510db724626c0a06133722584996 2390 dune-typetree_2.6~20180215-1.dsc
 fafbc07ece202fbfe49efcdb40e961f0691319d7 53660 
dune-typetree_2.6~20180215.orig.tar.xz
 efb36a971f1104bb1b3543350dac80046117e5a3 3448 
dune-typetree_2.6~20180215-1.debian.tar.xz
Checksums-Sha256:
 8a9dfd2e4934c16a6e816ee502c2163a2bfcc6d0f1ce63bba4e62d6e75554536 2390 
dune-typetree_2.6~20180215-1.dsc
 06faa7b3f33ecb3d4c927cb2ef42112d337c8c3b69ee93e61525af60fa62bb7a 53660 
dune-typetree_2.6~20180215.orig.tar.xz
 44633c0ed21c2a68b725e8620a2db6ab2db3804c9312cc5460b2b9b5bb6b27b1 3448 
dune-typetree_2.6~20180215-1.debian.tar.xz
Files:
 7c8047c6aa564e16e90d9fe06bff32cc 2390 libs optional 
dune-typetree_2.6~20180215-1.dsc
 11c9ec3af96de9efc0e9ac149f514600 53660 libs optional 
dune-typetree_2.6~20180215.orig.tar.xz
 40c5fde3d35c4fb6543beb1373b2ea72 3448 libs optional 
dune-typetree_2.6~20180215-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlrMYn4SHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiT/QMQAKt/B/amv9dfSUMNE89ov+VzviUkdQ7y
4WWBK32Q2qlGJ4DPyo1oRSnpaD4kQv6EsTUsoFbV1BCVeKN2XSh3x+Y1AFkbrpph
uhSSOXoTp1pZGP+ga9MkKJmhHGHLKdK4QgipbowAyLdD/TGMaQEKu1AgGs4c1/OH
/grhc8MxalNi1KlXvckdX1gNL5JFBNUP+a0OKYuUVn1MF/iLu/eoaux4BEFBzwr9
2v6n4tYbnklQvjTeQe3A/krBQ2SP8YWYqcCHfwj13qiPFVGTIsaZ5jl/0ZJtVeCF
kzlfsVxKW5z/Su31RszyhSP8YjamC0xGayo3KKQ0iq+Yu6F+sv3B56nU3k2B0ls5
Rr/gsw8MwSv97oWiYg4KNPBai/+FjDZNpc61hS6sidypl60BKXuQsswsfL8k0hsk
qA1ESfES7ojczMJY8QFhIOU9uFNLFXV4rSwocfQnmcjh/O8WpAWh8xja9/48ipzd
9qCV7aE4No26ZJnU10Psvrts+918oILfZZQFaFvyJAQpJYNtt09WGLbYQa3tM1bX
01+TaJzxr+rjGBJrBKhYSJeNM+zjq4A5u4EmgPlgoHQJG7wf3SswwGRxlNFYo2QM
zA6nvRhRfuXgBqd5dU3KQ0hjGDPyMBzSaMXE1ITVF64SGC3QRVxww8ZCBO5EKO+z
x8l03dpMmL89
=B1IE
-END PGP SIGNATURE-

Accepted dune-grid 2.6.0-1 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 04 Apr 2018 00:08:47 +0200
Source: dune-grid
Binary: libdune-grid-dev libdune-grid-doc
Architecture: source
Version: 2.6.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-grid-dev - toolbox for solving PDEs -- grid interface (development 
files)
 libdune-grid-doc - toolbox for solving PDEs -- grid interface (documentation)
Changes:
 dune-grid (2.6.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * d/control: now requires cmake >= 3.1
Checksums-Sha1:
 1d89f07a72040cbc08ed3dd50b68d2187d30be18 2417 dune-grid_2.6.0-1.dsc
 ded50150be5ef3f7afc41a50503a359ac6ad5108 2645592 dune-grid_2.6.0.orig.tar.xz
 62545cc14114f89bb1c94c3d2b4ffd90c56ff69a 6064 dune-grid_2.6.0-1.debian.tar.xz
Checksums-Sha256:
 59962a55923433133da5cd106f0a50d3015ddc3525566b7c97a5a8fb4eed0ed2 2417 
dune-grid_2.6.0-1.dsc
 277f873f1e11260317f2c56eb171897814f87a8e5b43c0bd74fdff86aeed272d 2645592 
dune-grid_2.6.0.orig.tar.xz
 85a52106a50949872dc60a83d5f86b96735e94ab9ab950b874dced1e7956cfd1 6064 
dune-grid_2.6.0-1.debian.tar.xz
Files:
 6691d787828b6be6bccfdcf36e8e6580 2417 libs optional dune-grid_2.6.0-1.dsc
 73f114e87f1e699b07781198e54b8db2 2645592 libs optional 
dune-grid_2.6.0.orig.tar.xz
 28a0e90fdcb5e075d4908f71d3e1a734 6064 libs optional 
dune-grid_2.6.0-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlrEAZISHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTtTYP/3h9fB/FCZxH4NVnogt0nHe4s3tK+yZF
jYdJTFKyMQjXd7bdgMErAzL/T5I1YzWBManQsBxm14ZkaQnaIIjdswnwgXBHqJ6T
Rh4XYr3B0/YazVOyG7licNGnzlYqJ+hFwhn2BIArKmRJzwbbYrJM+2jT/kxtYjqK
EJxv1HQsT4Bm8XnEmr1pAd/4BEyEM0Xp+2cXGdXkBdJXGq8aI0MXqFVTAT8LqtrO
eyXYW3TIMEgj9LNWYAW8F18BMxfNmUMRuertGzMuwy0aeghlPE2ID3f+1CCnYeJJ
dSmarjVVYmvlZ1txlIS1kHwFZkx34OnJFjUQMV5Mqj15Os8Alx3OOVPZERmm4RSI
tgRFGe4ve3lLKWUiAxZO70gf17I2/w4aYRyrN/DE0wGfe7XRgaw8Z3i4fDv2Uh1i
2fPqlgpBZh6lAMEXvg58ZTxnJI+NvGStsfAdbhTAfL8L2NXwHnrLRJFxV28cAwJM
URX31rJFRYwXgD3xC13imhnK4GgdXOYWkMMLv3GYGKnZIkNy1GxKCtkrvBHzggT7
ed4v/rMO9HmhIv/8eCs3I1TQYuuyuudYUORfhWAyEyJ1lcPqVG5a9s6jAmnRBe2X
3/AFrYv/C/zP7RKf8iMSSmFNniL0WmGtymwqNjM1932PmQHJCf6UfS/CpCgpCty+
F3yIwmbVqESy
=tv4/
-END PGP SIGNATURE-

Accepted dune-uggrid 2.6.0-1 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 03 Apr 2018 22:42:23 +0200
Source: dune-uggrid
Binary: libdune-uggrid-dev
Architecture: source
Version: 2.6.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-uggrid-dev - software framework for finite element methods 
(development files)
Changes:
 dune-uggrid (2.6.0-1) unstable; urgency=medium
 .
   * New upstream release.
Checksums-Sha1:
 922f2a95f93b0c24089458f7bcd9c5c35c0d23e1 2157 dune-uggrid_2.6.0-1.dsc
 a50360d48e0796e118e09ad9fa766aa40e0e9f6b 535780 dune-uggrid_2.6.0.orig.tar.xz
 f2bec26038d71d837eaa863de4e0551e9f42e404 2896 dune-uggrid_2.6.0-1.debian.tar.xz
Checksums-Sha256:
 8aa2a0b051b53f6e6a8699c34baffedde474f6f208a87420952ab439535d1fe0 2157 
dune-uggrid_2.6.0-1.dsc
 0feaa9d868586a5e01964a0625eaf49a54094130e5fda2abf7484cb464f9809c 535780 
dune-uggrid_2.6.0.orig.tar.xz
 d1cfdb68b250239f035e8bb3dcc11e11e894faa01a89f3d9849091f03db9d353 2896 
dune-uggrid_2.6.0-1.debian.tar.xz
Files:
 e133205dfe17d119f5b5c49244e98281 2157 libs optional dune-uggrid_2.6.0-1.dsc
 4a3fafe1b3fc8fe65dd475b518c54a94 535780 libs optional 
dune-uggrid_2.6.0.orig.tar.xz
 8163f1140fe6b652c744fb2feeb2243c 2896 libs optional 
dune-uggrid_2.6.0-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlrD6hoSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTZxMP/iQ0S6c59ee/fne2zi8O3Zb4F+ubrKr5
kSZI5aHqLiO+z5Hf8dgywLhg6GIaNoXVPPBU0XeNjsNDWVavsiF8xjE+X/RcmZM9
PAvTUR1004yWRcO9aQ6v3BExYVCCOL5MKBoVw/15nh5+Oc9WYo+86LLm/TdHfYZc
BN1v0dco4sYxY49BUsMI9VV3LbCjILXpQbN19XOV7mxh563c1mIDjFcn1XR3TW3v
6hPwpWxfEuXkx09q6UADKTen8PpouQgXQQch3DuaZ8cg2MjiUS5bpj+yatjEwsHM
3EJgEBubSFIsHNsQlLUsiIPt6FlgQXY1pljxNl39MhsCxdDBRJBK6qu3S/P88yMO
Xlt366R6T/AVoIRVJCN6/CWRxFv6nYCPYnohFPqopXwzRrOcEM/WkusTHm0Y3LHO
EYa1P+kauDYlFjS0BV1nKsYWIm2qXbqI1Cxi24JYNkTYmmkRmn8qWfQ2dT9sJ5gI
qdchzUds/eEEhG2HQoYe511UY2/SHEyN+WnAeblM09xwYnaNbiBvbkQRvIEo0PdY
+OMmBdACIkbZceLklyAV1S1+oR/MuJUOLLcL10GSoy80PQVMhH30PsLVa0+wMEkx
KzmJHSMUCyaLr2yk9n+pU+hyXwtIckj5KChhSP7Yh9/CdTSZ0wvdAKtvRAJMBx0E
flDoGbktMOij
=b6FH
-END PGP SIGNATURE-

Accepted dune-localfunctions 2.6.0-1 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 03 Apr 2018 02:09:34 +0200
Source: dune-localfunctions
Binary: libdune-localfunctions-dev libdune-localfunctions-doc
Architecture: source
Version: 2.6.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-localfunctions-dev - toolbox for solving PDEs -- local basis 
(development files)
 libdune-localfunctions-doc - toolbox for solving PDEs -- local basis 
(documentation)
Changes:
 dune-localfunctions (2.6.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * d/control: now requires cmake >= 3.1
Checksums-Sha1:
 0292b6ed6af647a98b1d5d8926153df0044bad7a 2756 dune-localfunctions_2.6.0-1.dsc
 8e079ef7ea92d23bab6c42cfc3d95439769d831a 177251 
dune-localfunctions_2.6.0.orig.tar.gz
 45ce2989015ac25a6d5525ad818c2fb7279f70d1 473 
dune-localfunctions_2.6.0.orig.tar.gz.asc
 443c68551a8db82075de2379506da96644e7faf9 3600 
dune-localfunctions_2.6.0-1.debian.tar.xz
Checksums-Sha256:
 3db003ca279bbf68e957134a969bbfad46d3604fa9066877e48d3526f227c8c0 2756 
dune-localfunctions_2.6.0-1.dsc
 14664b007fbc5e3592740075d2aeca6890e6e185f9924da044fe726ea3fc86a5 177251 
dune-localfunctions_2.6.0.orig.tar.gz
 8d5c0034367e959b9a5eb9a3b3c77aeda34029da26331f605661ba26f87597f2 473 
dune-localfunctions_2.6.0.orig.tar.gz.asc
 7a69b4b6ea3b5ce2d25a50c320032432b8156cbc115dc0d4068b38f67a052180 3600 
dune-localfunctions_2.6.0-1.debian.tar.xz
Files:
 93be8ba505de46c799d16d66573788be 2756 libs optional 
dune-localfunctions_2.6.0-1.dsc
 e35a5417c4febaef25ab31be135feccc 177251 libs optional 
dune-localfunctions_2.6.0.orig.tar.gz
 8b6344b1dae7208be10f63d26b15fe9d 473 libs optional 
dune-localfunctions_2.6.0.orig.tar.gz.asc
 a639caff3e17f203bd6d5d53c7cf04f3 3600 libs optional 
dune-localfunctions_2.6.0-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlrCzn8SHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTUoUQALLT4tzgEtlrir9CbgGVCxK3nLi2fbUz
es8C8UIif2RZWAnTQlR2ra4xqyR0JnZCo6kcWaTUEzurF6mEwhc5OIzpkgpZaTbw
HuKQqVMn6WWMS1w0VvpWDtWPwqElZyCXk6KhfUYchUz2f+IS+IyfAzOY/BQ+/MYG
mCr9o0IY3ccVNTMMppFuIlCBfVbpJ0KrcwmqkxrN9XkyrpYiLnq7uHQEePr6zWAW
ldoyngKtnMPlaHla5NIAlOXVQULurp1s/eHgPcc1gjqdSyQFfLm1+7tf2a5d+dXE
Y4so2L2V4OtbYxjUFlNxzr5XhZNQixNTx136dVBlB0YU45fUtuzXw1/lcuG7DAyr
Gi/345KLNexfttyY7cV7iOSz3hSCYIlINlaohHUTVk2oY2WqR0DchsNY3WoSkqmN
ZSM2RwMoE7zpJETjYZtt9NeE7sTLl2aZN1GlS2XW0j9Ev8a2kcwZyeQT0WfToWe8
84+LDGPHu+FpRVTKbXCWDq/PW+pmPZp45v4MEp9mwkOQU6dvV0cdh/6bruov0+2I
f/oiIqdgQI25E4cfC9/pVx6IRu7jlCTQmT4opWod80wZlA2BH58r5GYR5Env95Bi
eh8BKGmXcJee6AubfN5YeiYgrZoZGDQzRZiF/J2cZjDwf7B75pbjvTDnt4iNiiof
MfAzeNM2p2aI
=TdMS
-END PGP SIGNATURE-

Accepted dune-geometry 2.6.0-1 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 03 Apr 2018 00:30:47 +0200
Source: dune-geometry
Binary: libdune-geometry-dev libdune-geometry-doc
Architecture: source
Version: 2.6.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-geometry-dev - toolbox for solving PDEs -- geometry classes 
(development files)
 libdune-geometry-doc - toolbox for solving PDEs -- geometry classes 
(documentation)
Changes:
 dune-geometry (2.6.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * d/control: now requires cmake >= 3.1
Checksums-Sha1:
 1763a7856c8d11dcd6095056b749c6fea6a063a5 2641 dune-geometry_2.6.0-1.dsc
 5174a28fbdd1c58029c5cf7c934885b0f9e7813f 714172 dune-geometry_2.6.0.orig.tar.gz
 abb66eedcf7f137bf2acbfdf267d413da47f6576 473 
dune-geometry_2.6.0.orig.tar.gz.asc
 6a4d03b42c675501610020412227d3d139edca65 3900 
dune-geometry_2.6.0-1.debian.tar.xz
Checksums-Sha256:
 f5ee193456e62782b975bb2599b1500a218dca3b83066cdbd3c7edfdd1f96d70 2641 
dune-geometry_2.6.0-1.dsc
 7661155a0be3d001db43c6d99f1ee1a04101bc3e666dade82a40a6ed65578a42 714172 
dune-geometry_2.6.0.orig.tar.gz
 23bf58104c2c26d88bbb6c7934720c033e36601cde4d49b7998194d615844fe7 473 
dune-geometry_2.6.0.orig.tar.gz.asc
 39faac406714f62c9ae9f106f498f2edf61ed5b1a8027dc7063ff3350e805feb 3900 
dune-geometry_2.6.0-1.debian.tar.xz
Files:
 dec79fed6bb81102e8ee9d953ec4789b 2641 libs optional dune-geometry_2.6.0-1.dsc
 51e531ca30e8ef9b5aa910552ee88310 714172 libs optional 
dune-geometry_2.6.0.orig.tar.gz
 7377167929f9942e054061332c5f817c 473 libs optional 
dune-geometry_2.6.0.orig.tar.gz.asc
 397a7cb77b06a73abd5e53b7cc5621d3 3900 libs optional 
dune-geometry_2.6.0-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlrCxBgSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiT/jsP/2jGHmxs+PDs9zHhkrQDwaw1RkNRUJor
yXwVVOccOrMfb868noj/pwYq57SO8DEJX/skw8aS+QumJaQ6PqiARFlPsYCSI0uD
KnuBDWbuCBFm1xFJFhXvktv6bMZSAJWbSEYqL4Tdeo6adnFAoeP7qb4rqQEd30b2
9UsIcv+c1L3Go+6+IWuWM0ngwIu0kznidUbxR2Gmws8vJWXtKCVNnqDfLAhPTY+/
VcVtO1MJrWOpzTIKzHa3zrwZIV0GeG2o5FyKDzOS0tDY8jLLtvtfDlimoCOGFQ9G
j1xHhZ7TEuAA/GyrWlKHsHwHDOdgak2lbNeZe/FC9Zbnt8acF4rkWHf6c6bjbgss
R1ClaPH/VNeLM8CmIlz7m4ynNovMW1tjn5xvJu1DfJ5f2YL8JNgiN3TGUm+ZXn69
fLcqbTcwRdkDe6ohCUHzZrzNBeqsIP7wOwd+RHsFlHHKGH/4Szqg45Hpse5aVArO
dGJsfeJPkLsnvtcYcRIJdukhnLFCJqcAiuMT/ODOljKIy2hhKTnCX7MIdkENwwWT
qLE/AxYhL6yDwgVrETRt80F00Gr1xi16ScDvBa1HzpacUid61lsU5Xo/Z7aFgtyP
qRhSeDUcsyyp98Ou1aIWolNMwuvcsmPEeWrcJ8PfHiWFQMeQ0PVI+6JSchyjxsrT
77lt2FPd/tFP
=fAPu
-END PGP SIGNATURE-

Accepted dune-istl 2.6.0-1 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 03 Apr 2018 00:31:44 +0200
Source: dune-istl
Binary: libdune-istl-dev libdune-istl-doc
Architecture: source
Version: 2.6.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-istl-dev - toolbox for solving PDEs -- iterative solvers (development 
files)
 libdune-istl-doc - toolbox for solving PDEs -- iterative solvers 
(documentation)
Changes:
 dune-istl (2.6.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * d/control: now requires cmake >= 3.1
Checksums-Sha1:
 9619e1bc28ae905e36cffcc7b9c35cc68a266373 2599 dune-istl_2.6.0-1.dsc
 fa171918e3d67cd0c57377d6623eaaefe5f20d00 337200 dune-istl_2.6.0.orig.tar.gz
 8bd945f2278cd9b6fdbb222f9866b59452c37c0e 473 dune-istl_2.6.0.orig.tar.gz.asc
 a30b08b79fcfd6df03dd6a0e7865dc143ce3439b 3672 dune-istl_2.6.0-1.debian.tar.xz
Checksums-Sha256:
 d3c468f6370caaf9318380985f5b98d41c4520f5200a0832387517623de5aa43 2599 
dune-istl_2.6.0-1.dsc
 5ce06fc396624f654c3f34e333fd5900e992c4596b3230abe68617ed77f64f50 337200 
dune-istl_2.6.0.orig.tar.gz
 0fabb139606e1ec5341ee17315331e2d2d547cf1c2c5e56076adfd4bde7b19ef 473 
dune-istl_2.6.0.orig.tar.gz.asc
 93efba84234207999aa9c102574c5543e530472b8cbfe1cd0d55bb6fa0acc180 3672 
dune-istl_2.6.0-1.debian.tar.xz
Files:
 3f72410348717b29087d35f1a9cf7a95 2599 libs optional dune-istl_2.6.0-1.dsc
 b0e37fafc5de204d4750dad18f46dacd 337200 libs optional 
dune-istl_2.6.0.orig.tar.gz
 9c381b6dbfb8fbf0d071576c62cabc39 473 libs optional 
dune-istl_2.6.0.orig.tar.gz.asc
 4952fd6b90d022cf465924c07854a3cc 3672 libs optional 
dune-istl_2.6.0-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlrCxCcSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTz3IQALIORscHHWOfDiy6FS6jGtsz2zxEfL7x
p6X1u4sLocahaSguIVVWRNQ86/zF6+kCYRdbFdf05YHeX/APXXkVcZb387nZ07kv
CWlfXB1KN3I2tx4XyxH8YgD8vyUDW9XLIsGrHNEqk7rA6wjYalVrbEYoyXpErsCu
1cjnI8x2ku4+aZsSLr2YeL70E9qj/aglDGht3A7S6l0seRvLI23ACAfcvajQz2hB
M5BlQZGUe0VOgOdv/1jDcXkT3t+exqVjhqdDUx+V3VDr5KNgRqS5pzofCdfzWlMs
kerKZaW2Q+9EsatingRgQkIkT9lZKvGLVRgaTwbLPS9xbQ1f2/x1syEVFjFXS6Dm
rPtfKFJXkCwX7dwKdlDdTGXvEvEXjETV8Qb07p0zGzi8l+OUEOJp//j+Q30yjZvU
RRGD5HU1wWHICGFNaToim+9br4FNhF+oGFipRoipmTInFOq1mXVIDv8V96g9SpDX
8f3tOFOLZbKCT09ZUpiHeWRduaCCG0/6mhnOqsjWtZ5UBdexCKqIbN3AnmAjvOtX
9Eo661MGicbvFFeqhZsTT6xGJg9KybrPuOd7qU/gMY+6HJheIsOko5nicd9/8gPr
3JMKaIjQAWXvtLUnn7kNvAr81kxgIjBIFMe9popgBSHfWs9GwH1SCxaARE7c70Xu
yD2pCJMypdrn
=Tt8t
-END PGP SIGNATURE-

Accepted dune-common 2.6.0-1 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 03 Apr 2018 00:20:33 +0200
Source: dune-common
Binary: libdune-common-dev libdune-common-doc
Architecture: source
Version: 2.6.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-common-dev - toolbox for solving PDEs -- basic classes (development 
files)
 libdune-common-doc - toolbox for solving PDEs -- basic classes (documentation)
Changes:
 dune-common (2.6.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * d/control: now requires cmake >= 3.1
Checksums-Sha1:
 4ecde5a629cfbbe47e8600d30f3ab266e55b43a1 2584 dune-common_2.6.0-1.dsc
 fdded423b8c6c413df1c94af349458d6eb1150fe 472127 dune-common_2.6.0.orig.tar.gz
 4422262e833262707b976fad909b1d9feecfee57 473 dune-common_2.6.0.orig.tar.gz.asc
 eb3ada0c0c2fa6204a13de0d8d96ff11a6b9e3ee 8516 dune-common_2.6.0-1.debian.tar.xz
Checksums-Sha256:
 a50c67ae22f6c674798d130b6a8605a2456d2e890aeaf2b5637050682071dc8c 2584 
dune-common_2.6.0-1.dsc
 1c566abb509ffd29690055acb5a7a69e3eda3848c2171f7af75c1e8743663c05 472127 
dune-common_2.6.0.orig.tar.gz
 d1e7d9bb1661e72291694a29473c81cd8c82cccb845c873ffe387268b83d02fd 473 
dune-common_2.6.0.orig.tar.gz.asc
 5484779ec4990123c5a5f8eef570c258b25b68ef2a83f4cf985681de128043c7 8516 
dune-common_2.6.0-1.debian.tar.xz
Files:
 25860da7ed27ee90d4c2d5c16cd472a4 2584 libs optional dune-common_2.6.0-1.dsc
 fb21de7469a2c2cbff6ec7439891c7d6 472127 libs optional 
dune-common_2.6.0.orig.tar.gz
 c80a6a9fd53e5918a3fb7271f97896c2 473 libs optional 
dune-common_2.6.0.orig.tar.gz.asc
 33d61ef87493f7912bc0c3a350da084d 8516 libs optional 
dune-common_2.6.0-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlrCrwoSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTf28P/A4Tew2Xu2EesVYWcTK1WDlEnq4i7o9s
2u53/ZhkImjXrjAm/aOlXCytHdJ3dHNr50gwu/rWAZRnlmIfNtnSRCyp7TRayuRZ
on0sjE4mYLF4tzfaNs9IkkTk/I4P/n85qb1fVDwPduf95vfp20EvSTMkpCgkhYyE
iyj1H1YjYu4/s/IQcjoobg0uz6a8/Q/m2x0PMzIVMOstNVzeYJZOXU+S4ZAWck3Y
y3/1KdvgXqkpJFlOfrDC4SjReRv45qh7ikhgdaO23/u0ecEClEeVBo5EUwryGedF
4Teyt4JYZ7CPuePm700tWk7QJk+GrUn4JHWQFdpRZ3Cslio/eAwB4Ly3yj/yHTwy
KfLIf5XDRIFRWXU3VREAKZ77w0KJO4ybK74POTV8Ox0KxIiCQOHKvTcwzd4uZLqD
z41CH24I9E1jhJ6xjrltcR+a+HffdPX7B251IgqtDW5l60VOEUtBu+alrRyV3f+1
pkMvOoPycroVWPyU1uRFbD93IJc810fMQTtsy7ST40UWvMxGkGhBySAlUR++B4Qt
38Dqj7XZqy2LFsvxpi6kZzcHZtqmPu8vcmlZDUiv5iTf0r+GYlVVR0pWAW93d0mN
lvMZN4dKDgmXHeQS1I4Xz4svKKu6oxgwjYpy4ZVq6cevSmIpetR1QPOc1FRI7VGJ
MXmdwsXdGuLu
=vZez
-END PGP SIGNATURE-

Accepted dune-uggrid 2.5.1-2 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 27 Mar 2018 09:53:40 +0200
Source: dune-uggrid
Binary: libdune-uggrid-dev
Architecture: source
Version: 2.5.1-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-uggrid-dev - software framework for finite element methods 
(development files)
Closes: 891151
Changes:
 dune-uggrid (2.5.1-2) unstable; urgency=medium
 .
   * parallel/CMakeLists.txt: use `COMPILE_OPTIONS` instead of
 `COMPILE_DEFINITIONS`.  Fixes build failure with cmake 3.10.
 (Closes: #891151)
 + patch: 0001-cmake-Fix-compatibility-issue-with-CMake-3.10-leadig.patch
Checksums-Sha1:
 912758d2ba85f4885b5bad64628fb24dea1e270f 2196 dune-uggrid_2.5.1-2.dsc
 86dabfdb562f1714e9d08f5f205c487c648fba5a 3888 dune-uggrid_2.5.1-2.debian.tar.xz
Checksums-Sha256:
 57028803fa261ad45489d97d00e1e0a57c088d925989e01d1a4cf302aee383dd 2196 
dune-uggrid_2.5.1-2.dsc
 b3460db96a36826b374f7d9b1a69b14784a6e8b5a6ffb336e4498759805a542c 3888 
dune-uggrid_2.5.1-2.debian.tar.xz
Files:
 cab337f11f3e24d0b1686a73297da5a5 2196 libs optional dune-uggrid_2.5.1-2.dsc
 2df986e19b9c0bdef46ee6fa06b93978 3888 libs optional 
dune-uggrid_2.5.1-2.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlq5+oYSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTTpUQAIOm4/dmuFuLA7t7/G23kSi6S/TE795d
HjQwUgxFfs2DyMMUB4iR7yKDg06L5vUfKobLUULOObeEy/jtPtj+42jYwsO3K20w
7eNsmJm7txtL1yxZ9BRoE1/221GkKtEaLZ3Xd3DPSEmEcWodVhlKHglUhu9iFfzU
o7mb4PH/eVA638sQEH1BX2lvRpTigHmhM7vjl1L3++LS+8Noo1H9mOt+LBZTN2J6
CcICODZXzfVcWTyTTJvfDJNQQMzvfCwfDEHLX4Ln6gtw/oWhU1bTZdZ9NM8dO9a8
mGC5aYCDP/gOEiriYFM+DxRF2G+VkokJDEYhdzycQZm4onA5j6gqyAifCxFIjlv2
n9W2PopiWxefBvlz7dBtZ3d+RiCYkatxjY0TRt/MN0uF209r6FvrcUXpVsY6WbKC
aEi/w5sZI1kXful9js4pWy48d57D0ZgmBzCtiKbNpK/BCLFnkNXXfpOyoc10+UqN
a9xNvy3LbQryz9SuVj6gNjktxvt2Q9pLh6hDPJ3l5SkqTV5t8SGz6qZGtA7oAyhl
92KTzOVGWXYpQMJYbM9gZv3OXu0ZSo2kpuMExzjBrAM4YwsO9KHAQef6RI4osKma
mmEXroAKNZ7FbXKOuuM9nbzXYoEh28Ha+AEi+CkpfQKCsYX5IuSNzuG5Db8/qFmA
Sw3z1OURu9CV
=TMlt
-END PGP SIGNATURE-

Re: Removing packages perhaps too aggressively?

[Ansgar Burchardt]

peter green writes:
>> If you do reintroduce it, please note the extra steps (reopening bugs
>> in particular)
> On that note one thing that doesn't seem to be easy/well documented is
> how to go about finding the bugs that affected a package at the time
> of it's removal. If I go to the bugs page for the package and select
> "archived and unarchived" I see a bunch of resolved bugs but other
> than opening them up individually I don't see a good way to tell the
> difference between ones that were actually fixed and ones that were
> open at the time of the removal.

dak logs which bug reports is closed when a source package was removed:
see the "Also-Bugs" field in https://ftp-master.debian.org/removals.822
(for the current year; removals-.822 or removals-full.822 are also
available).

Note that sometimes[1] the bugs are not closed by dak and end up getting
closed in a different way.

Ansgar

  [1] IIRC when removing >1 source package at the same time

Re: Removing packages perhaps too aggressively?

[Ansgar Burchardt]

Andrej Shadura writes:
> On 01/02/18 09:40, Ansgar Burchardt wrote:
>> Andrej Shadura writes:
>>> On 31/01/18 21:01, Jeremy Bicha wrote:
>>>>> Here you go, there's #871004 for you. Missed jessie, stretch,
>>>>> not in testing, no uploads since the beginning of 2017.
>>>>
>>>> I don't think you'll get much sympathy for a package being removed
>>>> from unstable when it hasn't shipped with a Debian release since
>>>> Wheezy, and has continuously been out of Testing for 3.5 years.
>>>
>>> True, it hasn't. But if you look a little bit closer, you'll see both RC
>>> bugs it had were quite trivial to fix: two sourceless files (would be
>>> fixed by linking them to the packaged versions instead), and an failed
>>> attempt to download a build-dep (actually, fixed by an NMU while fixing
>>> another bug, just never marked as done).
>> 
>> So there was plenty of time to fix them.
>> 
>> Why would filing a third RC bug (the "proposed-RM") and waiting one
>> month more change anything?  Why would someone turn up to fix them now?
>
> Why not? I *was* already doing just that, but with an RM bug filed
> elsewhere, I was unable to know it's about to be removed. I would have
> reacted and closed it before the package's got removed.

Packages that have open RC bugs are always at risk to get removed
eventually.  That is why the bug is release critical.

Especially when there is no activity at all on the bugs for an extended
period of time (or no activity ever as was the case here).  And when
they already missed getting included in a stable release or two.

Ansgar

Re: Removing packages perhaps too aggressively?

[Ansgar Burchardt]

Andrej Shadura writes:
> On 31/01/18 21:01, Jeremy Bicha wrote:
>>> Here you go, there's #871004 for you. Missed jessie, stretch,
>>> not in testing, no uploads since the beginning of 2017.
>> 
>> I don't think you'll get much sympathy for a package being removed
>> from unstable when it hasn't shipped with a Debian release since
>> Wheezy, and has continuously been out of Testing for 3.5 years.
>
> True, it hasn't. But if you look a little bit closer, you'll see both RC
> bugs it had were quite trivial to fix: two sourceless files (would be
> fixed by linking them to the packaged versions instead), and an failed
> attempt to download a build-dep (actually, fixed by an NMU while fixing
> another bug, just never marked as done).

So there was plenty of time to fix them.

Why would filing a third RC bug (the "proposed-RM") and waiting one
month more change anything?  Why would someone turn up to fix them now?

Ansgar

Accepted dune-grid 2.6.0~rc1-1 (source) into experimental

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 08 Jan 2018 13:02:28 +0100
Source: dune-grid
Binary: libdune-grid-dev libdune-grid-doc
Architecture: source
Version: 2.6.0~rc1-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-grid-dev - toolbox for solving PDEs -- grid interface (development 
files)
 libdune-grid-doc - toolbox for solving PDEs -- grid interface (documentation)
Changes:
 dune-grid (2.6.0~rc1-1) experimental; urgency=medium
 .
   * New upstream release candidate.
   * add Build-Depends: python-vtk6 to enable additional tests
   * d/control: update Vcs-* fields for move to salsa.debian.org
   * Bumped Standards-Version to 4.1.3 (no changes).
Checksums-Sha1:
 59aa1ce35761de70664f37da85629c249693bffc 2451 dune-grid_2.6.0~rc1-1.dsc
 b3bd9506f5e0502e7a5ade2515814ed28099077b 2645176 
dune-grid_2.6.0~rc1.orig.tar.xz
 63a18ff9c20b5a98fafb038fdf41a026e3b5d718 6028 
dune-grid_2.6.0~rc1-1.debian.tar.xz
Checksums-Sha256:
 ef08e66867705c2418370b842446ec62b8bf7a928c50cdaf99f3848f1ec5dbbf 2451 
dune-grid_2.6.0~rc1-1.dsc
 cbf8f71516926cb40c1b857c9e174deeabf4ee012b35dc65af2183c5b5445b67 2645176 
dune-grid_2.6.0~rc1.orig.tar.xz
 2edc8e92b3847fe6cc7bd17d6c17929fa613f81c5ba6ee447ff90e5d3684e672 6028 
dune-grid_2.6.0~rc1-1.debian.tar.xz
Files:
 11cb8e9d11002484889f03ac85d85911 2451 libs optional dune-grid_2.6.0~rc1-1.dsc
 387062c1bb4f58dccd82a79cca15c1b9 2645176 libs optional 
dune-grid_2.6.0~rc1.orig.tar.xz
 37cf54c2c31dc2d79d7cdca054de03e4 6028 libs optional 
dune-grid_2.6.0~rc1-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlpTYbwSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTZn8P/ipD91WSPEku5k1ap4+cXkDUB106n93L
xfXE//iL1csHQVcPMgTl5QTkEHcceB/WSxRYzgK2cvfxAx+7cYiKXdKBiRVBvCUX
fFXdlZGF2+xLYmjJ2Ql2PxIE6tp4VrSHtLxsC44EQ/cxm3gajVeRoecSLTztFhcu
G45P+XfbMMzMT55/7XSaJwkzySLZpZNZJkDNsJ2l7bhcxW/G8ZLe+QH8c5+Jd6vm
bnrK2PiveUUGBS7eHihQUmrI/K1IFFDtMUgj7Mp1iJiE3HhMtVKngY8O8eZiSma3
SsoY/wEjh8EdkM0jG2M9VFplf6uDKT+ALHfsNHA6qM4LvbxLZphoe3uJ2BNPxihk
i+lvxaDNz3jlZMU844TrrNd0QEQjVuYKZnpmFO0BbI2OAe6ne+meoRVf7DwKd2iG
MCWDk1o2WTm7siPv8Ay2w9tyHDNaxbZyitQoSP97hveXexkWWAEMjPMTAoZu3zGm
NFE8YZPr9C/kFrlbrJ4wA9EltZuehTHeruvyDCr+hscyt7NxB/mlcHMMQjsnX8kv
9VVTlp7IlgoPRsfLaoaTLfvC2ezBaxOsXGo7ORCGTVlbclVXvVu4KTQiPRcLSuKb
v0JufEuubaupVWOdZeKl6y59AhD5WUiw5yqHXk7R/Kn/jAu1EvhQoFgU8tni5Eot
BCayjHeWrT2X
=Fxib
-END PGP SIGNATURE-

Accepted dune-uggrid 2.6~20180108-1 (source) into experimental

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 08 Jan 2018 11:41:48 +0100
Source: dune-uggrid
Binary: libdune-uggrid-dev
Architecture: source
Version: 2.6~20180108-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-uggrid-dev - software framework for finite element methods 
(development files)
Changes:
 dune-uggrid (2.6~20180108-1) experimental; urgency=medium
 .
   * New upstream snapshot (commit: b30bd26b596a7298f4c5d9fcdde4209f630483d4)
   * d/control: update Vcs-* fields for move to salsa.debian.org
   * Bumped Standards-Version to 4.1.3.
Checksums-Sha1:
 662766d09f58584d10003347aad488892d8f129d 2210 dune-uggrid_2.6~20180108-1.dsc
 331c461955fff39987cd5ae46df3f07ae2281dd0 536700 
dune-uggrid_2.6~20180108.orig.tar.xz
 a7ae21ea59cbb28e370775b498746e8382dd 2880 
dune-uggrid_2.6~20180108-1.debian.tar.xz
Checksums-Sha256:
 40a0085328a8bede47c827ef2b52f3ef516bb31a15d71d04a39a474513ec5bbe 2210 
dune-uggrid_2.6~20180108-1.dsc
 5b6f8d39c96b11ac1e24ed380e0442953667dc7bd8b76ce3abac73c14d894cb2 536700 
dune-uggrid_2.6~20180108.orig.tar.xz
 05dd83e4d02e9c9af0b71200cd66d2170406523a5281bd8193ad7a52d6d7a36e 2880 
dune-uggrid_2.6~20180108-1.debian.tar.xz
Files:
 c8388583600eff5d68f8ad10d123e8fe 2210 libs optional 
dune-uggrid_2.6~20180108-1.dsc
 84dfa721a6eec9c3490eee1df70816e9 536700 libs optional 
dune-uggrid_2.6~20180108.orig.tar.xz
 c8cf057cdcf05ce6ab25772218afd68f 2880 libs optional 
dune-uggrid_2.6~20180108-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlpTS+wSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTAJAP/A7UPuWIQo/JtFyFQONgmNEQKmwof3fw
GReg3S8GhtofWM8lhUuaCJmueRA8F+naR2QoN3VKjdl5+yFq2Ld9FRBqLHxrVfjq
Z3rFw6+NgtuhmK7H63eY+7PsAtWFj01DeO9hgXaDKhNnPxyewTHP65/BnNNhLyeR
JIvff2cBQdz6DxxY0leL9mudXBphcDHaOl+t6pgRerYxNq0qbvKOqllwj9goFZa4
xvM4BWPn+6kvHnuxTuwgDndzyCygkq3fvma2e/0hkUPXnZQpfrFdThfRtM+pyzF+
g04xA/2q09I4GB2T6/6V94subUDFYe9+immcURe18lZiwhej2x4EZiFlfr2pZCbq
NrYiPj8vYajz58sVAy12LbOSFdviRKyrzA+5PTnQQtZPMJJySofdw+s759hCFe7T
XCh0Nn44+IBU308YYZIJKCDyXj1GwfV5pbeJ3Y0QMlvrtS2Cbh15bu/lkAzD2adj
Of9DG2rpvPOnkhKyeuBFSQOqIssaKIgfaEleHGrINoi9zKdM0Zmwr3bz/zVHVrfh
N3T70tFFGuoWatxk0FOBcOw0KrCoogBm8MBQFigsmeYY3OzCu8igwG97Zbn/MNIx
22m6ultdFusTby6OfYojGWN1scmZhVhwUvg1U2UgkuoiTWUcO74EHf3SoaaPenen
FwoBUjdgOTY4
=/nlL
-END PGP SIGNATURE-

Re: Bug#886238: Please introduce official nosystemd build profile

[Ansgar Burchardt]

Simon McVittie writes:
> On Sun, 07 Jan 2018 at 00:27:15 +0100, Ansgar Burchardt wrote:
>> sysvinit probably only stays in testing because systemd
>> depends on sysv-rc for compatability with LSB init scripts...
>
> I think it did during the default init system transition, but it doesn't
> any more.
>
> sysvinit-utils is still Essential: yes, because it contains binaries that
> were historically part of the Essential set; *that* keeps src:sysvinit
> in testing. There are plans to make sysvinit-utils non-Essential by
> moving pidof to a new Essential package built from src:procps (lots
> of packages blindly assume that pidof exists, so adding dependencies
> doesn't seem feasible) and adding dependencies for the few uses of the
> other sysvinit-utils binaries, which have been OK'd in principle by the
> maintainer of src:sysvinit, but haven't happened yet.

Oh, right, I somehow ended up thinking the LSB init script bits from
lsb-base were part of sysvinit, but they aren't.

> sysv-rc and initscripts are both present on about 72% of installations
> that report to popcon, even though systemd-sysv is present on about 78%
> of those installations and sysvinit-core is present on less than 2%.
> I don't know what's going on in the other 20% - surely they can't all
> be wheezy or older? Perhaps some of them are chroots or containers with
> no init system at all?

If you look at the version graph at https://popcon.debian.org (leaving
out intermediate versions):

1.28 (sarge)  : 16
1.41 (etch)   : 740
1.46 (lenny)  : 2442
1.49 (squeeze): 7912
1.56 (wheezy) : 27436

total submissions : 195697

This makes about 20% running wheezy or older releases.

Ansgar

Re: Bug#886238: Please introduce official nosystemd build profile

[Ansgar Burchardt]

Adam Borowski writes:
> On Sat, Jan 06, 2018 at 07:17:14PM +0100, Marco d'Itri wrote:
>> On Jan 06, Simon Richter  wrote:
>>
>> > As it is now, we have a lot of people who are maintaining their own
>> > packages outside of Debian. Can we get enough support to reintegrate
>> > both the people and the code?
>> I will ignore for the time being the reasons why these packages are 
>> outside of Debian, and focus on the obvious prerequisite.
>> As it is now, and as Simon is patiently trying to explain, sysvinit in 
>> Debian is basically unmaintained because no Debian developer cares 
>> enough about it.
>
> Ian Jackson and Benda Xu are nobodies?
> (Somehow Ian mistakenly versioned an upload as NMU.)

I think Marco wants to suggest that they don't seem to actively maintain
sysvinit and therefore the package is in practice unmaintained.

> I can't think of any pressing issue (#872039 has bogus severity), the
> package is mature, and any recent breakage happened due to systemd
> changes.

No maintainer has replied for almost half a year (when the bug was
filed)...  sysvinit probably only stays in testing because systemd
depends on sysv-rc for compatability with LSB init scripts...

> This is not to say all is fine -- the package really could take some extra
> work, but it is functional.

And the remaining packages of the sysvinit ecosystem are unmaintained
too, for example insserv (#834284) and startpar (#834283).  Or
systemd-shim if you want to consider desktop systems too.

Ansgar

Accepted dune-localfunctions 2.6.0~rc1-1 (source) into experimental

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 06 Jan 2018 20:43:33 +0100
Source: dune-localfunctions
Binary: libdune-localfunctions-dev libdune-localfunctions-doc
Architecture: source
Version: 2.6.0~rc1-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-localfunctions-dev - toolbox for solving PDEs -- local basis 
(development files)
 libdune-localfunctions-doc - toolbox for solving PDEs -- local basis 
(documentation)
Changes:
 dune-localfunctions (2.6.0~rc1-1) experimental; urgency=medium
 .
   * New upstream release candidate.
   * d/control: update Vcs-* fields for move to salsa.debian.org
   * Bumped Standards-Version to 4.1.3 (no changes).
Checksums-Sha1:
 6bb7527566d0c77c02be77820a8f7af60d173984 2795 
dune-localfunctions_2.6.0~rc1-1.dsc
 3a008adda8f7010490e99e22ce9ed31f969245d3 176631 
dune-localfunctions_2.6.0~rc1.orig.tar.gz
 a68fe2ba86e06cdd0ec75eabd238abe04ead1563 473 
dune-localfunctions_2.6.0~rc1.orig.tar.gz.asc
 6530c3fc398486f75bf8aa92ad06b35d168ec6a8 3560 
dune-localfunctions_2.6.0~rc1-1.debian.tar.xz
Checksums-Sha256:
 e6290a8427e2a78f83db2f456a214babb07234b9b0a18bfde2b84af756c70544 2795 
dune-localfunctions_2.6.0~rc1-1.dsc
 057e7fd3997c68762e2d44f828f9ea9bc9957b7c9253b0a8ced2963e26d3e39e 176631 
dune-localfunctions_2.6.0~rc1.orig.tar.gz
 782e77407dbae2c3248b43f3d40dc6272f7f296ad35f37493e1850eebb719ee6 473 
dune-localfunctions_2.6.0~rc1.orig.tar.gz.asc
 a2943e8a9c1bbb9a7d87ed21a4d832a741a766f17f1399ae41bb13eda470fa55 3560 
dune-localfunctions_2.6.0~rc1-1.debian.tar.xz
Files:
 b28dc6446956ce2949ab373ee0d8039b 2795 libs optional 
dune-localfunctions_2.6.0~rc1-1.dsc
 3eb3b4451c609a484fce031a43066b2a 176631 libs optional 
dune-localfunctions_2.6.0~rc1.orig.tar.gz
 3147147a6bac5104a3573c92e4a4d425 473 libs optional 
dune-localfunctions_2.6.0~rc1.orig.tar.gz.asc
 e55885cbc896b2ec8c22a9d7adfe8673 3560 libs optional 
dune-localfunctions_2.6.0~rc1-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlpRJ/QSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiToH8QAKWQwL3P+Uru9/Abbj9KspRXHGWH74Ew
A2iWi1dNevCsBKBLegcOPmY7+QsMlJt4M6ErzjF4Lc8koldAzTDxLiIYGJDJzl34
ukKDmg7iIiAQfwyRNQR7TgXCoDnugypCvg3EbVlisCcRBsiE0H4oKg1tKhfsPZ5m
xIWs4/yfl2BjI9c1+P6EvlhQ78cTWCIzqWajpjpzRCNz5sdI4RIzle+uggkCjiW9
ppJAwLgD+xFCkM8vl3haemNF6eABB6FMVmql+JQNxqofRVCTb/xVKp3jsmMabR55
nnpPx4PcfGNJVIizwdR0viy7loCNeLInai+2lSIYxo4dIQ5x7iinJndsVASQEMP2
lYXNObHOwLf3kHU9BWNFsuPQni3NMk8JXrL+auFTTkxNTWq+tknaH5+zecUpmrfB
sbDa1GjjwMiXBWxneNerepPp/ZRKNsuG0RFXt/tRnbrguzOr9xk4tcADv44wdD74
e8vyAKMdt2YdUmJvWCpeQW1YX0FCfu6qcPhfQsAJQtZ0sh/yhDYDL0f2mqeqloO/
1eUg3hN/FoG7iN+EUYp7FMgX/q1IMIZbJsgMHCSobJEqsEoooNoRLQ7uky1ZNUpe
UNBhnLfmW1EwxipL+H/6bkCwXAeq4PKFTLwQm6bS666jtAbEBzQ7YZu3kkCJURCq
BxXGk0gOlL3T
=kBxu
-END PGP SIGNATURE-

Accepted dune-geometry 2.6.0~rc1-1 (source) into experimental

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 06 Jan 2018 19:16:43 +0100
Source: dune-geometry
Binary: libdune-geometry-dev libdune-geometry-doc
Architecture: source
Version: 2.6.0~rc1-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-geometry-dev - toolbox for solving PDEs -- geometry classes 
(development files)
 libdune-geometry-doc - toolbox for solving PDEs -- geometry classes 
(documentation)
Changes:
 dune-geometry (2.6.0~rc1-1) experimental; urgency=medium
 .
   * New upstream release candidate.
   * add Build-Depends-Indep: texlive-latex-extra for type1cm.sty
   * add Build-Depends-Indep: inkscape for SVG to EPS conversion
   * d/control: update Vcs-* fields for move to salsa.debian.org
   * Bumped Standards-Version to 4.1.3 (no changes).
Checksums-Sha1:
 38249cba10b79250942f6b00e4ab11d7cc6cead8 2676 dune-geometry_2.6.0~rc1-1.dsc
 293e127483c884d77a7bc5b1012d4ae09b9a1293 714178 
dune-geometry_2.6.0~rc1.orig.tar.gz
 0471051770641d0586bc4b9cb4a49322173b9a2f 473 
dune-geometry_2.6.0~rc1.orig.tar.gz.asc
 e25e72287f23c098a6ac81990f73dc511b441ea4 3856 
dune-geometry_2.6.0~rc1-1.debian.tar.xz
Checksums-Sha256:
 0e007d0041cf625c76aae2ace3b816118ca5b00fcbac92165be64ef79f7020bc 2676 
dune-geometry_2.6.0~rc1-1.dsc
 a941d39f82ddee47e3516749a57c245829e19e04a1bd9dd055f655448b229fac 714178 
dune-geometry_2.6.0~rc1.orig.tar.gz
 1482770aba2812240115d843d8236a314d57bd05a70bddfd8b534d5090844259 473 
dune-geometry_2.6.0~rc1.orig.tar.gz.asc
 674298405ff15f960905eb8e5d11c49ee394aaafb06e821e76f8f3a6453f097c 3856 
dune-geometry_2.6.0~rc1-1.debian.tar.xz
Files:
 f4b25d0c3e4cf21c50c120d6332d3b4f 2676 libs optional 
dune-geometry_2.6.0~rc1-1.dsc
 901e37898c67fe3aa8e29adb632c64b2 714178 libs optional 
dune-geometry_2.6.0~rc1.orig.tar.gz
 967227c38c7c8ad0d6c570c9ff1b8af8 473 libs optional 
dune-geometry_2.6.0~rc1.orig.tar.gz.asc
 7bb04621c05e9c9f5f7969daa9c7e2c3 3856 libs optional 
dune-geometry_2.6.0~rc1-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlpRE+sSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTOg4P/3uxJHz7/eMb5TqzZRKr+YYnfCMaIJun
TfSraMpLzUxyzztCe2PpJRDncQiQLCZLV5FvmRHeAjWY0S2q4u0R29EyKnpT2ebt
7Xl8p4y82VNnCDs9R/AnYTCWwyIRxTnXQlWIhKDyjeZcuCR8TQLBt/+4K0E3rhEj
vu3hTqBWSwsGXLKtDeZGSmIKyXApIk20Xkzxp4SVVmf2xJfja1nOMi/UbgeJfcPE
DtMdiRhY7P/yStQpZ8nNhxEksS/kXXshQgv38DcBQS+686lF0perSqRknGm3EfFd
m8I6GzGWJjsYstIx+a5wcSq+rsxb13D1xwxexVzxngcvqA0xrojUyOIbjmufM85e
/C3+9NOAXM2jLAeHts6YhtfbhmBeSGgwbuhk5Csppu176d+IUXA8X7ANTbFpV/4A
eoh6zgTm6UD+cLIgLB+ZYihst1EWEwAWUX1F7G6E+qDk4BQmbwzDXveIKCFVzO7i
tfxN7ozPJxPDE0VhvEODgbMmFlmk8l7ix0I7qb1St3eif1cIrkcgWsp2RwENTjhk
Y0rwQH7oO9jsIMgrUocdhkuRuj5Kz/Xfw9lNifDB0ojmWBwkMdg2NW6NAoxSbiXC
Q4yWejRGwmIihrXDxVnDzGFBMjW02B+v8Y5vnKzAO2lh1jImdjeW5Ew9/erjCM5j
RDa3YFanmmnv
=Wzl1
-END PGP SIGNATURE-

Accepted dune-istl 2.6.0~rc1-1 (source) into experimental

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 06 Jan 2018 19:12:54 +0100
Source: dune-istl
Binary: libdune-istl-dev libdune-istl-doc
Architecture: source
Version: 2.6.0~rc1-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-istl-dev - toolbox for solving PDEs -- iterative solvers (development 
files)
 libdune-istl-doc - toolbox for solving PDEs -- iterative solvers 
(documentation)
Changes:
 dune-istl (2.6.0~rc1-1) experimental; urgency=medium
 .
   * New upstream release candidate.
   * add (Build-)Depends: libsuperlu-dev
   * d/control: update Vcs-* fields for move to salsa.debian.org
   * Bumped Standards-Version to 4.1.3 (no changes).
Checksums-Sha1:
 7ba8b3542dbc121607f74b654bf241a133bf3f54 2634 dune-istl_2.6.0~rc1-1.dsc
 015c8bdfe99a9a67fa5a17fe49b4375dd1544eae 336655 dune-istl_2.6.0~rc1.orig.tar.gz
 fccf5fa8ceeb9a032d88089effac4e1f18f7b49e 473 
dune-istl_2.6.0~rc1.orig.tar.gz.asc
 67f3c10d3f71b1a1a5d7acb74dc48bf83f99751f 3624 
dune-istl_2.6.0~rc1-1.debian.tar.xz
Checksums-Sha256:
 218929813ba2931167cbdabeb669335586e9ddd977bdf3878f3afeb53776ff8f 2634 
dune-istl_2.6.0~rc1-1.dsc
 bda5eb6682474e37982f179a4fa893ccf0891043b6294212f4c2d4d4b1ac2ef0 336655 
dune-istl_2.6.0~rc1.orig.tar.gz
 7ee14e59cb0f01f13d4b49c5a36c60088d0ef4a4528c53684f481b4ca1c460cc 473 
dune-istl_2.6.0~rc1.orig.tar.gz.asc
 8e22f276e9e3c9641dab87780bd84e892fb42a787bde63b490da7cbdcb65e866 3624 
dune-istl_2.6.0~rc1-1.debian.tar.xz
Files:
 349a4e0a7255a424f08157a90be417ad 2634 libs optional dune-istl_2.6.0~rc1-1.dsc
 746f188376e7d123fe185ac079790e5d 336655 libs optional 
dune-istl_2.6.0~rc1.orig.tar.gz
 d5f41d64f845df71963518418af3f7a7 473 libs optional 
dune-istl_2.6.0~rc1.orig.tar.gz.asc
 e2a4a8ec0b98cb68b03ed1c9e29d22f4 3624 libs optional 
dune-istl_2.6.0~rc1-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlpRFF0SHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTwjEQAIBsr+CHWbuNFgWQmrP32QbZr3jBla9y
Bv3xNC3ikCV+9m2ABZK+iLvSBwElR3Uew9uH4Ly9Rdeioy7hdKeZhgTBfPg+0ukS
37jetcRxqH86AoPrnbcisPvHb9PVnnODi6FqnfOnpWunvvSESLw5iaFBKRJ9GobA
RZsB3rplrZfjlEyZI1+XskHUZaNw7pzU/cCzo5XXtOBVeyuZdbFlleUGjM4Zaiqp
/ydNSo5wVWURECYXrGDp72/h8pEGhWtVxEHSG4uYtdWi/kQBejSrXC/v90fRVAIH
JzpuaTh/iJi8V59lkL05BrdWQKEKfMzVG+gibZo3OVd91Xr4Z2MHE1FeTTJ8DMo1
UtspBqE5VbPYnmMpmesOjVmrbuFNUDVMA7zRTbElXeE9bIzPKbH95hvZ5zEj18PX
P04oq9qAwBiDWCk0j2JwRAAqm/taRcDahA6V3dovFfjc2JiyyvrITOh9CV7s8TWm
BKAFP3IRcT6PvzVJYVzEc8Cl3UY9fQCiRa6NzteXylOOgYHIuy/say7UhBswcWq0
965oMu103eqknKGOsUUsPBdNvs6A2t9UXyGVW9+4DHyXlyOtN29PAucV0owwQm4H
KYJJ2AJk+YANH8AHU3WeXceONqErO5HgC9Appk1NxB1xerxQ10Wk/qBG87GrMeId
NXIeeoLvp7wr
=MQ7h
-END PGP SIGNATURE-

Accepted dune-common 2.6.0~rc1-1 (source) into experimental

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 06 Jan 2018 15:50:50 +0100
Source: dune-common
Binary: libdune-common-dev libdune-common-doc
Architecture: source
Version: 2.6.0~rc1-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-common-dev - toolbox for solving PDEs -- basic classes (development 
files)
 libdune-common-doc - toolbox for solving PDEs -- basic classes (documentation)
Changes:
 dune-common (2.6.0~rc1-1) experimental; urgency=medium
 .
   * New upstream release candidate.
   * d/control: update Vcs-* fields for move to salsa.debian.org
   * Bumped Standards-Version to 4.1.3 (no changes).
Checksums-Sha1:
 2160935c2b3a44b317e0644b0bc96fa0d5e286d7 2615 dune-common_2.6.0~rc1-1.dsc
 712dff6beb62e795aeab449b3de5010a604ab629 471876 
dune-common_2.6.0~rc1.orig.tar.gz
 47100eda879cc311a942eafab2f7a89cd9b7fabe 473 
dune-common_2.6.0~rc1.orig.tar.gz.asc
 12de84ee1a8dc0b518723e73b0b4f15996053ff7 8468 
dune-common_2.6.0~rc1-1.debian.tar.xz
Checksums-Sha256:
 b2c205a84bbc91fed2b7c62c72a9110c1acdc4b1911672eb707ac0c3ce952336 2615 
dune-common_2.6.0~rc1-1.dsc
 67b2b136f6209d250c98beacf7ae629a50a4effc8e43be795c90acbae9c7c98c 471876 
dune-common_2.6.0~rc1.orig.tar.gz
 f2e602b73588e3db3c8f398e766ec8f358cab7fc8bfb5c9f2d04be5842142289 473 
dune-common_2.6.0~rc1.orig.tar.gz.asc
 c7c2810773986b3c017d7946edaf2dd3d2034b9850ba8594784f0c4211feb3c9 8468 
dune-common_2.6.0~rc1-1.debian.tar.xz
Files:
 4e152fd71a5061365308310f877f276c 2615 libs optional dune-common_2.6.0~rc1-1.dsc
 83c0bf8851f0e139c09310e877e069bd 471876 libs optional 
dune-common_2.6.0~rc1.orig.tar.gz
 1a94af53f3711ad343c02528f4eb1320 473 libs optional 
dune-common_2.6.0~rc1.orig.tar.gz.asc
 78fe95e2e6e6afc4bc6443e8925dc21c 8468 libs optional 
dune-common_2.6.0~rc1-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlpQ5MgSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTwPkP/j3CO5W88ovxV1AISbk8zNNVOoB8rlD1
Wa1LN8VJy/apbqGpRqYTDzdMMR1S3FYQGi+JDzrs3Z+1U3yY/xrXaaoghNx6XP0o
BO2EgoB6cJzBU8uEANqSa6uqX/nrn6Fn2GbMptf3bpebTvvvwgLF0a3+JcUOyyMQ
6saJOJu+cwXzszva8tgFhfqekIUWt5jaqjc5YDcCu53aLLChvXl4/XKiZbmh6u/Q
3jC1vHKlcU+kvnUiYRP8goOB1VCqANHgXpUIa4YJuXLnYLJ0yIS2PuJLBdSxufy5
7e0+nuNdPqmPCEC06xdlWiv1uz07YWXKXCGOTiVEWGT/bp1ADFnB4hTnbIZbVaH9
pcWjPQlgduhrgngZmhW586XbKRsOMxuD9ZY5dKrMubYxSdKXPhmG3TqA8ZNkTkiM
/CPq3QJYloLIxIkgkis++c8sV2UQ3qOJ7cqjmr4izT+KV2oCTpVNR9BLNMvTIOz7
D93nQ3F5yNsguiRFyK4oVdpI87sLK0peuEASf4cJkPo5QI0LmgVWDptvsqOi+Xte
ce5fSq1QOJqjoM3ySlJtKWC1ZGCRKvBdMlwelZXzRLyySoXZItLo2MR5sx7PJJMY
2jqhMrhmSA0du8/C+R2MnktJTgPnzTihIUgDehbTeqYYlV06zSpIHCeVK+XtLgi2
+ctNdj99QhoS
=slzS
-END PGP SIGNATURE-

Bug#886238: Please introduce official nosystemd build profile

[Ansgar Burchardt]

On Wed, 2018-01-03 at 14:26 +0100, Samuel Thibault wrote:
> > Do we really need systemd-less builds? I'm not convinced this is
> > something relevant to Debian.
> 
> Well, if Debian wants to remain relevant to downstreams, it'd be
> better to accomodate their needs.

I think there is only one distribution which wants builds without
libsystemd: the one that formed around MikeeUSA's call to action.

What does Debian gain from supporting a distribution whose developers
are unfriendly to Debian developers (accusing Debian to "vandalize"
open source by supporting systemd) and other people (calling a systemd
developer a cancer)?

Let me quote Devuan's IRC's infobot fact:

| 'sth is poettering' means it acts invasive, possessive, destructive,
| and generally in an egocentric exacerbating negative way. ``this
| cancer is extremely poettering'', [...]

I don't think we should waste time to accomodate the needs of such
people.

Ansgar

Accepted dune-common 2.6~20171122-1 (source) into experimental

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 22 Nov 2017 17:38:48 +0100
Source: dune-common
Binary: libdune-common-dev libdune-common-doc
Architecture: source
Version: 2.6~20171122-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-common-dev - toolbox for solving PDEs -- basic classes (development 
files)
 libdune-common-doc - toolbox for solving PDEs -- basic classes (documentation)
Changes:
 dune-common (2.6~20171122-1) experimental; urgency=medium
 .
   * New upstream snapshot (commit: 77b87e7c3931fc70f46be2e4cae7058127c92edf).
Checksums-Sha1:
 ed29db45ffd69bffef650908f724ff941957d38f 2407 dune-common_2.6~20171122-1.dsc
 b2be0107bb8dc9484c84956dad08bd3f5bacf44f 371172 
dune-common_2.6~20171122.orig.tar.xz
 ea64ce1fac0def12181e2f3afd612317e7ceb1dc 8420 
dune-common_2.6~20171122-1.debian.tar.xz
Checksums-Sha256:
 ff6eda6afc097f1e11c6372ad8f08363e2775335c0b83b8ac1690b4099360d0a 2407 
dune-common_2.6~20171122-1.dsc
 49b0458c58f16ec1b15950ccd901c0dd72270f658aafa720e5cf833df6e50209 371172 
dune-common_2.6~20171122.orig.tar.xz
 f1dfb7a98a80f26d63d169f9f00abfe7493494f32d5bab22b12401b791467e27 8420 
dune-common_2.6~20171122-1.debian.tar.xz
Files:
 1f4e3d401f9c33e9a9a47a57c5ac85ba 2407 libs optional 
dune-common_2.6~20171122-1.dsc
 201750ac7752190e9a9a7f0ca4ffbc4b 371172 libs optional 
dune-common_2.6~20171122.orig.tar.xz
 2559feb9e5b851d6328b178ae7afcbb5 8420 libs optional 
dune-common_2.6~20171122-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAloVqUsSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiT3LQP/iUPkeJNqjqIsfCrEKDVG/5nFoYegwCR
jCgioTUFdgY5xasD7LB8S41Lk+BxnTWsrCIUkbAoiXFsSIbPbd7LLoMkLYCGQ/5Z
mPtLC0m0NDGW70n5FQ6Q+Aewg6A4sWjD06ryVF/+997wYdYNnFbNf6pMMbI7q8MF
nQkiC87erJ9v6xe/eiuwvGUiJgeV4+fNj5Fr5grPGY+ISPy9MBEvmbyYA24P6X+5
EuydS1vRxdtbGPZcutPiN2EF1s0ll3yhjHnQqoGqgPSvcpejfZO7NVj5X3EHjarX
DAVAAtChPJKRz1nnMZwUoh7vxEAhaUIPG5n32ei4kxVuD3g59IHTht6Yixfa5g4Y
r/kNc3b3S4JHgwuwq8Hmff2IOfHqfWME+V9rVM1/c1k4KKJwL5ge4V3MuY/pJ5k6
ZsJBR+m6JB6vtC52HTIeBzMCwXUvFitn/zeF1BRjcGFPvYcIN3N3xWkkQKFY+CiA
AxvNqNlg79HM3cid2Q9Y1grcKCXUkF23ZdR9xXnvlnj+piFs2K289ytC+WgLWFzz
clj61ep+SH0boiV+uA9KJ9JOVR66q3sL+mVpfnbv0NLTdW1fFHALy336t9nGLx5w
rlU++I4HJ1WN/ank0/F0mZpoZYOajf5A6QlOw4fX4Z0mc3h+TaR9KjCSF/sloZEq
IXYvWigGprQq
=EFHD
-END PGP SIGNATURE-

Accepted dune-functions 2.6~20171031-1 (source) into experimental

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 21 Nov 2017 11:07:18 +0100
Source: dune-functions
Binary: libdune-functions-dev libdune-functions-doc
Architecture: source
Version: 2.6~20171031-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-functions-dev - toolbox for solving PDEs -- interface for functions 
(development
 libdune-functions-doc - toolbox for solving PDEs -- interface for functions 
(documentatio
Changes:
 dune-functions (2.6~20171031-1) experimental; urgency=medium
 .
   * New upstream snapshot.
   * d/control: add `Rules-Requires-Root: no`
   * libdune-functions-doc: add Built-Using: doxygen (for jquery.js)
   * Bumped Standards-Version to 4.1.1 (no changes).
Checksums-Sha1:
 981120ece0ebb9d8f7aac066813ea1eaa9a51d51 2552 dune-functions_2.6~20171031-1.dsc
 70a2d43e063d6b9516baecac4b696dfdad1f4ee0 262072 
dune-functions_2.6~20171031.orig.tar.xz
 5d1b89151c57e30564f099335e5b1699923bca0d 2884 
dune-functions_2.6~20171031-1.debian.tar.xz
Checksums-Sha256:
 9da0a788374e2942fc7fea6af6d804588028f6d8ade970fb542107b56d7494ae 2552 
dune-functions_2.6~20171031-1.dsc
 955a3cba6c9b50aec31d773765d5aa08289264772204e34c84463dae53d5354c 262072 
dune-functions_2.6~20171031.orig.tar.xz
 545eb03bc5842bd83f526e7412f9529d6e05c36dca977b6720488f57142e3a50 2884 
dune-functions_2.6~20171031-1.debian.tar.xz
Files:
 714516d5c08080dbc2ce5981d8e7f9ed 2552 libs optional 
dune-functions_2.6~20171031-1.dsc
 e204002a1bcd345753163f9d04a0751e 262072 libs optional 
dune-functions_2.6~20171031.orig.tar.xz
 d7f73a12ccdea38ebd698045857f13e7 2884 libs optional 
dune-functions_2.6~20171031-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAloT+/ASHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTGNAP/0N9sW1RpVZcXOM+TbjHKPJcCst5Q6lU
JBpANaB37XnLmmqlhYvUr9KQH1AZu2BADpqjehHhDslQrjqUDxZ7ZjxeBEI3q9Hi
sfAeoFJH9h8QU53p+nYEQrPflLMKvVJKxdHkrx6EcXH16zJzGYX7VUtvYZL4MaxK
Bf0kiZ+fJIo8s6rYHrS3leD4a6iJkHpXQug7ZLwJ+rFuX0+oM2lCFi0l/0IX++7/
fqvMVNcE6x6eVW9ID1AIfmH4zMcXy4jz7QWSCp8DNKml85lD86/2h4EUsYNy/L31
KC5kSOzZBePovGsOTDnPGEGuUHhNNAf05JRgpLka5dg5RcKqtKpgN6FcKezJn7WT
A2tP//E8adTN1CO/aPT7IxIrVvPZKKqUrf3EU3UF+6QzwKVf6VDEc3MUM3RG6kuo
G2ocKmFsGYoOby4i018bcN9k9huXAhDhNpBT9m8pWjssty5dJWgraceZZf4kJaC0
rJiJjuzPXarwn1eDiMlKAaVwqMcDjf8wm4MMJgBMB7QnTTI2ZQo3SxlG02EUBgNY
ssMstqv+dYjPEGk611HdDCnMisfKj8nU/n/n0gzsMRMCzY07mcSW7Mqb8+mjEheA
yQn4vl2fuUcA2wSbH6YJ2WRf0PPRHWuI7WNvXPk7HDzm9QkmXz5HB870j6jkJIvh
pEfPqU2LIeqA
=hiOl
-END PGP SIGNATURE-

Accepted dune-grid-glue 2.6~20171108-1 (source) into experimental

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 21 Nov 2017 11:06:25 +0100
Source: dune-grid-glue
Binary: libdune-grid-glue-dev libdune-grid-glue-doc
Architecture: source
Version: 2.6~20171108-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-grid-glue-dev - toolbox for solving PDEs -- compute couplings between 
grids (deve
 libdune-grid-glue-doc - toolbox for solving PDEs -- compute couplings between 
grids (docu
Changes:
 dune-grid-glue (2.6~20171108-1) experimental; urgency=medium
 .
   * New upstream snapshot (commit: dee66b1e106417199488c1231d5eb15b5ed4ff8b).
   * d/control: add `Rules-Requires-Root: no`
   * libdune-grid-glue-doc: add Built-Using: doxygen (for jquery.js)
   * Bumped Standards-Version to 4.1.1 (no changes).
Checksums-Sha1:
 6c99554462967fd1aa0803c67b0d5f2dca726ffb 2430 dune-grid-glue_2.6~20171108-1.dsc
 ce469dd21f011355113342ce323dd7bb7093451c 66656 
dune-grid-glue_2.6~20171108.orig.tar.xz
 0cbcc0b10181d50dde2cbac789bde1af1cfc8af8 3564 
dune-grid-glue_2.6~20171108-1.debian.tar.xz
Checksums-Sha256:
 feeba77f39b239ab67be5ff6c5972f4b08b4835eae4b71ae57224298aab85ab9 2430 
dune-grid-glue_2.6~20171108-1.dsc
 98ff2f41b0d5a64d6453353c5f0f407bbf1d508a755bd4482da166abe7065664 66656 
dune-grid-glue_2.6~20171108.orig.tar.xz
 5d27e82763fba6223b826e8da9799bba74fec45a33ae01e3a48133392586e970 3564 
dune-grid-glue_2.6~20171108-1.debian.tar.xz
Files:
 5fc4d864f3bc02e3e99e70b99a74d7f2 2430 libs optional 
dune-grid-glue_2.6~20171108-1.dsc
 9ee26bc93cb2bc287d2025554b367eda 66656 libs optional 
dune-grid-glue_2.6~20171108.orig.tar.xz
 0634077be0160661c38f63d85169e0c7 3564 libs optional 
dune-grid-glue_2.6~20171108-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAloT/NISHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTL+IP/0ZrtXIjeSfoWbQJgqKivtK2y36xNmsm
PmsqXfQRY/8j7963hE589Xs1YfxiHBWdEqAyD+L5S8k7/XHFLxqOLm5LwNfy/Iol
spofWkXNTWcPUW30dUqRtNJbkFHxXdyPiXTAn/oE9FIzBg0wphNYIQpqDRhiXgZF
/0LnAQvBpOqamBeOfoZBAouqdnQIXDYM04B97+wuwqCj5QVwDFCTORxvyBfEoNBp
pRdw18DljPiPWegx0gPmPHkxUnIZH/Dc9a7rRW0AI4wSkrvqtGD56YkXCBu/9MeG
mzeDk1u1JJqkPP8LngPTYXdfnMV6g7Hk+8f1PbFcVkXw2XwFg3UgbfvHnEgulL/S
veMnrJkOYXjH4R2kSkyeBQXSqECvJAjbmzOBUYqklH4UpdzzneEOUZWm6GUlTm1o
azKNTSq6QqrL3p2UOGTFsD9xIBvbYj0NcJEePFJUkF1O3oLtz9+9EZRx7rorbMBX
AH36eZX6fpnVzaHFsMOWgq47ccNVtDzf0+o0my/9fyr3PQVGojck1UmTGzq3WLSe
/Hu3y6zr6xsPG7ShrfSeiFli3C5T7sWQOXCPdNdBBi3lHzNKA7LfgjmpHLP/BLD7
3OqOiLwu8/wcbjG5nMC/0pIZH21HT4VL7dkZAQuIZAhb1tzhJTbtrY/ylE60+V6J
8gBzn2p+WtnI
=oj+n
-END PGP SIGNATURE-

Accepted dune-grid 2.6~20171113-1 (source) into experimental

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 21 Nov 2017 09:28:01 +0100
Source: dune-grid
Binary: libdune-grid-dev libdune-grid-doc
Architecture: source
Version: 2.6~20171113-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-grid-dev - toolbox for solving PDEs -- grid interface (development 
files)
 libdune-grid-doc - toolbox for solving PDEs -- grid interface (documentation)
Changes:
 dune-grid (2.6~20171113-1) experimental; urgency=medium
 .
   * New upstream snapshot.
   * d/control: add `Rules-Requires-Root: no`
   * libdune-grid-doc: add Built-Using: doxygen (for jquery.js)
   * Bumped Standards-Version to 4.1.1 (no changes).
Checksums-Sha1:
 26f344ba3d64ec57542c12c7c2d80e92a19c 2480 dune-grid_2.6~20171113-1.dsc
 109343c1cd30863f235d670a762a3394d0c22b97 2644928 
dune-grid_2.6~20171113.orig.tar.xz
 a9f69e2b0a6536f825243226e2b5320b29cc9090 5928 
dune-grid_2.6~20171113-1.debian.tar.xz
Checksums-Sha256:
 e2a393e664e160ba045c837a807ea0b86c894fc8d5eb350cd29a90ea4456f680 2480 
dune-grid_2.6~20171113-1.dsc
 41a51e87b2643599cf9967befbadf5eb1521c119e192598b06c5e16b620123df 2644928 
dune-grid_2.6~20171113.orig.tar.xz
 ad4f85f7bf218f803e52734b527afb0ac964ccfa54602b3a58253a53c1ba981f 5928 
dune-grid_2.6~20171113-1.debian.tar.xz
Files:
 9022d7f45d6dd6cab18e8661e500c8c0 2480 libs optional 
dune-grid_2.6~20171113-1.dsc
 9c89a40bd318f6e39c6b270e0a5c62c5 2644928 libs optional 
dune-grid_2.6~20171113.orig.tar.xz
 e536c23e3122fa6c3c8d749eae89c07e 5928 libs optional 
dune-grid_2.6~20171113-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAloT5jUSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTw2YQAIjzdvrToMirgSDjnyZCGriRUl80m5sE
HJwW5lGtFt0lMIIiZlnTHtKmWZEdEf20qRV4Vl0y+AM7O1KvMrEhtknSnv8vPIv5
oIv5SxR99Nxme8OIecIRn49pDFE1pPG26o9us50oD5jcZrjDf7wlUwrDLZe3iDNz
He+B4iwKz6YiE6N7deGUkraNHkUMdJWeUEPziLv69IUri5u0asAZieWudczW1voe
gbZOzahu0waDhyTWRO1llT/yhcgaol0CfUvtKzfUsU04cuB///CAnCqpC+GBH4bZ
1KZGoD3jFmhgnE93nyzajhEPID7/aE8Sz9xJ1R7pswY5qzY5IkrSpXTseHQ8Exlr
WU+gGRfA9Gm/pKk2j0LpJY0tZE8MsIb0m3HaeUt21Wfd5TjSv8tPz3AdKeUw5x7g
Zmo0b6Tb2jzrEpDfeR10qytye6vhm4rU/4oyMGvDcc5cxZ682fkvPh9HQ1H6B1de
9WujMvuR0gAp6oT3NV3I3q48XWPSYevLFW0GqMYysS2QpA+gbm3UZwA0/FJFWnN+
hmU1cJn10SU9aK4o41sMs4cHtl+sArUKd3S7Jy/ZoNFiCQy1XusiEh0ES1FMkBb0
3O8aEY+sh339h2S78C0EhmMoXnsIAY/xIxp6pjpXUvy9IQL0QtNbpx/2LCd++AWO
WXpOr+WRf+O8
=bCa/
-END PGP SIGNATURE-

Accepted dune-uggrid 2.6~20171120-1 (source) into experimental

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 20 Nov 2017 22:41:31 +0100
Source: dune-uggrid
Binary: libdune-uggrid-dev
Architecture: source
Version: 2.6~20171120-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-uggrid-dev - software framework for finite element methods 
(development files)
Changes:
 dune-uggrid (2.6~20171120-1) experimental; urgency=medium
 .
   * New upstream snapshot (commit: 233efec13770d21ed952438ae78c6e80fa9fff69)
   * Bumped Standards-Version to 4.1.1 (no changes).
Checksums-Sha1:
 4e14ff76643e0ec730fb68b73d4d2e6580120dca 2244 dune-uggrid_2.6~20171120-1.dsc
 725eeab1d724e03586f289b0b40c09f5be5a5693 536768 
dune-uggrid_2.6~20171120.orig.tar.xz
 8242f1e12e8e3cec4327e069f3b878aaf347fa2a 2800 
dune-uggrid_2.6~20171120-1.debian.tar.xz
Checksums-Sha256:
 35daf8dfec4bebb19fca64e27e3120ff4dfac019ffc0b3942e866374aec8a17b 2244 
dune-uggrid_2.6~20171120-1.dsc
 e6db147a0940862958ee94a69b6fd31bba51bb4c08e86874334d24ab04350b06 536768 
dune-uggrid_2.6~20171120.orig.tar.xz
 86f9d8b1f779c86cb5a0cf66fbe4e11b518f01254eb64fcc83c68a80c0bed001 2800 
dune-uggrid_2.6~20171120-1.debian.tar.xz
Files:
 8fba3a016ff6ba88a52383057e54d191 2244 libs optional 
dune-uggrid_2.6~20171120-1.dsc
 23a81fd7d3afb91192445d6922dca599 536768 libs optional 
dune-uggrid_2.6~20171120.orig.tar.xz
 f759ce12345ef7e96a6635c3e65915dc 2800 libs optional 
dune-uggrid_2.6~20171120-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAloTTrgSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTTIAP/RGr+YfiwSrWj0aKEYUAcGfO96C/xN+B
YnV0ZvdRqAcXcKWvMiUbGwC79azSAFK4FRftvIA5+JVgyX5RfOKvekyVhfDtk75O
rHhrY8iYrtA2en5FxBnb3wV2VM4S/fO3WsN9fezIbCYX8TZnIF3lA/fCqj4ADjtU
oow/PtzyORp9T66U/asJ8o2WKFDsHbdd2orEp7r6Uq+1F0smSAFJyk/QJ6ewZVAm
JRCAjsPXZSxPJcRjIiSNRzWZJa5gSDCrvQlPd/Ofgjd07x3HJll+iRFbstkJXHeG
uOZd5oPMwOl2n29go3YQOTUPr+ncarSDX5GijqWzWXOzGkWdqbEeudCuMRNJVUf+
Fl4QsahLg/iGqDOkuBt9K6/0QlQonu/d8VfzB0P2Qqq7kl8g3uhpNj9yUqptrBjW
dldntOLweIsy8g1W6LKuUMBla4mxxs1B1g0Y7to/+Jj/KVUMzLg9xaLCS/69k9sO
Ipx4hMyIczfZTOJju4cxv2NAmWTVD4hHOHL8LZ21fBY9E/n0Z4RzH4WA+6aN6QHS
J5jnf3dZlH2gxdgk1IY9zoJHuvHKiM/JTrxhQzFIvqNarRTtAxlXnrgxI8pIpAQ4
ghdTWkfxd6C0HvSsWTxvRl7bzOxZvPAR8kr/Akb4DVRCWh/AXVedpHHiPV3iTdYT
g5iPKXTz3Yk8
=zjXt
-END PGP SIGNATURE-

Accepted dune-istl 2.6~20171113-1 (source) into experimental

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 15 Nov 2017 09:18:33 +0100
Source: dune-istl
Binary: libdune-istl-dev libdune-istl-doc
Architecture: source
Version: 2.6~20171113-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-istl-dev - toolbox for solving PDEs -- iterative solvers (development 
files)
 libdune-istl-doc - toolbox for solving PDEs -- iterative solvers 
(documentation)
Changes:
 dune-istl (2.6~20171113-1) experimental; urgency=medium
 .
   * New upstream snapshot.
   * d/control: add `Rules-Requires-Root: no`
   * libdune-istl-doc: add Built-Using: doxygen (for jquery.js)
   * Bumped Standards-Version to 4.1.1 (no changes).
Checksums-Sha1:
 9ebbb85d2e09a850b5b5ec41bf20d2c25a4d2d7b 2411 dune-istl_2.6~20171113-1.dsc
 3992e06a528905c42d5f1c79ece63623a1ca5ff0 250980 
dune-istl_2.6~20171113.orig.tar.xz
 4a070818e215d155c7ef47b07adf81f15e0900d6 3564 
dune-istl_2.6~20171113-1.debian.tar.xz
Checksums-Sha256:
 f0d168611a17044fd6f6e4e7321096b586a82bebd5fade2cd9dfd97d26f646b5 2411 
dune-istl_2.6~20171113-1.dsc
 8b8df69ea711e7b4f8eb9cc39afa50d183150685f0cf3c4eef62540bdf63c8a0 250980 
dune-istl_2.6~20171113.orig.tar.xz
 30e4493e620ac051abdb37a92233188402622fd138ec2b79532f2aab3efa6b0b 3564 
dune-istl_2.6~20171113-1.debian.tar.xz
Files:
 8c1a10c0aea7d993ea2a4a24e7c6f808 2411 libs optional 
dune-istl_2.6~20171113-1.dsc
 5fecd6bae04a6fbbdddcf24646f9ac1a 250980 libs optional 
dune-istl_2.6~20171113.orig.tar.xz
 1f8077dadad7dafa2d6b0d263c99be88 3564 libs optional 
dune-istl_2.6~20171113-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAloL+9wSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTSZsP/AlDCDwcrDkPxTM7zptOiyJvJfgtrG3G
CTyvhZqCVA1C6sZXAT4cMq7aRIj2RSAKUlOGdgUgigyuT54lJ702zIsFZiyDypAN
VYou8qIYgRiaz7r5xn7oZFvOgf+yKIh/H+mRXx5BUsPidxf/SWqPCujvAbdyrSdW
hjzmk4QjxlubnNnP8iwnp/T1Z80LASkZti8HrWfuxsfGJMrsRihy8FZfVBgOgY+s
SiW0nlDI3z0Cx4hDIJVVwzpyHW0XzX4MVlp3R8iffTi4PogGijepwZh1NfjVa6Uu
jbhkzIqihdgtcNyqeFY6kiRI05hhaLVpZR8btKTL4+7748G/A6gHprgUqHRwLzD8
E5HNyvtbJ0gMlytYfufIfBF1zj34CKFtc36fMBLJMQFoNxK4cfeZtVd/wCykBq3w
ZzcOzrouuhfcue3KmIxf5Py1UvNC7U4aXarBbHxnMB+5nZpgsBzCq6stvMX0F79B
L+jXnujB3nhWOuI73FW37Zp8ZFBFEDvD+g9NHjynvyOdfm7X0pl/Aa8+VQg9qEjf
NN5TzE62N8Azz3pCxHHMocGTXQx3J435hpraBuhT/R6W4UoJDwGrHS3KozGBV7qm
91X0hmQ2qu8BmpBXJQ/v0O5ZS+xneIbOyToTDJ2tBzFZ4HmdFDreDvxKtCQdJRnb
Ohlxmlhqcsik
=3asY
-END PGP SIGNATURE-

Accepted dune-localfunctions 2.6~20171110-1 (source) into experimental

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 14 Nov 2017 19:30:00 +0100
Source: dune-localfunctions
Binary: libdune-localfunctions-dev libdune-localfunctions-doc
Architecture: source
Version: 2.6~20171110-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-localfunctions-dev - toolbox for solving PDEs -- local basis 
(development files)
 libdune-localfunctions-doc - toolbox for solving PDEs -- local basis 
(documentation)
Changes:
 dune-localfunctions (2.6~20171110-1) experimental; urgency=medium
 .
   * New upstream snapshot.
   * dune.module: revert version to 2.6-git
 + new patch: 0001-Revert-bump-version-to-2.7-git-ci-skip.patch
   * d/control: add `Rules-Requires-Root: no`
   * libdune-localfunctions-doc: add Built-Using: doxygen (for jquery.js)
   * Bumped Standards-Version to 4.1.1 (no changes).
Checksums-Sha1:
 7c35ca5b468b200854c01e73fca1b0657b3d22a4 2553 
dune-localfunctions_2.6~20171110-1.dsc
 b681c950f969ef24a48647e0e8ac11a3d5f72e62 132380 
dune-localfunctions_2.6~20171110.orig.tar.xz
 3b1ec849a3c6d074378da5b9d505d46532972dee 3948 
dune-localfunctions_2.6~20171110-1.debian.tar.xz
Checksums-Sha256:
 815097286261ee18d82c127e59cde0a439823d0e11366476280222a3cab3e530 2553 
dune-localfunctions_2.6~20171110-1.dsc
 2872c563eda6937cb340e9d301420001e0d75afe3b2c13bf2e5baee8eb3ac7cf 132380 
dune-localfunctions_2.6~20171110.orig.tar.xz
 d207f3ccfe9caa2615f94445f48e239a0a7b2fef6c5ed62d0e4731c4cd64e34a 3948 
dune-localfunctions_2.6~20171110-1.debian.tar.xz
Files:
 1ca418fc0652216e1aa4dc7514eb17d0 2553 libs optional 
dune-localfunctions_2.6~20171110-1.dsc
 e99a9f466d54bac4c79a42604ab60816 132380 libs optional 
dune-localfunctions_2.6~20171110.orig.tar.xz
 70acaaf279af34c7af5dcd7c7b4ea2fa 3948 libs optional 
dune-localfunctions_2.6~20171110-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAloLN68SHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiT6eMP/0q7IfktODBE0z8ynaAk1apXGAGkUKv2
fCEx855q4DlqvpmXuVRqgRg1sehnhu9S43L027EpiJPthZklXVJoHZyk3Ap7i7jz
T2zeCh7/viDXr6KL01VNbLehaPw6Zhh/WjCdIJi4dEv+6otLC7L0gY6ebpSFKUdb
QGUtL3/jiiC9YaUPJ87tAtxzwtgGmPalteFfKO2kHpUASLyUtBX2pP306rrCLRkK
9IuYD8z9+BmsZLC+6nSYOSdaMIY8CUvSpaPKGO7oqN/1mNNUKs1El6gCc6ctnzUm
1cfsUQwEgEZjOrfksO1oy7nYavyZxKzI6XfeEiwwuVEgRx+8NUVOv8ht2IZEF/Ot
sOwcQgdYHjfgibc0AprzoZkP1/jAk/HwOGG+UKPrkoz/Sd5PTQtdOk0SDUHvQuMN
Q/40twPIWG0B1nCQuOw/ke7fGnz/c5aa3Z2LYty9ng3tos842NyFeGBo7B5SLpJ/
IvO1gaD5S1qewl+t1xTIhhwkmXAxsokaaX79LsBbLShnt3/fMdOHbqSmaR7/dqwi
GkiteXGdb6ThW9xiWwYG37VwzbPkZR1fmOXObsQlKCSHQhZoRBZYJJpF/nVV/m2+
SiVHo+NOXWm4iHA7Es2V+FNSZ0IlHeToqCfe6aM/kkCP9N7ngFzm5J0l9CkJnmEU
ih8KZ+JARGyb
=J2o5
-END PGP SIGNATURE-

Accepted dune-geometry 2.6~20171113-1 (source) into experimental

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 14 Nov 2017 00:18:11 +0100
Source: dune-geometry
Binary: libdune-geometry-dev libdune-geometry-doc
Architecture: source
Version: 2.6~20171113-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-geometry-dev - toolbox for solving PDEs -- geometry classes 
(development files)
 libdune-geometry-doc - toolbox for solving PDEs -- geometry classes 
(documentation)
Changes:
 dune-geometry (2.6~20171113-1) experimental; urgency=medium
 .
   * New upstream snapshot.
   * d/control: add `Rules-Requires-Root: no`
   * libdune-geometry-doc: add Built-Using: doxygen (for jquery.js)
   * Bumped Standards-Version to 4.1.1 (no changes).
Checksums-Sha1:
 da6a979dc85081558cfa45277edf401f96aeab4e 2426 dune-geometry_2.6~20171113-1.dsc
 adc04dd4537cfd44b9401045f2c437704a31bec7 499796 
dune-geometry_2.6~20171113.orig.tar.xz
 de453fa0a6a74d4f3160a50b646d602b353253d4 3756 
dune-geometry_2.6~20171113-1.debian.tar.xz
Checksums-Sha256:
 281713016fd0986d204e294b4a207acf5c4c656b1cc9f46103a774159cd03ee3 2426 
dune-geometry_2.6~20171113-1.dsc
 367ff75668b0411f1148c9cd9fcc493a9ceb192dcaed5b49f4e5dea797ee3cad 499796 
dune-geometry_2.6~20171113.orig.tar.xz
 4b59483f95741d4db66d3ceb86f5c555f27234ad2a4274f14393ceeb4fe4dcf2 3756 
dune-geometry_2.6~20171113-1.debian.tar.xz
Files:
 2310cfc9251afd266b097c01e1b611ff 2426 libs optional 
dune-geometry_2.6~20171113-1.dsc
 1029c3e10dace67a0d6ad53697d9843f 499796 libs optional 
dune-geometry_2.6~20171113.orig.tar.xz
 b35c5d58edebed78d81eb944cb7537f8 3756 libs optional 
dune-geometry_2.6~20171113-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAloKproSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTozQQAKmrhlcFB5Q5/CW41J4YfOXNtU4ghhXL
5qnORTCZoY0vC6HwQMicuPWUaOHl6DP1Ci+AU0P2Wb2KlHr0iZ5m82Q/6us+lFIp
V5sgNpzYxYTdBtFS0os2r722nZJgaGFdqcZmdwODgSi0fnRiPoS2av9wdogNf3Ig
dQ2eRGqEnHXad5LbWyybKqO05jOvamub4+oKEptP4TtFcQV0XlNAgdv43345zypZ
zD2hpOKER0t2w5cLyEyNmjvP0K0WUqm4YKKZfCzhZuFstsxOO7BAgv407X7PV21+
u6tmv0qhVmWbaNj6bNsfXc6DF/MmLQUKxoL/mr6CvxK/X2YgCu6oUiA2M2htNYm6
6dKSye/5Se/AUYqvJjKnyP/45nwBX4e1jk21wcghZ5FsyxOdey1p91EUfdKkY063
bY825fA/WKqJRXVVwQT2poydsoqIpq3blNrm4vu6zGJiXMz8NrZwBfdaxwaLxR/d
UylVelK2WjLu2BLXhJNDZYlhVnSA0uMLu7GjzfhU6+XhJGrVR0hpkJWt5eXlYOoG
LS9m3wHP1wWOdVindhk1fF4m6PCf5EQRRzfeRSd33cYjjM6BE1DcyJ+F04DA3AsU
zoIAAQ3CPW/IeRi87VEsWDz8z3+SNguFaTba4T87J9eetWHt80/9NYHJ6oCugcMV
Sx9O+fC2OHbT
=P1VN
-END PGP SIGNATURE-

Accepted dune-typetree 2.6~20171113-1 (source) into experimental

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 14 Nov 2017 09:25:57 +0100
Source: dune-typetree
Binary: libdune-typetree-dev libdune-typetree-doc
Architecture: source
Version: 2.6~20171113-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-typetree-dev - toolbox for solving PDEs -- typed tree template library 
(developm
 libdune-typetree-doc - toolbox for solving PDEs -- typed tree template library 
(document
Changes:
 dune-typetree (2.6~20171113-1) experimental; urgency=medium
 .
   * New upstream snapshot.
   * libdune-typetree-doc: add Built-Using: doxygen (for jquery.js)
   * Bumped Standards-Version to 4.1.1 (no changes).
Checksums-Sha1:
 a3d917e864adbb3c928321a9d46ab9f9c978923b 2419 dune-typetree_2.6~20171113-1.dsc
 ed1fc7d1330f4fc66b4b55667c49dde72fc04893 52432 
dune-typetree_2.6~20171113.orig.tar.xz
 7a031ad786dbc269c9ef460d765f823dc71d1936 3392 
dune-typetree_2.6~20171113-1.debian.tar.xz
Checksums-Sha256:
 83fbc53e4f6328c4b56f6b881bd8d1c6f5ecb3d710a548c4e062fb15b878676a 2419 
dune-typetree_2.6~20171113-1.dsc
 40fbee65b26f094af03d60f9aba9f083c46edba7363dbfe30cbac4dce6b00f9b 52432 
dune-typetree_2.6~20171113.orig.tar.xz
 d1ab7d468d9de73cbcd47f59ddf3b01fa4e5b560a646b7ab45853cdebed4e324 3392 
dune-typetree_2.6~20171113-1.debian.tar.xz
Files:
 b335e74e735deb89055be16e24636c28 2419 libs optional 
dune-typetree_2.6~20171113-1.dsc
 517ba250e02cf1015d13cd7c6be97510 52432 libs optional 
dune-typetree_2.6~20171113.orig.tar.xz
 3b2c5bf05b2fc0ce3ff03363b5c88490 3392 libs optional 
dune-typetree_2.6~20171113-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAloKqWYSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTQJ8P/jNk8NSGfpzlpl5qT3/qpUe3mDdb0+De
mUQwbSb7DqWTu5eR+Sc0w2k9CA63FJtUnxRgsb/ZekXdOfRlT0vsMsIoi1yhT1vc
si9lSwI4BLRGQ45Hac8AMdjGqdxlMuIgo1M2Tin1C2f9sOra3oFdpPXBXPVHtvBM
dAIa0BnpP++uoXSA7wqB1AQYVKzbzNAoJ+HgpmF48MH3F6mjPAPZtxs+vG684WT4
273296WWzdoVHPjTo18gTpoZ3/ipl0fCi6zP+oBX7t0HI0Cl0sMIlzQxrVV3ljf7
PS2iFC7fUdrIJFWF9Gaz5sEO2xgHenErxFomoJ75y9WIPrDWKxsVOEt0WE+RgMGn
CvghSrCGq/2uHNuty6/KyYvCjUiiPNK9dHUxuSRYkew5MGNs03Ujjaacn/Niwg4I
p9K1pgmmBLywEKPhyQPKG2Ky3rs8ac9eC+Rn6AWeJcSxzbnuNoEUfWho0uq5DMSZ
RUkhipaszcLVc5n5BZuGYkehhKr12vupNnd0c5Gk7UH0OeROJ8ISD5Ie+Gx+D665
Zd+WAL43pDf3hL6kRdzkXSNKrVyewQih22muxZQYjHDwUk7ulGNYOGxCiVsE4b5/
G7TmqZWeRqvHLAQkGFYG0ZbDo7UXkKWerqM/mH8aYCEMYRgplm2lKyGovq8zg0cT
7A0E/7Cdg7wx
=R/W5
-END PGP SIGNATURE-

Accepted dune-common 2.6~20171113-2 (source) into experimental

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 14 Nov 2017 08:01:05 +0100
Source: dune-common
Binary: libdune-common-dev libdune-common-doc
Architecture: source
Version: 2.6~20171113-2
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-common-dev - toolbox for solving PDEs -- basic classes (development 
files)
 libdune-common-doc - toolbox for solving PDEs -- basic classes (documentation)
Changes:
 dune-common (2.6~20171113-2) experimental; urgency=medium
 .
   * arithmetictestsuite: quotient must be representable without error.
 This should correct the build failure on i386.
 + new patch: 0001-quotient-must-be-representable-without-error.patch
Checksums-Sha1:
 793c8f1551e076d8bdd4e6405f02ad0fc6a3d616 2407 dune-common_2.6~20171113-2.dsc
 de2a9b1a740cff75133942152fc5786067f34a00 8776 
dune-common_2.6~20171113-2.debian.tar.xz
Checksums-Sha256:
 0e2ce7276b9fc9e82046905585543fd26d46df9d4de52be2df344123d6143cab 2407 
dune-common_2.6~20171113-2.dsc
 3fb5b13b3a058c0b3137cb00d2ca4aa5ad9e69305f06552df9ae91f62ab59001 8776 
dune-common_2.6~20171113-2.debian.tar.xz
Files:
 f0cfaa442281c854e3d2ef308915eb9a 2407 libs optional 
dune-common_2.6~20171113-2.dsc
 200592295dc92ff9257b65635d1ef3ad 8776 libs optional 
dune-common_2.6~20171113-2.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAloKlhwSHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTey8P/iCXusRUqSstHpuVeycnrIwGJ223DbaH
hoRrK3b5n5JZld1nT2b9eSuIB3+JhzvKkzInAMV+yU+thbs2gvXremAoO6mimSd+
4xZ/LmKoUQK0EWJu4tJ0cFyYsDgUoslLv+m7PIoeUWSOBhVnhHP54Io0Suf/QS2b
HOk2NnFEWj/IzWEJ/NCi/i1VUTsgr/XY49zAJSo8S4BdsxdOVU1yQVR9emY91mAB
4T8a7u9X4chW0bEUd9NRD3NqEOq0okgDM/UCXP8F0DBRtq9ZzQ9cRL7lPmYb4vD8
6U5q7LRxJrwBopdQnB8xB3kaiBaPn2upPWhnM8SfkZjgve1ahzFh5YXe0SL0ct5b
xhHyMlDurN9TnGv/eCAi4oh6obs8M3jVxrIi0jlnPpx/s1Er2cxoHycmzlLfDo5x
lS35z1Es924Si47AYga2mOMX1vXVFh7zkFwIbntF+3irXuyQQSkYdJM1v/I8916w
wO8girxMoclUqWmkfNc5tf8GWy0NnEM2zw3+8aUgAAOZ/Jt1vREm6MQngLrz/5GM
4JNzb6mv00FoyhqjNF66YvVbRL624L1/V4SoIDOKS1VNYNcX/2RRVh4C1kyDistD
Y0Bq+lDcn9EIdROaIAaX1nFwLCFd6peomNOLKZZ2m44cZxM9pj/ejIsYQlrrR+Da
PNphHaknJIo9
=nwxl
-END PGP SIGNATURE-

Accepted dune-common 2.6~20171113-1 (source) into experimental

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 14 Nov 2017 00:12:14 +0100
Source: dune-common
Binary: libdune-common-dev libdune-common-doc
Architecture: source
Version: 2.6~20171113-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-common-dev - toolbox for solving PDEs -- basic classes (development 
files)
 libdune-common-doc - toolbox for solving PDEs -- basic classes (documentation)
Changes:
 dune-common (2.6~20171113-1) experimental; urgency=medium
 .
   * New upstream snapshot.
   * d/control: add `Rules-Requires-Root: no`
   * d/get-orig-source: no longer include Git commit id in snapshot versions
   * libdune-common-doc: add Built-Using: doxygen (for jquery.js).
   * Bumped Standards-Version to 4.1.1 (no changes).
Checksums-Sha1:
 fb512ae9bfab9fe904e96cfe3fda51cc22c4df6d 2407 dune-common_2.6~20171113-1.dsc
 2e5ce7e5f95e0931e8a2f4ffc47e970f241e35d9 371172 
dune-common_2.6~20171113.orig.tar.xz
 0a67b6956b8b8d6952bd9469fbfa0b38008a0f90 8264 
dune-common_2.6~20171113-1.debian.tar.xz
Checksums-Sha256:
 6b170e38cc87eea1fc625338c00e00d68000953489339e4d00dc897461221b92 2407 
dune-common_2.6~20171113-1.dsc
 21d242984d8f7bfd244daf9aac29fd4deaa46e057db9009bc8cfc698d9e38e28 371172 
dune-common_2.6~20171113.orig.tar.xz
 dec5a9b0986af8be3322610e4e03bbeb3cc0c090b42a552b306806e56314ce16 8264 
dune-common_2.6~20171113-1.debian.tar.xz
Files:
 5ecc96d0ebfd50a63a2ac0f7ade5c799 2407 libs optional 
dune-common_2.6~20171113-1.dsc
 2fbde38c6166e381b34f47b4d1c246f9 371172 libs optional 
dune-common_2.6~20171113.orig.tar.xz
 4ecd97de416a21bd68215b4f4ef64802 8264 libs optional 
dune-common_2.6~20171113-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAloKKB0SHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTrQgQAKrY/SWxErkWz7IvHyGxV+nqr/rXO9G/
VHlAnwepTx8m4xDoOykcTMxsLvDOYryf0iM8yW/av0AwMBncQM7b39XEpvJCtGMG
DxO+2+5cNn66g2e88DzkCi4nh5rnsFdRLnQwazcfafFANy0mfFw4eSaEPiiXEsLm
JRSpVA2WfSQeDIaNL/nsSDah+F63JEkgPm8uGJw892P6jcQoUt0vcoJpAK0ntO8D
rxDpi61LxA2EXIRGIZPRaFoLcoedwMjO2kLbWgajpD/ZZZyWVcCPE6xoCieoL5L3
on7i5pd+bAwoasivXcL4bAWl03zmdVyAniKnqtkRKI1S+tQcw/F2ZdynN441rDiH
mHvQVRl7o4cbYZoIwwFKlGBqs56rUpcHH1dc+DYVUYb6mE5ir9Ae+UtMIR+RWvpM
rSATYc/O1wtoQBL3vnATBsgXoBiPs7KdlPEcf7gpvUDpOHcqxhBQC6HAuky5EYeP
nrNuXzyLUR0nqIrQI63HUKGOGWqKzM/3CxmkHnmpCFgiWGm9lQYpGNDRXABTjpE8
ZfdQ3L4AKP0kW/E1LoxNhY2GrIWzyZm9nzC/LVufQSn18ykmVdpF99BS44O3XQWD
qR/O+3zW22p3yp97cyhad2AuIkWfLi68ROBpzs7F8hkUlPPh9HGGOJHRhn7tHO+P
iHOJL+S+Fjm5
=VjM4
-END PGP SIGNATURE-

Re: allowed uses of non-baseline CPU extensions

[Ansgar Burchardt]

On Mon, 2017-10-23 at 16:47 +0200, Adam Borowski wrote:
> On Mon, Oct 23, 2017 at 04:36:11PM +0200, Julian Andres Klode wrote:
> > sse2-support and other packages that fail to install can massively
> > screw up systems, potentially leaving dpkg in a state that people
> > cannot easily recover from - that is, apt-get install -f might not
> > be working at that point. We should not have such packages.
> 
> It cleanly aborts installation in preinst.
> 
> If there are any problems with that, they'd also apply to every other
> package with preinst that can possibly fail.

Anything with failing maintainer scripts is very much not nice,
especially for unexperienced users.

(One the reasons I don't like packages trying to be smart and configure
things, then break in the maintainer script. Dumb packages are more
friendly.)

Ansgar

Re: Mandates explicit -std=c++XY for c++ projects

[Ansgar Burchardt]

Mathieu Malaterre writes:
> With this mind I'd like to make mandatory the -std=c++XY flags when
> compiling either a c++ library or a stand-alone c++ program:
>
> 1. Either upstream define the explicit -std=c++XY flags by mean of its
> build system,
> 2. Or the package maintainers needs to explicit change the CXXFLAGS to
> pass the appropriate version of the c++ standard. In which case this
> should be documented in the README.Debian file.
> 3. As a fallback, dh should initialize the CXXFLAGS with -std=gnu++98

So if the upstream build system adds '-std=c++14' and CXXFLAGS is set to
'-std=gnu++98', one gets '-std=c++14 -std=gnu++98' and building the
package no longer works?  That doesn't sound good to me.

Why should CXXFLAGS be documented in README.Debian?  (Or in fact
anywhere outside of d/rules?)  They aren't interesting for users of the
package.

I also don't think we should default to an ancient C++ standard.  All
maintained software should hopefully work with C++11 or later by now...

Ansgar

Re: allowed uses of non-baseline CPU extensions

[Ansgar Burchardt]

On Thu, 2017-10-05 at 03:23 +0100, Ben Hutchings wrote:
> This should be unnecessary since gcc 6, as you can easily tell the
> compiler to generate and select between multiple versions of the
> functions.  See .

Having to identify interesting functions and add compiler-specific
definitions to them isn't that easy.  The real easy and lazy option
would be to have a compiler flag to enable it for entire translation
units (probably at the expense of binary size).

Ansgar

Re: Removal of upstart integration

[Ansgar Burchardt]

Ian Jackson writes:
> Alexandre Detiste writes ("Re: Removal of upstart integration"):
>> Please also sprinkle these maintainers scripts with some
>> 
>>   rmdir /etc/init  --ignore-fail-on-non-empty
>
> That should be
>
>   rmdir --ignore-fail-on-non-empty /etc/init
>
> in case an environment variable is set requesting traditional
> (non-GNU) positional option parsing.

While it doesn't hurt here, I think people are on their own if they set
POSIX_CORRECTLY or so (or include another incompatible `rmdir` in
$PATH).

Arguably `dpkg` could also run maintainer scripts in a more controlled
environment so less random variables affect the maintainer scripts.

Ansgar

Re: ftp master uploads disappearing?

[Ansgar Burchardt]

Hi,

Norbert Preining writes:
>> I now use dupload which does not have that kind of issues.
>
> Indeed, dupload worked right ahead. Thanks.

dput should also allow uploads via rsync-over-ssh (or scp or sftp) which
also allows resuming uploads.  The default dput.cf doesn't include it,
but I have

+---
| [rsync]
| method = rsync
| fqdn   = ssh.upload.debian.org
| incoming   = /srv/upload.debian.org/UploadQueue/
| allow_dcut = 1
+---

in my ~/.dput.cf.

There is also ssh.security.upload.debian.org for security uploads via
SSH, but dput doesn't handle that quite correct yet (it explicitly makes
uploads world-readable which shouldn't happen for security uploads).

Ansgar

Re: Whether remotely running software is considered "software" for Debian.

[Ansgar Burchardt]

"Dr. Bas Wijnen"  writes:
> Actually, that isn't so clear at all.  At least when it comes to current
> practice, I have yet to find any client for which nobody wrote a free server.
> People keep implying that we have many such clients currently in main, but I
> don't think we do.  So there is no clear current practice that can be used as
> an argument.

hplip ("server" runs on printers / multi function devices),
python-digitalocean, ruby-azure*, waagent, twittering-mode, smart cards
("server" runs on card), probably HBCI clients, python3-googleapi,
usbmuxd, python3-pyicloud, python-yowsup, youtube-dl,
libgfbgraph-0.2-dev, other proprietary web APIs, drivers for SATA disks
("server" runs on SDD/HDD), ...

Ansgar

Accepted dune-grid-glue 2.5.0-1 (source) into unstable

[Ansgar Burchardt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 29 Aug 2017 20:38:26 +0200
Source: dune-grid-glue
Binary: libdune-grid-glue-dev libdune-grid-glue-doc
Architecture: source
Version: 2.5.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ansgar Burchardt <ans...@debian.org>
Description:
 libdune-grid-glue-dev - toolbox for solving PDEs -- compute couplings between 
grids (deve
 libdune-grid-glue-doc - toolbox for solving PDEs -- compute couplings between 
grids (docu
Changes:
 dune-grid-glue (2.5.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * debian/copyright: Update for new upstream release.
   * Bumped Standards-Version to 4.1.0 (no changes).
Checksums-Sha1:
 213739f6c7c04cf92dedfabe16804b1c3b46bf56 2651 dune-grid-glue_2.5.0-1.dsc
 895e4a222ecf72e3ef1f1acbfe002e279204e36f 80949 dune-grid-glue_2.5.0.orig.tar.gz
 335197a362a47b4ba65a0d7a76f588c277528f58 1061 
dune-grid-glue_2.5.0.orig.tar.gz.asc
 d0ea5a78a3abdb866ec6dad4f6ffbcd0db1354a8 3412 
dune-grid-glue_2.5.0-1.debian.tar.xz
Checksums-Sha256:
 b5eeb8cc5b6eb893203bb1b3ccad5fd3f02d955633d36ff7b09fd0588c9528b5 2651 
dune-grid-glue_2.5.0-1.dsc
 e303f3242e2aea914e7a3902fad92818210a102438672d95a0b69debba30d408 80949 
dune-grid-glue_2.5.0.orig.tar.gz
 943d162686eaa0c34cbaf0bcf452dc92d644a756430c198e9e62a65782a720c4 1061 
dune-grid-glue_2.5.0.orig.tar.gz.asc
 bd04038ef0d6ae4d219f4217b6626122d51f7e64c8ac897a19385a54cca995c4 3412 
dune-grid-glue_2.5.0-1.debian.tar.xz
Files:
 8536f14bba0564d6ab82ee8334248070 2651 libs optional dune-grid-glue_2.5.0-1.dsc
 782820c487088d09c756464fe8889175 80949 libs optional 
dune-grid-glue_2.5.0.orig.tar.gz
 b67888452f1994b8f9a0bbe3a5d9d5ef 1061 libs optional 
dune-grid-glue_2.5.0.orig.tar.gz.asc
 093ec75ef9dc52c4bad15c75d9eebe1c 3412 libs optional 
dune-grid-glue_2.5.0-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAlmlwz4SHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTpgYQAJ06S021yTWv7hx12fjMttGCfOxe6YKQ
g6JL5VRxfgId3Gqj2v+ic/EvloGWQ8Sq6Q5hvB5Wv86CKp1vIc617dxEIYEblX9Y
t1wrSZaH9vswMJNlaJfad29wPB3XzuNuol/wawc8bb7UGy9U6kEI95LcCFX/np1F
8yYgn1Naw3RWL5DpUgjaG4Kpw+ZhwYlNYDkXuvA/Qo9Fw+l3UV+JWL8OBaWzTr0q
B+1MfIHxWa/p1Sf/vha/7GGSahF1JeTlCIZSfPKDXWmX4EtVbDMULkCbwdCMzLbZ
j/DHGJu2rcQYAvEXnZmepFVvZqjp8UGo85rE6JaTfa5maI5bE3vMGxPkD8tEgcRs
O0rtik4qItRBQBLUln6+iGQ/WF72H6xHDUos0nGDz/TqrL1MUSFowlXJsLR5RpVH
lQONAKqc5fpM7p98MZZ0dQ43U4Maa2E8bYSarayqGYSL2Ljkkr5JvByCYLmzqPyp
pHCRuhdx0wOC9EVU04ZyiMPy92VJFC+GWeNPhfRQR+RUO9e+gY6Qs59bMJET09Ik
jWgBWq9y/0lN6LX1H0QQINQlSbf3HFzse+YA4UyiVT1N23xXCGRsXl5L7+SwCVIe
oA8Y2TVts+sK5Crgnq0CDiP9IhEXuSm6gOFRZuuCPwEkZSoT4sRAHDrPYayoXUSh
H/8QeMcrgk0B
=jYDb
-END PGP SIGNATURE-