Bug#830106: Feature Request: lrzip compression support
Package: dpkg Version: 1.18.7 lrzip, upstream https://github.com/ckolivas/lrzip has quite good compression ratio (better than xz at times) with little compromise in compression time, but at a cost for memory consumption, as seen in benchmark data provided here: http://ck.kolivas.org/apps/lrzip/README.benchmarks. Is there a possibility for dpkg to gain support for lrzip compressed packages?
Bug#813165: Feature Request: Return an Error for Failed Searches
Package: apt (src:apt) Version: 1.2.1 (from Alioth git tag) When attempting a search for a package with Apt using this command, apt search foo-that-does-not-exist Well, obviously that "foo-that-does-not-exist" is not available from the repository, Apt throws this back at me. root [ base-editors@staging ] # apt search foo-that-does-not-exist Sorting... Done Full Text Search... Done root [ base-editors@staging ] # But that is it. I am writing this feature request to suggest that we add a message saying "'foo-that-does-not-exist' is not available from your repository configuration" or something similar. Even better if Apt can suggest a package (or multiple candidates) with (a) similar name(s) as well. But as of now, not printing an error informing the user of the invalid query is quite far from ideal. Best Regards, Jeff Bai, developer from AOSC
Bug#806459:
Please ignore this bug! The issue can be solved with adding SHA1 and SHA256 hash sum information to the Release file. We only provided MD5Sum before, and that apparently annoys Apt 1.1. Bug extra security for the users, eh? Sorry for the trouble.
Bug#806459:
Hi, David. > There should probably be a message mentioning the issue rather than a confusing hashsum mismatch through, so I am not going to ignore the bug as such. True... considering as a distribution maintainer it took me nearly three days to figure out (the second day I decided to file a bug), a warning can be really useful. Best regards, Jeff Bai On Sun, Nov 29, 2015 at 4:19 PM, David Kalnischkies <da...@kalnischkies.de> wrote: > Control: severity -1 wishlist > Control: retitle -1 warn if Release file includes only broken hashes > > On Sun, Nov 29, 2015 at 11:21:44AM -0700, Jeff Bai wrote: > > Please ignore this bug! The issue can be solved with adding SHA1 and > SHA256 > > hash sum information to the Release file. > > There should probably be a message mentioning the issue rather than > a confusing hashsum mismatch through, so I am not going to ignore the > bug as such. > > > > We only provided MD5Sum before, and that apparently annoys Apt 1.1. Bug > > extra security for the users, eh? > > Yeap, apt 1.1 ignores MD5 for security purposes as it can be considered > broken. Note that SHA1 is on its (long) way out as that is close to be > broken, too, so SHA256 (or SHA512) is currently best practice (given > that this is what gpg is using for signatures, so more wouldn't have an > effect). > > > Best regards > > David Kalnischkies >
