Re: [aur-general] TU resignation - Lukas Jirkovsky (stativ)
On 11 Oct 2019, at 6:32 pm +0200, Morten Linderud via aur-general wrote: > > So Long, and Thanks for All the Fish Thanks for your work all these years! > Added a list of packages maintained solely by stativ. Please adopt as people > see fit :) > λ ~ » /usr/share/archlinux/contrib/package/co-maintainers -m stativ > ttf-gentium Adopted. Cheers, Ivy
Re: [aur-general] TU resignation - Lukas Jirkovsky (stativ)
Lukas Jirkovsky via aur-general on Fri,
2019/10/11 18:06:
> Hello everyone,
>
> [snip]
>
> So Long, and Thanks for All the Fish,
> Lukas
Already said in private... Really sad to see you leave! And thanks a lot for
the work you've done.
As I knew before I've already rebuilt your packages. We can revoke your key's
signatures without breakage.
Just adopted rawtherapee, but I am not using this a lot. Who ever wants to is
free to co-maintain.
--
main(a){char*c=/*Schoene Gruesse */"B?IJj;MEH"
"CX:;",b;for(a/*Best regards my address:*/=0;b=c[a++];)
putchar(b-1/(/*Chriscc -ox -xc - && ./x*/b/42*2-3)*42);}
pgpZgClldq2IG.pgp
Description: OpenPGP digital signature
Re: [aur-general] TU resignation - Lukas Jirkovsky (stativ)
El viernes, 11 de octubre de 2019 18:32:33 (CEST), Morten Linderud via aur-general escribió: Added a list of packages maintained solely by stativ. Please adopt as people see fit :) Adopted the KDE stuff. Thanks for your work!
Re: [aur-general] TU resignation - Lukas Jirkovsky (stativ)
On Fri, Oct 11, 2019 at 06:06:31PM +0200, Lukas Jirkovsky via aur-general wrote: > Hello everyone, > > [SNIP] > > So Long, and Thanks for All the Fish, > Lukas > Hi Lukas, I don't think I ever had a chance to meet you, but I feel that parting ways amicably is a comendable decision, and one that's never easy to make. It's never easy to find a good line between what you *want* to do and what you have the *bandwidth* for. I've been there several times myself. Again, speaking for myself, if you ever want to engage with the community again, I'll be happy to hear from you. Thanks, -Santiago. signature.asc Description: PGP signature
Re: [aur-general] TU resignation - Lukas Jirkovsky (stativ)
On Fri, Oct 11, 2019 at 6:32 PM Morten Linderud via aur-general < aur-general@archlinux.org> wrote: > cdrtools > cuetools > Adopted. Cheers.
Re: [aur-general] TU resignation - Lukas Jirkovsky (stativ)
Le 11/10/2019 à 18:32, Morten Linderud via aur-general a écrit : > On Fri, Oct 11, 2019 at 06:06:31PM +0200, Lukas Jirkovsky via aur-general > wrote: >> The packages left that I'm still listed as a sole maintainer doesn't get >> updates too often and are fairly trivial to update. Though I guess some >> of them can be safely dropped without anyone noticing (I'm looking at >> you, gimp plugin packages). > > Added a list of packages maintained solely by stativ. Please adopt as people > see fit :) > > λ ~ » /usr/share/archlinux/contrib/package/co-maintainers -m stativ > kcm-wacomtablet > kgraphviewer Seems those two already have arojas as comaintainer. > klavaro I’ve took this one. >> So Long, and Thanks for All the Fish, > Thanks for all your work through the years Lukas! Same here, and happy to have comaintained embree with you all along. ;) Regards, Bruno/Archange signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU resignation - Lukas Jirkovsky (stativ)
On Fri, Oct 11, 2019 at 06:06:31PM +0200, Lukas Jirkovsky via aur-general wrote: > The packages left that I'm still listed as a sole maintainer doesn't get > updates too often and are fairly trivial to update. Though I guess some > of them can be safely dropped without anyone noticing (I'm looking at > you, gimp plugin packages). Added a list of packages maintained solely by stativ. Please adopt as people see fit :) λ ~ » /usr/share/archlinux/contrib/package/co-maintainers -m stativ diffuse ttf-gentium aide cdrtools cuetools gemrb gimp-plugin-fblur gimp-plugin-lqr gimp-plugin-wavelet-denoise gimp-refocus kcm-wacomtablet kgraphviewer klavaro krusader libiptcdata log4cpp rawtherapee soundkonverter > So Long, and Thanks for All the Fish, Thanks for all your work through the years Lukas! -- Morten Linderud PGP: 9C02FF419FECBE16 signature.asc Description: PGP signature
[aur-general] TU resignation - Lukas Jirkovsky (stativ)
Hello everyone, after much time I've finally came to admit to myself that I can no longer fulfill my duties as a trusted user the way Arch Linux deserves. While I still manage to update the packages I actively use, such as rawtherapee, I can no longer keep up with other packages and updates often come late. I've given up on other duties such as keeping AUR clean already. I'm very sorry for that, but time has come for me to pack. Arch Linux community is one of the best communities out there and it was a great pleasure to be part of the team. I still love Arch Linux very much and it's surely going to be my distro of choice for time to come. Lot of you were very helpful with keeping the more complicated packages up to date already. A stellar example is intellij-idea-community-edition, which is now thanks to Maxime built from sources. The packages left that I'm still listed as a sole maintainer doesn't get updates too often and are fairly trivial to update. Though I guess some of them can be safely dropped without anyone noticing (I'm looking at you, gimp plugin packages). So Long, and Thanks for All the Fish, Lukas signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU removal: Ray Rashif
On 2019-10-08 14:35:22 (+0200), David Runge wrote: > I would like to start the discussion period for a Trusted User removal > of Ray 'schiv' Rashif on the grounds of 'Special Removal of an > Inactive TU' [1]. Note, that this is separate from any motion in > regards to Ray's developer status. In accordance to the bylaws a vote has now been started: https://aur.archlinux.org/tu/?id=120 Best, David -- https://sleepmap.de signature.asc Description: PGP signature
Re: [aur-general] TU removal: Ray Rashif
Hey Giancarlo, On 2019-10-08 10:41:44 (-0300), Giancarlo Razzolini via aur-general wrote: > I believe that the discussion period for removal by inactivity is 3 > days, not 7. The voting period is 5 days. Correct, somehow I had the 'Removal of a TU' rules in mind when writing the mail. > Other than that, the current proposal is 119, but it has not ended > yet. True, I misinterpreted the 'Last vote' column. > If, during the discussion period, Ray ends up voting on that one, > we'll have to stop this process. How so? Not only are all three points matching, but also is voting (as far as I understand the bylaws) specifically excluded as required action (so we don't just have voters but no doers) in the first half of the statement. The first half of the statement is therefore true, no matter if Ray votes or not. Bests, David -- https://sleepmap.de signature.asc Description: PGP signature
Re: [aur-general] TU removal: Ray Rashif
Em outubro 8, 2019 9:35 David Runge escreveu: The voting procedure will commence after seven days of discussion period, in which Ray can state his case. I believe that the discussion period for removal by inactivity is 3 days, not 7. The voting period is 5 days. Other than that, the current proposal is 119, but it has not ended yet. If, during the discussion period, Ray ends up voting on that one, we'll have to stop this process. Regards, Giancarlo Razzolini pgpVf039owP1O.pgp Description: PGP signature
Re: [aur-general] TU removal: Ray Rashif
On 08.10.19 14:35, David Runge wrote: > Hi all, > > I would like to start the discussion period for a Trusted User removal > of Ray 'schiv' Rashif on the grounds of 'Special Removal of an Inactive > TU' [1]. Note, that this is separate from any motion in regards to Ray's > developer status. > > Currently Ray is the maintainer of 60 packages in [community] and > [extra], of which none are actively maintained by him (for years). > Ray's last action as a community member (in archweb) has been on > '2019-03-12 12:50'. > The account 'schivmeister' doesn't maintain any packages in the AUR and > the last login in aurweb was on '2019-03-12'. > However, the last counted Trusted User vote is number 117 (current vote: > 118). > > The voting procedure will commence after seven days of discussion > period, in which Ray can state his case. > > Bests, > David > > [1] > https://aur.archlinux.org/trusted-user/TUbylaws.html#_special_removal_of_an_inactive_tu > +1 signature.asc Description: OpenPGP digital signature
[aur-general] TU removal: Ray Rashif
Hi all, I would like to start the discussion period for a Trusted User removal of Ray 'schiv' Rashif on the grounds of 'Special Removal of an Inactive TU' [1]. Note, that this is separate from any motion in regards to Ray's developer status. Currently Ray is the maintainer of 60 packages in [community] and [extra], of which none are actively maintained by him (for years). Ray's last action as a community member (in archweb) has been on '2019-03-12 12:50'. The account 'schivmeister' doesn't maintain any packages in the AUR and the last login in aurweb was on '2019-03-12'. However, the last counted Trusted User vote is number 117 (current vote: 118). The voting procedure will commence after seven days of discussion period, in which Ray can state his case. Bests, David [1] https://aur.archlinux.org/trusted-user/TUbylaws.html#_special_removal_of_an_inactive_tu -- https://sleepmap.de signature.asc Description: PGP signature
Re: [aur-general] TU application: kpcyrd
On Mon, 2019-10-07 at 11:10 -0400, Eli Schwartz via aur-general wrote: > On 10/7/19 10:59 AM, Levente Polyak via aur-general wrote: > > On 10/4/19 9:29 PM, Santiago Torres-Arias via aur-general wrote: > > > Hi, > > > > > > It's been 15 days (and a couple of hours as I'm aware) since, so > > > the > > > vote starts now: > > > > > > https://aur.archlinux.org/tu/?id=119 > > > > > > > Reminder, only 4 days left (aur vote notifications seem to be > > broken > > right now). > > Nah, notifications only get sent once every 12 hours, and only for > votes > that are ending in the next 48 hours. > > It seems a bit overkill to send notifications every 12 hours for the > majority of the voting period (3 days in, 4 left to go?) Perhaps we could send a initial notification to everyone? Some people don't check the mailing lists that often. -- Filipe Laíns signature.asc Description: This is a digitally signed message part
Re: [aur-general] TU application: kpcyrd
On 10/7/19 10:59 AM, Levente Polyak via aur-general wrote: > On 10/4/19 9:29 PM, Santiago Torres-Arias via aur-general wrote: >> Hi, >> >> It's been 15 days (and a couple of hours as I'm aware) since, so the >> vote starts now: >> >> https://aur.archlinux.org/tu/?id=119 >> > > > Reminder, only 4 days left (aur vote notifications seem to be broken > right now). Nah, notifications only get sent once every 12 hours, and only for votes that are ending in the next 48 hours. It seems a bit overkill to send notifications every 12 hours for the majority of the voting period (3 days in, 4 left to go?) -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application: kpcyrd
On 10/4/19 9:29 PM, Santiago Torres-Arias via aur-general wrote: > Hi, > > It's been 15 days (and a couple of hours as I'm aware) since, so the > vote starts now: > > https://aur.archlinux.org/tu/?id=119 > Reminder, only 4 days left (aur vote notifications seem to be broken right now). cheers, Levente signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application: kpcyrd
Hi, It's been 15 days (and a couple of hours as I'm aware) since, so the vote starts now: https://aur.archlinux.org/tu/?id=119 Cheers! -Santiago On Fri, Sep 20, 2019 at 04:10:59PM -0400, Santiago Torres-Arias via aur-general wrote: > On Fri, Sep 20, 2019 at 08:09:31PM +, kpcyrd wrote: > > Hello, > > > > My name is kpcyrd and I'm applying to become a Trusted User with anthraxx', > > sangys and jelles sponsorship. > > I hereby confirm my sponsorship. I think kpcyrd is a very talented oss > developer, a great team player and an overall great addition to the TU > community. > > Let the discussion begin! > -Santiago. signature.asc Description: PGP signature
Re: [aur-general] TU application: Jonas Witschel (diabonas)
On 9/26/19 1:49 PM, Bruno Pagani via aur-general wrote: > Vote is now over too, and the results are in: > > Yes: 42 > No: 1 > Abstain: 8 > > So, with a participation of 91.07% that meets the quorum, I can now say > “Welcome in the team!”. > > You can now proceed with > https://wiki.archlinux.org/index.php/AUR_Trusted_User_Guidelines#TODO_list_for_new_Trusted_Users. Congratulations, and welcome! :) I've granted your bugtracker account the necessary permissions in the "Community Packages" and internal "Keyring" project, and there is now a Keyring ticket open for your key: https://bugs.archlinux.org/task/63926 (I have added you to the notifications for this ticket.) -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application: Jonas Witschel (diabonas)
Hi, On 2019-09-26 19:49, Bruno Pagani wrote: > Vote is now over too, and the results are in: > > Yes: 42 > No: 1 > Abstain: 8 > > So, with a participation of 91.07% that meets the quorum, I can now say > “Welcome in the team!”. thank you very much to my sponsors Bruno and Alad for their mentorship and to everybody for their warm welcome! I am excited to be part of the team :) Cheers, Jonas signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application: Jonas Witschel (diabonas)
On Thu, Sep 26, 2019 at 07:49:52PM +0200, Bruno Pagani via aur-general wrote: > Le 19/09/2019 à 19:51, Bruno Pagani a écrit : > > Le 05/09/2019 à 21:53, Bruno Pagani a écrit : > >> Hi there, > >> > >> On 05/09/2019 17:23, Jonas Witschel wrote: > >>> Hi all, > >>> > >>> my name is Jonas Witschel (online nick "diabonas" on the > >>> AUR/GitHub/GitLab/...) and I am applying as an Arch Linux Trusted User > >>> under the sponsorship of Bruno Pagani and Alad Wenter. > >> I hereby confirm my sponsorship of Jonas. :) > >> > >> […] > >> > >>> I am looking forward to working with you and welcome any questions and > >>> comments! > >> And I definitively look forward to working with you as part of our TU > >> team too! I wish you good luck with your application and hope you’ll > >> convince everyone just as Alad and I were. ;) > > This very intensive discussion period is now over, so ladies and > > gentlemen please cast your vote: > > > > https://aur.archlinux.org/tu/?id=118 > > > > Regards, > > Bruno/Archange > > Vote is now over too, and the results are in: > > Yes: 42 > No: 1 > Abstain: 8 > > So, with a participation of 91.07% that meets the quorum, I can now say > “Welcome in the team!”. And let it echo from here. Welcome to the team! I'm more than thrilled to collaborate on curating and improving the state of the TPM utility offering on community :) -Santiago signature.asc Description: PGP signature
Re: [aur-general] TU application: Jonas Witschel (diabonas)
> Vote is now over too, and the results are in: > > Yes: 42 > No: 1 > Abstain: 8 > > So, with a participation of 91.07% that meets the quorum, I can now say > “Welcome in the team!”. > > You can now proceed with > https://wiki.archlinux.org/index.php/AUR_Trusted_User_Guidelines#TODO_list_for_new_Trusted_Users. > > Congratulations, > Bruno > Hooray! Douglas Adams would be proud. ;) Alad signature.asc Description: PGP signature
Re: [aur-general] TU application: Jonas Witschel (diabonas)
Le 19/09/2019 à 19:51, Bruno Pagani a écrit : > Le 05/09/2019 à 21:53, Bruno Pagani a écrit : >> Hi there, >> >> On 05/09/2019 17:23, Jonas Witschel wrote: >>> Hi all, >>> >>> my name is Jonas Witschel (online nick "diabonas" on the >>> AUR/GitHub/GitLab/...) and I am applying as an Arch Linux Trusted User >>> under the sponsorship of Bruno Pagani and Alad Wenter. >> I hereby confirm my sponsorship of Jonas. :) >> >> […] >> >>> I am looking forward to working with you and welcome any questions and >>> comments! >> And I definitively look forward to working with you as part of our TU >> team too! I wish you good luck with your application and hope you’ll >> convince everyone just as Alad and I were. ;) > This very intensive discussion period is now over, so ladies and > gentlemen please cast your vote: > > https://aur.archlinux.org/tu/?id=118 > > Regards, > Bruno/Archange Vote is now over too, and the results are in: Yes: 42 No: 1 Abstain: 8 So, with a participation of 91.07% that meets the quorum, I can now say “Welcome in the team!”. You can now proceed with https://wiki.archlinux.org/index.php/AUR_Trusted_User_Guidelines#TODO_list_for_new_Trusted_Users. Congratulations, Bruno signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application: kpcyrd
On Wed, Sep 25, 2019 at 10:30:05PM +, kpcyrd wrote:
> On Fri, Sep 20, 2019 at 10:21:42PM -0400, Daniel M. Capella via aur-general
> wrote:
> > Package review:
> >
> > narnia, tr1pd{,-git}: Could use `--locked`?
> >
> > python-fints: Missing `--skip-build` in `package()`.
>
> Thanks, I've pushed updates for these a few days ago.
>
> > Only nit I have aside from those is you don't need to specify 755
> > permissions for `install` as that's the default. Something I learned
> > during my own Tu application process ^^.
>
> Interesting, didn't know that! I'm going to roll out fixes for that
> incrementally, thanks for pointing it out.
... but there's nothing wrong with keeping 755 either, as it makes
excplicitely clear to the reader which permissions are used for the
binary.
Alad
signature.asc
Description: PGP signature
Re: [aur-general] TU application: kpcyrd
On Fri, Sep 20, 2019 at 10:21:42PM -0400, Daniel M. Capella via aur-general
wrote:
> Package review:
>
> narnia, tr1pd{,-git}: Could use `--locked`?
>
> python-fints: Missing `--skip-build` in `package()`.
Thanks, I've pushed updates for these a few days ago.
> Only nit I have aside from those is you don't need to specify 755
> permissions for `install` as that's the default. Something I learned
> during my own Tu application process ^^.
Interesting, didn't know that! I'm going to roll out fixes for that
incrementally, thanks for pointing it out.
signature.asc
Description: PGP signature
Re: [aur-general] TU application: Jonas Witschel (diabonas)
Le 19/09/2019 à 19:51, Bruno Pagani a écrit : > Le 05/09/2019 à 21:53, Bruno Pagani a écrit : >> Hi there, >> >> On 05/09/2019 17:23, Jonas Witschel wrote: >>> Hi all, >>> >>> my name is Jonas Witschel (online nick "diabonas" on the >>> AUR/GitHub/GitLab/...) and I am applying as an Arch Linux Trusted User >>> under the sponsorship of Bruno Pagani and Alad Wenter. >> I hereby confirm my sponsorship of Jonas. :) >> >> […] >> >>> I am looking forward to working with you and welcome any questions and >>> comments! >> And I definitively look forward to working with you as part of our TU >> team too! I wish you good luck with your application and hope you’ll >> convince everyone just as Alad and I were. ;) > This very intensive discussion period is now over, so ladies and > gentlemen please cast your vote: > > https://aur.archlinux.org/tu/?id=118 > > Regards, > Bruno/Archange Kind reminder that there remains less than 48h to vote. One third of the TUs have not yet done so, which means we are currently just below quorum. Regards, Bruno signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application: kpcyrd
Quoting kpcyrd (2019-09-20 16:09:31)
> Hello,
>
> My name is kpcyrd and I'm applying to become a Trusted User with anthraxx',
> sangys and jelles sponsorship.
Glad to see you're finally applying.
Package review:
narnia, tr1pd{,-git}: Could use `--locked`?
python-fints: Missing `--skip-build` in `package()`.
Only nit I have aside from those is you don't need to specify 755
permissions for `install` as that's the default. Something I learned
during my own Tu application process ^^.
--
Best,
Daniel
signature.asc
Description: signature
Re: [aur-general] TU application: kpcyrd
Levente Polyak via aur-general writes: I'm hereby confirming my sponsorship. kpcyrd is a friend of mine in both, cyber- and meatspace. He is a very kind person and I like his way of thinking. His technical skills would be a great benefit for the TU community. Even though I'm not one of kpcyrd sponsors, I can vouch for him as well. Given that I've worked with him in the past. He's a very nice person to work with and quite technically skilled. Regards, Giancarlo Razzolini pgpfV42IlocC0.pgp Description: PGP signature
Re: [aur-general] TU application: kpcyrd
On 9/20/19 11:41 PM, kpcyrd wrote: > Oops, sending the application again, this time with a signature > attached. > > --- 8< --- > > Hello, > > My name is kpcyrd and I'm applying to become a Trusted User with anthraxx', > sangys and jelles sponsorship. > > I'm interested in rust, defensive programming and offensive security tooling. > Open source became an essential part of my life at some point and the idea of > contributing back to the community that gave me so much for free kept me > going the last few years. > > I worked as both a software and IT security engineer in the past and I > currently do a combination of both as a contractor. > > --- > > # How I started using linux > > - Started with linux by trying to remaster knoppix in 2010 for a while > - Wiped my laptop in 2011 and installed debian with no way of return since it > was my only computer at that time > - First successful Arch Linux install I did was by helping a friend in 2013 > - Eventually migrated to Arch Linux myself in 2015 due to anthraxx > - I currently run a combination of Arch Linux, debian and openbsd at home and > on servers > > # How I contributed to the opensource community in the past > > (somewhat chronological) > > - Too many pull requests (stopped counting a long time ago) > - Assisted debian-security with some issues (redis, mongodb and xul-ext-wot) > - Wrote some PKGBUILDs that got moved into community > - Revived http://tests.reproducible-builds.org/archlinux/ > - Packaged software for alpine, brew and openbsd > - Packaged about 1/3 of the rust packages in debian > - Co-authored the current reproducible builds rebuilder prototype with NYU > - Recently became a debian maintainer (while running Arch Linux) > > # AUR packages > > I maintain a few packages in the AUR, the most relevant that I would like to > maintain in community at some point are: > > - diesel_cli > - cargo-tree > - cargo-fuzz > - cargo-crev > - python-fints > - python-mt-940 > - python-sepaxml > > I'm also interested in co-maintaining reprotest and some of the packages > anthraxx currently maintains for me. > > # Community packages I wrote or contributed to > > - cjdns > - go-ipfs > - alacritty > - reprotest > - sniffglue > - badtouch > - rshijack > - sn0int > > # Upstream for the following packages in Arch Linux > > - sniffglue > - badtouch > - rshijack > - sn0int > > --- > > Thanks for taking the time reading this, > > kpcyrd > I'm hereby confirming my sponsorship. kpcyrd is a friend of mine in both, cyber- and meatspace. He is a very kind person and I like his way of thinking. His technical skills would be a great benefit for the TU community. cheers, Levente signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application: kpcyrd
Oops, sending the application again, this time with a signature attached. --- 8< --- Hello, My name is kpcyrd and I'm applying to become a Trusted User with anthraxx', sangys and jelles sponsorship. I'm interested in rust, defensive programming and offensive security tooling. Open source became an essential part of my life at some point and the idea of contributing back to the community that gave me so much for free kept me going the last few years. I worked as both a software and IT security engineer in the past and I currently do a combination of both as a contractor. --- # How I started using linux - Started with linux by trying to remaster knoppix in 2010 for a while - Wiped my laptop in 2011 and installed debian with no way of return since it was my only computer at that time - First successful Arch Linux install I did was by helping a friend in 2013 - Eventually migrated to Arch Linux myself in 2015 due to anthraxx - I currently run a combination of Arch Linux, debian and openbsd at home and on servers # How I contributed to the opensource community in the past (somewhat chronological) - Too many pull requests (stopped counting a long time ago) - Assisted debian-security with some issues (redis, mongodb and xul-ext-wot) - Wrote some PKGBUILDs that got moved into community - Revived http://tests.reproducible-builds.org/archlinux/ - Packaged software for alpine, brew and openbsd - Packaged about 1/3 of the rust packages in debian - Co-authored the current reproducible builds rebuilder prototype with NYU - Recently became a debian maintainer (while running Arch Linux) # AUR packages I maintain a few packages in the AUR, the most relevant that I would like to maintain in community at some point are: - diesel_cli - cargo-tree - cargo-fuzz - cargo-crev - python-fints - python-mt-940 - python-sepaxml I'm also interested in co-maintaining reprotest and some of the packages anthraxx currently maintains for me. # Community packages I wrote or contributed to - cjdns - go-ipfs - alacritty - reprotest - sniffglue - badtouch - rshijack - sn0int # Upstream for the following packages in Arch Linux - sniffglue - badtouch - rshijack - sn0int --- Thanks for taking the time reading this, kpcyrd signature.asc Description: PGP signature
Re: [aur-general] TU application: kpcyrd
Hy, Le 20/09/2019 à 22:09, kpcyrd a écrit : > Hello, > > My name is kpcyrd and I'm applying to become a Trusted User with anthraxx', > sangys and jelles sponsorship. Outside of any other consideration, your email should be PGP-signed. ;) Regards, Bruno signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application: kpcyrd
On 09/20/19 at 08:09pm, kpcyrd wrote: > Hello, > > My name is kpcyrd and I'm applying to become a Trusted User with anthraxx', > sangys and jelles sponsorship. > > I'm interested in rust, defensive programming and offensive security tooling. > Open source became an essential part of my life at some point and the idea of > contributing back to the community that gave me so much for free kept me > going the last few years. > > I worked as both a software and IT security engineer in the past and I > currently do a combination of both as a contractor. > > --- > > # How I started using linux > > - Started with linux by trying to remaster knoppix in 2010 for a while > - Wiped my laptop in 2011 and installed debian with no way of return since it > was my only computer at that time > - First successful Arch Linux install I did was by helping a friend in 2013 > - Eventually migrated to Arch Linux myself in 2015 due to anthraxx > - I currently run a combination of Arch Linux, debian and openbsd at home and > on servers > > # How I contributed to the opensource community in the past > > (somewhat chronological) > > - Too many pull requests (stopped counting a long time ago) > - Assisted debian-security with some issues (redis, mongodb and xul-ext-wot) > - Wrote some PKGBUILDs that got moved into community > - Revived http://tests.reproducible-builds.org/archlinux/ > - Packaged software for alpine, brew and openbsd > - Packaged about 1/3 of the rust packages in debian > - Co-authored the current reproducible builds rebuilder prototype with NYU > - Recently became a debian maintainer (while running Arch Linux) > > # AUR packages > > I maintain a few packages in the AUR, the most relevant that I would like to > maintain in community at some point are: > > - diesel_cli > - cargo-tree > - cargo-fuzz > - cargo-crev > - python-fints > - python-mt-940 > - python-sepaxml > > I'm also interested in co-maintaining reprotest and some of the packages > anthraxx currently maintains for me. > > # Community packages I wrote or contributed to > > - cjdns > - go-ipfs > - alacritty > - reprotest > - sniffglue > - badtouch > - rshijack > - sn0int > > # Upstream for the following packages in Arch Linux > > - sniffglue > - badtouch > - rshijack > - sn0int I confirm my sponsorship of kpcyrd! When the second confirmee appears the discussion period can begin! -- Jelle van der Waa signature.asc Description: PGP signature
Re: [aur-general] TU application: kpcyrd
On Fri, Sep 20, 2019 at 08:09:31PM +, kpcyrd wrote: > Hello, > > My name is kpcyrd and I'm applying to become a Trusted User with anthraxx', > sangys and jelles sponsorship. I hereby confirm my sponsorship. I think kpcyrd is a very talented oss developer, a great team player and an overall great addition to the TU community. Let the discussion begin! -Santiago. signature.asc Description: PGP signature
[aur-general] TU application: kpcyrd
Hello, My name is kpcyrd and I'm applying to become a Trusted User with anthraxx', sangys and jelles sponsorship. I'm interested in rust, defensive programming and offensive security tooling. Open source became an essential part of my life at some point and the idea of contributing back to the community that gave me so much for free kept me going the last few years. I worked as both a software and IT security engineer in the past and I currently do a combination of both as a contractor. --- # How I started using linux - Started with linux by trying to remaster knoppix in 2010 for a while - Wiped my laptop in 2011 and installed debian with no way of return since it was my only computer at that time - First successful Arch Linux install I did was by helping a friend in 2013 - Eventually migrated to Arch Linux myself in 2015 due to anthraxx - I currently run a combination of Arch Linux, debian and openbsd at home and on servers # How I contributed to the opensource community in the past (somewhat chronological) - Too many pull requests (stopped counting a long time ago) - Assisted debian-security with some issues (redis, mongodb and xul-ext-wot) - Wrote some PKGBUILDs that got moved into community - Revived http://tests.reproducible-builds.org/archlinux/ - Packaged software for alpine, brew and openbsd - Packaged about 1/3 of the rust packages in debian - Co-authored the current reproducible builds rebuilder prototype with NYU - Recently became a debian maintainer (while running Arch Linux) # AUR packages I maintain a few packages in the AUR, the most relevant that I would like to maintain in community at some point are: - diesel_cli - cargo-tree - cargo-fuzz - cargo-crev - python-fints - python-mt-940 - python-sepaxml I'm also interested in co-maintaining reprotest and some of the packages anthraxx currently maintains for me. # Community packages I wrote or contributed to - cjdns - go-ipfs - alacritty - reprotest - sniffglue - badtouch - rshijack - sn0int # Upstream for the following packages in Arch Linux - sniffglue - badtouch - rshijack - sn0int --- Thanks for taking the time reading this, kpcyrd
Re: [aur-general] TU application: Jonas Witschel (diabonas)
Le 05/09/2019 à 21:53, Bruno Pagani a écrit : > Hi there, > > On 05/09/2019 17:23, Jonas Witschel wrote: >> Hi all, >> >> my name is Jonas Witschel (online nick "diabonas" on the >> AUR/GitHub/GitLab/...) and I am applying as an Arch Linux Trusted User >> under the sponsorship of Bruno Pagani and Alad Wenter. > I hereby confirm my sponsorship of Jonas. :) > > […] > >> I am looking forward to working with you and welcome any questions and >> comments! > And I definitively look forward to working with you as part of our TU > team too! I wish you good luck with your application and hope you’ll > convince everyone just as Alad and I were. ;) This very intensive discussion period is now over, so ladies and gentlemen please cast your vote: https://aur.archlinux.org/tu/?id=118 Regards, Bruno/Archange signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU membership application
> > Well, I think it should be the other way around, you first mentor someone > > and look with them into their packages and then decided about sponsorship. > > That's your opinion, and here's mine: I don't think that's important. If a > candidate looks promising and there is an intention to both sponsor > (confirming by e-mail that the applicant is sponsored when they apply) and > an intention to mentor (at least look through the AUR packages and give > them helpful hints), I don't think the order matters, as long as everyone > is honest with each other and both things happens before the application is > sent. > > That's not what happened in this case, though, since the application was > sent before there were any mentoring. Through work, I've had the chance to train about ten employees and interns. I've also mentored two peers of mine. All of these people *looked* promising. They all either got through the job application process or struck me as someone I wanted to mentor. Furthermore, all of them professed a great interest in learning about QE, virtualization, software engineering, and whatever other topics were relevant to them. However, there have been a broad spectrum of outcomes. I'm going to be intentionally vague and say that some were brilliantly successful; others struggled but succeeded after *years* of intense efforts; others realized that they weren't actually that interested in the topic at hand, but only after investing much time and effort; and others failed due to incompetence and/or self-sabotage. Do I trust someone to be trustworthy and competent because they "[look] promising and there is an intention [...] to mentor"? Not at all. This is a comment on the sponsorship for this TU application, not a comment on this TU application itself (which has already been rescinded anyway).
Re: [aur-general] TU membership application
I'm reading carefully through the TU bylaws, and I think they need some clarifications: > The addition of a TU may occur at any time. > > In order to become a TU, one must first find two sponsoring TUs following the guidelines outlined below, and arrange privately with them > to announce their candidacy on the aur-general mailing list. Following the announcement, standard voting procedure commences with a > discussion period of 14 days, a quorum of 66%, and a voting period of 7 days. > > SVP( addition_of_TU, 14, 0.66, 7 ); > > If a candidate is rejected by SVP, they may not reapply to become a Trusted User for a period of three months. * It's unclear if the "arrange privately with them to announce their candidacy" part is a requirement or not, but it seems like it is. * It's unclear if "the announcement" starts when the candidate announces it, or when two TUs have confirmed the sponsorship. * It's unclear if "the announcement" is part of the "standard voting procedure", and/or if the confirmation of sponsorship is part of the "standard voting procedure". Since the announcement of the candidacy was done without it having been arranged privately (unless Sergej did this), I believe the current process is void (but possible to start again later: the addition of a TU may occur at any time). Best regards, Alexander F. Rødseth
Re: [aur-general] TU application: Jonas Witschel (diabonas)
On 9/5/19 5:29 PM, Alad Wenter via aur-general wrote: > On Thu, Sep 05, 2019 at 05:23:20PM +0200, Jonas Witschel wrote: >> Hi all, >> >> my name is Jonas Witschel (online nick "diabonas" on the >> AUR/GitHub/GitLab/...) and I am applying as an Arch Linux Trusted User >> under the sponsorship of Bruno Pagani and Alad Wenter. >> > I hereby confirm my sponsorship of Jonas. Best of luck with your > application! > > Alad Just to add some words beyond "I sponsor this candidate"... My first encounter with diabonas was when he fixed some broken behavior with aurutils [7, 8]. I got no github issue, but instead directly a PR to fix it. :) I also noticed his interest in WKD when he created a detailed table on the wiki [9] for every developer and TU key, with the corresponding bug report. When Bruno mentioned Jonas was interested in becoming TU, I was pleasantly surprised and looked at his various AUR packages. What I found most remarkable was the amount of insight found in these packages, e.g. the comments in tpm2-tss-git [10]. I thus asked to send in a draft of the application, found it good and gave my Stamp of Approval(TM). [7] https://github.com/AladW/aurutils/pull/493 [8] https://github.com/AladW/aurutils/pull/464 [9] https://wiki.archlinux.org/index.php/User:Diabonas/WKD_support_by_developer_key [10] https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=tpm2-tss-git#n45 Alad > >> A few words about myself: I am a math PhD student and long-time Linux >> user. I switched to Arch Linux around 2016 because I like the idea of a >> rolling release distribution that stays close to upstream, which is >> especially beneficial when doing software development. I got more >> actively involved in contributing to Arch when the previous AUR >> maintainer of the tpm2-software stack (tpm2-tss, tpm2-abrmd and >> tpm2-tools) orphaned these packages, so I took over maintenance until >> they were adopted to [community]. >> >> I am interested in many security-related thing such as Secure Boot, >> Trusted Platform Modules (TPMs), disk encryption, PGP, ... As such, I am >> a member of the tpm2-software organisation and a maintainer of tpm2-totp >> [1]. Recently I have been working on getting Web Key Directory support >> into pacman for fetching PGP keys independently of the key server >> network [2,3]. A repository of all my AUR packages can be found on >> Gitlab [4]. >> >> If I were accepted as a trusted user, I would take over maintenance of >> the tpm2-software stack from my sponsor Bruno Pagani. This makes sense >> since I am an upstream member of tpm2-software anyway and had been >> maintaining these packages until they were adopted to [community]. >> Another long-time goal as a trusted user would be getting out of the box >> Secure Boot support for the Arch Linux installation images [5,6]. >> >> Packages I would like to adopt from the AUR to [community] for starters are: >> >> - The rest of the tpm2-software stack: tpm2-tss-engine and tpm2-totp >> (when they have reached the 1% usage from pkgstats/10 votes on the AUR >> threshold), tpm2-pkcs11-git (as soon as it gets a release). >> - clevis and tang (and their dependencies jose, luksmeta) >> - sbupdate-git (I need to speak to upstream about making a release first) >> - paperkey >> - cryptomator >> - deheader >> - texworks >> - pdftk-java (an exact Java reimplementation of the very popular >> pdftk/pdftk-bin, which is hard to package since it relies on an outdated >> version of GCC) >> >> I am looking forward to working with you and welcome any questions and >> comments! >> >> Cheers, >> Jonas >> >> [1] https://github.com/tpm2-software/tpm2-totp >> [2] https://bugs.archlinux.org/task/63171 >> [3] https://lists.archlinux.org/pipermail/pacman-dev/2019-July/023493.html >> [4] https://gitlab.com/diabonas/aur-packages >> [5] https://bugs.archlinux.org/task/53864 >> [6] >> https://lists.archlinux.org/pipermail/arch-releng/2019-January/003891.html >> > > signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application: Jonas Witschel (diabonas)
Hi there, On 05/09/2019 17:23, Jonas Witschel wrote: > Hi all, > > my name is Jonas Witschel (online nick "diabonas" on the > AUR/GitHub/GitLab/...) and I am applying as an Arch Linux Trusted User > under the sponsorship of Bruno Pagani and Alad Wenter. I hereby confirm my sponsorship of Jonas. :) I have known him since I took over some tpm2 stuff into [community] as required dependencies for fwupd very early this year, and have ever since been amazed by his work. More on that below. ;) > […] > > I am interested in many security-related thing such as Secure Boot, > Trusted Platform Modules (TPMs), disk encryption, PGP, ... As such, I am > a member of the tpm2-software organisation and a maintainer of tpm2-totp > [1]. Recently I have been working on getting Web Key Directory support > into pacman for fetching PGP keys independently of the key server > network [2,3]. A repository of all my AUR packages can be found on > Gitlab [4]. I am really interested in Jonas work on security and TPM in particular, I think there is quite some space to be filled on boot security in our tools and documentation. I think Jonas will be of great expertise in this particular area. > If I were accepted as a trusted user, I would take over maintenance of > the tpm2-software stack from my sponsor Bruno Pagani. This makes sense > since I am an upstream member of tpm2-software anyway and had been > maintaining these packages until they were adopted to [community]. That is the part where I need to disagree. ;) Not on Jonas taking maintainership of those packages again of course (we naturally discussed this beforehand), but on the fact he ever stopped maintaining them. I would just say he stopped committing the changes by himself, but that’s barely all. Everyone is free to see the kind of OOD messages he has been letting me over the past months, as can still be viewed on tpm2-tss[0] that I did not have time to update yet. So as a matter of facts, I consider Jonas has remained the actual maintainer of the tpm2 stack even after I moved some parts of it into [community]. It would hence just be logical for me that he gets the commit rights necessary to pursue this job by himself (also, I could make use of some pkgnumber reduction…). :) > Another long-time goal as a trusted user would be getting out of the box > Secure Boot support for the Arch Linux installation images [5,6]. > > Packages I would like to adopt from the AUR to [community] for starters are: > > - The rest of the tpm2-software stack: tpm2-tss-engine and tpm2-totp > (when they have reached the 1% usage from pkgstats/10 votes on the AUR > threshold), tpm2-pkcs11-git (as soon as it gets a release). > - clevis and tang (and their dependencies jose, luksmeta) > - sbupdate-git (I need to speak to upstream about making a release first) > - paperkey > - cryptomator > - deheader > - texworks > - pdftk-java (an exact Java reimplementation of the very popular > pdftk/pdftk-bin, which is hard to package since it relies on an outdated > version of GCC) I should say that despite what the appearances could look like (e.g. no bunch of commits fixing issues on all packages at roughly the same time), I actually reviewed Jonas packages but only found two or three minor nits. As well, when I moved some of the tpm2 packages into [community], I mostly had just to copy the PKGBUILD verbatim. > I am looking forward to working with you and welcome any questions and > comments! And I definitively look forward to working with you as part of our TU team too! I wish you good luck with your application and hope you’ll convince everyone just as Alad and I were. ;) Regards, Bruno/Archange [0] https://www.archlinux.org/packages/community/x86_64/tpm2-tss/ signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application: Jonas Witschel (diabonas)
Hi Rob, On 2019-09-05 17:42, Robin Broda via aur-general wrote: > junit-system-rules is fetching a source via http - can this be avoided? > (http://search.maven.org) > It appears to be reachable via https. certainly it can, thanks for spotting this, fixed! I don't really like fetching prebuilt Java archives, although it is allowable by the packaging guidelines, but that doesn't mean I can't at least do it over an authenticated connection ;) > The packages you want to adopt look useful. The 10 votes metric is more of a > general recommendation than a rule, > feel free to pull those in without hitting the metric - especially given that > they are useful in specific security contexts. Good to know! In that case I would probably adopt tpm2-tss-engine and tpm2-totp just to have the complete tpm2-software stack available. > Looking forward to this :) Thank you and Eli for the positive feedback and your PKGBUILD review :) Best regards, Jonas signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application: Jonas Witschel (diabonas)
On 9/5/19 5:23 PM, Jonas Witschel wrote: > Hi all, > > my name is Jonas Witschel (online nick "diabonas" on the > AUR/GitHub/GitLab/...) and I am applying as an Arch Linux Trusted User > under the sponsorship of Bruno Pagani and Alad Wenter. > Hi! Promising application - I spent a few minutes looking over your AUR PKGBUILDs as is customary for applicants and... I've looked over all your AUR PKGBUILDs and must say that they're almost spotless - good job! This makes this PKGBUILD review rather short. junit-system-rules is fetching a source via http - can this be avoided? (http://search.maven.org) It appears to be reachable via https. That's all I've found so far. The packages you want to adopt look useful. The 10 votes metric is more of a general recommendation than a rule, feel free to pull those in without hitting the metric - especially given that they are useful in specific security contexts. Looking forward to this :) Regards -- Rob (coderobe) O< ascii ribbon campaign - stop html mail - www.asciiribbon.org signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application: Jonas Witschel (diabonas)
On 9/5/19 11:23 AM, Jonas Witschel wrote: > Hi all, > > my name is Jonas Witschel (online nick "diabonas" on the > AUR/GitHub/GitLab/...) and I am applying as an Arch Linux Trusted User > under the sponsorship of Bruno Pagani and Alad Wenter. > > A few words about myself: I am a math PhD student and long-time Linux > user. I switched to Arch Linux around 2016 because I like the idea of a > rolling release distribution that stays close to upstream, which is > especially beneficial when doing software development. I got more > actively involved in contributing to Arch when the previous AUR > maintainer of the tpm2-software stack (tpm2-tss, tpm2-abrmd and > tpm2-tools) orphaned these packages, so I took over maintenance until > they were adopted to [community]. > > I am interested in many security-related thing such as Secure Boot, > Trusted Platform Modules (TPMs), disk encryption, PGP, ... As such, I am > a member of the tpm2-software organisation and a maintainer of tpm2-totp > [1]. Recently I have been working on getting Web Key Directory support > into pacman for fetching PGP keys independently of the key server > network [2,3]. A repository of all my AUR packages can be found on > Gitlab [4]. I notice you use my aurpublish routine, so this automatically gets a +1 from me. :D Also, your attempts to get WKD into pacman are awesome. I love to see prospective TUs who take an interest in improving the packaging toolchain! <3 > If I were accepted as a trusted user, I would take over maintenance of > the tpm2-software stack from my sponsor Bruno Pagani. This makes sense > since I am an upstream member of tpm2-software anyway and had been > maintaining these packages until they were adopted to [community]. > Another long-time goal as a trusted user would be getting out of the box > Secure Boot support for the Arch Linux installation images [5,6]. > > Packages I would like to adopt from the AUR to [community] for starters are: > > - The rest of the tpm2-software stack: tpm2-tss-engine and tpm2-totp > (when they have reached the 1% usage from pkgstats/10 votes on the AUR > threshold), tpm2-pkcs11-git (as soon as it gets a release). > - clevis and tang (and their dependencies jose, luksmeta) > - sbupdate-git (I need to speak to upstream about making a release first) > - paperkey > - cryptomator > - deheader > - texworks > - pdftk-java (an exact Java reimplementation of the very popular > pdftk/pdftk-bin, which is hard to package since it relies on an outdated > version of GCC) > > I am looking forward to working with you and welcome any questions and > comments! > > Cheers, > Jonas > > [1] https://github.com/tpm2-software/tpm2-totp > [2] https://bugs.archlinux.org/task/63171 > [3] https://lists.archlinux.org/pipermail/pacman-dev/2019-July/023493.html > [4] https://gitlab.com/diabonas/aur-packages > [5] https://bugs.archlinux.org/task/53864 > [6] > https://lists.archlinux.org/pipermail/arch-releng/2019-January/003891.html > -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application: Jonas Witschel (diabonas)
On Thu, Sep 05, 2019 at 05:23:20PM +0200, Jonas Witschel wrote: > Hi all, > > my name is Jonas Witschel (online nick "diabonas" on the > AUR/GitHub/GitLab/...) and I am applying as an Arch Linux Trusted User > under the sponsorship of Bruno Pagani and Alad Wenter. > I hereby confirm my sponsorship of Jonas. Best of luck with your application! Alad > A few words about myself: I am a math PhD student and long-time Linux > user. I switched to Arch Linux around 2016 because I like the idea of a > rolling release distribution that stays close to upstream, which is > especially beneficial when doing software development. I got more > actively involved in contributing to Arch when the previous AUR > maintainer of the tpm2-software stack (tpm2-tss, tpm2-abrmd and > tpm2-tools) orphaned these packages, so I took over maintenance until > they were adopted to [community]. > > I am interested in many security-related thing such as Secure Boot, > Trusted Platform Modules (TPMs), disk encryption, PGP, ... As such, I am > a member of the tpm2-software organisation and a maintainer of tpm2-totp > [1]. Recently I have been working on getting Web Key Directory support > into pacman for fetching PGP keys independently of the key server > network [2,3]. A repository of all my AUR packages can be found on > Gitlab [4]. > > If I were accepted as a trusted user, I would take over maintenance of > the tpm2-software stack from my sponsor Bruno Pagani. This makes sense > since I am an upstream member of tpm2-software anyway and had been > maintaining these packages until they were adopted to [community]. > Another long-time goal as a trusted user would be getting out of the box > Secure Boot support for the Arch Linux installation images [5,6]. > > Packages I would like to adopt from the AUR to [community] for starters are: > > - The rest of the tpm2-software stack: tpm2-tss-engine and tpm2-totp > (when they have reached the 1% usage from pkgstats/10 votes on the AUR > threshold), tpm2-pkcs11-git (as soon as it gets a release). > - clevis and tang (and their dependencies jose, luksmeta) > - sbupdate-git (I need to speak to upstream about making a release first) > - paperkey > - cryptomator > - deheader > - texworks > - pdftk-java (an exact Java reimplementation of the very popular > pdftk/pdftk-bin, which is hard to package since it relies on an outdated > version of GCC) > > I am looking forward to working with you and welcome any questions and > comments! > > Cheers, > Jonas > > [1] https://github.com/tpm2-software/tpm2-totp > [2] https://bugs.archlinux.org/task/63171 > [3] https://lists.archlinux.org/pipermail/pacman-dev/2019-July/023493.html > [4] https://gitlab.com/diabonas/aur-packages > [5] https://bugs.archlinux.org/task/53864 > [6] > https://lists.archlinux.org/pipermail/arch-releng/2019-January/003891.html > signature.asc Description: PGP signature
[aur-general] TU application: Jonas Witschel (diabonas)
Hi all, my name is Jonas Witschel (online nick "diabonas" on the AUR/GitHub/GitLab/...) and I am applying as an Arch Linux Trusted User under the sponsorship of Bruno Pagani and Alad Wenter. A few words about myself: I am a math PhD student and long-time Linux user. I switched to Arch Linux around 2016 because I like the idea of a rolling release distribution that stays close to upstream, which is especially beneficial when doing software development. I got more actively involved in contributing to Arch when the previous AUR maintainer of the tpm2-software stack (tpm2-tss, tpm2-abrmd and tpm2-tools) orphaned these packages, so I took over maintenance until they were adopted to [community]. I am interested in many security-related thing such as Secure Boot, Trusted Platform Modules (TPMs), disk encryption, PGP, ... As such, I am a member of the tpm2-software organisation and a maintainer of tpm2-totp [1]. Recently I have been working on getting Web Key Directory support into pacman for fetching PGP keys independently of the key server network [2,3]. A repository of all my AUR packages can be found on Gitlab [4]. If I were accepted as a trusted user, I would take over maintenance of the tpm2-software stack from my sponsor Bruno Pagani. This makes sense since I am an upstream member of tpm2-software anyway and had been maintaining these packages until they were adopted to [community]. Another long-time goal as a trusted user would be getting out of the box Secure Boot support for the Arch Linux installation images [5,6]. Packages I would like to adopt from the AUR to [community] for starters are: - The rest of the tpm2-software stack: tpm2-tss-engine and tpm2-totp (when they have reached the 1% usage from pkgstats/10 votes on the AUR threshold), tpm2-pkcs11-git (as soon as it gets a release). - clevis and tang (and their dependencies jose, luksmeta) - sbupdate-git (I need to speak to upstream about making a release first) - paperkey - cryptomator - deheader - texworks - pdftk-java (an exact Java reimplementation of the very popular pdftk/pdftk-bin, which is hard to package since it relies on an outdated version of GCC) I am looking forward to working with you and welcome any questions and comments! Cheers, Jonas [1] https://github.com/tpm2-software/tpm2-totp [2] https://bugs.archlinux.org/task/63171 [3] https://lists.archlinux.org/pipermail/pacman-dev/2019-July/023493.html [4] https://gitlab.com/diabonas/aur-packages [5] https://bugs.archlinux.org/task/53864 [6] https://lists.archlinux.org/pipermail/arch-releng/2019-January/003891.html signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU membership application
On 9/5/19 3:21 PM, Aaron Laws via aur-general wrote: > On Thu, Sep 5, 2019 at 3:45 AM Alexander F Rødseth via aur-general < > aur-general@archlinux.org> wrote: > >>> Sergej already confirmed sponsorship. >> I read his reply twice, but I could not see a confirmation of sponsorship. >> Sergej, could you please clarify? >> > ... > >> Have Sergej confirmed his sponsorship, though? >> > For the record, it looks like Sergej has explicitly stated that he will > sponsor in a signed message: > > On Mon, Aug 19, 2019 at 9:49 AM Sergej Pupykin wrote: > >> Giancarlo Razzolini via aur-general wrote: >>> Having nothing against is not the same as actively sponsoring it. All >>> this discussion is kind of pointless until we hear from both sponsors >>> telling us they actively sponsor Jean's application. Then the discussion >>> period can begin. >> >> Ok, I am not sure about "actively" :) but I want to see parsedmarc >> package bundle in community. As well as ghidra and coturn (which is >> already in community), so I sponsor him. >> > I believe this marks the beginning of the discussion period. Regardless of when the discussion period begins - the TU bylaws are not exactly clear about this - I'm not sure what's left to discuss. Concerns with this application have already been raised, and the applicant's packages have already been reviewed. Alad
Re: [aur-general] TU membership application
On Thu, Sep 5, 2019 at 3:45 AM Alexander F Rødseth via aur-general < aur-general@archlinux.org> wrote: > > Sergej already confirmed sponsorship. > > I read his reply twice, but I could not see a confirmation of sponsorship. > Sergej, could you please clarify? > ... > Have Sergej confirmed his sponsorship, though? > For the record, it looks like Sergej has explicitly stated that he will sponsor in a signed message: On Mon, Aug 19, 2019 at 9:49 AM Sergej Pupykin wrote: > Giancarlo Razzolini via aur-general wrote: > > > > Having nothing against is not the same as actively sponsoring it. All > > this discussion is kind of pointless until we hear from both sponsors > > telling us they actively sponsor Jean's application. Then the discussion > > period can begin. > > > Ok, I am not sure about "actively" :) but I want to see parsedmarc > package bundle in community. As well as ghidra and coturn (which is > already in community), so I sponsor him. > I believe this marks the beginning of the discussion period.
Re: [aur-general] TU membership application
Hi, Giancarlo wrote: > Well, I think it should be the other way around, you first mentor someone and look with them into their packages and then decided about sponsorship. That's your opinion, and here's mine: I don't think that's important. If a candidate looks promising and there is an intention to both sponsor (confirming by e-mail that the applicant is sponsored when they apply) and an intention to mentor (at least look through the AUR packages and give them helpful hints), I don't think the order matters, as long as everyone is honest with each other and both things happens before the application is sent. That's not what happened in this case, though, since the application was sent before there were any mentoring. > Sergej already confirmed sponsorship. I read his reply twice, but I could not see a confirmation of sponsorship. Sergej, could you please clarify? > But it seems neither of you actually mentored the applicant. It did not happen. I explicitly wrote that I was not aware that he had sent his application without any mentoring on my part. > I don't think that simply foregoing the discussion period is the way to go. If Sergej also confirms his sponsorship, the discussion period can begin. >> If someone dislikes a TU application, it's easy to vote "no" in the vote >> that follows. > >That's not how this should be faced. Ideally all the applications >should have two sponsors that are actively mentoring the applicant and are vested into >their success.If we had that, applications would be voted "yes". This is disregarding that I was first on vacation and then didn't have the time to do any mentoring. I did not know that an application was sent. Please, be more generous in your interpretations. Levente wrote: > Not judging here by any means about the applicant himself, but I consider the current state as void as we frankly did not go through long discussions and bylaw changes to implement two sponsors if at the end it doesn't provide more value than having a bigger number and "having nothing against because someone wants a package in the repo". Have Sergej confirmed his sponsorship, though? -- Sincerely, Alexander F Rødseth / xyproto
Re: [aur-general] TU membership application
On September 4, 2019 4:37:42 PM GMT+02:00, Giancarlo Razzolini via aur-general wrote: >Em setembro 4, 2019 9:54 Alexander Rødseth via aur-general escreveu: >> >> I did agree to sponsor the TU application of Jean Lucas, provided he >found >> another sponsor, but was not aware that he had sent his application >without >> any mentoring on my part. >> > >Well, I think it should be the other way around, you first mentor >someone and look >with them into their packages and then decided about sponsorship. > >> I am not in favor of how the TU application process turned out, nor >the >> idea of moving proprietary software packages to [community], but I'll >stand >> by my word and sponsor him if there is another sponsor. >> > >Sergej already confirmed sponsorship. But it seems neither of you >actually mentored >the applicant. > >> In general, we need more TUs and Devs and I think we should have a >process >> that feels less judgemental on the applicants (ref. the application >from >> Drew DeVault that sadly did not join us as a TU). >> > >While I agree that we should have a more on point discussion with less >bikeshedding >regarding other stuff, I don't think that simply foregoing the >discussion period is >the way to go. > >> If someone dislikes a TU application, it's easy to vote "no" in the >vote >> that follows. >> > >That's not how this should be faced. Ideally all the applications >should have two >sponsors that are actively mentoring the applicant and are vested into >their success. >If we had that, applications would be voted "yes". > >ps: I'm not making any judgment on the applicant here. I've talked with >him privately >regarding this application process. While he failed to disclose that he >had asked another >TU before, I don't think it was in bad faith. > >Regards, >Giancarlo Razzolini I agree with grazzolini, sponsors pretty much agreed themselves that there was zero mentoring happening plus xyproto obviously is even surprised so many proprietary blobs are about to be added. Not judging here by any means about the applicant himself, but I consider the current state as void as we frankly did not go through long discussions and bylaw changes to implement two sponsors if at the end it doesn't provide more value than having a bigger number and "having nothing against because someone wants a package in the repo" . I'm happy to cast votes after the sponsors did what sponsors shall do and take care of their applicant - obviously there is much room for discussing intends etc with sponsors.
Re: [aur-general] TU membership application
Em setembro 4, 2019 9:54 Alexander Rødseth via aur-general escreveu: I did agree to sponsor the TU application of Jean Lucas, provided he found another sponsor, but was not aware that he had sent his application without any mentoring on my part. Well, I think it should be the other way around, you first mentor someone and look with them into their packages and then decided about sponsorship. I am not in favor of how the TU application process turned out, nor the idea of moving proprietary software packages to [community], but I'll stand by my word and sponsor him if there is another sponsor. Sergej already confirmed sponsorship. But it seems neither of you actually mentored the applicant. In general, we need more TUs and Devs and I think we should have a process that feels less judgemental on the applicants (ref. the application from Drew DeVault that sadly did not join us as a TU). While I agree that we should have a more on point discussion with less bikeshedding regarding other stuff, I don't think that simply foregoing the discussion period is the way to go. If someone dislikes a TU application, it's easy to vote "no" in the vote that follows. That's not how this should be faced. Ideally all the applications should have two sponsors that are actively mentoring the applicant and are vested into their success. If we had that, applications would be voted "yes". ps: I'm not making any judgment on the applicant here. I've talked with him privately regarding this application process. While he failed to disclose that he had asked another TU before, I don't think it was in bad faith. Regards, Giancarlo Razzolini pgp5E50PKzsYr.pgp Description: PGP signature
Re: [aur-general] TU membership application
Hello, Sorry for the late response, I was on vacation followed by a period of having little spare time, with regards to work and family. I did agree to sponsor the TU application of Jean Lucas, provided he found another sponsor, but was not aware that he had sent his application without any mentoring on my part. I am not in favor of how the TU application process turned out, nor the idea of moving proprietary software packages to [community], but I'll stand by my word and sponsor him if there is another sponsor. In general, we need more TUs and Devs and I think we should have a process that feels less judgemental on the applicants (ref. the application from Drew DeVault that sadly did not join us as a TU). If someone dislikes a TU application, it's easy to vote "no" in the vote that follows. Best regards, Alexander F. Rødseth
Re: [aur-general] TU membership application
On Sunday, September 1, 2019 9:39:37 AM EDT Xyne wrote: > The lackadaisical approach to sponsorship is one of the main reasons that > we've moved to a system with two sponsors. Maybe I missed the joke, but > having nothing against someone and wanting to see a particular package in > community is not a good enough reason to sponsor someone. A TU application > may not be a matter of life and death but the process should be taken > somewhat seriously nevertheless given how many people could be potentially > impacted if a malicious candidate is accepted. > We need to agree to set the bar a little higher. That kinda speaks to the 'trust' in 'Trusted User'. It's not just "Oh hey, I want to contribute, give me the keys to the kingdom". You need to be vetted and checked out. Not just because of the potential for bad actors, but I think you also need to show you're actually capable of doing the job being asked of you. Sponsoring a TU applicant that you're friendly with, but has no real experience in packaging or any sort of development background, does a disservice to the community. It's not just, "Does the sponsor Trust this person" But "Can the community Trust this person?" I'm not saying that this is the case for this application, but that's the reason, I feel, why the process is involved as it is. Heck, it could be more intensive and I'd still say "Yeah, that's appropriate." Like Xyne said, not commenting on the TU application at all. Just responding with my thoughts to his comments. signature.asc Description: This is a digitally signed message part.
Re: [aur-general] TU membership application
On 2019-08-19 16:49 +0300 Sergej Pupykin wrote: >Giancarlo Razzolini via aur-general wrote: >> >> Having nothing against is not the same as actively sponsoring it. All >> this discussion is kind of pointless until we hear from both sponsors >> telling us they actively sponsor Jean's application. Then the discussion >> period can begin. > > >Ok, I am not sure about "actively" :) but I want to see parsedmarc >package bundle in community. As well as ghidra and coturn (which is >already in community), so I sponsor him. Sponsorship is supposed to be an active advocacy of the applicant based on the sponsor's evaluation of the applicant's skills and trustworthiness. It should be based on a strong positive opinion of the applicant and the sponsor essentially vouches for the applicant by sponsoring them. The lackadaisical approach to sponsorship is one of the main reasons that we've moved to a system with two sponsors. Maybe I missed the joke, but having nothing against someone and wanting to see a particular package in community is not a good enough reason to sponsor someone. A TU application may not be a matter of life and death but the process should be taken somewhat seriously nevertheless given how many people could be potentially impacted if a malicious candidate is accepted. If TUs start sponsoring anyone who asks based on these latter criteria, the system is broken. Especially when we have candidates who just ask different TUs until they get two to agree. We need to agree to set the bar a little higher. I am only reacting to the apparent indifference of sponsorship here, which is independent of Jean Lucas' application. The latter will be discussed if and when Alexander confirms his sponsorship. Regards, Xyne
Re: [aur-general] TU membership application
Em agosto 20, 2019 13:16 Jean Lucas via aur-general escreveu: Hi Bert, and thank you! My (latest) key can be found at https://keys.openpgp.org/search?q=jean%404ray.co and https://pool.sks-keyservers.net/pks/lookup?search=jean%404ray.co&fingerprint=on&op=vindex (as well as the servers SKS Keyservers gossips with). On SKS Keyservers, I had originally submitted 2 keys in 2015, and they've both since been revoked. So my latest, active key has fingerprint 553C C0A1 134A 2E77 145B E12D 7416 2644 B297 6F6C, as posted on my AUR profile at https://aur.archlinux.org/account/flacks/. Hi Jean, Can you as your second sponsor to reply to this thread so we can start the discussion period? Ideally, Alexander should also sign his email, like Sergej did. Our bylaws unfortunately do not mention this, neither does our wiki. Regards, Giancarlo Razzolini pgpGexMuoxU2c.pgp Description: PGP signature
Re: [aur-general] TU membership application
On Tue, 2019-08-20 at 11:01 +0200, Bert Peters via aur-general wrote: > Hi Jean Lucas, > > I've been reading your TU application and I wish you the best of > luck. > However, I can't seem to find the GPG key you're using on any > keyservers. Did you happen to forget to submit it somewhere? > > Best, > > Bert. Hi Bert, and thank you! My (latest) key can be found at https://keys.openpgp.org/search?q=jean%404ray.co and https://pool.sks-keyservers.net/pks/lookup?search=jean%404ray.co&fingerprint=on&op=vindex (as well as the servers SKS Keyservers gossips with). On SKS Keyservers, I had originally submitted 2 keys in 2015, and they've both since been revoked. So my latest, active key has fingerprint 553C C0A1 134A 2E77 145B E12D 7416 2644 B297 6F6C, as posted on my AUR profile at https://aur.archlinux.org/account/flacks/. Best regards, Jean signature.asc Description: This is a digitally signed message part
Re: [aur-general] TU membership application
Hi Jean Lucas, I've been reading your TU application and I wish you the best of luck. However, I can't seem to find the GPG key you're using on any keyservers. Did you happen to forget to submit it somewhere? Best, Bert. signature.asc Description: This is a digitally signed message part
Re: [aur-general] TU membership application
On Mon, 2019-08-19 at 16:49 +0300, Sergej Pupykin wrote: > Giancarlo Razzolini via aur-general wrote: > > Having nothing against is not the same as actively sponsoring it. > > All > > this discussion is kind of pointless until we hear from both > > sponsors > > telling us they actively sponsor Jean's application. Then the > > discussion > > period can begin. > > Ok, I am not sure about "actively" :) but I want to see parsedmarc > package bundle in community. As well as ghidra and coturn (which is > already in community), so I sponsor him. I'd like for checkdmarc/parsedmarc to get rewritten in Rust or Go so dependencies are easily resolvable... Python packages with a ton of version-specific dependencies are kind of crazy to package. ...and upstream seems to be allergic to tags. :) signature.asc Description: This is a digitally signed message part
Re: [aur-general] TU membership application
Giancarlo Razzolini via aur-general wrote: > > Having nothing against is not the same as actively sponsoring it. All > this discussion is kind of pointless until we hear from both sponsors > telling us they actively sponsor Jean's application. Then the discussion > period can begin. Ok, I am not sure about "actively" :) but I want to see parsedmarc package bundle in community. As well as ghidra and coturn (which is already in community), so I sponsor him. signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU membership application
Em agosto 19, 2019 9:05 Sergej Pupykin escreveu: I have nothing against this application. I use parsedmarc package (slightly modified for my needs) which maintained by Jean. Having nothing against is not the same as actively sponsoring it. All this discussion is kind of pointless until we hear from both sponsors telling us they actively sponsor Jean's application. Then the discussion period can begin. Regards, Giancarlo Razzolini pgpGE6wYuDNv9.pgp Description: PGP signature
Re: [aur-general] TU membership application
> My name is Jean Lucas, and I'm sending this email to submit my candidacy > for Trusted User member. As per the latest TU bylaws, I'm being > sponsored by both Alexander Rødseth and Sergej Pupykin. I have nothing against this application. I use parsedmarc package (slightly modified for my needs) which maintained by Jean.
Re: [aur-general] TU membership application
On Sun, 2019-08-18 at 01:14 -0400, Eli Schwartz via aur-general wrote: > On 8/18/19 12:26 AM, Santiago Torres-Arias wrote: > > > > - This appears to me it's a -bin package > > > > > > Why? It looks like some sort of standard js-based source package > > > on the > > > NPM registry. > > > > > > > well, judging from the lack of build() I'd assume so. I'm not too > > familiar with npm, but if t is running build commands (as you > > concede > > down in the email it may be happening) then that probably should > > happen > > inside of build()? > > That's what I do for rapydscript-ng. If you try to npm install in > build() and then npm install --prefix="$pkgdir/usr" in package(), I'm > pretty sure it will just build a second copy all over again, during > the > package() step. I'm not a makepkg expert so please correct me if I'm wrong, but from reading the PKGBUILD man page (and knowing build() is considered optional), it doesn't seem like build() has any particularly different configuration that would affect the build of the package vis-à-vis building within package(). > > Repeat after me: "curse you, npm". Repeating that is the only way I fall asleep. > > It is very, very, very difficult to provide meaningful criticism of > an > npm PKGBUILD. There aren't a lot of options when it comes to > packaging > this language. > signature.asc Description: This is a digitally signed message part
Re: [aur-general] TU membership application
On Sat, 2019-08-17 at 22:51 -0400, Santiago Torres-Arias wrote: > On Fri, Aug 16, 2019 at 03:19:56PM -0400, Jean Lucas via aur-general > wrote: > > Hi all, > > > > Thank you for your time, and thank you to all who help make Arch a > > great OS! > > Always happy to help! :) > > It's customary to review PKGBUILDS for new applicants. This is > somewhat > of a quick/cursory review over 3 random packages as I've been in > conferences for the whole week. Thank you for the review! > > == Overall == > > - It appears you need quote strings way more everywhere, from deps, > to licenses > to variables > - Consider that base-devel is assumed to exist for makedepends and > (iirc). As Eli explained, the quotes are unnecessary unless you need to do variable expansion, and makepkg yells at you if you include a space somewhere. As for array keys, I think that no quotes looks way prettier >:) And yes, I've been working on the assumption that base-devel is installed for makedepends. > > == Beaker == > > - This depends array has to be wrong I've been working on parsing namcap output to make my life a little easier, so I'm basically throwing what namcap outputs w.r.t. deps at a script I wrote that looks up the missing libraries and spits out the needed packages, and I throw that into the depends of pkgbuilds. I do know that some dependencies are subdependencies of more higher-level packages (i.e. the higher-level packages already pull the subdependencies in) but I haven't yet scripted a way to intelligently omit those subdependencies. I don't think it is harmful to be very verbose on those dependencies, but I do make sure I work from an empty depends array to exactly what namcap tells me, as well as interpreting readmes and reading through the actual software being packaged. Then I test all my packages in clean chroots (especially graphical applications) to ensure I have the minimal amount of deps needed. As for depending on Electron, Beaker builds a self-contained Electron app, hence the specific need for all the dynamic dependencies (that something like wire-desktop can leave for community/electron to resolve, since it does not bundle Electron). As for glibc/gcc-libs, yes this seems like quite an involved topic with a lot of angles. Arch is glibc-based, they're both in base, so they could *probably* be omitted - I'm working on the fact that namcap tells me I need them :X > - This makedepends array too. you should make sure things aren't > depending on > py2 anymore Py2 isn't officially EOL *yet* - that's in January 2020 :) but I prefer to let upstream switch their dependency to Py3 because - I'm not a Python expert here so please correct me if I'm wrong - there could be some form of incompatibility when manually hacking in a Py3 build, especially for something as complex as a browser. > - I'm also a little confused, did you take over the namespace of > another > project called beaker? Why not just call this beaker browser? I don't have an airtight answer for this - I liked the named beaker more, and saw it used officially just about everywhere except the domain name and the GitHub user name. I also followed the train of logic that Firefox isn't named firefox-browser, nor Chromium chromium- browser - but then again, I was also unaware of the existence of an existing project called Beaker. I didn't see it in the AUR nor the official repos, so I went ahead and solicited the namespace change. > > == Oxy == > > - I think you should document why you're cherry-picking that commit > rather than > using a tag. Admittedly this is probably upstream's fault, but > still, better > to be clear. You're right - better to be clear. I will document my cherry-picks from now on. But yeah, not tagging your releases is kind of annoying. > - Again, I think your depends are either too verbose or wrong. This goes back to the glibc/gcc-libs point above :) > > == stf == > > - This appears to me it's a -bin package I use this package every day - its definitely not a bin / it builds the platform. > - npm -i -g --prefix seems like a good way to overwrite a bunch of > system files > and/or cause a bunch of file conflicts As Eli mentioned, this is basically the standard way of building NPM packages. I customarily check the file tree of my packages and make sure things are neat and don't collide. > - I think you can use $pkgname more often, namely when resolving the > url and > resolving the tgz file After reading Eli's reply to this point, I can see a point for why one would want to hardcore $pkgname everywhere (for namespace changes). I basically use $pkgname if its shorter than typing the actual pkgname, haha. But I really think a package maintainer should always be reviewing build/packaging instructions, and a $pkgname change, as normally glacial/infrequent as that is, should be very obvious to a maintainer during rebuild. For URLs - those can change a lot, and be radically different e.g. switchi
Re: [aur-general] TU membership application
On Sun, 2019-08-18 at 17:56 +0200, David Runge wrote: > On 2019-08-16 17:10:41 (-0400), Jean Lucas via aur-general wrote: > > I would definitely be willing to very politely ask the five > > respective > > companies for redistribution permissions for Arch Linux. > In the case of reaper, I've already been in contact with Cockos to > try > and move that to [community] and they didn't reply to multiple > requests > through several channels. > On its own, I have not been able to make sense out of the OEM > distribution license [1] for that matter either. > "... but I'm not a lawyer (TM)." > > Best, > David > > [1] https://www.reaper.fm/dist-agreement.php > Yeah the legalese is a bit hard to interpret, its much better to get a clear answer from them directly, and have them explicitly add a redistribution-by-linux-distros-ok clause to the license, like Valve did with Steam. I suppose more people could contact them to see if they'll budge. signature.asc Description: This is a digitally signed message part
Re: [aur-general] TU membership application
On 2019-08-16 17:10:41 (-0400), Jean Lucas via aur-general wrote: > I would definitely be willing to very politely ask the five respective > companies for redistribution permissions for Arch Linux. In the case of reaper, I've already been in contact with Cockos to try and move that to [community] and they didn't reply to multiple requests through several channels. On its own, I have not been able to make sense out of the OEM distribution license [1] for that matter either. "... but I'm not a lawyer (TM)." Best, David [1] https://www.reaper.fm/dist-agreement.php -- https://sleepmap.de signature.asc Description: PGP signature
Re: [aur-general] TU membership application
On Sat, 2019-08-17 at 23:46 -0400, Eli Schwartz via aur-general wrote: > On 8/17/19 2:49 PM, Jean Lucas via aur-general wrote: > > That said, I think its a bit unfair to say that I went off and > > found > > another sponsor without batting an eye - asking Alexander and > > Sergej > > seemed appropriate as they'd both adopted one of my packages, I had > > worked with you to resolve some of my issues, I've gone over all of > > my > > packages with a fine-toothed comb many times now, and got more help > > as > > needed. I didn't suppose that having you decline sponsorship should > > deter me from eventually applying until getting your approval. I > > regret that we didn't have better communication, though. > > I don't see anyone implying you aren't allowed to apply until the > person > who declined to sponsor you says it is okay. > > All that anyone is saying is that you're supposed to provide fair > disclosure of the fact that it happened. I agree. > > > On 8/17/19 6:59 PM, Jean Lucas via aur-general wrote: > > On Sat, 2019-08-17 at 21:58 +0200, Robin Broda wrote: > > > On 8/17/19 8:49 PM, Jean Lucas wrote: > > > > In totality, I asked 4 TUs - Alexander, Sergej, Alad, and you. > > > > > > Why did you not make this clear in your application? > > > > Since there is no formal guideline for writing an application > > AFAICT, I > > thought it sufficient to include the names of those who agreed to > > sponsor me. > > > > > I'm sure you've read the wiki article on Trusted Users[1] - > > > > *Note*: Should the TU you contact decline to sponsor your > > > > application, > > > > you should make this fact known if you seek sponsorship from > > > > another TU. > > > > > > Have you at least told xyproto & sergej that you have approached > > > alad > > > and me, > > > and the reason for me declining sponsorship? > > > > I have not. I contacted Alexander before you something like 2 > > months > > ago, and your formal refusal for sponsorship came in about 2 weeks > > later. Admittedly, I forgot to mention that you'd declined my > > sponsorship to both of them. > > Hmm, did you contact him about sponsorship, specifically? You say > that > he offered to sponsor you "after a few chat sessions", and that your > first contact with him (about him adopting your package) was before > your > first contact with Robin. If you only contacted him about sponsorship > after Robin declined, I'm not even sure why it is relevant if you > contacted Alexander about unrelated things. If you were in discussion > with Alexander about sponsorship before you asked Robin, I could at > least understand how such forgetfulness happened. Alexander and I initially talked over IRC about my package he wanted to adopt. About a day later, I pinged him on IRC about the TU role, shortly (about a half-day or another day later) after which I solicited a review of my profile for sponsoring. I think it was either that same day or one or two days later that I poked Alad and Robin on IRC about the same, one after the other, soliciting review of my profile for sponsorship. As mentioned, Alad never saw my solicitation, so the conversations only proceeded with Alexander and Robin. About two weeks after the IRC chats, after having previously sent a follow-up email to both Alexander and Robin requesting an update on their willingness to sponsor me, I emailed Sergej asking if he would review my profile for purposes of sponsorship, after which a whole 30 minutes passed, and Robin's formal refusal for sponsorship landed in my inbox. > > > On 8/17/19 8:46 PM, Jean Lucas via aur-general wrote: > > For the record, it says "Should the TU you contact decline to > > sponsor > > your application, you should make this fact known if you seek > > sponsorship from another TU." - that should be reworded to > > something > > similar to what you said instead, given the recent amendment to the > > TU > > bylaws of needing two sponsors instead of one. > > > > Either way, I had forgotten about that part, so I failed to bring > > it > > up with the TUs I was in contact with. My apologies. In hindsight, > > it > > would've been a pragmatic idea. > > I... really don't see what is confusing or ambiguous about the wiki? The wiki says "[...] the first step is to find a TU who agrees to sponsor you. Once sponsored, you should write a witty application [...]", as well as "Should *the TU* you contact [...]", all still indicative of a one-TU requirement. > My > reading of the wiki does not say that you must acknowledge it to the > whole world on this mailing list (it may or may not be a good idea to > do > so) but you sure had better acknowledge this to the TUs who you later > approach for sponsorship. At least in that much, the wiki is very, > very > clear. I agree. My point is that needing to mention any previous sponsors I contacted to other TUs - we can assume this means regardless of whether or not they accepted or declined sponsorship - is not what is said on the wiki, is
Re: [aur-general] TU membership application
On 8/18/19 12:26 AM, Santiago Torres-Arias wrote: >>> - This appears to me it's a -bin package >> >> Why? It looks like some sort of standard js-based source package on the >> NPM registry. >> > > well, judging from the lack of build() I'd assume so. I'm not too > familiar with npm, but if t is running build commands (as you concede > down in the email it may be happening) then that probably should happen > inside of build()? That's what I do for rapydscript-ng. If you try to npm install in build() and then npm install --prefix="$pkgdir/usr" in package(), I'm pretty sure it will just build a second copy all over again, during the package() step. Repeat after me: "curse you, npm". It is very, very, very difficult to provide meaningful criticism of an npm PKGBUILD. There aren't a lot of options when it comes to packaging this language. -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU membership application
> > - This appears to me it's a -bin package > > Why? It looks like some sort of standard js-based source package on the > NPM registry. > well, judging from the lack of build() I'd assume so. I'm not too familiar with npm, but if t is running build commands (as you concede down in the email it may be happening) then that probably should happen inside of build()? -Santiago. signature.asc Description: PGP signature
Re: [aur-general] TU membership application
On 8/17/19 10:51 PM, Santiago Torres-Arias via aur-general wrote: > On Fri, Aug 16, 2019 at 03:19:56PM -0400, Jean Lucas via aur-general wrote: >> Hi all, >> >> Thank you for your time, and thank you to all who help make Arch a great OS! > > Always happy to help! :) > > It's customary to review PKGBUILDS for new applicants. This is somewhat > of a quick/cursory review over 3 random packages as I've been in > conferences for the whole week. I haven't looked at Jean's packages myself, but I'm not sure some of these things you point to are actually problems. > > == Overall == > > - It appears you need quote strings way more everywhere, from deps, to > licenses > to variables Quote strings are only necessary for variable expansions which could potentially undergo word splitting. For declaring an array (deps, licenses) it's completely unnecessary as you know when writing the PKGBUILD if there are spaces (and most makepkg fields don't permit spaces anyway). Admittedly I think single-quoting array keys looks prettier. That's a personal opinion though. > - Consider that base-devel is assumed to exist for makedepends and (iirc). This is not great if it is in makedepends, but honestly we still haven't fully fixed the official repos for this. > == Beaker == > > - This depends array has to be wrong > - This makedepends array too. you should make sure things aren't depending on > py2 anymore What's necessarily wrong with this? I don't like py2 either, but just because something uses it doesn't mean it has no reason to. What specifically made you think it isn't needed? What is wrong with the dependencies that it "must" be wrong? From a cursory inspection it seems to be some sort of electron thingy, which would hopefully use community/electron but life isn't perfect. Depending on glibc and gcc-libs is a bikeshed topic that TUs/Devs don't agree on. The rest of the dependencies could plausibly be linked to by whichever version of prebuilt electron is being downloaded by the build system. > - I'm also a little confused, did you take over the namespace of another > project called beaker? Why not just call this beaker browser? > > == Oxy == > > - I think you should document why you're cherry-picking that commit rather > than > using a tag. Admittedly this is probably upstream's fault, but still, better > to be clear. Upstream is amazing and doesn't use git tag. The cherry-picked commit has the commit message "Call it a version". This is obvious enough causes that I don't actually feel bad about the lack of comments. :) > - Again, I think your depends are either too verbose or wrong. There's exactly one depends, which is gcc-libs. Again, a bikeshed topic. I will loudly proclaim my own belief in not depending on gcc-libs or anything else in *base*, but I won't tell anyone they are *wrong* for doing so themselves. (Obviously makedepends on base-devel is still against the packaging guidelines.) > == stf == > > - This appears to me it's a -bin package Why? It looks like some sort of standard js-based source package on the NPM registry. > - npm -i -g --prefix seems like a good way to overwrite a bunch of system > files > and/or cause a bunch of file conflicts npm install -g --prefix="$pkgdir" is actually how you are supposed to install npm stuff -- it "globally" installs it to the packaging directory so that pacman will install it to /usr, so it should never conflict with anything. This seems fine to me. (I have personal issues with npm as a technology, and prefer to npm install into $srcdir then use cp because it feels at least mildly cleaner -- see my rapydscript-ng package -- but stf doesn't seem any less valid and some official packages do the same thing he does). > - I think you can use $pkgname more often, namely when resolving the url and > resolving the tgz file I've seen it both ways extremely often. I think some people actually insist on hardcoding $pkgname everywhere, because they want to preserve the possibility of users forking the PKGBUILD, modifying the pkgname, and still have everything work without having to fix up all pkgname references. > - I'm curious to know where you got those depends arays, they seem to be a > little off... do you really need python, graphicksmagic and protobuf to > basically extract a tarball? Not to extract a tarball. This is npm. It's not just extracting a tarball, it is also probably downloading half the internet during build, and maybe compiling G-d-knows-what after the unauthenticated download. Because npm. And npm sucks. But the package itself seems fine, and I'd need to actually look in depth at the build in order to decide if those makedepends raise a red flag. > - I'm also not sure why *everything* is just blindly put on /usr It's not? npm install (like make install except that npm is obviously terrible because javascript desktop programming) is responsible when given --prefix="$pkgdir/usr" to place "everything" in the
Re: [aur-general] TU membership application
On 8/17/19 2:49 PM, Jean Lucas via aur-general wrote: > That said, I think its a bit unfair to say that I went off and found > another sponsor without batting an eye - asking Alexander and Sergej > seemed appropriate as they'd both adopted one of my packages, I had > worked with you to resolve some of my issues, I've gone over all of my > packages with a fine-toothed comb many times now, and got more help as > needed. I didn't suppose that having you decline sponsorship should > deter me from eventually applying until getting your approval. I > regret that we didn't have better communication, though. I don't see anyone implying you aren't allowed to apply until the person who declined to sponsor you says it is okay. All that anyone is saying is that you're supposed to provide fair disclosure of the fact that it happened. On 8/17/19 6:59 PM, Jean Lucas via aur-general wrote: > On Sat, 2019-08-17 at 21:58 +0200, Robin Broda wrote: >> On 8/17/19 8:49 PM, Jean Lucas wrote: >>> In totality, I asked 4 TUs - Alexander, Sergej, Alad, and you. >> >> Why did you not make this clear in your application? > > Since there is no formal guideline for writing an application AFAICT, I > thought it sufficient to include the names of those who agreed to > sponsor me. > >> >> I'm sure you've read the wiki article on Trusted Users[1] - >>> *Note*: Should the TU you contact decline to sponsor your >>> application, >>> you should make this fact known if you seek sponsorship from >>> another TU. >> >> Have you at least told xyproto & sergej that you have approached alad >> and me, >> and the reason for me declining sponsorship? > > I have not. I contacted Alexander before you something like 2 months > ago, and your formal refusal for sponsorship came in about 2 weeks > later. Admittedly, I forgot to mention that you'd declined my > sponsorship to both of them. Hmm, did you contact him about sponsorship, specifically? You say that he offered to sponsor you "after a few chat sessions", and that your first contact with him (about him adopting your package) was before your first contact with Robin. If you only contacted him about sponsorship after Robin declined, I'm not even sure why it is relevant if you contacted Alexander about unrelated things. If you were in discussion with Alexander about sponsorship before you asked Robin, I could at least understand how such forgetfulness happened. On 8/17/19 8:46 PM, Jean Lucas via aur-general wrote: > For the record, it says "Should the TU you contact decline to sponsor > your application, you should make this fact known if you seek > sponsorship from another TU." - that should be reworded to something > similar to what you said instead, given the recent amendment to the TU > bylaws of needing two sponsors instead of one. > > Either way, I had forgotten about that part, so I failed to bring it > up with the TUs I was in contact with. My apologies. In hindsight, it > would've been a pragmatic idea. I... really don't see what is confusing or ambiguous about the wiki? My reading of the wiki does not say that you must acknowledge it to the whole world on this mailing list (it may or may not be a good idea to do so) but you sure had better acknowledge this to the TUs who you later approach for sponsorship. At least in that much, the wiki is very, very clear. I think it's more than pragmatic. It's required. It's a matter of trust: you want the community to trust you and put you in a position where a great many Arch users trust you by default, and part of that is that if someone had objections in the past to your being on the team, then you should at least let your sponsors know the position you are in, which you are asking them to stake their reputation on. They will want to have the opportunity to evaluate and hopefully decide that those reasons no longer apply (or they disagree with the other prospective sponsor's reasoning, which is also okay, because we are allowed to have differences of opinion). Frankly, even if it wasn't an official rule of the application process, I would still consider it to be common courtesy. -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU membership application
On Fri, Aug 16, 2019 at 03:19:56PM -0400, Jean Lucas via aur-general wrote: > Hi all, > > Thank you for your time, and thank you to all who help make Arch a great OS! Always happy to help! :) It's customary to review PKGBUILDS for new applicants. This is somewhat of a quick/cursory review over 3 random packages as I've been in conferences for the whole week. == Overall == - It appears you need quote strings way more everywhere, from deps, to licenses to variables - Consider that base-devel is assumed to exist for makedepends and (iirc). == Beaker == - This depends array has to be wrong - This makedepends array too. you should make sure things aren't depending on py2 anymore - I'm also a little confused, did you take over the namespace of another project called beaker? Why not just call this beaker browser? == Oxy == - I think you should document why you're cherry-picking that commit rather than using a tag. Admittedly this is probably upstream's fault, but still, better to be clear. - Again, I think your depends are either too verbose or wrong. == stf == - This appears to me it's a -bin package - npm -i -g --prefix seems like a good way to overwrite a bunch of system files and/or cause a bunch of file conflicts - I think you can use $pkgname more often, namely when resolving the url and resolving the tgz file - I'm curious to know where you got those depends arays, they seem to be a little off... do you really need python, graphicksmagic and protobuf to basically extract a tarball? - I'm also not sure why *everything* is just blindly put on /usr == Conclusion == - I think you are on the right path, but some decisions made me wonder whether your sponsors actually reviewed the PKGBUILDS with you. Hope this helps, -Santiago signature.asc Description: PGP signature
Re: [aur-general] TU membership application
On Sun, 2019-08-18 at 02:12 +0200, Alad Wenter via aur-general wrote: > > I reached out to Alad sometime in between, but he never responded > > to my profile review request; > > While I don't claim to be the most apt in responding to emails, I see > no Jean Lucas orj...@4ray.co in my mailbox. > I guess that's why I did not respond then. I contacted Alexander, you and Robin over IRC, you must've just not seen my message. I don't blame you, though - IRC isn't exactly the best place to leave messages for others if they're AFK, unless the recipient is an avid IRC user, IMO. > > > That said, I think its a bit unfair to say that I went off and > > found > > another sponsor without batting an eye > > That doesn't really matter - the admission guidelines [1] cleary say > that you should mention any previous sponsors you've contacted. > > ]1] > https://wiki.archlinux.org/index.php/Trusted_Users#How_do_I_become_a_TU > ? For the record, it says "Should the TU you contact decline to sponsor your application, you should make this fact known if you seek sponsorship from another TU." - that should be reworded to something similar to what you said instead, given the recent amendment to the TU bylaws of needing two sponsors instead of one. Either way, I had forgotten about that part, so I failed to bring it up with the TUs I was in contact with. My apologies. In hindsight, it would've been a pragmatic idea. signature.asc Description: This is a digitally signed message part
Re: [aur-general] TU membership application
I reached out to Alad sometime in between, but he never responded to my profile review request; While I don't claim to be the most apt in responding to emails, I see no Jean Lucas orj...@4ray.co in my mailbox. I guess that's why I did not respond then. That said, I think its a bit unfair to say that I went off and found another sponsor without batting an eye That doesn't really matter - the admission guidelines [1] cleary say that you should mention any previous sponsors you've contacted. ]1]https://wiki.archlinux.org/index.php/Trusted_Users#How_do_I_become_a_TU?
Re: [aur-general] TU membership application
On Sat, 2019-08-17 at 21:58 +0200, Robin Broda wrote: > On 8/17/19 8:49 PM, Jean Lucas wrote: > > Hi Robin, > > > > On Sat, 2019-08-17 at 10:13 +0200, Robin Broda via aur-general > > wrote: > > > On 8/16/19 9:19 PM, Jean Lucas via aur-general wrote: > > > > My name is Jean Lucas, and I'm sending this email to submit my > > > > candidacy > > > > for Trusted User member. As per the latest TU bylaws, I'm being > > > > sponsored by both Alexander Rødseth and Sergej Pupykin. > > > > > > How many TUs did you ask for sponsorship, and how many declined? > > > > In totality, I asked 4 TUs - Alexander, Sergej, Alad, and you. > > Why did you not make this clear in your application? Since there is no formal guideline for writing an application AFAICT, I thought it sufficient to include the names of those who agreed to sponsor me. > > I'm sure you've read the wiki article on Trusted Users[1] - > > *Note*: Should the TU you contact decline to sponsor your > > application, > > you should make this fact known if you seek sponsorship from > > another TU. > > Have you at least told xyproto & sergej that you have approached alad > and me, > and the reason for me declining sponsorship? I have not. I contacted Alexander before you something like 2 months ago, and your formal refusal for sponsorship came in about 2 weeks later. Admittedly, I forgot to mention that you'd declined my sponsorship to both of them. > > > > after a follow-up, you declined > > sponsorship for the moment. > > Indeed, I did however offer to review any new things. You offered to answer any questions I had, and that you'd be checking up on my packages every now and then to see whether the quality improved without your intervention. You had already pointed out most of the errors I had in my packages when we first chatted, so I opted for mostly researching everything else on my own, reaching out to the IRC/Matrix channels for a few missing bits every so often. > > > I tried reaching out to you over IRC last Sunday, but alas, I > > probably > > should have done so over email instead. > > This is the last i received from you, FWIW I guess Matrix interaction with IRC is still a little wonky, then. :( > > 0507201 9:00:00 thank you for your feedback! all good > > points > > That said, I think its a bit unfair to say that I went off and > > found > > another sponsor without batting an eye - asking Alexander and > > Sergej > > seemed appropriate as they'd both adopted one of my packages, I had > > worked with you to resolve some of my issues, I've gone over all of > > my > > packages with a fine-toothed comb many times now, and got more help > > as > > needed. I didn't suppose that having you decline sponsorship should > > deter me from eventually applying until getting your approval. I > > regret > > that we didn't have better communication, though. > > I don't think that's how it's supposed to work. Can you please elaborate? > > > > > As explained by others, most of these cannot be moved. > > > Have you talked to your sponsors about this? What have they said > > > about this? > > > > I did not discuss the moving of those packages with my sponsors. I > > was > > hoping to get the community's feedback on the ideas. > > > > But they're the perfect people to talk to about this! You're right. Our communication has been a bit sparse, though, so it didn't occur to me to run the package choices by them beforehand. > > > > > xyproto, sergej - have you reviewed this application before? > > > > They did not review my application. I composed it all myself, for > > which > > I take full responsibility. I had worked on their willingness to > > sponsor me and sent what I considered to be a fair application > > ready > > for community feedback. > > > > Welp, we cannot really move forward with this unless your sponsors > are willing > to sign off on your application, anyways. > > > All in all I'm fairly disappointed in how rushed you are with this. > You went through 4 people, and at least one has brought up concerns, > the others likely being unaware... My apologies for the disappointment. I thought I'd give an application a shot sooner rather than later despite your refusal to sponsor me, since I thought I was generally doing good in terms of package management, after having taken your and Alexander's feedback into account, as well as doing more research on my own to produce more high- quality packages. > > > [1] https://wiki.archlinux.org/index.php/Trusted_Users > signature.asc Description: This is a digitally signed message part
Re: [aur-general] TU membership application
On 8/17/19 8:49 PM, Jean Lucas wrote: > Hi Robin, > > On Sat, 2019-08-17 at 10:13 +0200, Robin Broda via aur-general wrote: >> On 8/16/19 9:19 PM, Jean Lucas via aur-general wrote: >>> My name is Jean Lucas, and I'm sending this email to submit my >>> candidacy >>> for Trusted User member. As per the latest TU bylaws, I'm being >>> sponsored by both Alexander Rødseth and Sergej Pupykin. >> >> How many TUs did you ask for sponsorship, and how many declined? > > In totality, I asked 4 TUs - Alexander, Sergej, Alad, and you. Why did you not make this clear in your application? I'm sure you've read the wiki article on Trusted Users[1] - > *Note*: Should the TU you contact decline to sponsor your application, > you should make this fact known if you seek sponsorship from another TU. Have you at least told xyproto & sergej that you have approached alad and me, and the reason for me declining sponsorship? > after a follow-up, you declined > sponsorship for the moment. Indeed, I did however offer to review any new things. > I tried reaching out to you over IRC last Sunday, but alas, I probably > should have done so over email instead. This is the last i received from you, FWIW > 0507201 9:00:00 thank you for your feedback! all good points > That said, I think its a bit unfair to say that I went off and found > another sponsor without batting an eye - asking Alexander and Sergej > seemed appropriate as they'd both adopted one of my packages, I had > worked with you to resolve some of my issues, I've gone over all of my > packages with a fine-toothed comb many times now, and got more help as > needed. I didn't suppose that having you decline sponsorship should > deter me from eventually applying until getting your approval. I regret > that we didn't have better communication, though. I don't think that's how it's supposed to work. >> As explained by others, most of these cannot be moved. >> Have you talked to your sponsors about this? What have they said >> about this? > > I did not discuss the moving of those packages with my sponsors. I was > hoping to get the community's feedback on the ideas. > But they're the perfect people to talk to about this! >> xyproto, sergej - have you reviewed this application before? > > They did not review my application. I composed it all myself, for which > I take full responsibility. I had worked on their willingness to > sponsor me and sent what I considered to be a fair application ready > for community feedback. > Welp, we cannot really move forward with this unless your sponsors are willing to sign off on your application, anyways. All in all I'm fairly disappointed in how rushed you are with this. You went through 4 people, and at least one has brought up concerns, the others likely being unaware... [1] https://wiki.archlinux.org/index.php/Trusted_Users -- Rob (coderobe) O< ascii ribbon campaign - stop html mail - www.asciiribbon.org signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU membership application
Hi Robin, On Sat, 2019-08-17 at 10:13 +0200, Robin Broda via aur-general wrote: > On 8/16/19 9:19 PM, Jean Lucas via aur-general wrote: > > Hi all, > > > > My name is Jean Lucas, and I'm sending this email to submit my > > candidacy > > for Trusted User member. As per the latest TU bylaws, I'm being > > sponsored by both Alexander Rødseth and Sergej Pupykin. > > How many TUs did you ask for sponsorship, and how many declined? > For the record, flacks has approached me a few weeks ago and asked > for sponsorship. > I had reviewed his PKGBUILDs and suggested many fixes at the time, > and also explained that I do not think it is time yet to move forward > with a TU application. > I offered reviewing his future things, and helping with general > mentoring, > however it seems like my offer was not taken - instead you just found > someone else > to sponsor you without batting an eye... Off to a great start. In totality, I asked 4 TUs - Alexander, Sergej, Alad, and you. Alexander reached out to me about taking over my "swaybg" package, so after a few chat sessions, he agreed to sponsor me. Sergej had taken over my "coturn" package, so I reached out to him to review my profile, and he also agreed to sponsor me. I reached out to Alad sometime in between, but he never responded to my profile review request; and after chatting with you and going over the various things you wanted me to look into w.r.t. my packages, after a follow-up, you declined sponsorship for the moment. In your follow-up with me about a month and a half ago, I was happy you let me know that you'd be checking up on my packages every now and then to see whether their quality would improve without your intervention, and that if I had any questions I could ask you. I know I could've reached out to you more directly, but I did my best to get my packages up to snuff - I'd been using your PKGBUILD review service, as you know, for all my packages; over our first chats, you helped me resolve a few of my doubts and mistakes; I reviewed a lot of documentation on the wiki; I rebuilt everything making full use of clean chroots and namcap; and I got help in the IRC/Matrix channels every so often. In fact, I tried reaching out to you over IRC last Sunday, but alas, I probably should have done so over email instead. That said, I think its a bit unfair to say that I went off and found another sponsor without batting an eye - asking Alexander and Sergej seemed appropriate as they'd both adopted one of my packages, I had worked with you to resolve some of my issues, I've gone over all of my packages with a fine-toothed comb many times now, and got more help as needed. I didn't suppose that having you decline sponsorship should deter me from eventually applying until getting your approval. I regret that we didn't have better communication, though. > > > > If I were accepted to become a TU, I'd like to adopt and move the > > following packages (all having over 10 votes in the AUR) from the > > AUR > > into [community]: > > > > anydesk, downgrade, exercism, flutter, godot, itch, mattermost- > > desktop, > > nvm, reaper, spotify, teamviewer, thermald, unity-editor, and > > unityhub, > > for starters! > > As explained by others, most of these cannot be moved. > Have you talked to your sponsors about this? What have they said > about this? I did not discuss the moving of those packages with my sponsors. I was hoping to get the community's feedback on the ideas. > > > > Best regards, > > > > Jean Lucas > > > > > > [1] https://aur.archlinux.org/account/flacks > > [2] https://aur.archlinux.org/cgit/aur.git/log/?h=ghidra-git > > > > xyproto, sergej - have you reviewed this application before? > Given that there hasn't been an ACK from any of you guys after the > application was posted, i doubt it... They did not review my application. I composed it all myself, for which I take full responsibility. I had worked on their willingness to sponsor me and sent what I considered to be a fair application ready for community feedback. Best regards, Jean signature.asc Description: This is a digitally signed message part
Re: [aur-general] TU membership application
On 8/16/19 9:19 PM, Jean Lucas via aur-general wrote: > Hi all, > > My name is Jean Lucas, and I'm sending this email to submit my candidacy > for Trusted User member. As per the latest TU bylaws, I'm being > sponsored by both Alexander Rødseth and Sergej Pupykin. How many TUs did you ask for sponsorship, and how many declined? For the record, flacks has approached me a few weeks ago and asked for sponsorship. I had reviewed his PKGBUILDs and suggested many fixes at the time, and also explained that I do not think it is time yet to move forward with a TU application. I offered reviewing his future things, and helping with general mentoring, however it seems like my offer was not taken - instead you just found someone else to sponsor you without batting an eye... Off to a great start. > > If I were accepted to become a TU, I'd like to adopt and move the > following packages (all having over 10 votes in the AUR) from the AUR > into [community]: > > anydesk, downgrade, exercism, flutter, godot, itch, mattermost-desktop, > nvm, reaper, spotify, teamviewer, thermald, unity-editor, and unityhub, > for starters! As explained by others, most of these cannot be moved. Have you talked to your sponsors about this? What have they said about this? > > Best regards, > > Jean Lucas > > > [1] https://aur.archlinux.org/account/flacks > [2] https://aur.archlinux.org/cgit/aur.git/log/?h=ghidra-git > xyproto, sergej - have you reviewed this application before? Given that there hasn't been an ACK from any of you guys after the application was posted, i doubt it... -- Rob (coderobe) O< ascii ribbon campaign - stop html mail - www.asciiribbon.org signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU membership application
On Sat, 2019-08-17 at 02:00 +0200, Sven-Hendrik Haase via aur-general wrote: > On Sat, 17 Aug 2019 at 01:35, Josef Miegl wrote: > > > On August 16, 2019 10:05:54 PM GMT+02:00, "Balló György via aur- > > general" < > > aur-general@archlinux.org> wrote: > > > anydesk, reaper, spotify, teamviewer, unity-editor and unityhub > > > are > > > proprietary software with restrictive license. I don't think that > > > you > > > can legally distribute them > > > > Even if we could, is there a reason to flood arch repositories with > > these > > proprietary programs? In my opinion proprietary programs should be > > an > > exception, not the norm. > > > > Josef Miegl > > Whether they are proprietary or not has never been a large concern > for > Arch. What concerns us is whether they are useful or not and whether > they'd > actually be used by any amount of people. Arch is all about > pragmatism. > > Sometimes, binary blobs are inconvenient for us because if they break > we > can't fix them. However, that's an entirely separate can of worms > which I > don't want to open in this thread. > > Bottom line: If it's legal to package and it's useful and popular > software, > there's really no reason not to package it. This is the way I see it as well. Libre or open-source solutions can come along anytime to replace their proprietary counterparts, if someone or a group has enough will to do so; but until then, having the best tool available for the job, even if it is proprietary, seems like a decent idea to me. signature.asc Description: This is a digitally signed message part
Re: [aur-general] TU membership application
On Sat, 17 Aug 2019 at 01:35, Josef Miegl wrote: > On August 16, 2019 10:05:54 PM GMT+02:00, "Balló György via aur-general" < > aur-general@archlinux.org> wrote: > >anydesk, reaper, spotify, teamviewer, unity-editor and unityhub are > >proprietary software with restrictive license. I don't think that you > >can legally distribute them > > Even if we could, is there a reason to flood arch repositories with these > proprietary programs? In my opinion proprietary programs should be an > exception, not the norm. > Josef Miegl > Whether they are proprietary or not has never been a large concern for Arch. What concerns us is whether they are useful or not and whether they'd actually be used by any amount of people. Arch is all about pragmatism. Sometimes, binary blobs are inconvenient for us because if they break we can't fix them. However, that's an entirely separate can of worms which I don't want to open in this thread. Bottom line: If it's legal to package and it's useful and popular software, there's really no reason not to package it.
Re: [aur-general] TU membership application
On August 16, 2019 10:05:54 PM GMT+02:00, "Balló György via aur-general" wrote: >anydesk, reaper, spotify, teamviewer, unity-editor and unityhub are >proprietary software with restrictive license. I don't think that you >can legally distribute them Even if we could, is there a reason to flood arch repositories with these proprietary programs? In my opinion proprietary programs should be an exception, not the norm. Josef Miegl
Re: [aur-general] TU membership application
On Fri, 2019-08-16 at 17:47 -0400, Eli Schwartz via aur-general wrote: > On 8/16/19 3:19 PM, Jean Lucas via aur-general wrote: > > Hi all, > > > > My name is Jean Lucas, and I'm sending this email to submit my > > candidacy > > for Trusted User member. As per the latest TU bylaws, I'm being > > sponsored by both Alexander Rødseth and Sergej Pupykin. > > > > I've been an Arch Linux user since around a little before I > > registered > > my AUR account (January 2015, username "flacks" [1]), and I've > > recently > > had a few of my packages adopted into [community], namely "cage", > > "coturn", and "swaybg". > > > > I'm currently a computer science student with a particular interest > > in > > software engineering ranging from low-level (with a few > > contributions to > > projects like coreboot and postmarketOS) all the way up to web > > development (my current focus), and as such, would love to help > > maintain > > Arch's [community] repo in an official capacity to be part of the > > team > > that gives Arch users a robust, high-quality Linux software > > experience; > > as well as to help maintain, manage, and watch over the operation > > of the > > AUR and it's vast sea of software packaging recipes. > > > > If I were accepted to become a TU, I'd like to adopt and move the > > following packages (all having over 10 votes in the AUR) from the > > AUR > > into [community]: > > > > anydesk, downgrade, exercism, flutter, godot, itch, mattermost- > > desktop, > > nvm, reaper, spotify, teamviewer, thermald, unity-editor, and > > unityhub, > > for starters! > > In the case of Spotify specifically, the AUR maintainer is already a > TU, > and had you asked him before being eager to move it to community he'd > have probably told you that you're not the first or even the second > (or > third? I lose track) person to propose moving it. > I think someone may have also suggested it in a TU application > before... Understood. My apologies for not having researched this well enough beforehand. > > Either way you should definitely ask the maintainer if it is okay to > move it to community. If that maintainer is a TU, and they haven't > moved > it to community on their own, there is probably a reason. Understood. My intention was to open a dialogue with the maintainer of any owned package before taking any action. > > downgrade: > > I'm quite hesitant to have "downgrade" in the repos, it seems to be > an > immense antipattern -- not quite as bad as an AUR helper > in[community], > but nearly. Also isn't even well written as it does a ton of parsing > HTML files and pacman.conf in sed, instead of using either pacman- > conf > or an HTML parser. I really wish that people who wrote complex > integrations around pacman/makepkg would follow pacman development -- > in > fact, many of the current crop of AUR helpers do exactly that, which > is > why I would even dare use some of them. > > If we *were* going to add a program to pander to the desire to have > partially updated systems, I would prefer to create a new tool from > scratch. > > Also "downgrade" indexing archive.archlinux.org (with sed or anything > else) is problematic due to the fact that we no longer store many > versions of packages but upload them to archive.org and delete them > from > our own server (and use rewrite rules to let users download the > files, > but that doesn't help to build an HTML index). So I'm decidedly > unsure > how useful it's supposed to be even at fulfilling its desired goal. Understood. downgrade can be scratched until a better solution everyone agrees with comes along. > > > Additionally, I would express my willingness to help co-maintain > > "firejail" (already in [community]), as its a project I have a > > higher > > interest in and contribute to occasionally; as well as to help get > > "ghidra" in good enough shape to propose moving it into > > [community], > > since I've had lots of fun building it [2], its a phenomenal piece > > of > > open-source software, and it'd be nice to have it officially > > supported > > by the Arch community (it also has a nice number of votes in the > > AUR)! > > > > Thank you for your time, and thank you to all who help make Arch a > > great OS! > > > > > > Best regards, > > > > Jean Lucas > > > > > > [1] https://aur.archlinux.org/account/flacks > > [2] https://aur.archlinux.org/cgit/aur.git/log/?h=ghidra-git > > > > signature.asc Description: This is a digitally signed message part
Re: [aur-general] TU membership application
On 8/16/19 3:19 PM, Jean Lucas via aur-general wrote: > Hi all, > > My name is Jean Lucas, and I'm sending this email to submit my candidacy > for Trusted User member. As per the latest TU bylaws, I'm being > sponsored by both Alexander Rødseth and Sergej Pupykin. > > I've been an Arch Linux user since around a little before I registered > my AUR account (January 2015, username "flacks" [1]), and I've recently > had a few of my packages adopted into [community], namely "cage", > "coturn", and "swaybg". > > I'm currently a computer science student with a particular interest in > software engineering ranging from low-level (with a few contributions to > projects like coreboot and postmarketOS) all the way up to web > development (my current focus), and as such, would love to help maintain > Arch's [community] repo in an official capacity to be part of the team > that gives Arch users a robust, high-quality Linux software experience; > as well as to help maintain, manage, and watch over the operation of the > AUR and it's vast sea of software packaging recipes. > > If I were accepted to become a TU, I'd like to adopt and move the > following packages (all having over 10 votes in the AUR) from the AUR > into [community]: > > anydesk, downgrade, exercism, flutter, godot, itch, mattermost-desktop, > nvm, reaper, spotify, teamviewer, thermald, unity-editor, and unityhub, > for starters! In the case of Spotify specifically, the AUR maintainer is already a TU, and had you asked him before being eager to move it to community he'd have probably told you that you're not the first or even the second (or third? I lose track) person to propose moving it. I think someone may have also suggested it in a TU application before... Either way you should definitely ask the maintainer if it is okay to move it to community. If that maintainer is a TU, and they haven't moved it to community on their own, there is probably a reason. downgrade: I'm quite hesitant to have "downgrade" in the repos, it seems to be an immense antipattern -- not quite as bad as an AUR helper in[community], but nearly. Also isn't even well written as it does a ton of parsing HTML files and pacman.conf in sed, instead of using either pacman-conf or an HTML parser. I really wish that people who wrote complex integrations around pacman/makepkg would follow pacman development -- in fact, many of the current crop of AUR helpers do exactly that, which is why I would even dare use some of them. If we *were* going to add a program to pander to the desire to have partially updated systems, I would prefer to create a new tool from scratch. Also "downgrade" indexing archive.archlinux.org (with sed or anything else) is problematic due to the fact that we no longer store many versions of packages but upload them to archive.org and delete them from our own server (and use rewrite rules to let users download the files, but that doesn't help to build an HTML index). So I'm decidedly unsure how useful it's supposed to be even at fulfilling its desired goal. > Additionally, I would express my willingness to help co-maintain > "firejail" (already in [community]), as its a project I have a higher > interest in and contribute to occasionally; as well as to help get > "ghidra" in good enough shape to propose moving it into [community], > since I've had lots of fun building it [2], its a phenomenal piece of > open-source software, and it'd be nice to have it officially supported > by the Arch community (it also has a nice number of votes in the AUR)! > > Thank you for your time, and thank you to all who help make Arch a great OS! > > > Best regards, > > Jean Lucas > > > [1] https://aur.archlinux.org/account/flacks > [2] https://aur.archlinux.org/cgit/aur.git/log/?h=ghidra-git > -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU membership application
On Fri, 2019-08-16 at 22:40 +0200, Sven-Hendrik Haase via aur-general wrote: > On Fri, 16 Aug 2019 at 22:35, Oscar wrote: > > > I'm currently maintaining unity-editor and unityhub and I don't > > think they > > will allow redistribution of binaries. > > > > They even dropped the official Ubuntu packages in favor of their > > custom > > installers. And honestly it makes more sense to do it this way > > because the > > engine is a big self contained blob and users usually need to have > > several > > different versions installed at the same time to patch old projects > > etc. > > > > > > > > On Fri, Aug 16, 2019, 22:20 Sven-Hendrik Haase via aur-general < > > aur-general@archlinux.org> wrote: > > > > > On Fri, Aug 16, 2019, 22:06 Balló György via aur-general < > > > aur-general@archlinux.org> wrote: > > > > > > > 2019. 08. 16, péntek keltezéssel 15.19-kor Jean Lucas via aur- > > > > general > > > > ezt írta: > > > > > If I were accepted to become a TU, I'd like to adopt and move > > > > > the > > > > > following packages (all having over 10 votes in the AUR) from > > > > > the AUR > > > > > into [community]: > > > > > > > > > > anydesk, downgrade, exercism, flutter, godot, itch, > > > > > mattermost- > > > > > desktop, > > > > > nvm, reaper, spotify, teamviewer, thermald, unity-editor, and > > > > > unityhub, > > > > > for starters! > > > > > > > > anydesk, reaper, spotify, teamviewer, unity-editor and unityhub > > > > are > > > > proprietary software with restrictive license. I don't think > > > > that you > > > > can legally distribute them. > > > > > > > > -- > > > > György Balló > > > > Trusted User > > > > > > Well, you can always ask upstream. So far, we received exceptions > > > for > > > redistribution of more software than we got rejections for, I > > > think. > > > > Never hurts to ask. :) > > Asking should also be done in the case of all the packages Jean > mentioned. I would definitely be willing to very politely ask the five respective companies for redistribution permissions for Arch Linux. signature.asc Description: This is a digitally signed message part
Re: [aur-general] TU membership application
On Fri, 2019-08-16 at 22:45 +0200, Levente Polyak via aur-general wrote: > On August 16, 2019 9:19:56 PM GMT+02:00, Jean Lucas via aur-general < > aur-general@archlinux.org> wrote: > > If I were accepted to become a TU, I'd like to adopt and move the > > following packages (all having over 10 votes in the AUR) from the > > AUR > > into [community]: > > > > ... , downgrade,... > > > > It's never been official in the past as that's per > definition partial upgrade when using anything > but the version from the repo. > We do not support partial upgrades and we > should not officially provide an application > whose very purpose is to deviate from the > current repo state to any arbitrary version in the > past. Understood. Scratch downgrade. signature.asc Description: This is a digitally signed message part
Re: [aur-general] TU membership application
On August 16, 2019 9:19:56 PM GMT+02:00, Jean Lucas via aur-general wrote: > >If I were accepted to become a TU, I'd like to adopt and move the >following packages (all having over 10 votes in the AUR) from the AUR >into [community]: > >... , downgrade,... > It's never been official in the past as that's per definition partial upgrade when using anything but the version from the repo. We do not support partial upgrades and we should not officially provide an application whose very purpose is to deviate from the current repo state to any arbitrary version in the past.
Re: [aur-general] TU membership application
On Fri, 16 Aug 2019 at 22:35, Oscar wrote: > I'm currently maintaining unity-editor and unityhub and I don't think they > will allow redistribution of binaries. > > They even dropped the official Ubuntu packages in favor of their custom > installers. And honestly it makes more sense to do it this way because the > engine is a big self contained blob and users usually need to have several > different versions installed at the same time to patch old projects etc. > > > > On Fri, Aug 16, 2019, 22:20 Sven-Hendrik Haase via aur-general < > aur-general@archlinux.org> wrote: > >> On Fri, Aug 16, 2019, 22:06 Balló György via aur-general < >> aur-general@archlinux.org> wrote: >> >> > 2019. 08. 16, péntek keltezéssel 15.19-kor Jean Lucas via aur-general >> > ezt írta: >> > > If I were accepted to become a TU, I'd like to adopt and move the >> > > following packages (all having over 10 votes in the AUR) from the AUR >> > > into [community]: >> > > >> > > anydesk, downgrade, exercism, flutter, godot, itch, mattermost- >> > > desktop, >> > > nvm, reaper, spotify, teamviewer, thermald, unity-editor, and >> > > unityhub, >> > > for starters! >> > >> > anydesk, reaper, spotify, teamviewer, unity-editor and unityhub are >> > proprietary software with restrictive license. I don't think that you >> > can legally distribute them. >> > >> > -- >> > György Balló >> > Trusted User >> >> >> Well, you can always ask upstream. So far, we received exceptions for >> redistribution of more software than we got rejections for, I think. >> >> > >> > Never hurts to ask. :) Asking should also be done in the case of all the packages Jean mentioned.
Re: [aur-general] TU membership application
I'm currently maintaining unity-editor and unityhub and I don't think they will allow redistribution of binaries. They even dropped the official Ubuntu packages in favor of their custom installers. And honestly it makes more sense to do it this way because the engine is a big self contained blob and users usually need to have several different versions installed at the same time to patch old projects etc. On Fri, Aug 16, 2019, 22:20 Sven-Hendrik Haase via aur-general < aur-general@archlinux.org> wrote: > On Fri, Aug 16, 2019, 22:06 Balló György via aur-general < > aur-general@archlinux.org> wrote: > > > 2019. 08. 16, péntek keltezéssel 15.19-kor Jean Lucas via aur-general > > ezt írta: > > > If I were accepted to become a TU, I'd like to adopt and move the > > > following packages (all having over 10 votes in the AUR) from the AUR > > > into [community]: > > > > > > anydesk, downgrade, exercism, flutter, godot, itch, mattermost- > > > desktop, > > > nvm, reaper, spotify, teamviewer, thermald, unity-editor, and > > > unityhub, > > > for starters! > > > > anydesk, reaper, spotify, teamviewer, unity-editor and unityhub are > > proprietary software with restrictive license. I don't think that you > > can legally distribute them. > > > > -- > > György Balló > > Trusted User > > > Well, you can always ask upstream. So far, we received exceptions for > redistribution of more software than we got rejections for, I think. > > > >
Re: [aur-general] TU membership application
On Fri, Aug 16, 2019, 22:06 Balló György via aur-general < aur-general@archlinux.org> wrote: > 2019. 08. 16, péntek keltezéssel 15.19-kor Jean Lucas via aur-general > ezt írta: > > If I were accepted to become a TU, I'd like to adopt and move the > > following packages (all having over 10 votes in the AUR) from the AUR > > into [community]: > > > > anydesk, downgrade, exercism, flutter, godot, itch, mattermost- > > desktop, > > nvm, reaper, spotify, teamviewer, thermald, unity-editor, and > > unityhub, > > for starters! > > anydesk, reaper, spotify, teamviewer, unity-editor and unityhub are > proprietary software with restrictive license. I don't think that you > can legally distribute them. > > -- > György Balló > Trusted User Well, you can always ask upstream. So far, we received exceptions for redistribution of more software than we got rejections for, I think. >
Re: [aur-general] TU membership application
2019. 08. 16, péntek keltezéssel 15.19-kor Jean Lucas via aur-general ezt írta: > If I were accepted to become a TU, I'd like to adopt and move the > following packages (all having over 10 votes in the AUR) from the AUR > into [community]: > > anydesk, downgrade, exercism, flutter, godot, itch, mattermost- > desktop, > nvm, reaper, spotify, teamviewer, thermald, unity-editor, and > unityhub, > for starters! anydesk, reaper, spotify, teamviewer, unity-editor and unityhub are proprietary software with restrictive license. I don't think that you can legally distribute them. -- György Balló Trusted User signature.asc Description: This is a digitally signed message part
[aur-general] TU membership application
Hi all, My name is Jean Lucas, and I'm sending this email to submit my candidacy for Trusted User member. As per the latest TU bylaws, I'm being sponsored by both Alexander Rødseth and Sergej Pupykin. I've been an Arch Linux user since around a little before I registered my AUR account (January 2015, username "flacks" [1]), and I've recently had a few of my packages adopted into [community], namely "cage", "coturn", and "swaybg". I'm currently a computer science student with a particular interest in software engineering ranging from low-level (with a few contributions to projects like coreboot and postmarketOS) all the way up to web development (my current focus), and as such, would love to help maintain Arch's [community] repo in an official capacity to be part of the team that gives Arch users a robust, high-quality Linux software experience; as well as to help maintain, manage, and watch over the operation of the AUR and it's vast sea of software packaging recipes. If I were accepted to become a TU, I'd like to adopt and move the following packages (all having over 10 votes in the AUR) from the AUR into [community]: anydesk, downgrade, exercism, flutter, godot, itch, mattermost-desktop, nvm, reaper, spotify, teamviewer, thermald, unity-editor, and unityhub, for starters! Additionally, I would express my willingness to help co-maintain "firejail" (already in [community]), as its a project I have a higher interest in and contribute to occasionally; as well as to help get "ghidra" in good enough shape to propose moving it into [community], since I've had lots of fun building it [2], its a phenomenal piece of open-source software, and it'd be nice to have it officially supported by the Arch community (it also has a nice number of votes in the AUR)! Thank you for your time, and thank you to all who help make Arch a great OS! Best regards, Jean Lucas [1] https://aur.archlinux.org/account/flacks [2] https://aur.archlinux.org/cgit/aur.git/log/?h=ghidra-git
[aur-general] [tu-bylaws] [PATCH] add README describing how to update the bylaws
Signed-off-by: Eli Schwartz
---
This is not an amendment to the bylaws themselves, and as such does not
require any sort of vote. But I think this is rather useful to have, as
there is currently not a case of perfect clarity for the administrivium
involved in processing updates. As development of the bylaws happens on
this list, I'm sending it in here. Hope this change makes sense to all.
README.md | 12
1 file changed, 12 insertions(+)
create mode 100644 README.md
diff --git a/README.md b/README.md
new file mode 100644
index 000..262a22c
--- /dev/null
+++ b/README.md
@@ -0,0 +1,12 @@
+# AUR Trusted User Bylaws
+
+This document describes the bylaws which govern the Arch Linux Trusted Users.
+
+Instructions for updating:
+
+- follow the procedure outlined in the bylaws for proposing an update
+- if accepted, push to master branch of this repository and tag the commit
+ "proposal-$num" to correspond with the vote ID at
+ https://aur.archlinux.org/tu/
+- ask one of the aurweb maintainers to run `make` and deploy the resulting
+ `*.html` to `${aurweb_root}/web/html/trusted-user/`
--
2.20.1
Re: [aur-general] TU application_R: Metal A-wing (a-wing)
On 23/1/19 12:11 am, Bert Peters via aur-general wrote: Levente Polyak via aur-general schreef op 2019-01-22 16:10: On January 22, 2019 4:03:29 PM GMT+01:00, Bert Peters via aur-general wrote: Levente Polyak via aur-general schreef op 2019-01-22 13:40: On January 22, 2019 1:25:20 PM GMT+01:00, Bert Peters via aur-general wrote: David Runge schreef op 2019-01-22 12:30: On 2019-01-22 17:09:35 (+0800), Metal A-wing wrote: On Tue Jan 8 20:19:43 UTC 2019, David Runge wrote: Why is use `$(gem env gemdir)` Instead of `$(ruby -e'puts Gem.default_dir')` It's shorter and you don't have to spawn a ruby process to print something, if you can use the gem command directly. I'm not a TU so take my this with a grain of salt, but I don't think this is the best advice. It's shorter, admittedly, but `gem` spawns a ruby process just as the `ruby` version does. Using gem doesn't work however when `$GEM_HOME` is set, since then it reports the contents of that variable. Especially for AUR packages using `$(ruby -e'puts Gem.default_dir')` is more convenient since most users do not build in a clean chroot, and the wiki actually recommends settings that environment variable so quite a few will have it. Best, Bert Peters. Which seems silly and the whole section should be removed in the first place. Thats what --user-install switch should be for and that should be default via /etc/gemrc Therefor setting that is just useless fiddling with the system and your gems will be searched there as well as it's default gem path besides /usr/lib. While `gem` obeys that default, `bundle` (ruby-bundler) does not, and does not have that default, opting for a global install by default. You can override this by manually adding `--path=~/.gem` to every invocation. That's hardly an elegant solution compared to setting an environment variable. Which is why "bundle config path" exists. A sane way would be to use that to define BUNDLE_PATH in ~/.bundle/config Fair enough, I did not know about that option. In that case the wiki (and my setup) needs some updating, since it explicitly recommends using GEM_HOME for this. I'll see if I can do something about that tonight. That said, I'm not convinced there's any harm in using the longer method, since it's slightly more compatible (and technically faster! although not by enough to count it as a benefit). Looking through the community repo both are used. If the Environment variable is actually the problem, why not just unset them before proceeding? unset GEM_HOME unset BUNDLE_PATH `$(gem env gemdir)` Thanks Macca
Re: [aur-general] TU application_R: Metal A-wing (a-wing)
Levente Polyak via aur-general schreef op 2019-01-22 16:10: On January 22, 2019 4:03:29 PM GMT+01:00, Bert Peters via aur-general wrote: Levente Polyak via aur-general schreef op 2019-01-22 13:40: On January 22, 2019 1:25:20 PM GMT+01:00, Bert Peters via aur-general wrote: David Runge schreef op 2019-01-22 12:30: On 2019-01-22 17:09:35 (+0800), Metal A-wing wrote: On Tue Jan 8 20:19:43 UTC 2019, David Runge wrote: Why is use `$(gem env gemdir)` Instead of `$(ruby -e'puts Gem.default_dir')` It's shorter and you don't have to spawn a ruby process to print something, if you can use the gem command directly. I'm not a TU so take my this with a grain of salt, but I don't think this is the best advice. It's shorter, admittedly, but `gem` spawns a ruby process just as the `ruby` version does. Using gem doesn't work however when `$GEM_HOME` is set, since then it reports the contents of that variable. Especially for AUR packages using `$(ruby -e'puts Gem.default_dir')` is more convenient since most users do not build in a clean chroot, and the wiki actually recommends settings that environment variable so quite a few will have it. Best, Bert Peters. Which seems silly and the whole section should be removed in the first place. Thats what --user-install switch should be for and that should be default via /etc/gemrc Therefor setting that is just useless fiddling with the system and your gems will be searched there as well as it's default gem path besides /usr/lib. While `gem` obeys that default, `bundle` (ruby-bundler) does not, and does not have that default, opting for a global install by default. You can override this by manually adding `--path=~/.gem` to every invocation. That's hardly an elegant solution compared to setting an environment variable. Which is why "bundle config path" exists. A sane way would be to use that to define BUNDLE_PATH in ~/.bundle/config Fair enough, I did not know about that option. In that case the wiki (and my setup) needs some updating, since it explicitly recommends using GEM_HOME for this. I'll see if I can do something about that tonight. That said, I'm not convinced there's any harm in using the longer method, since it's slightly more compatible (and technically faster! although not by enough to count it as a benefit). Looking through the community repo both are used.
Re: [aur-general] TU application_R: Metal A-wing (a-wing)
On January 22, 2019 4:03:29 PM GMT+01:00, Bert Peters via aur-general wrote: >Levente Polyak via aur-general schreef op 2019-01-22 13:40: >> On January 22, 2019 1:25:20 PM GMT+01:00, Bert Peters via aur-general >> wrote: >>> David Runge schreef op 2019-01-22 12:30: On 2019-01-22 17:09:35 (+0800), Metal A-wing wrote: > On Tue Jan 8 20:19:43 UTC 2019, David Runge wrote: > Why is use > `$(gem env gemdir)` > > Instead of > > `$(ruby -e'puts Gem.default_dir')` It's shorter and you don't have to spawn a ruby process to print something, if you can use the gem command directly. >>> >>> I'm not a TU so take my this with a grain of salt, but I don't think >>> this is the best advice. >>> >>> It's shorter, admittedly, but `gem` spawns a ruby process just as >the >>> `ruby` version does. Using gem doesn't work however when `$GEM_HOME` > >>> is >>> >>> set, since then it reports the contents of that variable. >>> >>> Especially for AUR packages using `$(ruby -e'puts Gem.default_dir')` > >>> is >>> >>> more convenient since most users do not build in a clean chroot, and >>> the >>> wiki actually recommends settings that environment variable so quite >a >>> few will have it. >>> >>> Best, >>> >>> Bert Peters. >> >> Which seems silly and the whole section should be removed in the >first >> place. >> Thats what --user-install switch should be for and that should be >> default via /etc/gemrc >> Therefor setting that is just useless fiddling with the system and >> your gems will be searched there as well as it's default gem path >> besides /usr/lib. > >While `gem` obeys that default, `bundle` (ruby-bundler) does not, and >does not >have that default, opting for a global install by default. You can >override >this by manually adding `--path=~/.gem` to every invocation. That's >hardly an >elegant solution compared to setting an environment variable. Which is why "bundle config path" exists. A sane way would be to use that to define BUNDLE_PATH in ~/.bundle/config
Re: [aur-general] TU application_R: Metal A-wing (a-wing)
Levente Polyak via aur-general schreef op 2019-01-22 13:40: On January 22, 2019 1:25:20 PM GMT+01:00, Bert Peters via aur-general wrote: David Runge schreef op 2019-01-22 12:30: On 2019-01-22 17:09:35 (+0800), Metal A-wing wrote: On Tue Jan 8 20:19:43 UTC 2019, David Runge wrote: Why is use `$(gem env gemdir)` Instead of `$(ruby -e'puts Gem.default_dir')` It's shorter and you don't have to spawn a ruby process to print something, if you can use the gem command directly. I'm not a TU so take my this with a grain of salt, but I don't think this is the best advice. It's shorter, admittedly, but `gem` spawns a ruby process just as the `ruby` version does. Using gem doesn't work however when `$GEM_HOME` is set, since then it reports the contents of that variable. Especially for AUR packages using `$(ruby -e'puts Gem.default_dir')` is more convenient since most users do not build in a clean chroot, and the wiki actually recommends settings that environment variable so quite a few will have it. Best, Bert Peters. Which seems silly and the whole section should be removed in the first place. Thats what --user-install switch should be for and that should be default via /etc/gemrc Therefor setting that is just useless fiddling with the system and your gems will be searched there as well as it's default gem path besides /usr/lib. While `gem` obeys that default, `bundle` (ruby-bundler) does not, and does not have that default, opting for a global install by default. You can override this by manually adding `--path=~/.gem` to every invocation. That's hardly an elegant solution compared to setting an environment variable.
Re: [aur-general] TU application_R: Metal A-wing (a-wing)
On January 22, 2019 1:25:20 PM GMT+01:00, Bert Peters via aur-general wrote: >David Runge schreef op 2019-01-22 12:30: >> On 2019-01-22 17:09:35 (+0800), Metal A-wing wrote: >>> On Tue Jan 8 20:19:43 UTC 2019, David Runge wrote: >>> Why is use >>> `$(gem env gemdir)` >>> >>> Instead of >>> >>> `$(ruby -e'puts Gem.default_dir')` >> It's shorter and you don't have to spawn a ruby process to print >> something, if you can use the gem command directly. > >I'm not a TU so take my this with a grain of salt, but I don't think >this is the best advice. > >It's shorter, admittedly, but `gem` spawns a ruby process just as the >`ruby` version does. Using gem doesn't work however when `$GEM_HOME` is > >set, since then it reports the contents of that variable. > >Especially for AUR packages using `$(ruby -e'puts Gem.default_dir')` is > >more convenient since most users do not build in a clean chroot, and >the >wiki actually recommends settings that environment variable so quite a >few will have it. > >Best, > >Bert Peters. Which seems silly and the whole section should be removed in the first place. Thats what --user-install switch should be for and that should be default via /etc/gemrc Therefor setting that is just useless fiddling with the system and your gems will be searched there as well as it's default gem path besides /usr/lib.
Re: [aur-general] TU application_R: Metal A-wing (a-wing)
David Runge schreef op 2019-01-22 12:30: On 2019-01-22 17:09:35 (+0800), Metal A-wing wrote: On Tue Jan 8 20:19:43 UTC 2019, David Runge wrote: Why is use `$(gem env gemdir)` Instead of `$(ruby -e'puts Gem.default_dir')` It's shorter and you don't have to spawn a ruby process to print something, if you can use the gem command directly. I'm not a TU so take my this with a grain of salt, but I don't think this is the best advice. It's shorter, admittedly, but `gem` spawns a ruby process just as the `ruby` version does. Using gem doesn't work however when `$GEM_HOME` is set, since then it reports the contents of that variable. Especially for AUR packages using `$(ruby -e'puts Gem.default_dir')` is more convenient since most users do not build in a clean chroot, and the wiki actually recommends settings that environment variable so quite a few will have it. Best, Bert Peters.
Re: [aur-general] TU application_R: Metal A-wing (a-wing)
On 2019-01-22 17:09:35 (+0800), Metal A-wing wrote:
> On Tue Jan 8 20:19:43 UTC 2019, David Runge wrote:
> > * pkgname: avoid composition
> What should I do?
It's more readable and less error-prone to do `pkgname=name` instead of
`pkgname="name${something_else}"`.
> Why is use
> `$(gem env gemdir)`
>
> Instead of
>
> `$(ruby -e'puts Gem.default_dir')`
It's shorter and you don't have to spawn a ruby process to print
something, if you can use the gem command directly.
> > LICENSE.md can be installed using 'install -t'
>
> Why is use
> `install -t`
The upside is, that you can ommit the specific destination (unless you
want to rename the destination file).
e.g. `install -vDm 644 LICENSE -t
"${pkgdir}/usr/share/licenses/${pkgname}/"` creates the directory
"${pkgdir}/usr/share/licenses/${pkgname}/" for you, if it doesn't exist
and will install the source file to that directory, without you having
to specifically name the destination file.
Whereas the following requires you to specify the destination file as
well: `install -vDm 644 LICENSE
"${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
Not using the `-t` flag is only useful, if you need to rename the
destination file, e.g.:
`install -vDm 644 WEIRDNAME_FOR_A_LICENSE
"${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
In short: This is shorter and implies the creation of the destination
directory.
Closing: Please use a mail client, that doesn't break threads (i.e.
replies to the thread that was initially created, instead of creating a
new one.
Mailman is somewhat able to order these threads in the list archive, but
in mail clients this is horrible to follow up on (there are now 4
separate threads [1] [2] [3] [4]). Compare the 'In-Reply-To' header in
the messages with those of others.
Aside from that, happy packaging! :)
David
[1] https://lists.archlinux.org/pipermail/aur-general/2018-December/034744.html
[2] https://lists.archlinux.org/pipermail/aur-general/2018-December/034758.html
[3] https://lists.archlinux.org/pipermail/aur-general/2019-January/034799.html
[4] https://lists.archlinux.org/pipermail/aur-general/2019-January/034848.html
--
https://sleepmap.de
signature.asc
Description: PGP signature
[aur-general] TU application_R: Metal A-wing (a-wing)
On Tue Jan 8 20:19:43 UTC 2019, David Runge wrote: > * ruby-websockets-extensions > * pkgname: avoid composition What should I do? > * arch: single quotes missing > * url: use double quotes > * license: single quotes missing > * depends: single quotes missing > * makedepends: single quotes missing > * package(): _gemdir can be derived from $(gem env gemdir), Why is use `$(gem env gemdir)` Instead of `$(ruby -e'puts Gem.default_dir')` > LICENSE.md can be installed using 'install -t' Why is use `install -t` Instead of `install -D` ``` install --help -D create all leading components of DEST except the last, or all components of --target-directory, then copy SOURCE to DEST -t, --target-directory=DIRECTORY copy all SOURCE arguments into DIRECTORY ``` signature.asc Description: PGP signature
Re: [aur-general] TU Application_R: Metal A-wing (a-wing)
On January 19, 2019 1:42:38 AM EST, Chih-Hsuan Yen via aur-general wrote: > >On 2019/1/10 下午11:24, Jiachen YANG via aur-general wrote: >> Dear all TUs >> >> >> The disscussion period of 2 weeks is over! Let's start the voting >period~ >> >> https://aur.archlinux.org/tu/?id=116 >> >> >> -- >> >> Jiachen YANG (farseerfc) >> >> >Yes: 5 >No: 36 >Abstain: 8 >Voted: 87.50% > >Result: Rejected > >Sorry, A-wing, more TUs vote No than Yes and more than 66% of TUs >voted, so your TU application is rejected this time per TU Bylaws [1]. >You're still welcome for contributions in other aspects of Arch Linux >like improving Arch-related websites and the Ruby ecosystem. Hope to >see you again the next time! > >Regards, > >Chih-Hsuan Yen > >[1] >https://aur.archlinux.org/trusted-user/TUbylaws.html#_addition_of_a_tu The language barrier is currently too high. Looking forward to your future application, if the interest is still there. -- Best, polyzen
Re: [aur-general] TU Application_R: Metal A-wing (a-wing)
On 2019/1/10 下午11:24, Jiachen YANG via aur-general wrote: > Dear all TUs > > > The disscussion period of 2 weeks is over! Let's start the voting period~ > > https://aur.archlinux.org/tu/?id=116 > > > -- > > Jiachen YANG (farseerfc) > > Yes: 5 No: 36 Abstain: 8 Voted: 87.50% Result: Rejected Sorry, A-wing, more TUs vote No than Yes and more than 66% of TUs voted, so your TU application is rejected this time per TU Bylaws [1]. You're still welcome for contributions in other aspects of Arch Linux like improving Arch-related websites and the Ruby ecosystem. Hope to see you again the next time! Regards, Chih-Hsuan Yen [1] https://aur.archlinux.org/trusted-user/TUbylaws.html#_addition_of_a_tu signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application_R: Metal A-wing (a-wing)
Dear all TUs The disscussion period of 2 weeks is over! Let's start the voting period~ https://aur.archlinux.org/tu/?id=116 -- Jiachen YANG (farseerfc) signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application_R: Metal A-wing (a-wing)
On Thu, Dec 27, 2018 at 03:35:28PM +0800, Metal A-wing wrote: > I started using Ubuntu in high school. > And I use Debian at university. > In 2017, I started Archlinux > > I also tried other distributions. linux mint, deepin linux, gentoo, centos This seems fairly rushed. The AUR registration occured in April of 2018, and there is only a handfull of commits to actual AUR packages. Let alone there are not any popular packages what so ever here. The archlinuxcn repository is cool and all, but that doesn't help at all if the AUR contributions are lacking. Thats what the role is for after all. -- Morten Linderud PGP: 9C02FF419FECBE16 signature.asc Description: PGP signature
