[aur-general] TU Application - Chih-Hsuan Yen
Hi all, My name is Chih-Hsuan Yen. I'm also known as yan12125. I am applying to be a Trusted User with Felix Yan's sponsorship. I'm currently a PhD student in Taiwan. My Linux journey started when I met Ubuntu in 2011. Soon after that, I jumped to Arch Linux in 2012 for its simplicity. During my spare time, I'm active in open source stuffs. You may find some interesting bits on my GitHub [1] and GitLab [2] accounts. Most of my Arch contributions can be found on AUR [3]. Besides that, I'm also an Arch Linux tester and a member of Arch Linux China community, keeping some binary packages in the unofficial repo [archlinuxcn] up-to-date [4]. If I'm accepted as a TU, I'd like to improve the ecosystem for Arch users speaking Chinese. Specifically, I'll keep an eye on Chinese IME (Input Method Engine) and font packages, including but not limited to the following ones: - libchewing - the core library for a Chinese input method "Chewing" - scim-chewing - the SCIM adaptor for the chewing input method - ttf-arphic-ukai - a popular font in Taiwan - ttf-arphic-uming - another popular font in Taiwan Both libchewing and scim-chewing are in [extra] now. As they have no other reverse dependencies in [extra], I assume it's possible to move them to [community] for further maintenance. Also, as a Python developer, I'm interesting in making Python packages in Arch Linux even better. I'd like to bring the following packages to [community]: - buildbot - the main program of a continuous integration framework [5] - buildbot-worker - running commands dispatched by the master - python-buildbot-{www,console-view,grid-view,waterfall-view,wsgi-dashboards,badges} - buildbot plugins - python-buildbot-pkg - an auxiliary package for building buildbot plugins from sources. I'll create a stable version from my buildbot-pkg-git package. - python-{aws-xray-sdk,jsondiff,klein,moto,nose-random,pathlib2,pyjade,setuptools-trial,txrequests} - direct or indirect runtime/build-time/check-time dependencies for buildbot-related packages I'd like to improve dependency handling for Python packages in Namcap as well. Furthermore, I'm interested in move some other useful packages to [community]. Here are some packages coming out of my head: - pcmanx-gtk2 - A popular BBS/Telnet client in Taiwan (29 votes on AUR) - qps - the GUI process monitor recommended by LXQt (2% on pkgstats) - cmst - a Qt frontend for connman recommended by LXQt (49 votes on AUR) I'd like to stop here. Thanks for reading such a long mail. I'm passionately looking forward an oppurtunity to extend my Arch contributions to a new scope! Regards, Chih-Hsuan Yen [1] https://github.com/yan12125 [2] https://gitlab.com/yan12125 [3] https://aur.archlinux.org/packages/?O=0&SeB=M&K=yan12125&SB=p&SO=d&PP=50&do_Search=Go [4] https://github.com/archlinuxcn/repo/blob/80adbb5dbee28591f95babf4aed91b0791dc6e3a/nvchecker.ini#L2531-L2617 [5] https://buildbot.net/ signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application -- Santiago Torres-Arias
On 08/06/2018 04:20 PM, Christian Rebischke via aur-general wrote: > The results are in... > > Yes: 29 > No: 3 > Abstain: 8 > Total: 40 > Particiaption: 83.33% > > Congratulations Santiago, you've got accepted as Trusted User. Welcome > on board. Welcome to the team, sangy. :) I've upgraded your bugtracker account to give you permissions for the "Community Packages" and internal "Keyring" projects. Your AUR account has been upgraded to Trusted User status. As usual take a look at https://wiki.archlinux.org/index.php/AUR_Trusted_User_Guidelines#TODO_list_for_new_Trusted_Users and get any remaining items sorted out. -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application -- Santiago Torres-Arias
On Sun, Jul 22, 2018 at 03:35:52PM -0400, Santiago Torres-Arias wrote: > Hello everyone, > > Formalities first, Christian Rebischke (Shibumi) is sponsoring my application, > although I'd like to thank so many people for their feedback, help, guidance > and counsel in all-things-Arch*. > > My name is Santiago Torres-Arias[1], and I'm a Mexican PhD candidate > from New York University. My research focuses on securing the dev-ops > pipeline/supply chain, which includes work on package manager security, > version control system security, securing container orchestrators, > reproducible builds, so on and so forth. It is not a coincidence that > all of these relate strongly with Linux; I believe the Linux environment > pretty much shaped my professional career since I was in High School. > > I've been a GNU/Linux user for more than I can remember, although I started > using it exclusively circa 2011. I started using Debian, Mint and Ubuntu > interchangeably for a couple of years and, as time passed, I started to > develop > personal scripts and unscrew my deterministically-broken distro (I still > remember my hook to fix the fglrx install every time X was updated). This > experience threw me to the other side, and for a while I thought I could > maintain my own LFS-based distribution with scripts of this sort, which led me > to learn a lot about what *not* to do when managing packages. However, It was > when I finally decided to give Arch a serious try (around 2014) that I found > myself enamored with not only the toolchains, but the community and the > philosophy behind the distribution --- I'm now a strong supporter of the > Arch Way(tm) thanks to all the leasons learned through the winding roads > of linux-system-administration. > > Although I've always been an assiduous user of the AUR, not only using but > writing my own PKGBUILDs, It was only until recently (about 8 months now), > that > I've been working towards becoming more familiar with the package ecosystem > with the end goal of becoming a TU. I've received feedback from many members > on > the community on how to fix, extend and follow best practices on writing > PKGBUILDS which I believe has improved their quality[2]. > > Besides maintaining packages I've been contributing to other aspects of > the Arch Linux ecosystem for about three years now. I've participated in > the security team almost since its inception, by providing code to the > tracker, tracking CVE's and sending advisories. Likewise, I've been a > tester for more than a year. I've also participated (although not as > much as I've wanted) on the archlinux-reproducible efforts. Finally, > I've worked along with shibumi and Pierre in making an automated build > of an official Archlinux Docker image. Beyond Arch Linux, I'm a > committer to projects like reproducible-builds.org[3], Briar[4], > neomutt[5], and The Update Framework (TUF)[6], among others[7]. > > There are two main reasons for this application to become a TU. First, I want > to > contribute *more* to a community that has given me so much, and I'm certain > that helping packaging tools for everyone in the community repository will > only > improve the overall user experience. Second, and most importantly, I want to > expand the offer of packages in the official repositories. > > Concretely, I want to maintain the following packages: > > - Orphaned packages (I'm a regular user of these): > - giblib (currently on extra) > - python-pylint (currently on extra) > - uthash > - znc > - cvf > - netctl (?! currently on core, so I suspect I can't maintain this > one) > - python-opencl/pyopencl-headers > > - I'd love to co-maintain some packages that have a packager right now**: > - radare-cutter > - hub > - rtl-sdr > - maven > > - I intend to move the following packages from the AUR: > - reprotest > - git-latexdiff > - python-rstr > - python2-grip > - inxi > - plex-fonts > > Needless to say, I'm open to discussion on this list. I can extend it with any > suggested packages, or discard any packages that aren't deemed popular enough. > > On a less technical, serious note, I love playing guitar! I have a band > and we play progressive, shoegaze, and math-rock. I also like cycling, > and reading on pretty much anything. I'm a Rust fanboy and I'm > re-learning Verilog, as I'm hoping to play around with the RISC-V ISA > and emulate TPM's and other trusted hardware designs. > > Thanks, > -Santiago (Sangy) Torres-Arias > > [1] https://badhomb.re > [2] https://aur.archlinux.org/account/sangy > [3] https://reproducible-builds.org > [4] https://neomutt.org/feature/new-mail#7-%C2%A0credits > [5] https://briarproject.org > [6] https://theupdateframework.com > [7] https://github.com/santiagotorres > > * Thanks to eschwartz, shibumi, anthraax, jelle, rgacogne, Foxboron, pid1, > Tigrme
Re: [aur-general] TU application -- Santiago Torres-Arias
On 07/30/2018 05:34 AM, Christian Rebischke via aur-general wrote: > Hi Eli, > Ehm no? According to our bylaws: > "Following the announcement, standard voting procedure commences with a > discussion period of 5 days, a quorum of 66%, and a voting period of 7 > days."[1] > > Santiago wrote his mail on the 22th. I've send the start of the voting > period at 29th. That is even 2 days too long. Or did I miss something? Hmm, I got myself turned around I guess. -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application -- Santiago Torres-Arias
On Sun, Jul 29, 2018 at 12:05:56AM -0400, Eli Schwartz via aur-general wrote: > On 07/28/2018 11:57 PM, Christian Rebischke via aur-general wrote: > > On Sun, Jul 22, 2018 at 03:35:52PM -0400, Santiago Torres-Arias wrote: > >> Hello everyone, > >> > >> Formalities first, Christian Rebischke (Shibumi) is sponsoring my > >> application, > >> although I'd like to thank so many people for their feedback, help, > >> guidance > >> and counsel in all-things-Arch*. > >> > >> My name is Santiago Torres-Arias[1], and I'm a Mexican PhD candidate > >> from New York University. My research focuses on securing the dev-ops > >> pipeline/supply chain, which includes work on package manager security, > >> version control system security, securing container orchestrators, > >> reproducible builds, so on and so forth. It is not a coincidence that > >> all of these relate strongly with Linux; I believe the Linux environment > >> pretty much shaped my professional career since I was in High School. > >> > >> I've been a GNU/Linux user for more than I can remember, although I started > >> using it exclusively circa 2011. I started using Debian, Mint and Ubuntu > >> interchangeably for a couple of years and, as time passed, I started to > >> develop > >> personal scripts and unscrew my deterministically-broken distro (I still > >> remember my hook to fix the fglrx install every time X was updated). This > >> experience threw me to the other side, and for a while I thought I could > >> maintain my own LFS-based distribution with scripts of this sort, which > >> led me > >> to learn a lot about what *not* to do when managing packages. However, It > >> was > >> when I finally decided to give Arch a serious try (around 2014) that I > >> found > >> myself enamored with not only the toolchains, but the community and the > >> philosophy behind the distribution --- I'm now a strong supporter of the > >> Arch Way(tm) thanks to all the leasons learned through the winding roads > >> of linux-system-administration. > >> > >> Although I've always been an assiduous user of the AUR, not only using but > >> writing my own PKGBUILDs, It was only until recently (about 8 months now), > >> that > >> I've been working towards becoming more familiar with the package ecosystem > >> with the end goal of becoming a TU. I've received feedback from many > >> members on > >> the community on how to fix, extend and follow best practices on writing > >> PKGBUILDS which I believe has improved their quality[2]. > >> > >> Besides maintaining packages I've been contributing to other aspects of > >> the Arch Linux ecosystem for about three years now. I've participated in > >> the security team almost since its inception, by providing code to the > >> tracker, tracking CVE's and sending advisories. Likewise, I've been a > >> tester for more than a year. I've also participated (although not as > >> much as I've wanted) on the archlinux-reproducible efforts. Finally, > >> I've worked along with shibumi and Pierre in making an automated build > >> of an official Archlinux Docker image. Beyond Arch Linux, I'm a > >> committer to projects like reproducible-builds.org[3], Briar[4], > >> neomutt[5], and The Update Framework (TUF)[6], among others[7]. > >> > >> There are two main reasons for this application to become a TU. First, I > >> want to > >> contribute *more* to a community that has given me so much, and I'm certain > >> that helping packaging tools for everyone in the community repository will > >> only > >> improve the overall user experience. Second, and most importantly, I want > >> to > >> expand the offer of packages in the official repositories. > >> > >> Concretely, I want to maintain the following packages: > >> > >> - Orphaned packages (I'm a regular user of these): > >> - giblib (currently on extra) > >> - python-pylint (currently on extra) > >> - uthash > >> - znc > >> - cvf > >> - netctl (?! currently on core, so I suspect I can't maintain this > >> one) > >> - python-opencl/pyopencl-headers > >> > >> - I'd love to co-maintain some packages that have a packager right > >> now**: > >> - radare-cutter > >> - hub > >> - rtl-sdr > >> - maven > >> > >> - I intend to move the following packages from the AUR: > >> - reprotest > >> - git-latexdiff > >> - python-rstr > >> - python2-grip > >> - inxi > >> - plex-fonts > >> > >> Needless to say, I'm open to discussion on this list. I can extend it with > >> any > >> suggested packages, or discard any packages that aren't deemed popular > >> enough. > >> > >> On a less technical, serious note, I love playing guitar! I have a band > >> and we play progressive, shoegaze, and math-rock. I also like cycling, > >> and reading on pretty much anything. I'm a Rust fanboy and I'm > >> re-learning Verilog, as I'm hoping to play around with the RISC-V ISA > >> and
Re: [aur-general] TU application -- Santiago Torres-Arias
On 07/28/2018 11:57 PM, Christian Rebischke via aur-general wrote: > On Sun, Jul 22, 2018 at 03:35:52PM -0400, Santiago Torres-Arias wrote: >> Hello everyone, >> >> Formalities first, Christian Rebischke (Shibumi) is sponsoring my >> application, >> although I'd like to thank so many people for their feedback, help, guidance >> and counsel in all-things-Arch*. >> >> My name is Santiago Torres-Arias[1], and I'm a Mexican PhD candidate >> from New York University. My research focuses on securing the dev-ops >> pipeline/supply chain, which includes work on package manager security, >> version control system security, securing container orchestrators, >> reproducible builds, so on and so forth. It is not a coincidence that >> all of these relate strongly with Linux; I believe the Linux environment >> pretty much shaped my professional career since I was in High School. >> >> I've been a GNU/Linux user for more than I can remember, although I started >> using it exclusively circa 2011. I started using Debian, Mint and Ubuntu >> interchangeably for a couple of years and, as time passed, I started to >> develop >> personal scripts and unscrew my deterministically-broken distro (I still >> remember my hook to fix the fglrx install every time X was updated). This >> experience threw me to the other side, and for a while I thought I could >> maintain my own LFS-based distribution with scripts of this sort, which led >> me >> to learn a lot about what *not* to do when managing packages. However, It was >> when I finally decided to give Arch a serious try (around 2014) that I found >> myself enamored with not only the toolchains, but the community and the >> philosophy behind the distribution --- I'm now a strong supporter of the >> Arch Way(tm) thanks to all the leasons learned through the winding roads >> of linux-system-administration. >> >> Although I've always been an assiduous user of the AUR, not only using but >> writing my own PKGBUILDs, It was only until recently (about 8 months now), >> that >> I've been working towards becoming more familiar with the package ecosystem >> with the end goal of becoming a TU. I've received feedback from many members >> on >> the community on how to fix, extend and follow best practices on writing >> PKGBUILDS which I believe has improved their quality[2]. >> >> Besides maintaining packages I've been contributing to other aspects of >> the Arch Linux ecosystem for about three years now. I've participated in >> the security team almost since its inception, by providing code to the >> tracker, tracking CVE's and sending advisories. Likewise, I've been a >> tester for more than a year. I've also participated (although not as >> much as I've wanted) on the archlinux-reproducible efforts. Finally, >> I've worked along with shibumi and Pierre in making an automated build >> of an official Archlinux Docker image. Beyond Arch Linux, I'm a >> committer to projects like reproducible-builds.org[3], Briar[4], >> neomutt[5], and The Update Framework (TUF)[6], among others[7]. >> >> There are two main reasons for this application to become a TU. First, I >> want to >> contribute *more* to a community that has given me so much, and I'm certain >> that helping packaging tools for everyone in the community repository will >> only >> improve the overall user experience. Second, and most importantly, I want to >> expand the offer of packages in the official repositories. >> >> Concretely, I want to maintain the following packages: >> >> - Orphaned packages (I'm a regular user of these): >> - giblib (currently on extra) >> - python-pylint (currently on extra) >> - uthash >> - znc >> - cvf >> - netctl (?! currently on core, so I suspect I can't maintain this >> one) >> - python-opencl/pyopencl-headers >> >> - I'd love to co-maintain some packages that have a packager right now**: >> - radare-cutter >> - hub >> - rtl-sdr >> - maven >> >> - I intend to move the following packages from the AUR: >> - reprotest >> - git-latexdiff >> - python-rstr >> - python2-grip >> - inxi >> - plex-fonts >> >> Needless to say, I'm open to discussion on this list. I can extend it with >> any >> suggested packages, or discard any packages that aren't deemed popular >> enough. >> >> On a less technical, serious note, I love playing guitar! I have a band >> and we play progressive, shoegaze, and math-rock. I also like cycling, >> and reading on pretty much anything. I'm a Rust fanboy and I'm >> re-learning Verilog, as I'm hoping to play around with the RISC-V ISA >> and emulate TPM's and other trusted hardware designs. >> >> Thanks, >> -Santiago (Sangy) Torres-Arias >> >> [1] https://badhomb.re >> [2] https://aur.archlinux.org/account/sangy >> [3] https://reproducible-builds.org >> [4] https://neomutt.org/feature/new-mail#7-%C2%A0credits >> [5] https://briarproject.
Re: [aur-general] TU application -- Santiago Torres-Arias
On Sun, Jul 22, 2018 at 03:35:52PM -0400, Santiago Torres-Arias wrote: > Hello everyone, > > Formalities first, Christian Rebischke (Shibumi) is sponsoring my application, > although I'd like to thank so many people for their feedback, help, guidance > and counsel in all-things-Arch*. > > My name is Santiago Torres-Arias[1], and I'm a Mexican PhD candidate > from New York University. My research focuses on securing the dev-ops > pipeline/supply chain, which includes work on package manager security, > version control system security, securing container orchestrators, > reproducible builds, so on and so forth. It is not a coincidence that > all of these relate strongly with Linux; I believe the Linux environment > pretty much shaped my professional career since I was in High School. > > I've been a GNU/Linux user for more than I can remember, although I started > using it exclusively circa 2011. I started using Debian, Mint and Ubuntu > interchangeably for a couple of years and, as time passed, I started to > develop > personal scripts and unscrew my deterministically-broken distro (I still > remember my hook to fix the fglrx install every time X was updated). This > experience threw me to the other side, and for a while I thought I could > maintain my own LFS-based distribution with scripts of this sort, which led me > to learn a lot about what *not* to do when managing packages. However, It was > when I finally decided to give Arch a serious try (around 2014) that I found > myself enamored with not only the toolchains, but the community and the > philosophy behind the distribution --- I'm now a strong supporter of the > Arch Way(tm) thanks to all the leasons learned through the winding roads > of linux-system-administration. > > Although I've always been an assiduous user of the AUR, not only using but > writing my own PKGBUILDs, It was only until recently (about 8 months now), > that > I've been working towards becoming more familiar with the package ecosystem > with the end goal of becoming a TU. I've received feedback from many members > on > the community on how to fix, extend and follow best practices on writing > PKGBUILDS which I believe has improved their quality[2]. > > Besides maintaining packages I've been contributing to other aspects of > the Arch Linux ecosystem for about three years now. I've participated in > the security team almost since its inception, by providing code to the > tracker, tracking CVE's and sending advisories. Likewise, I've been a > tester for more than a year. I've also participated (although not as > much as I've wanted) on the archlinux-reproducible efforts. Finally, > I've worked along with shibumi and Pierre in making an automated build > of an official Archlinux Docker image. Beyond Arch Linux, I'm a > committer to projects like reproducible-builds.org[3], Briar[4], > neomutt[5], and The Update Framework (TUF)[6], among others[7]. > > There are two main reasons for this application to become a TU. First, I want > to > contribute *more* to a community that has given me so much, and I'm certain > that helping packaging tools for everyone in the community repository will > only > improve the overall user experience. Second, and most importantly, I want to > expand the offer of packages in the official repositories. > > Concretely, I want to maintain the following packages: > > - Orphaned packages (I'm a regular user of these): > - giblib (currently on extra) > - python-pylint (currently on extra) > - uthash > - znc > - cvf > - netctl (?! currently on core, so I suspect I can't maintain this > one) > - python-opencl/pyopencl-headers > > - I'd love to co-maintain some packages that have a packager right now**: > - radare-cutter > - hub > - rtl-sdr > - maven > > - I intend to move the following packages from the AUR: > - reprotest > - git-latexdiff > - python-rstr > - python2-grip > - inxi > - plex-fonts > > Needless to say, I'm open to discussion on this list. I can extend it with any > suggested packages, or discard any packages that aren't deemed popular enough. > > On a less technical, serious note, I love playing guitar! I have a band > and we play progressive, shoegaze, and math-rock. I also like cycling, > and reading on pretty much anything. I'm a Rust fanboy and I'm > re-learning Verilog, as I'm hoping to play around with the RISC-V ISA > and emulate TPM's and other trusted hardware designs. > > Thanks, > -Santiago (Sangy) Torres-Arias > > [1] https://badhomb.re > [2] https://aur.archlinux.org/account/sangy > [3] https://reproducible-builds.org > [4] https://neomutt.org/feature/new-mail#7-%C2%A0credits > [5] https://briarproject.org > [6] https://theupdateframework.com > [7] https://github.com/santiagotorres > > * Thanks to eschwartz, shibumi, anthraax, jelle, rgacogne, Foxboron, pid1, > Tigrme
[aur-general] TU application -- Santiago Torres-Arias
> > Hello everyone, > > > > Formalities first, Christian Rebischke (Shibumi) is sponsoring my > > application, > > although I'd like to thank so many people for their feedback, help, guidance > > and counsel in all-things-Arch*. > > Apologies for being somewhat late with the ztrawchse review. > > argon2-git: > - CC-0 is, apparently, not common enough to be in the licenses package. > As such, the license should be marked as 'custom:CC-0' and installed > to /usr/share/licenses/$pkgname/ > see how core/argon2 does this > > git-latexdiff: > - unquoted srcdir/pkgdir > - license is not, in fact, GPL > - the source file has a unique name, but then you told makepkg to rename > it to something non-unique. I.. must admit this is new to me... > > in-toto: > - sources seem to come with a testsuite, this should be run in a check() > function > > python-securesystemslib: > - the check() function does not accept depends, this is broken > - multiple depends are deleted and overridden in the package() function > - empty optdepends array can be deleted > - tox doesn't really test what needs testing, code should be tested > using the native testsuite hooked up to the packaged system > dependencies > - license is the literal file (rather than a file within the directory > of this name): /usr/share/licenses/python-securesystemslib > > reprotest: > - multiple depends are deleted and overridden in the package() function > - optdepends could use description of what additional functionality they > provide when installed > Thanks for the feedback! I'll apply this changes as soon as I get back from work :) -Santiago. signature.asc Description: PGP signature
Re: [aur-general] TU application -- Santiago Torres-Arias
On 07/22/2018 03:35 PM, Santiago Torres-Arias via aur-general wrote: > Hello everyone, > > Formalities first, Christian Rebischke (Shibumi) is sponsoring my application, > although I'd like to thank so many people for their feedback, help, guidance > and counsel in all-things-Arch*. Apologies for being somewhat late with the ztrawchse review. argon2-git: - CC-0 is, apparently, not common enough to be in the licenses package. As such, the license should be marked as 'custom:CC-0' and installed to /usr/share/licenses/$pkgname/ see how core/argon2 does this git-latexdiff: - unquoted srcdir/pkgdir - license is not, in fact, GPL - the source file has a unique name, but then you told makepkg to rename it to something non-unique. I.. must admit this is new to me... in-toto: - sources seem to come with a testsuite, this should be run in a check() function python-securesystemslib: - the check() function does not accept depends, this is broken - multiple depends are deleted and overridden in the package() function - empty optdepends array can be deleted - tox doesn't really test what needs testing, code should be tested using the native testsuite hooked up to the packaged system dependencies - license is the literal file (rather than a file within the directory of this name): /usr/share/licenses/python-securesystemslib reprotest: - multiple depends are deleted and overridden in the package() function - optdepends could use description of what additional functionality they provide when installed -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Filipe Laíns
On 07/24/2018 04:05 PM, Dan Printzell wrote: > On July 17, 2018 8:50 pm, Dan Printzell wrote: >> On July 12, 2018 7:50 pm, Dan Printzell wrote: >>> I confirm my sponsorship. >>> >>> Let the discussion period begin! :) >> >> The discussion period is now over. Let the voting period begin! >> >> TUs can cast their vote here: https://aur.archlinux.org/tu/?id=106 >> >> -- >> Dan Printzell >> > > The result are in... > Congrats FFY00, you are now a TU! > > Results: > - Yes: 27 > - No: 6 > - Abstain: 11 > - Total: 44 Congratulations, Filipe! I have elevated your bugtracker account https://bugs.archlinux.org/user/27670 in the Community Packages and internal Keyring projects to the TU and Members usergroups, respectively, so you can now do bugtracker-ish things plus view and open keyring issues. Your AUR account has been elevated to the TU account type. As usual, take a look at https://wiki.archlinux.org/index.php/AUR_Trusted_User_Guidelines#TODO_list_for_new_Trusted_Users to get any remaining preparatory items set up for you so you can get started. Welcome to the team. :) -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Filipe Laíns
On July 17, 2018 8:50 pm, Dan Printzell wrote: On July 12, 2018 7:50 pm, Dan Printzell wrote: I confirm my sponsorship. Let the discussion period begin! :) The discussion period is now over. Let the voting period begin! TUs can cast their vote here: https://aur.archlinux.org/tu/?id=106 -- Dan Printzell The result are in... Congrats FFY00, you are now a TU! Results: - Yes: 27 - No: 6 - Abstain: 11 - Total: 44 -- Dan Printzell pgpSODxh_Ysm7.pgp Description: PGP signature
Re: [aur-general] TU application -- Santiago Torres-Arias
On Sun 22.07.18 - 15:35, Santiago Torres-Arias via aur-general wrote: > - Orphaned packages (I'm a regular user of these): > - netctl (?! currently on core, so I suspect I can't maintain this > one) netctl is maintained by Jouke who maintains the netctl code. We only build and push the package, but he handles all bugs because the PKGBUILD we use is actually part of the netctl git repo, but since he isn't a a normal dev he can't adopt it on archweb so it's listed as orphan. Florian signature.asc Description: PGP signature
Re: [aur-general] TU application -- Santiago Torres-Arias
> I have adopted znc, because I didn't knew it was orphan. I have now > officially made > a calendar entry to look at orphans monthly. I'm glad to have you > co-maintaining, if > you get elected, however. I'm a hardcore user of znc as well. Ok! I'd gladly co-maintain it if I get elected :) > > Good luck, Thanks! -Santiago. signature.asc Description: PGP signature
Re: [aur-general] TU application -- Santiago Torres-Arias
Em julho 22, 2018 16:35 Santiago Torres-Arias via aur-general escreveu: - Orphaned packages (I'm a regular user of these): - giblib (currently on extra) - python-pylint (currently on extra) - uthash - znc - cvf - netctl (?! currently on core, so I suspect I can't maintain this one) - python-opencl/pyopencl-headers - I'd love to co-maintain some packages that have a packager right now**: - radare-cutter - hub - rtl-sdr - maven - I intend to move the following packages from the AUR: - reprotest - git-latexdiff - python-rstr - python2-grip - inxi - plex-fonts Needless to say, I'm open to discussion on this list. I can extend it with any suggested packages, or discard any packages that aren't deemed popular enough. On a less technical, serious note, I love playing guitar! I have a band and we play progressive, shoegaze, and math-rock. I also like cycling, and reading on pretty much anything. I'm a Rust fanboy and I'm re-learning Verilog, as I'm hoping to play around with the RISC-V ISA and emulate TPM's and other trusted hardware designs. Hi Sangy, Glad to hear you finally applied to become a TU. Creepy stuff with the confirmation from shibumi coming before your application. I have adopted znc, because I didn't knew it was orphan. I have now officially made a calendar entry to look at orphans monthly. I'm glad to have you co-maintaining, if you get elected, however. I'm a hardcore user of znc as well. Good luck, Giancarlo Razzolini pgpPy31LiOsLv.pgp Description: PGP signature
Re: [aur-general] TU application -- Santiago Torres-Arias
On 07/22/2018 03:35 PM, Christian Rebischke via aur-general wrote: > On Sun, Jul 22, 2018 at 03:35:52PM -0400, Santiago Torres-Arias wrote: sangy: dude, we know you're cool and all. No need to prove your creds by hacking shibumi so you can send his confirmation half a minute before your your application. :) -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application -- Santiago Torres-Arias
On Sun, Jul 22, 2018 at 03:35:52PM -0400, Santiago Torres-Arias wrote: > Hello everyone, > > Formalities first, Christian Rebischke (Shibumi) is sponsoring my application, > although I'd like to thank so many people for their feedback, help, guidance > and counsel in all-things-Arch*. > > My name is Santiago Torres-Arias[1], and I'm a Mexican PhD candidate > from New York University. My research focuses on securing the dev-ops > pipeline/supply chain, which includes work on package manager security, > version control system security, securing container orchestrators, > reproducible builds, so on and so forth. It is not a coincidence that > all of these relate strongly with Linux; I believe the Linux environment > pretty much shaped my professional career since I was in High School. > > I've been a GNU/Linux user for more than I can remember, although I started > using it exclusively circa 2011. I started using Debian, Mint and Ubuntu > interchangeably for a couple of years and, as time passed, I started to > develop > personal scripts and unscrew my deterministically-broken distro (I still > remember my hook to fix the fglrx install every time X was updated). This > experience threw me to the other side, and for a while I thought I could > maintain my own LFS-based distribution with scripts of this sort, which led me > to learn a lot about what *not* to do when managing packages. However, It was > when I finally decided to give Arch a serious try (around 2014) that I found > myself enamored with not only the toolchains, but the community and the > philosophy behind the distribution --- I'm now a strong supporter of the > Arch Way(tm) thanks to all the leasons learned through the winding roads > of linux-system-administration. > > Although I've always been an assiduous user of the AUR, not only using but > writing my own PKGBUILDs, It was only until recently (about 8 months now), > that > I've been working towards becoming more familiar with the package ecosystem > with the end goal of becoming a TU. I've received feedback from many members > on > the community on how to fix, extend and follow best practices on writing > PKGBUILDS which I believe has improved their quality[2]. > > Besides maintaining packages I've been contributing to other aspects of > the Arch Linux ecosystem for about three years now. I've participated in > the security team almost since its inception, by providing code to the > tracker, tracking CVE's and sending advisories. Likewise, I've been a > tester for more than a year. I've also participated (although not as > much as I've wanted) on the archlinux-reproducible efforts. Finally, > I've worked along with shibumi and Pierre in making an automated build > of an official Archlinux Docker image. Beyond Arch Linux, I'm a > committer to projects like reproducible-builds.org[3], Briar[4], > neomutt[5], and The Update Framework (TUF)[6], among others[7]. > > There are two main reasons for this application to become a TU. First, I want > to > contribute *more* to a community that has given me so much, and I'm certain > that helping packaging tools for everyone in the community repository will > only > improve the overall user experience. Second, and most importantly, I want to > expand the offer of packages in the official repositories. > > Concretely, I want to maintain the following packages: > > - Orphaned packages (I'm a regular user of these): > - giblib (currently on extra) > - python-pylint (currently on extra) > - uthash > - znc > - cvf > - netctl (?! currently on core, so I suspect I can't maintain this > one) > - python-opencl/pyopencl-headers > > - I'd love to co-maintain some packages that have a packager right now**: > - radare-cutter > - hub > - rtl-sdr > - maven > > - I intend to move the following packages from the AUR: > - reprotest > - git-latexdiff > - python-rstr > - python2-grip > - inxi > - plex-fonts > > Needless to say, I'm open to discussion on this list. I can extend it with any > suggested packages, or discard any packages that aren't deemed popular enough. > > On a less technical, serious note, I love playing guitar! I have a band > and we play progressive, shoegaze, and math-rock. I also like cycling, > and reading on pretty much anything. I'm a Rust fanboy and I'm > re-learning Verilog, as I'm hoping to play around with the RISC-V ISA > and emulate TPM's and other trusted hardware designs. > > Thanks, > -Santiago (Sangy) Torres-Arias > > [1] https://badhomb.re > [2] https://aur.archlinux.org/account/sangy > [3] https://reproducible-builds.org > [4] https://neomutt.org/feature/new-mail#7-%C2%A0credits > [5] https://briarproject.org > [6] https://theupdateframework.com > [7] https://github.com/santiagotorres > > * Thanks to eschwartz, shibumi, anthraax, jelle, rgacogne, Foxboron, pid1, > Tigrme
[aur-general] TU application -- Santiago Torres-Arias
Hello everyone, Formalities first, Christian Rebischke (Shibumi) is sponsoring my application, although I'd like to thank so many people for their feedback, help, guidance and counsel in all-things-Arch*. My name is Santiago Torres-Arias[1], and I'm a Mexican PhD candidate from New York University. My research focuses on securing the dev-ops pipeline/supply chain, which includes work on package manager security, version control system security, securing container orchestrators, reproducible builds, so on and so forth. It is not a coincidence that all of these relate strongly with Linux; I believe the Linux environment pretty much shaped my professional career since I was in High School. I've been a GNU/Linux user for more than I can remember, although I started using it exclusively circa 2011. I started using Debian, Mint and Ubuntu interchangeably for a couple of years and, as time passed, I started to develop personal scripts and unscrew my deterministically-broken distro (I still remember my hook to fix the fglrx install every time X was updated). This experience threw me to the other side, and for a while I thought I could maintain my own LFS-based distribution with scripts of this sort, which led me to learn a lot about what *not* to do when managing packages. However, It was when I finally decided to give Arch a serious try (around 2014) that I found myself enamored with not only the toolchains, but the community and the philosophy behind the distribution --- I'm now a strong supporter of the Arch Way(tm) thanks to all the leasons learned through the winding roads of linux-system-administration. Although I've always been an assiduous user of the AUR, not only using but writing my own PKGBUILDs, It was only until recently (about 8 months now), that I've been working towards becoming more familiar with the package ecosystem with the end goal of becoming a TU. I've received feedback from many members on the community on how to fix, extend and follow best practices on writing PKGBUILDS which I believe has improved their quality[2]. Besides maintaining packages I've been contributing to other aspects of the Arch Linux ecosystem for about three years now. I've participated in the security team almost since its inception, by providing code to the tracker, tracking CVE's and sending advisories. Likewise, I've been a tester for more than a year. I've also participated (although not as much as I've wanted) on the archlinux-reproducible efforts. Finally, I've worked along with shibumi and Pierre in making an automated build of an official Archlinux Docker image. Beyond Arch Linux, I'm a committer to projects like reproducible-builds.org[3], Briar[4], neomutt[5], and The Update Framework (TUF)[6], among others[7]. There are two main reasons for this application to become a TU. First, I want to contribute *more* to a community that has given me so much, and I'm certain that helping packaging tools for everyone in the community repository will only improve the overall user experience. Second, and most importantly, I want to expand the offer of packages in the official repositories. Concretely, I want to maintain the following packages: - Orphaned packages (I'm a regular user of these): - giblib (currently on extra) - python-pylint (currently on extra) - uthash - znc - cvf - netctl (?! currently on core, so I suspect I can't maintain this one) - python-opencl/pyopencl-headers - I'd love to co-maintain some packages that have a packager right now**: - radare-cutter - hub - rtl-sdr - maven - I intend to move the following packages from the AUR: - reprotest - git-latexdiff - python-rstr - python2-grip - inxi - plex-fonts Needless to say, I'm open to discussion on this list. I can extend it with any suggested packages, or discard any packages that aren't deemed popular enough. On a less technical, serious note, I love playing guitar! I have a band and we play progressive, shoegaze, and math-rock. I also like cycling, and reading on pretty much anything. I'm a Rust fanboy and I'm re-learning Verilog, as I'm hoping to play around with the RISC-V ISA and emulate TPM's and other trusted hardware designs. Thanks, -Santiago (Sangy) Torres-Arias [1] https://badhomb.re [2] https://aur.archlinux.org/account/sangy [3] https://reproducible-builds.org [4] https://neomutt.org/feature/new-mail#7-%C2%A0credits [5] https://briarproject.org [6] https://theupdateframework.com [7] https://github.com/santiagotorres * Thanks to eschwartz, shibumi, anthraax, jelle, rgacogne, Foxboron, pid1, Tigrmesh, meskarune et al.! ** This is the first time I make this public, so there's no commitment from the current packager at all signature.asc Description: PGP signature
Re: [aur-general] TU Application - Filipe Laíns
On July 12, 2018 7:50 pm, Dan Printzell wrote: I confirm my sponsorship. Let the discussion period begin! :) The discussion period is now over. Let the voting period begin! TUs can cast their vote here: https://aur.archlinux.org/tu/?id=106 -- Dan Printzell pgp1VsNDsC8Hz.pgp Description: PGP signature
Re: [aur-general] TU Application - Filipe Laíns
On 12/07/18, Eli Schwartz via aur-general wrote: > On to the ztrawhcse review! > > I gave Filipe some advice over IRC prior to his application. As a > result, many packages had their srcdir/pkgdir quoting fixed, or renamed > sources to cooperate with shared $SRCDEST, or fixed style nits with > inconsistently quoted variables > > As of the last time I checked, although some packages may be fixed > already, the following issues were discovered... > [..] Is there a way to get this analysis on a script - it's a gem! Thanks -- Leonidas Spyropoulos A: Because it messes up the order in which people normally read text. Q: Why is it such a bad thing? A: Top-posting. Q: What is the most annoying thing on usenet and in e-mail?
Re: [aur-general] TU Application - Filipe Laíns
Hey, On Fri, Jul 13, 2018 at 3:20 PM, Michael Straube via aur-general wrote: >-DCAMKE_INSTALL_LIBDIR=lib ? Thank you! I will use that. I am more of a meson guy and this kind of isn't usually a problem. Now that I see, the solution is really simple and I feel a bit silly, ahah. >All the best and good luck for you application, Thank you! Filipe Laíns :) signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Filipe Laíns
Hey, On Fri, Jul 13, 2018 at 3:45 PM, Eli Schwartz via aur-general wrote: >Very few people are "good enough" when I really get on a roll... I >generally consider it sufficient that people learn from my critiques, >fix them promptly, and incorporate that feedback into further efforts. > >The only thing that really startled me, actually, were the packages >which build ELF binaries but were marked as "any" packages. I understand. To be fair in AUR we only build the package for our architecture, so that never seemed like a red flag until you pointed it out. But now I see how important it is to have a proper arch field :) >As with the other unquoted variables issues... it may have been >committed 11 days ago but my git pull from when I started my review did >not have that yet, perhaps you never pushed it? > >I did say some of those issues were already fixed before I sent off my >email -- I did not go back to re-analyze the packages I'd already looked >at based on the fixed versions. ;) That was probably it, sorry. >Then I would guard this by > >if [[ $CARCH = x86_64 ]]; then >do_64_bit_things >else >do_32_bit_things >fi > >Don't ignore unexpected errors, if there's no lib64 folder on x86_64 >builds then something went wrong and either should be fixed, or old >workarounds should be removed -- either way using || true, means you'll >never know. I'll use Michael's approach but thanks for pointing this out, it will probably be useful in similar situations that can't be resolved in cmake. >nodejs packaging confuses me incredibly. I've only got one package which >uses nodejs, and this is what I do: >https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=rapydscript-ng-git#n38 > >I build it in build() and then I manually cp things to $pkgdir and write >my own symlink for /usr/bin scripts. It seems to work okay... I agree. That's a good approach but I think mine is a bit cleaner, ahah :) >For your three electron apps, you get to have fun, because electron is >fun! Haha, I lied, it's not fun at all. > >They're basically always bin packages because electron. Debundling is >complicatedly weird, but I've successfully done so for e.g. >community/keybase-gui. When I get around to it I need to create a new >wiki page documenting how to handle this correctly... > >I definitely understand if you've got no will to make proper non-bin >packages, that being said it would be neat if you could do so anyway >since having dozens of outdated, insecure copies of prebuilt electron >(thanks, electron devs!) is pretty dreary and also wasteful of disk >space. That is something I'll keep in mind this summer. I really dislike electron because I don't see the point of packaging a full runtime with each app (!!) so I am not really motivated to maintain non-bin electron packages. I might try to do it if I have spare time, that could turn out to be a fun puzzle. Thanks, Filipe Laíns signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Filipe Laíns
On 07/13/2018 10:11 AM, Filipe Laíns via aur-general wrote: > Hey, > > First of all I just want to say that I have 58 packages on AUR and most > of the PKGBUILDs (written by me) were written before I knew some of > this. I tried to update most of them but as it's a really monotonous > task, I missed some things. Eli, thanks for pointing them out. > Also, most of these packages were orphan and I adopted them, I did not > fix some of the mistakes right away because I didn't know these were > indeed mistakes. With the time I learned about them but I didn't fix > some of the packages because I have a lot of them. I have been fixing > them as people point it out or when the PKGBUILD needs to be manually > updated. Lately I have been making an effort to fix everything but > apparently it wasn't enough. Very few people are "good enough" when I really get on a roll... I generally consider it sufficient that people learn from my critiques, fix them promptly, and incorporate that feedback into further efforts. The only thing that really startled me, actually, were the packages which build ELF binaries but were marked as "any" packages. >> cellular-network-configs-git: >> - unquoted srcdir/pkgdirThis was fixed in commit > 4a4273f72a93824a16a2c1e86308986b26d9df54[1] > This was fixed by commit 4a4273f72a93824a16a2c1e86308986b26d9df54[1] > which is dated to 11 days ago so I don't understand. > > [1] > https://aur.archlinux.org/cgit/aur.git/commit/?h=cellular-network-configs-git&id=4a4273f72a93824a16a2c1e86308986b26d9df54 As with the other unquoted variables issues... it may have been committed 11 days ago but my git pull from when I started my review did not have that yet, perhaps you never pushed it? I did say some of those issues were already fixed before I sent off my email -- I did not go back to re-analyze the packages I'd already looked at based on the fixed versions. ;) >> cm256cc: >> - are the mv commands needed or not? >> - depends on boost but may only need that as makedepends, see if runtime >> depends could get away with only boost-libs > The package installs the 64bit libraries in 'lib64' and 32bit ones in > 'lib'. I am not comfortable enough to edit the CMakeLists file but if > anyone wants to submit a patch, I would be happy to accept it :) Then I would guard this by if [[ $CARCH = x86_64 ]]; then do_64_bit_things else do_32_bit_things fi Don't ignore unexpected errors, if there's no lib64 folder on x86_64 builds then something went wrong and either should be fixed, or old workarounds should be removed -- either way using || true, means you'll never know. >> nodejs-nan: >> - should build from source tarball instead of pulling from the server at >> buildtime >> - nodejs packages need to fix non-deterministic chmod 777 on >> directories, see >> https://wiki.archlinux.org/index.php/Node.js_package_guidelines and >> https://github.com/npm/npm/issues/9359 > Oh my god, this guiidelines are extremely wrong. Npm uses symlinks by > default. If you follow this guidelines, > "$pkgdir"/usr/lib/node_modules/module_name will be symlinked to > "$srcdir"/$pkgname-$pkgver/module_name-module_version. > > A correct approach would be: > > noextract=("$pkgname-$pkgver.tar.gz") > ... > > package() { > npm install -g --user root --prefix "$pkgdir"/usr > "$srcdir"/$pkgname-$pkgver.tar.gz > > ... > } nodejs packaging confuses me incredibly. I've only got one package which uses nodejs, and this is what I do: https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=rapydscript-ng-git#n38 I build it in build() and then I manually cp things to $pkgdir and write my own symlink for /usr/bin scripts. It seems to work okay... >> vr180-creator: >> - electron app with no links to source is marked as MIT for the electron >> component, source archive contains binary node modules so cannot >> debundle electron without source, cannot find license for app itself > Google hasn't released the source yet afaik. I will rename the package > as -bin. Fixed the license issue. > >> writefull: >> - proprietary app using electron is marked as MIT, app.asar contains >> binary robotjs and spellchecker modules which can probably be rebuilt >> against and use system electron package >> - arch-dependent binaries should be installed to /usr/lib not /usr/share > Fixed the license issue. I will rename the package as -bin as I don't > whish to rebuild the modules. For your three electron apps, you get to have fun, because electron is fun! Haha, I lied, it's not fun at all. They're basically always bin packages because electron. Debundling is complicatedly weird, but I've successfully done so for e.g. community/keybase-gui. When I get around to it I need to create a new wiki page documenting how to handle this correctly... I definitely understand if you've got no will to make proper non-bin packages, that being said it would be neat if you could do so anyway since having dozens of outdated, insecure copies of prebuilt
Re: [aur-general] TU Application - Filipe Laíns
Am 13.07.2018 um 16:11 schrieb Filipe Laíns via aur-general: cm256cc: - are the mv commands needed or not? - depends on boost but may only need that as makedepends, see if runtime depends could get away with only boost-libs The package installs the 64bit libraries in 'lib64' and 32bit ones in 'lib'. I am not comfortable enough to edit the CMakeLists file but if anyone wants to submit a patch, I would be happy to accept it :) -DCAMKE_INSTALL_LIBDIR=lib ? btw: Wasn't there a discussion to not use DCMAKE_BUILD_TYPE in cmake packages? All the best and good luck for you application, Michael
Re: [aur-general] TU Application - Filipe Laíns
Hey, First of all I just want to say that I have 58 packages on AUR and most of the PKGBUILDs (written by me) were written before I knew some of this. I tried to update most of them but as it's a really monotonous task, I missed some things. Eli, thanks for pointing them out. Also, most of these packages were orphan and I adopted them, I did not fix some of the mistakes right away because I didn't know these were indeed mistakes. With the time I learned about them but I didn't fix some of the packages because I have a lot of them. I have been fixing them as people point it out or when the PKGBUILD needs to be manually updated. Lately I have been making an effort to fix everything but apparently it wasn't enough. On Thu, Jul 12, 2018 at 11:04 PM, Eli Schwartz via aur-general wrote: > It's always nice to see people eager to contribute more, good luck! Thank you! > We'll need permission from them for binary redistribution with > all-rights-reserved software... they pretty specifically only offer > single-user personal licenses to download, install, and run one copy > from them alone. Like most proprietary EULA'ed software. Sure. > antlr3: > - you updated the source to HTTPS on my advice, but forgot the url Fixed. > babl-git: > - !libtool is not needed to build, and comes as default anyway these > days > - ./autogen.sh should be moved to prepare, and moved to autoreconf -fi > if at all possible. In this case, it's a wrapper for autoreconf > already :) Fixed. > cellular-network-configs-git: > - unquoted srcdir/pkgdirThis was fixed in commit 4a4273f72a93824a16a2c1e86308986b26d9df54[1] This was fixed by commit 4a4273f72a93824a16a2c1e86308986b26d9df54[1] which is dated to 11 days ago so I don't understand. [1] https://aur.archlinux.org/cgit/aur.git/commit/?h=cellular-network-configs-git&id=4a4273f72a93824a16a2c1e86308986b26d9df54 > cm256cc: > - are the mv commands needed or not? > - depends on boost but may only need that as makedepends, see if runtime > depends could get away with only boost-libs The package installs the 64bit libraries in 'lib64' and 32bit ones in 'lib'. I am not comfortable enough to edit the CMakeLists file but if anyone wants to submit a patch, I would be happy to accept it :) > dump1090-mutability-git: > - unquoted srcdir/pkgdir That was fixed in commit e28ca199c321913aec5295650fa34e0b3c4d81cc[2] which, again, dates to 11 days ago. > - source should clone over git+https:// for TLS certificate checking Fixed. > - install script should switch to using systemd-sysusers > - install script should not delete users on uninstall as this can be a > security risk: https://www.archlinux.org/todo/usergroup-management/ > - consider just using systemd DynamicUsers to run the service I will fix this in one of the next few days. [2] https://aur.archlinux.org/cgit/aur.git/commit/?h=dump1090-mutability-git&id=e28ca199c321913aec5295650fa34e0b3c4d81cc > evernote-sdk-python: > - patching should be done in prepare not build > - should run python setup.py build in build before running install in > package Sorry about that. Fixed. > franz: > - electron apps should use the system electron if possible > - architecture-dependent binaries should go in /usr/lib not /usr/share > - try to get desktop file into upstream project > - should not conflict the bin package -- that is the bin package's job This package is broken and needs to be fixed in the upstream repository. I haven't fixed any of this issues because that. Once we are able to properly built the project, I will fix the whole PKGBUILD. > gdc1-bin: > - sources should use HTTPS > > gdc-bin: > - unquoted srcdir/pkgdir > - sources should use HTTPS > > gdc-git: > - unquoted srcdir/pkgdir > - sources should use HTTPS > - binutils is in base-devel and should not be a makedepends Fixed. Same story, e9488cd4afbe1eb2356a2ab32d85ba5f58f41049[3] [3] https://aur.archlinux.org/cgit/aur.git/commit/?h=gdc-bin&id=e9488cd4afbe1eb2356a2ab32d85ba5f58f41049 > gegl-git: > - autogen.sh in build should be moved to autoreconf -fi in prepare Done. > gimp-git: > - url should be HTTPS > - move sed'ing of configure.ac, autogen, to prepare and use autoreconf Done. > gr-limesdr-git: > gr-limesdr: > - MIT license must be installed in package Fixed. > inspectrum: > - style: license array sticks out like a sore thumb by not being quoted > like the surrounding variables > - pkg-config is in base-devel and should not be a makedepends Fixed. > cellular-network-configs-git: > evernote-sdk-python: > gr-limesdr-git: > gr-limesdr: > limesuite: > lime-tools-git: > lms7002m-driver-git: > - style: arch array sticks out like a sore thumb by not being quoted > like the surrounding variables Already fixed that. > me-edit: > - should build from source > - don't use specific sourceforge mirror to download > - wrapper script does not need to popd right before exiting a script > - wrapper script would be better off symlinking to /usr/bin/ if possible I will fix this later. >
Re: [aur-general] TU Application - Filipe Laíns
Hey, First of all I just want to say that I have 58 packages on AUR and most of the PKGBUILDs (written by me) were written before I knew some of this. I tried to update most of them but as it's a really monotonous task, I missed some things. Eli, thanks for pointing them out. Also, most of these packages were orphan and I adopted them, I did not fix some of the mistakes right away because I didn't know these were indeed mistakes. With the time I learned about them but I didn't fix some of the packages because I have a lot of them. I have been fixing them as people point it out or when the PKGBUILD needs to be manually updated. Lately I have been making an effort to fix everything but apparently it wasn't enough. On Thu, Jul 12, 2018 at 11:04 PM, Eli Schwartz via aur-general wrote: > It's always nice to see people eager to contribute more, good luck! Thank you! > We'll need permission from them for binary redistribution with > all-rights-reserved software... they pretty specifically only offer > single-user personal licenses to download, install, and run one copy > from them alone. Like most proprietary EULA'ed software. Sure. > antlr3: > - you updated the source to HTTPS on my advice, but forgot the url Fixed. > babl-git: > - !libtool is not needed to build, and comes as default anyway these > days > - ./autogen.sh should be moved to prepare, and moved to autoreconf -fi > if at all possible. In this case, it's a wrapper for autoreconf > already :) Fixed. > cellular-network-configs-git: > - unquoted srcdir/pkgdirThis was fixed in commit 4a4273f72a93824a16a2c1e86308986b26d9df54[1] This was fixed by commit 4a4273f72a93824a16a2c1e86308986b26d9df54[1] which is dated to 11 days ago so I don't understand. [1] https://aur.archlinux.org/cgit/aur.git/commit/?h=cellular-network-configs-git&id=4a4273f72a93824a16a2c1e86308986b26d9df54 > cm256cc: > - are the mv commands needed or not? > - depends on boost but may only need that as makedepends, see if runtime > depends could get away with only boost-libs The package installs the 64bit libraries in 'lib64' and 32bit ones in 'lib'. I am not comfortable enough to edit the CMakeLists file but if anyone wants to submit a patch, I would be happy to accept it :) > dump1090-mutability-git: > - unquoted srcdir/pkgdir That was fixed in commit e28ca199c321913aec5295650fa34e0b3c4d81cc[2] which, again, dates to 11 days ago. > - source should clone over git+https:// for TLS certificate checking Fixed. > - install script should switch to using systemd-sysusers > - install script should not delete users on uninstall as this can be a > security risk: https://www.archlinux.org/todo/usergroup-management/ > - consider just using systemd DynamicUsers to run the service I will fix this in one of the next few days. [2] https://aur.archlinux.org/cgit/aur.git/commit/?h=dump1090-mutability-git&id=e28ca199c321913aec5295650fa34e0b3c4d81cc > evernote-sdk-python: > - patching should be done in prepare not build > - should run python setup.py build in build before running install in > package Sorry about that. Fixed. > franz: > - electron apps should use the system electron if possible > - architecture-dependent binaries should go in /usr/lib not /usr/share > - try to get desktop file into upstream project > - should not conflict the bin package -- that is the bin package's job This package is broken and needs to be fixed in the upstream repository. I haven't fixed any of this issues because that. Once we are able to properly built the project, I will fix the whole PKGBUILD. > gdc1-bin: > - sources should use HTTPS > > gdc-bin: > - unquoted srcdir/pkgdir > - sources should use HTTPS > > gdc-git: > - unquoted srcdir/pkgdir > - sources should use HTTPS > - binutils is in base-devel and should not be a makedepends Fixed. Same story, e9488cd4afbe1eb2356a2ab32d85ba5f58f41049[3] [3] https://aur.archlinux.org/cgit/aur.git/commit/?h=gdc-bin&id=e9488cd4afbe1eb2356a2ab32d85ba5f58f41049 > gegl-git: > - autogen.sh in build should be moved to autoreconf -fi in prepare Done. > gimp-git: > - url should be HTTPS > - move sed'ing of configure.ac, autogen, to prepare and use autoreconf Done. > gr-limesdr-git: > gr-limesdr: > - MIT license must be installed in package Fixed. > inspectrum: > - style: license array sticks out like a sore thumb by not being quoted > like the surrounding variables > - pkg-config is in base-devel and should not be a makedepends Fixed. > cellular-network-configs-git: > evernote-sdk-python: > gr-limesdr-git: > gr-limesdr: > limesuite: > lime-tools-git: > lms7002m-driver-git: > - style: arch array sticks out like a sore thumb by not being quoted > like the surrounding variables Already fixed that. > me-edit: > - should build from source > - don't use specific sourceforge mirror to download > - wrapper script does not need to popd right before exiting a script > - wrapper script would be better off symlinking to /usr/bin/ if possible I will fix this later. >
Re: [aur-general] TU Application - Filipe Laíns
On 07/12/2018 01:47 PM, Filipe Laíns via aur-general wrote: > Hello, > > My name is Filipe Laíns. > You might also know me by my alias, FFY00. > > I am applying to be a Trusted User with Dan Printzell's (Wild) sponsorship. It's always nice to see people eager to contribute more, good luck! > (synology-cloud-station-drive) > This is a drive client for Synology devices[6]. We'll need permission from them for binary redistribution with all-rights-reserved software... they pretty specifically only offer single-user personal licenses to download, install, and run one copy from them alone. Like most proprietary EULA'ed software. ... On to the ztrawhcse review! I gave Filipe some advice over IRC prior to his application. As a result, many packages had their srcdir/pkgdir quoting fixed, or renamed sources to cooperate with shared $SRCDEST, or fixed style nits with inconsistently quoted variables As of the last time I checked, although some packages may be fixed already, the following issues were discovered... antlr3: - you updated the source to HTTPS on my advice, but forgot the url babl-git: - !libtool is not needed to build, and comes as default anyway these days - ./autogen.sh should be moved to prepare, and moved to autoreconf -fi if at all possible. In this case, it's a wrapper for autoreconf already :) cellular-network-configs-git: - unquoted srcdir/pkgdir cm256cc: - are the mv commands needed or not? - depends on boost but may only need that as makedepends, see if runtime depends could get away with only boost-libs dump1090-mutability-git: - unquoted srcdir/pkgdir - source should clone over git+https:// for TLS certificate checking - install script should switch to using systemd-sysusers - install script should not delete users on uninstall as this can be a security risk: https://www.archlinux.org/todo/usergroup-management/ - consider just using systemd DynamicUsers to run the service evernote-sdk-python: - patching should be done in prepare not build - should run python setup.py build in build before running install in package franz: - electron apps should use the system electron if possible - architecture-dependent binaries should go in /usr/lib not /usr/share - try to get desktop file into upstream project - should not conflict the bin package -- that is the bin package's job gdc1-bin: - sources should use HTTPS gdc-bin: - unquoted srcdir/pkgdir - sources should use HTTPS gdc-git: - unquoted srcdir/pkgdir - sources should use HTTPS - binutils is in base-devel and should not be a makedepends gegl-git: - autogen.sh in build should be moved to autoreconf -fi in prepare gimp-git: - url should be HTTPS - move sed'ing of configure.ac, autogen, to prepare and use autoreconf gr-limesdr-git: gr-limesdr: - MIT license must be installed in package inspectrum: - style: license array sticks out like a sore thumb by not being quoted like the surrounding variables - pkg-config is in base-devel and should not be a makedepends cellular-network-configs-git: evernote-sdk-python: gr-limesdr-git: gr-limesdr: limesuite: lime-tools-git: lms7002m-driver-git: - style: arch array sticks out like a sore thumb by not being quoted like the surrounding variables me-edit: - should build from source - don't use specific sourceforge mirror to download - wrapper script does not need to popd right before exiting a script - wrapper script would be better off symlinking to /usr/bin/ if possible mitmproxy-git: - unquoted pkgdir - MIT license must be installed in package - should run testsuite like community package does - should use system certifates instead of certifi, like community package does nodejs-nan: - should build from source tarball instead of pulling from the server at buildtime - nodejs packages need to fix non-deterministic chmod 777 on directories, see https://wiki.archlinux.org/index.php/Node.js_package_guidelines and https://github.com/npm/npm/issues/9359 pantheon-mail: - stable releases do not replace bzr packages pulseaudio-equalizer-ladspa: - renamed to unique sources on my advice, but dropped the .tar.gz pylms7002m-git: - unquoted srcdir pylms8001-git: - unquoted srcdir python2-entrypoints: - instead of downloading setup.py from git master of some fork, use the PyPI releases, for which flit has generated one for you. Or use flit. python2-keyrings-alt: - wrong url python2-secretstorage: - BSD license must be installed in package qspectrumanalyzer-git: - uses setuptools entry points so setuptools is a runtime dependency qt5-quick1-git: - should use #branch=dev for source instead of checking it out later qt5-quick1: - pinned to a git tag, then immediately checks out some branch??? redmine: - source/url should use HTTPS - $_instdir can contain spaces (based on $pkgdir) and must be quoted rivalcfg: rivalcfg-git: - setup.py contains setuptools entry points so setuptools is a runtime dependency - install script should be taken care of by udev + reload hook
Re: [aur-general] TU Application - Filipe Laíns
On July 12, 2018 7:47 pm, Filipe Laíns via aur-general wrote: Hello, My name is Filipe Laíns. You might also know me by my alias, FFY00. I am applying to be a Trusted User with Dan Printzell's (Wild) sponsorship. Let's get to the part where you get to know me a bit more I am a Portuguese student and I use Linux as my main operating system since 2013. I gave Arch a try last year and I've been in love with it's ecosystem ever since. Since then, I started contributing to AUR and I've been maintaining quite a few packages. I am also fairly active in the Open Source community as you can see in my Github profile[1]. I love to help people and that is my main motivation to become a TU. If I do become a Trusted User, one thing I would like to do is to improve the usability of Arch for SDR (software defined raio) development. I think Arch is a great system for this and it's a bit of a shame that one of the most relevant packages (soapysdr) isn't in any official repo. Most of the work to improve the SDR support in Arch has been done by Kyle Keen, and I thank him for that, but I still think we could do a bit more. I don't plan to only maintain SDR related packages. I would like to maintain anything that I use, or anything that is relevant to anyone, really. If it makes someone's life easier it's a win. With that being said, here's a list of packages that I plan to move to community: - soapysdr - soapyrtlsdr - libratbag - piper - tribler - qspectrumanalyzer - pulseaudio-equalizer-ladspa - synology-cloud-station-drive Some comments on the packages, (soapysdr and soapyrtlsdr) soapysdr is a vendor neutral SDR driver[2] and soapyrtlsdr is the rtlsdr plugin for it. The non -git versions of the packages are quite recent so they don't have much votes yet. Their correspondent -git variants have enough votes. (libratbag and piper) libratbag is a DBus daemon to configure gaming mice[3] and piper is a GTK+ app to interface with it. I do not maintain this packages but I contribute to the upstream development. It would be helpful for the project if they were moved to an official repo as we are thinking about changing our CI's base distribution from Fedora to Arch. (tribler) Tribler is a popular torrent client with P2P content discovery[4]. (qspectrumanalyzer) This is a popular spectrum analyser for SDR devices[5]. It uses soapysdr as its default driver so it supports a wide range of SDR devices. (pulseaudio-equalizer-ladspa) This is a pulseaudio equalizer based on a ladspa plugin. It has a nice GTK+ based front-end to configure it. (synology-cloud-station-drive) This is a drive client for Synology devices[6]. I am also interested in adopting the following packages in community: - netcf - znc (packages bellow - probably, depending on my free time) - python2-caja - python2-cheetah - python2-exiv2 - python2-fastimport - python2-ipaddr I think that's it, thanks for bearing with me until the end. Best regards, Filipe Laíns ^.^ [1] https://github.com/FFY00 [2] https://github.com/pothosware/SoapySDR/wiki#features [3] https://github.com/libratbag/libratbag#libratbag [4] https://github.com/Tribler/tribler#tribler [5] https://github.com/xmikos/qspectrumanalyzer#qspectrumanalyzer [6] https://www.synology.com/en-global/releaseNote/CloudStationDrive I confirm my sponsorship. Let the discussion period begin! :) -- Dan Printzell pgpf1TSgmkYua.pgp Description: PGP signature
[aur-general] TU Application - Filipe Laíns
Hello, My name is Filipe Laíns. You might also know me by my alias, FFY00. I am applying to be a Trusted User with Dan Printzell's (Wild) sponsorship. Let's get to the part where you get to know me a bit more I am a Portuguese student and I use Linux as my main operating system since 2013. I gave Arch a try last year and I've been in love with it's ecosystem ever since. Since then, I started contributing to AUR and I've been maintaining quite a few packages. I am also fairly active in the Open Source community as you can see in my Github profile[1]. I love to help people and that is my main motivation to become a TU. If I do become a Trusted User, one thing I would like to do is to improve the usability of Arch for SDR (software defined raio) development. I think Arch is a great system for this and it's a bit of a shame that one of the most relevant packages (soapysdr) isn't in any official repo. Most of the work to improve the SDR support in Arch has been done by Kyle Keen, and I thank him for that, but I still think we could do a bit more. I don't plan to only maintain SDR related packages. I would like to maintain anything that I use, or anything that is relevant to anyone, really. If it makes someone's life easier it's a win. With that being said, here's a list of packages that I plan to move to community: - soapysdr - soapyrtlsdr - libratbag - piper - tribler - qspectrumanalyzer - pulseaudio-equalizer-ladspa - synology-cloud-station-drive Some comments on the packages, (soapysdr and soapyrtlsdr) soapysdr is a vendor neutral SDR driver[2] and soapyrtlsdr is the rtlsdr plugin for it. The non -git versions of the packages are quite recent so they don't have much votes yet. Their correspondent -git variants have enough votes. (libratbag and piper) libratbag is a DBus daemon to configure gaming mice[3] and piper is a GTK+ app to interface with it. I do not maintain this packages but I contribute to the upstream development. It would be helpful for the project if they were moved to an official repo as we are thinking about changing our CI's base distribution from Fedora to Arch. (tribler) Tribler is a popular torrent client with P2P content discovery[4]. (qspectrumanalyzer) This is a popular spectrum analyser for SDR devices[5]. It uses soapysdr as its default driver so it supports a wide range of SDR devices. (pulseaudio-equalizer-ladspa) This is a pulseaudio equalizer based on a ladspa plugin. It has a nice GTK+ based front-end to configure it. (synology-cloud-station-drive) This is a drive client for Synology devices[6]. I am also interested in adopting the following packages in community: - netcf - znc (packages bellow - probably, depending on my free time) - python2-caja - python2-cheetah - python2-exiv2 - python2-fastimport - python2-ipaddr I think that's it, thanks for bearing with me until the end. Best regards, Filipe Laíns ^.^ [1] https://github.com/FFY00 [2] https://github.com/pothosware/SoapySDR/wiki#features [3] https://github.com/libratbag/libratbag#libratbag [4] https://github.com/Tribler/tribler#tribler [5] https://github.com/xmikos/qspectrumanalyzer#qspectrumanalyzer [6] https://www.synology.com/en-global/releaseNote/CloudStationDrive signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU resignation
On Thu, May 31, 2018 at 09:03:02AM +0200, Pierre Neidhardt via aur-general wrote: > > I've stopped using Arch ever since I've switched to GuixSD[1] (a > functional-oriented distribution focusing on reproducible builds and > completely custimizable in Guile Scheme) and it's now quite clear that > there will be no coming back. > > My involvement in this new project and in others (Emacs, Next > Browser[2]) takes a lot more time than what I can afford into > maintaining my Arch packages. Thanks for your work through the years :) > - qutebrowser > - udiskie > - fzf > - pdfjs (optional for qutebrowser) > - python-keyutils (required by udiskie) > - python-pypeg2 (require by qutebrowser) I have adopted these packages! -- Morten Linderud PGP: 9C02FF419FECBE16 signature.asc Description: PGP signature
Re: [aur-general] TU resignation
On 05/31/18 at 09:03am, Pierre Neidhardt via aur-general wrote: > > I've stopped using Arch ever since I've switched to GuixSD[1] (a > functional-oriented distribution focusing on reproducible builds and > completely custimizable in Guile Scheme) and it's now quite clear that > there will be no coming back. > > My involvement in this new project and in others (Emacs, Next > Browser[2]) takes a lot more time than what I can afford into > maintaining my Arch packages. > > I have a bunch of out-of-date packages in [community]: > > - emms > - qutebrowser > - udiskie > - uncrustify > > Other [community] packages: > > - catdvi > - ccrypt > - dtach > - fzf > - gtypist > - mu (A user requested that we built msg2pdf as part of the package) > - pdfjs (optional for qutebrowser) > - pstotext > - python-keyutils (required by udiskie) > - python-pypeg2 (require by qutebrowser) > - tcc > - trash-cli > - xcape > - xss-lock > > And on the AUR: > > https://aur.archlinux.org/packages/?K=Ambrevar&SeB=m > > I hope the Arch community keeps up with the good work! > > Cheers! > > [1] https://www.gnu.org/software/guix/ > [2] http://next-browser.com/ Thanks for all your work! I'll handle the disabling of your Archweb/TU account -- Jelle van der Waa signature.asc Description: PGP signature
Re: [aur-general] TU resignation
Em maio 31, 2018 4:03 Pierre Neidhardt via aur-general escreveu: I've stopped using Arch ever since I've switched to GuixSD[1] (a functional-oriented distribution focusing on reproducible builds and completely custimizable in Guile Scheme) and it's now quite clear that there will be no coming back. Hi Pierre, Thanks for your work on Arch. And good luck with this new project. - xss-lock I would adopt this, since I use it. Regards, Giancarlo Razzolini pgpvxxEmtG01Z.pgp Description: PGP signature
Re: [aur-general] TU resignation
Hi, On Thu, May 31, 2018 at 09:03:02AM +0200, Pierre Neidhardt via aur-general wrote: > - qutebrowser > - pdfjs (optional for qutebrowser) > - python-pypeg2 (require by qutebrowser) As qutebrowser's upstream, I'd be happy to maintain those in the AUR if no TU steps up to continue maintaining them in [community]. Best wishes, Pierre! Florian -- https://www.qutebrowser.org | m...@the-compiler.org (Mail/XMPP) GPG: 916E B0C8 FD55 A072 | https://the-compiler.org/pubkey.asc I love long mails! | https://email.is-not-s.ms/ signature.asc Description: PGP signature
[aur-general] TU resignation
I've stopped using Arch ever since I've switched to GuixSD[1] (a functional-oriented distribution focusing on reproducible builds and completely custimizable in Guile Scheme) and it's now quite clear that there will be no coming back. My involvement in this new project and in others (Emacs, Next Browser[2]) takes a lot more time than what I can afford into maintaining my Arch packages. I have a bunch of out-of-date packages in [community]: - emms - qutebrowser - udiskie - uncrustify Other [community] packages: - catdvi - ccrypt - dtach - fzf - gtypist - mu (A user requested that we built msg2pdf as part of the package) - pdfjs (optional for qutebrowser) - pstotext - python-keyutils (required by udiskie) - python-pypeg2 (require by qutebrowser) - tcc - trash-cli - xcape - xss-lock And on the AUR: https://aur.archlinux.org/packages/?K=Ambrevar&SeB=m I hope the Arch community keeps up with the good work! Cheers! [1] https://www.gnu.org/software/guix/ [2] http://next-browser.com/ -- Pierre Neidhardt signature.asc Description: PGP signature
Re: [aur-general] TU Application - Robin Broda
On 03/07/2018 04:16 PM, Eli Schwartz wrote: > Discussion period is over, time to cast your votes, everyone! > > https://aur.archlinux.org/tu/?id=105 The voting period is over and the results are in! Yes No Abstain Total Voted Participation 23 8 14 45Yes 95.74% Congratulations, Robin, and welcome to the team! I've upgraded your AUR account, and added you to the Community Packages and internal Keyring projects on the bugtracker. Take a look through the TODO list here, and make sure to take care of any outstanding items: https://wiki.archlinux.org/index.php/AUR_Trusted_User_Guidelines#TODO_list_for_new_Trusted_Users -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Robin Broda
On 07.03.2018 23:29, Morten Linderud via aur-general wrote: >> Please tell them to email complai...@archlinux.org > > You are mistaken. The mail has been deprecated in favor of > /dev/n...@archlinux.org That has been moved to devn...@archlinux.org because that's easier to write on a phone. Florian PS: That address really exists. Not sure what you'd use it for, but it just dumps mails to /dev/null. signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Robin Broda
On 03/07/2018 05:29 PM, Morten Linderud via aur-general wrote: > On Wed, Mar 07, 2018 at 05:21:39PM -0500, Eli Schwartz via aur-general wrote: >> On 03/07/2018 05:15 PM, Alad Wenter via aur-general wrote: Eli Schwartz via aur-general hat am 7. März 2018 um 22:16 geschrieben: Discussion period is over, time to cast your votes, everyone! https://aur.archlinux.org/tu/?id=105 >>> I've cast my vote the moment I saw this email. Last time I didn't, I got an >>> angry phone call from my email provider because his server crashed from the >>> sheer amount of reminder mails. :P >>> >>> Alad >> >> Please tell them to email complai...@archlinux.org >> > > You are mistaken. The mail has been deprecated in favor of > /dev/n...@archlinux.org That's like saying systemd-sysvcompat is deprecated because we no longer use SysVinit. -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Robin Broda
On Wed, Mar 07, 2018 at 05:21:39PM -0500, Eli Schwartz via aur-general wrote: > On 03/07/2018 05:15 PM, Alad Wenter via aur-general wrote: > >> Eli Schwartz via aur-general hat am 7. März > >> 2018 um 22:16 geschrieben: > >> > >> Discussion period is over, time to cast your votes, everyone! > >> > >> https://aur.archlinux.org/tu/?id=105 > >> > > I've cast my vote the moment I saw this email. Last time I didn't, I got an > > angry phone call from my email provider because his server crashed from the > > sheer amount of reminder mails. :P > > > > Alad > > Please tell them to email complai...@archlinux.org > You are mistaken. The mail has been deprecated in favor of /dev/n...@archlinux.org -- Morten Linderud PGP: 9C02FF419FECBE16 signature.asc Description: PGP signature
Re: [aur-general] TU Application - Robin Broda
On 03/07/2018 05:15 PM, Alad Wenter via aur-general wrote: >> Eli Schwartz via aur-general hat am 7. März 2018 >> um 22:16 geschrieben: >> >> Discussion period is over, time to cast your votes, everyone! >> >> https://aur.archlinux.org/tu/?id=105 >> > I've cast my vote the moment I saw this email. Last time I didn't, I got an > angry phone call from my email provider because his server crashed from the > sheer amount of reminder mails. :P > > Alad Please tell them to email complai...@archlinux.org -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Robin Broda
> Eli Schwartz via aur-general hat am 7. März 2018 > um 22:16 geschrieben: > > Discussion period is over, time to cast your votes, everyone! > > https://aur.archlinux.org/tu/?id=105 > I've cast my vote the moment I saw this email. Last time I didn't, I got an angry phone call from my email provider because his server crashed from the sheer amount of reminder mails. :P Alad
Re: [aur-general] TU Application - Robin Broda
On 03/02/2018 11:50 AM, Eli Schwartz wrote: > On 03/02/2018 11:34 AM, Robin Broda via aur-general wrote: >> Interestingly enough, the signature went bad after transit. >> This message should verify fine. >> >> Regards, >> Rob >> >> On 03/02/2018 05:16 PM, Robin Broda via aur-general wrote: >>> Hello, >>> >>> I'm Robin 'coderobe' Broda, born in '99, and I'm writing to become a >>> Trusted User. >>> I've been an Arch user since ~2014, using it on several devices >>> including most of my servers. I'm more or less active on IRC, very >>> interested in open-source development[0], federated networks, & >>> reproducible builds - and would like to increase the amount of >>> reproducible packages in Arch. >>> I maintain a couple of PKGBUILDs in the AUR and I'm looking to adopt >>> more[2]. >>> >>> Eli Schwartz has agreed to sponsor my application. >>> >>> After becoming a TU, I'd like to look into promoting a couple of >>> packages from the AUR over time, including but not limited to >>> `rutorrent`, `psensor`, `glava` (currently `glava-git`, waiting for >>> tagged releases), `gtkhash`, `streem`, & `polybar` - assuming that no >>> issues preventing the packaging (& inclusion in the repos) turn up and >>> the popularity/votes are high enough to warrant inclusion. >>> I would also like to potentially tackle some of the TODOs[1]. >>> As mentioned earlier, I also plan to look into reproducibility issues >>> and improving the infrastructure around reproducible builds (and the >>> verification thereof). >>> >>> I'm available on IRC with the username 'coderobe' (Freenode), on >>> Matrix[3] (@coderobe:cdr.li), and via e-mail - should you have questions >>> about anything. My timezone is UTC+1. >>> >>> Thank you for considering. >>> >>> Regards, >>> Rob >>> >>> [0] https://github.com/coderobe >>> [1] https://www.archlinux.org/todo/ >>> [2] >>> https://aur.archlinux.org/packages/?O=0&SeB=M&K=coderobe&outdated=&SB=n&SO=a&PP=50&do_Search=Go >>> [3] https://matrix.org/ > > I confirm my sponsorship, let the discussion period begin! :) Discussion period is over, time to cast your votes, everyone! https://aur.archlinux.org/tu/?id=105 -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Robin Broda
On 03/05/2018 05:27 PM, Levente Polyak via aur-general wrote: > On 03/05/2018 05:20 PM, Robin Broda via aur-general wrote: >> On 03/05/2018 05:11 PM, Levente Polyak via aur-general wrote: >> >>> On 03/02/2018 08:09 PM, Robin Broda via aur-general wrote: [...] >>> You're welcome. >>> >>> >>> BTW: How are you tracking upstream updated so you can bump your packages >>> before someone flags them? >>> >>> cheers, >>> Levente >>> >> The ones i've submitted the patches to notified me via email on >> merge/activity (GitHub default), >> and my current non-vcs packages don't update very frequently - so beyond >> occasionally checking >> upstream, i'm not doing anything special yet. >> >> Regards, >> Rob >> > > Hey Rob, > > ah I see... thanks for the fast handling of my feedback :P > > I would recommend taking a look at a way to track upstreams for release > tarballs/tags beyond that... I've already looked into doing that in the future when maintaining active non-vcs packages. > there is a big amount of tools to achieve this (trying not to turn this > thread into an advertisement-repy-war so not mentioning any). For most software, curl & git will probably suffice i think. > For projects hosted on git i find it handy to have some of them > observing 'git ls-remote --tags https://someurl.foo/project.git'. > > > I recommand having something in place to track maintained packages. > > cheers, > Levente Oh yeah definitely. Regards, Rob signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Robin Broda
On 03/05/2018 05:20 PM, Robin Broda via aur-general wrote: > On 03/05/2018 05:11 PM, Levente Polyak via aur-general wrote: > >> On 03/02/2018 08:09 PM, Robin Broda via aur-general wrote: >>> On 03/02/2018 06:17 PM, Levente Polyak via aur-general wrote: find some notes related to your packages: [...] >>> Thanks for the feedback! >>> >>> Regards, >>> Rob >>> >> You're welcome. >> >> >> BTW: How are you tracking upstream updated so you can bump your packages >> before someone flags them? >> >> cheers, >> Levente >> > The ones i've submitted the patches to notified me via email on > merge/activity (GitHub default), > and my current non-vcs packages don't update very frequently - so beyond > occasionally checking > upstream, i'm not doing anything special yet. > > Regards, > Rob > Hey Rob, ah I see... thanks for the fast handling of my feedback :P I would recommend taking a look at a way to track upstreams for release tarballs/tags beyond that... there is a big amount of tools to achieve this (trying not to turn this thread into an advertisement-repy-war so not mentioning any). For projects hosted on git i find it handy to have some of them observing 'git ls-remote --tags https://someurl.foo/project.git'. I recommand having something in place to track maintained packages. cheers, Levente signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Robin Broda
On 03/05/2018 05:11 PM, Levente Polyak via aur-general wrote: > On 03/02/2018 08:09 PM, Robin Broda via aur-general wrote: >> On 03/02/2018 06:17 PM, Levente Polyak via aur-general wrote: >>> find some notes related to your packages: >>> >>> [...] >>> >> Thanks for the feedback! >> >> Regards, >> Rob >> > You're welcome. > > > BTW: How are you tracking upstream updated so you can bump your packages > before someone flags them? > > cheers, > Levente > The ones i've submitted the patches to notified me via email on merge/activity (GitHub default), and my current non-vcs packages don't update very frequently - so beyond occasionally checking upstream, i'm not doing anything special yet. Regards, Rob signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Robin Broda
On 03/02/2018 08:09 PM, Robin Broda via aur-general wrote: > On 03/02/2018 06:17 PM, Levente Polyak via aur-general wrote: >> find some notes related to your packages: >> >> [...] >> > Thanks for the feedback! > > Regards, > Rob > You're welcome. BTW: How are you tracking upstream updated so you can bump your packages before someone flags them? cheers, Levente signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Robin Broda
On 03/04/2018 03:02 PM, Eli Schwartz via aur-general wrote: > On 03/03/2018 05:50 PM, Nico via aur-general wrote: >>> After becoming a TU, I'd like to look into promoting a couple of >>> packages from the AUR over time, including but not limited to >>> `rutorrent`, `psensor`, `glava` (currently `glava-git`, waiting for >>> tagged releases), `gtkhash`, `streem`, & `polybar` - assuming that no >>> issues preventing the packaging (& inclusion in the repos) turn up and >>> the popularity/votes are high enough to warrant inclusion. >> I might be wrong, but dont we require to have at least 10 votes on AUR >> to move a package to [community]? In this case none of your packges has >> more than 6 votes at the time of writing this. There is also a rule >> about >=1% popularity on pkgstats, but it seems every package has at >> least 1%? Or does this TU application count as a proposol on which 3 TUs >> must aggree? > Okay? > > rutorrent -- 126 votes > psensor -- 89 votes > gtkhash -- 49 votes > polybar -- 87 votes > > Yes, streem has only 1 vote, while glava-git has only 6 + no actual > stable releases... but it was also only recently uploaded and that might > easily change, besides which coderobe did say "and the popularity/votes > are high enough to warrant inclusion." I am assuming the popularity of these packages is going to rise. The newcomer glava-git alone got most of its popularity last week iirc, and i'm expecting more over the next couple as development continues & awareness increases. I definitely don't plan to publish unused/unpopular packages to [community]. > > We will most likely not be blitzed by a series of unpopular fringe-use > packages. :p > >> In this case none of your packges has more than 6 votes at the time of >> writing this. > It sort of feels like you are incredibly focused on the packages that he > has stated a desire to see in [community], which intersect with the > packages which he personally maintains, to the exclusion of the rest... Right. I don't plan to promote any of my AUR packages without reason. Regards, Rob signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Robin Broda
On 03/03/2018 05:50 PM, Nico via aur-general wrote: >> After becoming a TU, I'd like to look into promoting a couple of >> packages from the AUR over time, including but not limited to >> `rutorrent`, `psensor`, `glava` (currently `glava-git`, waiting for >> tagged releases), `gtkhash`, `streem`, & `polybar` - assuming that no >> issues preventing the packaging (& inclusion in the repos) turn up and >> the popularity/votes are high enough to warrant inclusion. > I might be wrong, but dont we require to have at least 10 votes on AUR > to move a package to [community]? In this case none of your packges has > more than 6 votes at the time of writing this. There is also a rule > about >=1% popularity on pkgstats, but it seems every package has at > least 1%? Or does this TU application count as a proposol on which 3 TUs > must aggree? Okay? rutorrent -- 126 votes psensor -- 89 votes gtkhash -- 49 votes polybar -- 87 votes Yes, streem has only 1 vote, while glava-git has only 6 + no actual stable releases... but it was also only recently uploaded and that might easily change, besides which coderobe did say "and the popularity/votes are high enough to warrant inclusion." We will most likely not be blitzed by a series of unpopular fringe-use packages. :p > In this case none of your packges has more than 6 votes at the time of > writing this. It sort of feels like you are incredibly focused on the packages that he has stated a desire to see in [community], which intersect with the packages which he personally maintains, to the exclusion of the rest... > Are those rules even up to date? This is somehow offtopic, the TU > application just made me wonder about it. To me it looks like those > rules are outdated and in the end everyone can move whatever they want > to [community]. > > https://wiki.archlinux.org/index.php/AUR_Trusted_User_Guidelines > > ~Nico But yeah, those rules are guidelines. They're not generally policed, for one, and probably no one can tell afterwards anyway because once the package is cleaned up from the AUR we can't really see how many votes it had. But really, the idea is to generally avoid filling the repos with packages no one other than the TU who uploaded it is actually interested in... and votes are a rough guide as to whether that is likely. -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Robin Broda
On 2018-03-03 23:50, Nico via aur-general wrote: > I might be wrong, but dont we require to have at least 10 votes on AUR > to move a package to [community]? In this case none of your packges has > more than 6 votes at the time of writing this. There is also a rule > about >=1% popularity on pkgstats, but it seems every package has at > least 1%? Or does this TU application count as a proposol on which 3 TUs > must aggree? None of this was ever a rule. Think of it as indicator whether new package would actually have some users besides the maintainer. B
Re: [aur-general] TU Application - Robin Broda
On Fri, Mar 02, 2018 at 05:16:52PM +0100, Robin Broda via aur-general wrote: > Hello, > > I'm Robin 'coderobe' Broda, born in '99, and I'm writing to become a > Trusted User. > > [SNIP] Yo Robin! Super happy to see you applying for TU, and I appreciate the support you have been doing on IRC. However! I think it's too early. Most of the packages mentioned doesn't have many updoots and they have frankly been added barely a month ago to the AUR. I'd love to see more AUR packages from you, and maybe that you adopt some orphan packages from community. -- Morten Linderud PGP: 9C02FF419FECBE16 signature.asc Description: PGP signature
Re: [aur-general] TU Application - Robin Broda
On 03/02/2018 05:16 PM, Robin Broda via aur-general wrote: > Hello, > > I'm Robin 'coderobe' Broda, born in '99, and I'm writing to become a > Trusted User. > I've been an Arch user since ~2014, using it on several devices > including most of my servers. I'm more or less active on IRC, very > interested in open-source development[0], federated networks, & > reproducible builds - and would like to increase the amount of > reproducible packages in Arch. > I maintain a couple of PKGBUILDs in the AUR and I'm looking to adopt > more[2]. > > Eli Schwartz has agreed to sponsor my application. > > After becoming a TU, I'd like to look into promoting a couple of > packages from the AUR over time, including but not limited to > `rutorrent`, `psensor`, `glava` (currently `glava-git`, waiting for > tagged releases), `gtkhash`, `streem`, & `polybar` - assuming that no > issues preventing the packaging (& inclusion in the repos) turn up and > the popularity/votes are high enough to warrant inclusion. > I would also like to potentially tackle some of the TODOs[1]. > As mentioned earlier, I also plan to look into reproducibility issues > and improving the infrastructure around reproducible builds (and the > verification thereof). > > I'm available on IRC with the username 'coderobe' (Freenode), on > Matrix[3] (@coderobe:cdr.li), and via e-mail - should you have questions > about anything. My timezone is UTC+1. > > Thank you for considering. > > Regards, > Rob > > [0] https://github.com/coderobe > [1] https://www.archlinux.org/todo/ > [2] > https://aur.archlinux.org/packages/?O=0&SeB=M&K=coderobe&outdated=&SB=n&SO=a&PP=50&do_Search=Go > [3] https://matrix.org/ > > Hi Robin, I might be wrong, but dont we require to have at least 10 votes on AUR to move a package to [community]? In this case none of your packges has more than 6 votes at the time of writing this. There is also a rule about >=1% popularity on pkgstats, but it seems every package has at least 1%? Or does this TU application count as a proposol on which 3 TUs must aggree? Are those rules even up to date? This is somehow offtopic, the TU application just made me wonder about it. To me it looks like those rules are outdated and in the end everyone can move whatever they want to [community]. https://wiki.archlinux.org/index.php/AUR_Trusted_User_Guidelines ~Nico signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Robin Broda
On 03/02/2018 02:09 PM, Robin Broda via aur-general wrote: >> - /usr/bin/indicator-sysmonitor invokes stuff and imports py files >> provided in usr/lib. This can result in untracked file creations >> if the application is run as root. cache files should be created >> before packaging, but this should also be possible solved upstream >> for the make install call > I'm not really sure how to fix that, i'm not that familiar with python > and its cache generation. You can just run: python -m compileall -d '/' "${pkgdir}/" python -O -m compileall -d '/' "${pkgdir}/" A setuptools-based build would generate .pyc and .pyo files automatically. -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Robin Broda
On 03/02/2018 06:17 PM, Levente Polyak via aur-general wrote: > On 03/02/2018 05:16 PM, Robin Broda via aur-general wrote: >> Hello, >> >> I'm Robin 'coderobe' Broda, born in '99, and I'm writing to become a >> Trusted User. > Hi Robin, > > good luck. Thanks! > You can already start helping with reproducible build stuff, > feel free to ask for advice in #archlinux-reproducible we have toolchain > to be extended and bugs filed against upstream. > > find some notes related to your packages: > > streem + streem-git > - They don't honor existing CFLAGS and LDFLAGS (later at all). > For now, you can fix both with a small sed command but i recommend > bringing this issue upstream as a easy PR. > Always checking for respect of those flags is important. Fixed & patch submitted upstream. > - If you touch the Makefile anyway maybe a install target with > respecting PREFIX and DESTDIR would make sense. I'm considering it. Right now there's no install target at all, and i don't think the maintainer has an idea about which files to install and where even. I'll keep an eye on further development either way and i'll submit a patch should a future install target not respect PREFIX and/or DESTDIR. > indicator-sysmonitor > - 80.patch is not a unique file name per se, this is important for > shared srcdir setups. a prefix using the $pkgname should be better. Good point. Done. > - /usr/bin/indicator-sysmonitor invokes stuff and imports py files > provided in usr/lib. This can result in untracked file creations > if the application is run as root. cache files should be created > before packaging, but this should also be possible solved upstream > for the make install call I'm not really sure how to fix that, i'm not that familiar with python and its cache generation. > - sysmonitor-budgie-git and sysmonitor-appindicator-git should > also provide their own non-git variants to possibly satisfy > sysmonitor-budgie or sysmonitor-appindicator instead of the > general shared indicator-sysmonitor provides. > - just style, but in package() instead of pkgdesc="${pkgdesc} > you can also simply use pkgdesc+=" Fixed! > glava > - seems to work/build just fine with non-git glfw-x11, is the -git > required? You're right. I was under the impression glava used a couple of features that weren't yet included in the release build. Fixed. > - LDFLAGS is not properly handled in Makefile leading to non -znow > (and other flags) linking. should be temporarily fixed in PKGBUILD > and possibly a patch submited upstream. Fixed & submitted a patch. > daemontools-encore > - quite weird Makefile with their conf-cc and print-cc.sh calls, > anyway does not respect CFLAGS and LDFLAGS at all. should be fixed. After figuring out the flow i've added two patches to the package that address this. > This Makefile made me giggle :D Yeah their "build system" certainly is uh, special - to say the least. > cheers, > Levente Thanks for the feedback! Regards, Rob signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Robin Broda
On 03/02/2018 05:16 PM, Robin Broda via aur-general wrote: > Hello, > > I'm Robin 'coderobe' Broda, born in '99, and I'm writing to become a > Trusted User. Hi Robin, good luck. You can already start helping with reproducible build stuff, feel free to ask for advice in #archlinux-reproducible we have toolchain to be extended and bugs filed against upstream. find some notes related to your packages: streem + streem-git - They don't honor existing CFLAGS and LDFLAGS (later at all). For now, you can fix both with a small sed command but i recommend bringing this issue upstream as a easy PR. Always checking for respect of those flags is important. - If you touch the Makefile anyway maybe a install target with respecting PREFIX and DESTDIR would make sense. indicator-sysmonitor - 80.patch is not a unique file name per se, this is important for shared srcdir setups. a prefix using the $pkgname should be better. - /usr/bin/indicator-sysmonitor invokes stuff and imports py files provided in usr/lib. This can result in untracked file creations if the application is run as root. cache files should be created before packaging, but this should also be possible solved upstream for the make install call - sysmonitor-budgie-git and sysmonitor-appindicator-git should also provide their own non-git variants to possibly satisfy sysmonitor-budgie or sysmonitor-appindicator instead of the general shared indicator-sysmonitor provides. - just style, but in package() instead of pkgdesc="${pkgdesc} you can also simply use pkgdesc+=" glava - seems to work/build just fine with non-git glfw-x11, is the -git required? - LDFLAGS is not properly handled in Makefile leading to non -znow (and other flags) linking. should be temporarily fixed in PKGBUILD and possibly a patch submited upstream. daemontools-encore - quite weird Makefile with their conf-cc and print-cc.sh calls, anyway does not respect CFLAGS and LDFLAGS at all. should be fixed. This Makefile made me giggle :D cheers, Levente signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Robin Broda
On 03/02/2018 11:34 AM, Robin Broda via aur-general wrote: > Interestingly enough, the signature went bad after transit. > This message should verify fine. > > Regards, > Rob > > On 03/02/2018 05:16 PM, Robin Broda via aur-general wrote: >> Hello, >> >> I'm Robin 'coderobe' Broda, born in '99, and I'm writing to become a >> Trusted User. >> I've been an Arch user since ~2014, using it on several devices >> including most of my servers. I'm more or less active on IRC, very >> interested in open-source development[0], federated networks, & >> reproducible builds - and would like to increase the amount of >> reproducible packages in Arch. >> I maintain a couple of PKGBUILDs in the AUR and I'm looking to adopt >> more[2]. >> >> Eli Schwartz has agreed to sponsor my application. >> >> After becoming a TU, I'd like to look into promoting a couple of >> packages from the AUR over time, including but not limited to >> `rutorrent`, `psensor`, `glava` (currently `glava-git`, waiting for >> tagged releases), `gtkhash`, `streem`, & `polybar` - assuming that no >> issues preventing the packaging (& inclusion in the repos) turn up and >> the popularity/votes are high enough to warrant inclusion. >> I would also like to potentially tackle some of the TODOs[1]. >> As mentioned earlier, I also plan to look into reproducibility issues >> and improving the infrastructure around reproducible builds (and the >> verification thereof). >> >> I'm available on IRC with the username 'coderobe' (Freenode), on >> Matrix[3] (@coderobe:cdr.li), and via e-mail - should you have questions >> about anything. My timezone is UTC+1. >> >> Thank you for considering. >> >> Regards, >> Rob >> >> [0] https://github.com/coderobe >> [1] https://www.archlinux.org/todo/ >> [2] >> https://aur.archlinux.org/packages/?O=0&SeB=M&K=coderobe&outdated=&SB=n&SO=a&PP=50&do_Search=Go >> [3] https://matrix.org/ I confirm my sponsorship, let the discussion period begin! :) -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU Application - Robin Broda
Interestingly enough, the signature went bad after transit. This message should verify fine. Regards, Rob On 03/02/2018 05:16 PM, Robin Broda via aur-general wrote: > Hello, > > I'm Robin 'coderobe' Broda, born in '99, and I'm writing to become a > Trusted User. > I've been an Arch user since ~2014, using it on several devices > including most of my servers. I'm more or less active on IRC, very > interested in open-source development[0], federated networks, & > reproducible builds - and would like to increase the amount of > reproducible packages in Arch. > I maintain a couple of PKGBUILDs in the AUR and I'm looking to adopt > more[2]. > > Eli Schwartz has agreed to sponsor my application. > > After becoming a TU, I'd like to look into promoting a couple of > packages from the AUR over time, including but not limited to > `rutorrent`, `psensor`, `glava` (currently `glava-git`, waiting for > tagged releases), `gtkhash`, `streem`, & `polybar` - assuming that no > issues preventing the packaging (& inclusion in the repos) turn up and > the popularity/votes are high enough to warrant inclusion. > I would also like to potentially tackle some of the TODOs[1]. > As mentioned earlier, I also plan to look into reproducibility issues > and improving the infrastructure around reproducible builds (and the > verification thereof). > > I'm available on IRC with the username 'coderobe' (Freenode), on > Matrix[3] (@coderobe:cdr.li), and via e-mail - should you have questions > about anything. My timezone is UTC+1. > > Thank you for considering. > > Regards, > Rob > > [0] https://github.com/coderobe > [1] https://www.archlinux.org/todo/ > [2] > https://aur.archlinux.org/packages/?O=0&SeB=M&K=coderobe&outdated=&SB=n&SO=a&PP=50&do_Search=Go > [3] https://matrix.org/ > > signature.asc Description: OpenPGP digital signature
[aur-general] TU Application - Robin Broda
Hello, I'm Robin 'coderobe' Broda, born in '99, and I'm writing to become a Trusted User. I've been an Arch user since ~2014, using it on several devices including most of my servers. I'm more or less active on IRC, very interested in open-source development[0], federated networks, & reproducible builds - and would like to increase the amount of reproducible packages in Arch. I maintain a couple of PKGBUILDs in the AUR and I'm looking to adopt more[2]. Eli Schwartz has agreed to sponsor my application. After becoming a TU, I'd like to look into promoting a couple of packages from the AUR over time, including but not limited to `rutorrent`, `psensor`, `glava` (currently `glava-git`, waiting for tagged releases), `gtkhash`, `streem`, & `polybar` - assuming that no issues preventing the packaging (& inclusion in the repos) turn up and the popularity/votes are high enough to warrant inclusion. I would also like to potentially tackle some of the TODOs[1]. As mentioned earlier, I also plan to look into reproducibility issues and improving the infrastructure around reproducible builds (and the verification thereof). I'm available on IRC with the username 'coderobe' (Freenode), on Matrix[3] (@coderobe:cdr.li), and via e-mail - should you have questions about anything. My timezone is UTC+1. Thank you for considering. Regards, Rob [0] https://github.com/coderobe [1] https://www.archlinux.org/todo/ [2] https://aur.archlinux.org/packages/?O=0&SeB=M&K=coderobe&outdated=&SB=n&SO=a&PP=50&do_Search=Go [3] https://matrix.org/ signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU (re-)Application
On Feb 28, 2018 08:40, "Eli Schwartz via aur-general" < aur-general@archlinux.org> wrote: On 02/21/2018 07:06 AM, Eli Schwartz wrote: > Anyway, the voting period has now officially begun, so cast your votes > everyone! https://aur.archlinux.org/tu/?id=104 Voting period is over, and the results are in! Yes No Abstain Total Voted Participation 23 7 8 38Yes 82.61% Congrats, you are now (once again) a TU! :) Welcome back! I have upgraded your bugtracker and AUR accounts with the necessary permissions. Take a look at https://wiki.archlinux.org/index.php/AUR_Trusted_User_ Guidelines#TODO_list_for_new_Trusted_Users and take care of any remaining items. -- Eli Schwartz Bug Wrangler and Trusted User (Responding on mobile so no signature set up) Thanks to Eli and the entire TU community! I'm hoping to be doing some good work around here. :) Regards, Brad
Re: [aur-general] TU (re-)Application
On 02/21/2018 07:06 AM, Eli Schwartz wrote: > Anyway, the voting period has now officially begun, so cast your votes > everyone! https://aur.archlinux.org/tu/?id=104 Voting period is over, and the results are in! Yes No Abstain Total Voted Participation 23 7 8 38Yes 82.61% Congrats, you are now (once again) a TU! :) Welcome back! I have upgraded your bugtracker and AUR accounts with the necessary permissions. Take a look at https://wiki.archlinux.org/index.php/AUR_Trusted_User_Guidelines#TODO_list_for_new_Trusted_Users and take care of any remaining items. -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU (re-)Application
On 02/12/2018 03:30 PM, Brad Fanella via aur-general wrote: > On 02/12/2018 06:52 AM, Eli Schwartz via aur-general wrote: >> Brad, please create a new AUR account, as you will need one to interact >> with the AUR for various TU duties if you are re-elected. (This is >> independent of whether you maintain *any* packages in the AUR, which I >> hope you will anyway, not that every current TU does). >> >> Please start signing your emails with a PGP key, it is good practice, >> and we will need your PGP key for the keyring and so forth if you get >> re-elected. >> >> Following which, I formally announce that on my prerogative as a TU, I >> am sponsoring Brad as a new TU applicant whether he needs it or not. >> The standard discussion period will commence from the time that email is >> sent. > > Per Eli's email, I have gone ahead and created a new AUR account under > the alias "cesura" (my standard nick for the past few years). For > clarity's sake, I've also made my bugtracker account under the same > name. Based on the BBS policies, I don't believe a name change is > possible, and plan to keep "itsbrad212" on the forums for the time being > (as embarrassing as it may be). > > This will be my standard PGP signature moving forward, and I have my > fingerprint set on the new AUR account. I'll use this email as an > extremely brief "application" of sorts, to potentially give a bit more > background and outline my immediate goals. > > As some of you may already know, I was elected as a Trusted User back in > 2010, and had a nice run of around 1000 svn commits (maybe exactly?). I > made the decision to step down as I did not feel like I had enough free > time to uphold my responsibilities. As a TU in 2018, there would be a > few projects that I'd like to tackle first, notably the MATE desktop and > a few other orphaned packages that have drifted away from upstream versions. > > Lastly, thank you to Eli Schwartz for the sponsorship, and if there are > any outstanding questions for me, don't hesitate to ask. > > Brad Fanella Well, the discussion period was really over a couple days ago, whoops. :( Anyway, the voting period has now officially begun, so cast your votes everyone! https://aur.archlinux.org/tu/?id=104 -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU (re-)Application
On 02/12/18 at 05:15pm, Eli Schwartz via aur-general wrote: > On 02/12/2018 05:04 PM, Brad Fanella via aur-general wrote: > > Turns out that since my application, Antonio Rojas has stepped up to the > > plate and updated MATE to version 1.20.0, so props to him! The whole > > group is still orphaned though, so I would plan on pushing out future > > updates when they come. There are no glaring holes in [community] right > > now, which is fantastic; most of the other orphans are small utilities > > and libraries with infrequent/discontinued releases, like cd-discid and > > imlib (version 1). > > arojas does quite a lot of updating for orphaned packages like that. :) > He was updating Cinnamon as well, until I applied, and he was very > straightforward with me about "it would be great if someone who actually > uses the packages could maintain it since all I do is bump the pkgver > and try to see if it builds". This is awesome, but we should have no issues with co-maintaining more packages. Other packages mind be busy, on vacation, to update their packages. > > Perhaps there are some packages that are becoming a burden on other TUs, > > or AUR packages that deserve a spot in the official repos. Maybe you > > have some recommendations? > > I thought the idea here was to see what you are interested in, not what > I'm interested in. :p Would be indeed, nice to hear what your background is and what sort of packages you would like to maintain and have experience with :) -- Jelle van der Waa signature.asc Description: PGP signature
Re: [aur-general] TU (re-)Application
On 02/12/2018 04:15 PM, Eli Schwartz via aur-general wrote: > I thought the idea here was to see what you are interested in, not what > I'm interested in. :p True, true. The packaging scene right now is both a blessing and a curse: very few packages exist that don't have a maintainer, but at the expense of having interesting things to work on from the get-go. Much different than how I remember it, likely due to how many new faces we have around here. There are some python2-* and perl-* libraries that I've used that are currently orphaned, so that could be another starting point, but for now the short answer is: we'll see! signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU (re-)Application
On 02/12/2018 05:04 PM, Brad Fanella via aur-general wrote: > Turns out that since my application, Antonio Rojas has stepped up to the > plate and updated MATE to version 1.20.0, so props to him! The whole > group is still orphaned though, so I would plan on pushing out future > updates when they come. There are no glaring holes in [community] right > now, which is fantastic; most of the other orphans are small utilities > and libraries with infrequent/discontinued releases, like cd-discid and > imlib (version 1). arojas does quite a lot of updating for orphaned packages like that. :) He was updating Cinnamon as well, until I applied, and he was very straightforward with me about "it would be great if someone who actually uses the packages could maintain it since all I do is bump the pkgver and try to see if it builds". > Perhaps there are some packages that are becoming a burden on other TUs, > or AUR packages that deserve a spot in the official repos. Maybe you > have some recommendations? I thought the idea here was to see what you are interested in, not what I'm interested in. :p -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU (re-)Application
El Mon, 12 Feb 2018 16:04:24 -0600, Brad Fanella via aur-general escribió: > > Turns out that since my application, Antonio Rojas has stepped up to the > plate and updated MATE to version 1.20.0, so props to him! The whole > group is still orphaned though, so I would plan on pushing out future > updates when they come. There are no glaring holes in [community] right > now, which is fantastic; most of the other orphans are small utilities > and libraries with infrequent/discontinued releases, like cd-discid and > imlib (version 1). Actually I had already started updating it when you applied - so I finished it instead of leaving it half-done. But yes, it's about time someone stepped up to properly maintain it.
Re: [aur-general] TU (re-)Application
On 02/12/2018 03:14 PM, Eli Schwartz via aur-general wrote: > Not as a general rule, no, but if the forum mods are feeling nice then > the forum software does allow it. :) > > Likewise, Bluewind can edit the bugtracker database. > > Perks of being friendly with the people in charge. :D Heh, sounds like I need to be making some calls then. ;) > Sure thing, and I'm sure it will be awesome to have you back! > > As a matter of curiosity, MATE is already a pretty big and worthwhile > task to handle, but what other orphans are you thinking of adopting? Turns out that since my application, Antonio Rojas has stepped up to the plate and updated MATE to version 1.20.0, so props to him! The whole group is still orphaned though, so I would plan on pushing out future updates when they come. There are no glaring holes in [community] right now, which is fantastic; most of the other orphans are small utilities and libraries with infrequent/discontinued releases, like cd-discid and imlib (version 1). Perhaps there are some packages that are becoming a burden on other TUs, or AUR packages that deserve a spot in the official repos. Maybe you have some recommendations? Brad signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU (re-)Application
On 02/12/2018 03:30 PM, Brad Fanella via aur-general wrote: > Per Eli's email, I have gone ahead and created a new AUR account under > the alias "cesura" (my standard nick for the past few years). For > clarity's sake, I've also made my bugtracker account under the same > name. Based on the BBS policies, I don't believe a name change is > possible, and plan to keep "itsbrad212" on the forums for the time being > (as embarrassing as it may be). Not as a general rule, no, but if the forum mods are feeling nice then the forum software does allow it. :) Likewise, Bluewind can edit the bugtracker database. Perks of being friendly with the people in charge. :D > This will be my standard PGP signature moving forward, and I have my > fingerprint set on the new AUR account. I'll use this email as an > extremely brief "application" of sorts, to potentially give a bit more > background and outline my immediate goals. > > As some of you may already know, I was elected as a Trusted User back in > 2010, and had a nice run of around 1000 svn commits (maybe exactly?). I > made the decision to step down as I did not feel like I had enough free > time to uphold my responsibilities. As a TU in 2018, there would be a > few projects that I'd like to tackle first, notably the MATE desktop and > a few other orphaned packages that have drifted away from upstream versions. > > Lastly, thank you to Eli Schwartz for the sponsorship, and if there are > any outstanding questions for me, don't hesitate to ask. Sure thing, and I'm sure it will be awesome to have you back! As a matter of curiosity, MATE is already a pretty big and worthwhile task to handle, but what other orphans are you thinking of adopting? Handy link to the list of currently orphaned Community packages, for the curious: https://www.archlinux.org/packages/?repo=Community&maintainer=orphan -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU (re-)Application
On 02/12/2018 06:52 AM, Eli Schwartz via aur-general wrote: > Brad, please create a new AUR account, as you will need one to interact > with the AUR for various TU duties if you are re-elected. (This is > independent of whether you maintain *any* packages in the AUR, which I > hope you will anyway, not that every current TU does). > > Please start signing your emails with a PGP key, it is good practice, > and we will need your PGP key for the keyring and so forth if you get > re-elected. > > Following which, I formally announce that on my prerogative as a TU, I > am sponsoring Brad as a new TU applicant whether he needs it or not. > The standard discussion period will commence from the time that email is > sent. Per Eli's email, I have gone ahead and created a new AUR account under the alias "cesura" (my standard nick for the past few years). For clarity's sake, I've also made my bugtracker account under the same name. Based on the BBS policies, I don't believe a name change is possible, and plan to keep "itsbrad212" on the forums for the time being (as embarrassing as it may be). This will be my standard PGP signature moving forward, and I have my fingerprint set on the new AUR account. I'll use this email as an extremely brief "application" of sorts, to potentially give a bit more background and outline my immediate goals. As some of you may already know, I was elected as a Trusted User back in 2010, and had a nice run of around 1000 svn commits (maybe exactly?). I made the decision to step down as I did not feel like I had enough free time to uphold my responsibilities. As a TU in 2018, there would be a few projects that I'd like to tackle first, notably the MATE desktop and a few other orphaned packages that have drifted away from upstream versions. Lastly, thank you to Eli Schwartz for the sponsorship, and if there are any outstanding questions for me, don't hesitate to ask. Brad Fanella signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU (re-)Application
On 02/12/2018 04:36 AM, Christian Rebischke via aur-general wrote: > Hello everybody, > I kind of feel uncomfortable with this. I think that somebody who has > resigned, is not able to sign his mails and seems to ignore requests of > doing so, should apply over the normal way like all others do. That > would just be fair to all newcomers. If I get this right there is no > reliable verification possible for his identity. We should really add a > rule for re-application in our TU-Bylaws. This whole thing is getting mildly elitist. I think Brad has proven to everyone's satisfaction that he is who he says he is. And there is a reason he was elected in the past. With that in mind, I'd like to propose the following plan of action just to cover all our bases. Brad, please create a new AUR account, as you will need one to interact with the AUR for various TU duties if you are re-elected. (This is independent of whether you maintain *any* packages in the AUR, which I hope you will anyway, not that every current TU does). Please start signing your emails with a PGP key, it is good practice, and we will need your PGP key for the keyring and so forth if you get re-elected. Following which, I formally announce that on my prerogative as a TU, I am sponsoring Brad as a new TU applicant whether he needs it or not. The standard discussion period will commence from the time that email is sent. To whom it may concern: if a bunch of people decided someone has the necessary skills 7 years ago, those skills will not vanish because of time. Our standards are hardly super high anyway, and Brad's skills as a packager can be judged relatively easily, by taking a look at his TU packaging history at https://git.archlinux.org/svntogit/community.git/log/?qt=author&q=bfanella (I've looked, he seems to have done just fine. Yay!) It is pretty easy to get up to date on actually relevant changes which mostly boil down to "use the standard pacman hooks if possible, now that pacman has hook support". I do *not* feel comfortable expecting or demanding that Brad maintain a few packages in the AUR first, unless we want to make the same rule about currently active TUs. This application requirement is meant to be an assessment of one's capabilities, which as a TU Fellow is not in question. -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU (re-)Application
On Mon, Feb 12, 2018 at 04:18:45AM -0600, Brad Fanella via aur-general wrote: > I respect that decision and will proceed with the standard application > process, proper signatures and all. :) Thanks, I just wanted to be sure that we atleast vote about your re-application and it's nice btw that you want to adopt the MATE packages :) chris signature.asc Description: PGP signature
Re: [aur-general] TU (re-)Application
chris.rebisc...@archlinux.org> wrote: Well, you could at least starting signing your mails with the next email, even if it is a new GPG key. It's something that we expect from TU-Applicants.. and I see no reason why you should excluded from this expectation. That maybe sounds a little bit harsh, but in my opinion you should re-apply on the normal way. I don't think there is a contra against re-applying like all others. I mean you were several years away, so I don't think that 1-2 weeks on top of it will be bad. I respect that decision and will proceed with the standard application process, proper signatures and all. :) On Feb 12, 2018 4:09 AM, "Balló György via aur-general" < aur-general@archlinux.org> wrote: Thanks! :) Then I think the next step is to create a new account on AUR, add your PGP fingerprint to your aurweb profile, and post a PGP- signed message to this mailing list. I appreciate the help, thanks again! - Brad
Re: [aur-general] TU (re-)Application
2018. 02. 12, 03.52, Brad Fanella via aur-general ezt írta: > Yes I do. I've just gone ahead and updated my bug tracker account to > reflect this, thank you. Thanks! :) Then I think the next step is to create a new account on AUR, add your PGP fingerprint to your aurweb profile, and post a PGP- signed message to this mailing list. -- György Balló Trusted User signature.asc Description: This is a digitally signed message part
Re: [aur-general] TU (re-)Application
On Mon, Feb 12, 2018 at 03:52:04AM -0600, Brad Fanella via aur-general wrote: > Frankly I'm not quite sure what that would prove. If I don't have a known > signature on record, signing these emails doesn't do anything to verify my > identity. To imply that I'm "ignoring requests" is a bit disingenuous when > you consider that a PGP signature would change nothing here. > > All the best, > Brad Well, you could at least starting signing your mails with the next email, even if it is a new GPG key. It's something that we expect from TU-Applicants.. and I see no reason why you should excluded from this expectation. That maybe sounds a little bit harsh, but in my opinion you should re-apply on the normal way. I don't think there is a contra against re-applying like all others. I mean you were several years away, so I don't think that 1-2 weeks on top of it will be bad. chris signature.asc Description: PGP signature
Re: [aur-general] TU (re-)Application
Do you still have access to your bug tracker account? Can you update your email address here? https://bugs.archlinux.org/user/7923 Yes I do. I've just gone ahead and updated my bug tracker account to reflect this, thank you. wrote: [...] is not able to sign his mails and seems to ignore requests of doing so [...] Frankly I'm not quite sure what that would prove. If I don't have a known signature on record, signing these emails doesn't do anything to verify my identity. To imply that I'm "ignoring requests" is a bit disingenuous when you consider that a PGP signature would change nothing here. All the best, Brad
Re: [aur-general] TU (re-)Application
On Mon, Feb 12, 2018 at 03:03:32AM -0600, Brad Fanella via aur-general wrote: > > It's been around in some incarnation since 2007, and you have a > > filled-in profile at > > https://www.archlinux.org/people/trusted-user-fellows/#bfanella > > > > So I assumed you must have at one point had access to it, even if > > it's > > been long enough that you have forgotten and/or lost track -- I'm not > > sure offhand what precise role it had at all stages Arch's history. > > Thanks for the help/advice Eli. If I remember correctly, my profile was > filled out by sending the various pieces of information to an > administrator for posting on the site. If I do in fact have access to > archweb, it's not something I could easily get into unfortunately. > > I can also prove ownership of the email account (bradfanella@archlinux. > us) that I sent my original application from in 2010, if that > corroborates my claim. Hello everybody, I kind of feel uncomfortable with this. I think that somebody who has resigned, is not able to sign his mails and seems to ignore requests of doing so, should apply over the normal way like all others do. That would just be fair to all newcomers. If I get this right there is no reliable verification possible for his identity. We should really add a rule for re-application in our TU-Bylaws. Just my 2 cents, Chris signature.asc Description: PGP signature
Re: [aur-general] TU (re-)Application
2018. 02. 12, 01.28, Brad Fanella via aur-general: > I'm not sure that would clear up doubts about malicious intent. Do you still have access to your bug tracker account? Can you update your email address here? https://bugs.archlinux.org/user/7923 -- György Balló Trusted User signature.asc Description: This is a digitally signed message part
Re: [aur-general] TU (re-)Application
> It's been around in some incarnation since 2007, and you have a > filled-in profile at > https://www.archlinux.org/people/trusted-user-fellows/#bfanella > > So I assumed you must have at one point had access to it, even if > it's > been long enough that you have forgotten and/or lost track -- I'm not > sure offhand what precise role it had at all stages Arch's history. Thanks for the help/advice Eli. If I remember correctly, my profile was filled out by sending the various pieces of information to an administrator for posting on the site. If I do in fact have access to archweb, it's not something I could easily get into unfortunately. I can also prove ownership of the email account (bradfanella@archlinux. us) that I sent my original application from in 2010, if that corroborates my claim.
Re: [aur-general] TU (re-)Application
On 02/12/2018 02:28 AM, Brad Fanella via aur-general wrote: > Do you still have access to your archweb account? If so, you could > update that with your GPG key/new email address and post a confirmation > email signed with that key to this thread. :D > > > I don't believe Archweb was even active when I was a TU, sadly. :( > > I suppose the worst-case scenario would involve me reapplying in a more > formal way. Although assuming this was indeed a case of "identity theft," > I'm not sure that would clear up doubts about malicious intent. It's been around in some incarnation since 2007, and you have a filled-in profile at https://www.archlinux.org/people/trusted-user-fellows/#bfanella So I assumed you must have at one point had access to it, even if it's been long enough that you have forgotten and/or lost track -- I'm not sure offhand what precise role it had at all stages Arch's history. But there is also your BBS account mentioned in your original TU application which jasonwryan confirmed is linked to this gmail address, which seems to me to be a pretty reasonable indication that this email address legitimately belongs to the same person. :) (Thanks, Jason!) Will have to see in the morning what everyone else thinks though. If you could get in and update your archweb profile that would definitely be preferable. -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU (re-)Application
Do you still have access to your archweb account? If so, you could update that with your GPG key/new email address and post a confirmation email signed with that key to this thread. :D I don't believe Archweb was even active when I was a TU, sadly. :( I suppose the worst-case scenario would involve me reapplying in a more formal way. Although assuming this was indeed a case of "identity theft," I'm not sure that would clear up doubts about malicious intent. Brad
Re: [aur-general] TU (re-)Application
On 02/11/2018 02:54 PM, Brad Fanella via aur-general wrote: >> * The originally sent email does not match the email Brad applied >> with >> in 2010. [1] >> * There is no GPG signature, neither on the current application or >> the >> 2010 application, as to remove doubts. >> * The "itsbrad212" account is no longer present on AUR. >> * The website on the archlinux.org TU Fellow page is no longer >> functional. [2] >> >> There has been some recent activity on the "itsbrad212" forum account >> (which was linked from the 2010 application), but I would not say >> this >> is sufficient confirmation. > > I understand your cause for concern, so I'd like to know if there is > any reasonable way to confirm my identity? > > As mentioned by somebody else in this thread, a lot has changed since > 2010, including PGP package signing in pacman. Every TU now has a > fingerprint that can eliminate doubt in situations like these, but I > wasn't quite around long enough for its universal adoption. My AUR > account was seemingly disabled due to inactivity (?), and I'd be hard- > pressed to keep a domain name for 8 years. Do you still have access to your archweb account? If so, you could update that with your GPG key/new email address and post a confirmation email signed with that key to this thread. :D -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU (re-)Application
On 11/02/18 at 01:54pm, Brad Fanella via aur-general wrote: * The originally sent email does not match the email Brad applied with in 2010. [1] * There is no GPG signature, neither on the current application or the 2010 application, as to remove doubts. * The "itsbrad212" account is no longer present on AUR. * The website on the archlinux.org TU Fellow page is no longer functional. [2] There has been some recent activity on the "itsbrad212" forum account (which was linked from the 2010 application), but I would not say this is sufficient confirmation. I understand your cause for concern, so I'd like to know if there is any reasonable way to confirm my identity? As mentioned by somebody else in this thread, a lot has changed since 2010, including PGP package signing in pacman. Every TU now has a fingerprint that can eliminate doubt in situations like these, but I wasn't quite around long enough for its universal adoption. My AUR account was seemingly disabled due to inactivity (?), and I'd be hard- pressed to keep a domain name for 8 years. This email account is the same as the one linked to the Forum account: https://bbs.archlinux.org/profile.php?id=33199 /J -- http://jasonwryan.com/ GPG: 7817 E3FF 578E EEE1 9F64 D40C 445E 52EA B1BD 4E40 signature.asc Description: PGP signature
Re: [aur-general] TU (re-)Application
> * The originally sent email does not match the email Brad applied > with > in 2010. [1] > * There is no GPG signature, neither on the current application or > the > 2010 application, as to remove doubts. > * The "itsbrad212" account is no longer present on AUR. > * The website on the archlinux.org TU Fellow page is no longer > functional. [2] > > There has been some recent activity on the "itsbrad212" forum account > (which was linked from the 2010 application), but I would not say > this > is sufficient confirmation. I understand your cause for concern, so I'd like to know if there is any reasonable way to confirm my identity? As mentioned by somebody else in this thread, a lot has changed since 2010, including PGP package signing in pacman. Every TU now has a fingerprint that can eliminate doubt in situations like these, but I wasn't quite around long enough for its universal adoption. My AUR account was seemingly disabled due to inactivity (?), and I'd be hard- pressed to keep a domain name for 8 years. Thanks, Brad
Re: [aur-general] TU application: Ivy Foster
On 10 Feb 2018, at 1:02 +0100, Alad Wenter via aur-general wrote: > the proposal has been accepted. Congratulations! Awesome! Thanks, y'all. Ivy signature.asc Description: PGP signature
Re: [aur-general] TU application: Ivy Foster
On 02/09/2018 07:02 PM, Alad Wenter via aur-general wrote: > On Sat, Feb 03, 2018 at 12:12:44AM +0100, Alad Wenter via aur-general wrote: >> On Fri, Jan 26, 2018 at 03:53:07PM -0600, Ivy Foster wrote: >>> On 26 Jan 2018, at 10:31 +0100, Alad Wenter via aur-general wrote: Note: If possible please add a short reply with a GPG signature. >>> >>> My mistake! Here's my official, signed reply. >>> >> The discussion period is over. Let the votes begin! >> >> https://aur.archlinux.org/tu/?id=103 >> > The voting period has ended, with the following results: > > Yes:33 > No: 3 > Abstain:3 > Total: 39 > > As such, the proposal has been accepted. Congratulations! > > Alad > Congrats, welcome to the team! :) -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU for moving DDNet to community?
On Sat, Feb 10, 2018 at 11:58:57AM -0200, Rafael Fontenelle wrote: > 2018-02-08 13:45 GMT-02:00 Alad Wenter via aur-general > : > > It has 5 votes on AUR, so it doesn't look very popular on Arch. Typical > > guideline is at least 10 before uploading something to [community]. > > > > Alad > > Correct me if I'm wrong, but I thought it is a soft requirement (i.e. > could be ignored by the TU, if he/she wants to adopt it), reason why I > sent this email. But Eli Schwartz got a point: with -git package's > vote it has more than 10 :-) > In the case of less than 10 votes it has to be sent to this mailing list, _and_ be approved by three other TUs. https://wiki.archlinux.org/index.php/AUR_Trusted_User_Guidelines#Rules_for_Packages_Entering_the_.5Bcommunity.5D_Repo Whether this always happens in practice is a different question, since the above article is part of the ArchWiki and not the TU Bylaws. I like to think people follow this practice where they can anyway. I'd say counting -git packages for the votes is a bit of a stretch, but for those prefer doing so, be my guest. Alad signature.asc Description: PGP signature
Re: [aur-general] TU for moving DDNet to community?
2018-02-08 13:45 GMT-02:00 Alad Wenter via aur-general : > It has 5 votes on AUR, so it doesn't look very popular on Arch. Typical > guideline is at least 10 before uploading something to [community]. > > Alad Correct me if I'm wrong, but I thought it is a soft requirement (i.e. could be ignored by the TU, if he/she wants to adopt it), reason why I sent this email. But Eli Schwartz got a point: with -git package's vote it has more than 10 :-) 2018-02-08 13:50 GMT-02:00 SanskritFritz via aur-general : > archlinuxcn actually carries it. Not sure if that is enough. archlinuxcn is an unofficial repository. I'd prefer it to go to community as it is an official repository, to be also accessible for those who use official repositories only. 2018-02-08 13:57 GMT-02:00 Eli Schwartz via aur-general : > So, it would probably be best for Rafael to poke svenstaro directly as > he maintains a lot of gaming packages, including "teeworlds". Good idea. I sent and I'm waiting for a reply. Still, my request is open to any TU that wants it. Rafael Fontenelle
Re: [aur-general] TU application: Ivy Foster
On 10-02-18, Alad Wenter via aur-general wrote: > On Sat, Feb 03, 2018 at 12:12:44AM +0100, Alad Wenter via aur-general wrote: > > On Fri, Jan 26, 2018 at 03:53:07PM -0600, Ivy Foster wrote: > > > On 26 Jan 2018, at 10:31 +0100, Alad Wenter via aur-general wrote: > > > > Note: If possible please add a short reply with a GPG signature. > > > > > > My mistake! Here's my official, signed reply. > > > > > The discussion period is over. Let the votes begin! > > > > https://aur.archlinux.org/tu/?id=103 > > > The voting period has ended, with the following results: > > Yes:33 > No: 3 > Abstain:3 > Total: 39 > > As such, the proposal has been accepted. Congratulations! Congrats, and welcome to the team! Baptiste signature.asc Description: PGP signature
Re: [aur-general] TU application: Ivy Foster
On Sat, Feb 03, 2018 at 12:12:44AM +0100, Alad Wenter via aur-general wrote: > On Fri, Jan 26, 2018 at 03:53:07PM -0600, Ivy Foster wrote: > > On 26 Jan 2018, at 10:31 +0100, Alad Wenter via aur-general wrote: > > > Note: If possible please add a short reply with a GPG signature. > > > > My mistake! Here's my official, signed reply. > > > The discussion period is over. Let the votes begin! > > https://aur.archlinux.org/tu/?id=103 > The voting period has ended, with the following results: Yes:33 No: 3 Abstain:3 Total: 39 As such, the proposal has been accepted. Congratulations! Alad signature.asc Description: PGP signature
Re: [aur-general] TU (re-)Application
Alad Wenter via aur-general writes: > * The originally sent email does not match the email Brad applied with > in 2010. [1] > * There is no GPG signature, neither on the current application or the > 2010 application, as to remove doubts. > * The "itsbrad212" account is no longer present on AUR. > * The website on the archlinux.org TU Fellow page is no longer > functional. [2] > > There has been some recent activity on the "itsbrad212" forum account > (which was linked from the 2010 application), but I would not say this > is sufficient confirmation. We're waiting for a PGP signed email then, nothing else. Many things may have changed since 2010 (including PGP keys too). I suppose the idea of re-applying involved other TUs. There must be someone to confirm everything we're in doubt about. Regards, Marcin Wieczorek signature.asc Description: PGP signature
Re: [aur-general] TU (re-)Application
On Fri, Feb 09, 2018 at 09:50:23PM +0100, Marcin Wieczorek wrote: > Giancarlo Razzolini via aur-general writes: > > I'm not sure if, in this case, he would need a sponsor or not. I don't > > think we need to amend the bylaws to add this special case for a returning > > TU, but I do think the standard procedure should be followed. > > One of you TU's can sponsor him right away then, right? > After taking a closer look, there's a few pain points. * The originally sent email does not match the email Brad applied with in 2010. [1] * There is no GPG signature, neither on the current application or the 2010 application, as to remove doubts. * The "itsbrad212" account is no longer present on AUR. * The website on the archlinux.org TU Fellow page is no longer functional. [2] There has been some recent activity on the "itsbrad212" forum account (which was linked from the 2010 application), but I would not say this is sufficient confirmation. Alad [1] https://lists.archlinux.org/pipermail/aur-general/2010-August/010049.html [2] https://www.archlinux.org/people/trusted-user-fellows/#bfanella signature.asc Description: PGP signature
Re: [aur-general] TU (re-)Application
Giancarlo Razzolini via aur-general writes: > I'm not sure if, in this case, he would need a sponsor or not. I don't > think we need to amend the bylaws to add this special case for a returning > TU, but I do think the standard procedure should be followed. One of you TU's can sponsor him right away then, right? Marcin Wieczorek signature.asc Description: PGP signature
Re: [aur-general] TU (re-)Application
Em fevereiro 9, 2018 13:29 Alad Wenter via aur-general escreveu: It seems we have no clause in the TU Bylaws [1] on what to do if a Fellow wants to resume his position as TU. That said, I doubt any of us would object when we consider your email as the "application" and simply start the vote after the usual discussion period (1 week) has ended. Best, Alad [1] https://aur.archlinux.org/trusted-user/TUbylaws.html I'm not sure if, in this case, he would need a sponsor or not. I don't think we need to amend the bylaws to add this special case for a returning TU, but I do think the standard procedure should be followed. Regards, Giancarlo Razzolini pgpcsRZbjxxMp.pgp Description: PGP signature
Re: [aur-general] TU (re-)Application
On Fri, Feb 09, 2018 at 01:25:05AM -0500, Eli Schwartz via aur-general wrote: > On 02/09/2018 01:00 AM, Brad Fanella via aur-general wrote: > > Hi all, > > > > Perhaps this is a bit unorthodox, but in 2011 I resigned from my post > > as a TU for personal and time-related reasons [1]. Coming up on almost > > 7 years later, I'm still an avid Arch user, and have struck a balance > > in my life where I'm much more capable of contributing to open-source > > projects than I was back then. > > > > The warm regards and well-wishes from my fellow TUs at the time [2][3] > > have left an extremely positive impression on me, and I find myself > > once again wanting to pick up some orphaned packages in [community] > > (surprisingly, the MATE desktop is homeless). Therefore, I'm writing > > this message to see if there's any interest in getting another helping > > hand around here. > > I never had a chance to know you when you were active before, but I'm > sure any TU Fellow would have little/no problems being re-elected, > certainly under the circumstances you've presented! :) > > As for the MATE desktop, it has languished ever since Martin retired. I > used it myself for a little while after gnome2, before switching to > cinnamon... I've considered getting back in touch with the MATE side of > things and picking up the package set, but I'm still not sure I want to, > so if you would give it some much-needed love, that would be awesome! > It seems we have no clause in the TU Bylaws [1] on what to do if a Fellow wants to resume his position as TU. That said, I doubt any of us would object when we consider your email as the "application" and simply start the vote after the usual discussion period (1 week) has ended. Best, Alad [1] https://aur.archlinux.org/trusted-user/TUbylaws.html signature.asc Description: PGP signature
Re: [aur-general] TU (re-)Application
On 02/09/2018 01:00 AM, Brad Fanella via aur-general wrote: > Hi all, > > Perhaps this is a bit unorthodox, but in 2011 I resigned from my post > as a TU for personal and time-related reasons [1]. Coming up on almost > 7 years later, I'm still an avid Arch user, and have struck a balance > in my life where I'm much more capable of contributing to open-source > projects than I was back then. > > The warm regards and well-wishes from my fellow TUs at the time [2][3] > have left an extremely positive impression on me, and I find myself > once again wanting to pick up some orphaned packages in [community] > (surprisingly, the MATE desktop is homeless). Therefore, I'm writing > this message to see if there's any interest in getting another helping > hand around here. I never had a chance to know you when you were active before, but I'm sure any TU Fellow would have little/no problems being re-elected, certainly under the circumstances you've presented! :) As for the MATE desktop, it has languished ever since Martin retired. I used it myself for a little while after gnome2, before switching to cinnamon... I've considered getting back in touch with the MATE side of things and picking up the package set, but I'm still not sure I want to, so if you would give it some much-needed love, that would be awesome! -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
[aur-general] TU (re-)Application
Hi all, Perhaps this is a bit unorthodox, but in 2011 I resigned from my post as a TU for personal and time-related reasons [1]. Coming up on almost 7 years later, I'm still an avid Arch user, and have struck a balance in my life where I'm much more capable of contributing to open-source projects than I was back then. The warm regards and well-wishes from my fellow TUs at the time [2][3] have left an extremely positive impression on me, and I find myself once again wanting to pick up some orphaned packages in [community] (surprisingly, the MATE desktop is homeless). Therefore, I'm writing this message to see if there's any interest in getting another helping hand around here. Sincerely, Brad Fanella [1] https://www.mail-archive.com/aur-general@archlinux.org/msg14906.htm l [2] https://www.mail-archive.com/aur-general@archlinux.org/msg14915.htm l [3] https://www.mail-archive.com/aur-general@archlinux.org/msg14920.htm l
Re: [aur-general] TU for moving DDNet to community?
On 02/08/2018 10:45 AM, Alad Wenter via aur-general wrote: > On Thu, Feb 08, 2018 at 12:44:27PM -0200, Rafael Fontenelle wrote: >> Hello, >> >> DDNet is a very fun sidescrolling game, similar to Teeworlds (DDNet is >> actually a mod of Teeworlds). Since Teeworlds's development is very >> slow and DDNet's development is very active, a lot of players migrated >> to DDNet, which allows to play both gametypes of Teeworlds and many >> others of DDNet. >> > It has 5 votes on AUR, so it doesn't look very popular on Arch. Typical > guideline is at least 10 before uploading something to [community]. Well, there is a git package as well, and between the two there are ten voters. Many people don't vote for both the git package and the main package, but would likely use the main package if it was in the repos. That being said, none of this matters unless there is a TU either interested enough to maintain it already (which hasn't happened?) or interested in maintaining packages they don't use. So, it would probably be best for Rafael to poke svenstaro directly as he maintains a lot of gaming packages, including "teeworlds". -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU for moving DDNet to community?
On Thu, Feb 8, 2018 at 3:44 PM, Rafael Fontenelle wrote: > Is there a TU that would like to adopt it and move it to community repo? archlinuxcn actually carries it. Not sure if that is enough.
Re: [aur-general] TU for moving DDNet to community?
On Thu, Feb 08, 2018 at 12:44:27PM -0200, Rafael Fontenelle wrote: > Hello, > > DDNet is a very fun sidescrolling game, similar to Teeworlds (DDNet is > actually a mod of Teeworlds). Since Teeworlds's development is very > slow and DDNet's development is very active, a lot of players migrated > to DDNet, which allows to play both gametypes of Teeworlds and many > others of DDNet. > It has 5 votes on AUR, so it doesn't look very popular on Arch. Typical guideline is at least 10 before uploading something to [community]. Alad signature.asc Description: PGP signature
[aur-general] TU for moving DDNet to community?
Hello, DDNet is a very fun sidescrolling game, similar to Teeworlds (DDNet is actually a mod of Teeworlds). Since Teeworlds's development is very slow and DDNet's development is very active, a lot of players migrated to DDNet, which allows to play both gametypes of Teeworlds and many others of DDNet. Here is a fan-made trailer of DDNet: https://www.youtube.com/watch?v=xwyk4hPZM1g Archwiki page: https://wiki.archlinux.org/index.php/DDNet This package is very easy to maintain, all dependencies are in official repos, and most of its updates represent changes only in pkgver and checksums. I'd be glad to see this package in community, if possible, in order to reach users that avoid AUR. https://aur.archlinux.org/packages/ddnet/ Other related packages to consider: https://aur.archlinux.org/packages/ddnet-maps-git/ https://aur.archlinux.org/packages/ddnet-skins/ Is there a TU that would like to adopt it and move it to community repo? Feel free to ask me more info. Best regards, Rafael Fontenelle
Re: [aur-general] TU application: Ivy Foster
On February 2, 2018 12:40:57 AM GMT+01:00, Ivy Foster wrote: > >For cgo, since upstream pulled in the patches I submitted, LDFLAGS are >properly picked up and we have full relro. > >libbulletml was a bit tougher. I wound up throwing out Debian's >patches to upstream's Makefile and just rewriting the Makefile from >scratch. Hopefully either Debian or the dev will be interested in >accepting the new Makefile; until word comes back, it's [in the AUR >git repo][1]. This also grants full relro. > Awesome, thanks for upstreaming the problems :)
Re: [aur-general] TU application: Ivy Foster
On Fri, Jan 26, 2018 at 03:53:07PM -0600, Ivy Foster wrote: > On 26 Jan 2018, at 10:31 +0100, Alad Wenter via aur-general wrote: > > Note: If possible please add a short reply with a GPG signature. > > My mistake! Here's my official, signed reply. > The discussion period is over. Let the votes begin! https://aur.archlinux.org/tu/?id=103 signature.asc Description: PGP signature
Re: [aur-general] TU application: Ivy Foster
On 01 Feb 2018, at 8:29 +0100, Levente Polyak via aur-general wrote: > On January 30, 2018 11:37:42 PM GMT+01:00, Ivy Foster > wrote: > >I'll have some time free tomorrow to get you a proper answer and/or > >fix; for now, I'm just letting you know I got your email! > Hey, any news from respecting LDFLAGS and if needed just purge parts of it? > I'm specially interested in seeing full relro. Hey, Levente. Sorry for the delay! For cgo, since upstream pulled in the patches I submitted, LDFLAGS are properly picked up and we have full relro. libbulletml was a bit tougher. I wound up throwing out Debian's patches to upstream's Makefile and just rewriting the Makefile from scratch. Hopefully either Debian or the dev will be interested in accepting the new Makefile; until word comes back, it's [in the AUR git repo][1]. This also grants full relro. I've yet to run checksec on my other packages, but intend to do so. I'm not sure yet what to do about some of its feedback, notably thinking that some binaries aren't ELF files (so no PIE feedback given) or the number of unfortified...things. Thanks again for your feedback! Ivy [1]: https://aur.archlinux.org/cgit/aur.git/tree/?h=libbulletml signature.asc Description: PGP signature
Re: [aur-general] TU application: Ivy Foster
On January 30, 2018 11:37:42 PM GMT+01:00, Ivy Foster wrote: >I'll have some time free tomorrow to get you a proper answer and/or >fix; for now, I'm just letting you know I got your email! Hey, any news from respecting LDFLAGS and if needed just purge parts of it? I'm specially interested in seeing full relro. Cheers, Levente