Bug#923406: marked as done (RFS: hoteldruid/2.3.2-1)
Your message dated Wed, 27 Feb 2019 23:02:58 +0100 with message-id <20190227220258.55guhe5nulsgt...@angband.pl> and subject line Re: Bug#923406: RFS: hoteldruid/2.3.2-1 has caused the Debian Bug report #923406, regarding RFS: hoteldruid/2.3.2-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 923406: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923406 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package "hoteldruid" * Package name: hoteldruid Version : 2.3.2-1 Upstream Author : Marco M. F. De Santis * URL : http://www.hoteldruid.com * License : AGPLv3 Section : web It builds those binary packages: hoteldruid - web-based property management system for hotels or B To access further information about this package, please visit the following URL: https://mentors.debian.net/package/hoteldruid Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/h/hoteldruid/hoteldruid_2.3.2-1.dsc More information about hoteldruid can be obtained from http://www.hoteldruid.com. Changes since the last upload: * New upstream release - Fixes multiple sql injection and XSS vulnerabilities. (Ref: CVE-2019-9084, CVE-2019-9085, CVE-2019-9086, CVE-2019-9087) * Removed patch fix-gestione-utenti (integrated in upstream). Regards, Marco M. F. De Santis --- End Message --- --- Begin Message --- > * Package name: hoteldruid > Version : 2.3.2-1 > Changes since the last upload: > > * New upstream release > - Fixes multiple sql injection and XSS vulnerabilities. > (Ref: CVE-2019-9084, CVE-2019-9085, CVE-2019-9086, CVE-2019-9087) > * Removed patch fix-gestione-utenti (integrated in upstream). ✓ -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋⠀ Have you accepted Khorne as your lord and saviour? ⠈⠳⣄--- End Message ---
Bug#923340: marked as done (RFS: dwarves-dfsg/1.12-2 (RC))
Your message dated Wed, 27 Feb 2019 22:55:32 +0100 with message-id <20190227215532.vsynforq6k4o3...@angband.pl> and subject line Re: Bug#923340: RFS: dwarves-dfsg/1.12-2 (RC) has caused the Debian Bug report #923340, regarding RFS: dwarves-dfsg/1.12-2 (RC) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 923340: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923340 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: sponsorship-requests Severity: important Dear all, I'm looking for a sponsor for this package: * Package name: dwarves-dfsg Version : 1.12-2 Upstream Author : Arnaldo Carvalho de Melo * URL : http://acmel.wordpress.com * License : GPLv2 Section : utils It builds these binary packages: dwarves - set of advanced DWARF utilities dwarves-dbgsym- debug symbols for dwarves To access further information about this package, please visit the following URL: https://mentors.debian.net/package/dwarves-dfsg Alternatively, you can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/d/dwarves-dfsg/dwarves-dfsg_1.12-2.dsc More information can be obtained from https://git.kernel.org/pub/scm/devel/pahole/pahole.git/ Changes since the last upload: dwarves-dfsg (1.12-2) unstable; urgency=medium * Convert to dh. * Fix Homepage and Vcs-Git. * Fix depends on debhelper >= 10. * Remove trailing spaces from the Debian changelog. * Update copyright to copyright-format/1.0. Closes: #919356. -- Domenico Andreoli Wed, 26 Dec 2018 17:40:31 +0100 Kind regards, Domenico -- 3B10 0CA1 8674 ACBA B4FE FCD2 CE5B CF17 9960 DE13 --- End Message --- --- Begin Message --- Uploaded.--- End Message ---
Bug#923411: RFS: scdoc/1.9.0-1
Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package "scdoc" * Package name : scdoc Version : 1.9.0-1 Upstream Author : Drew DeVault * Url : https://git.sr.ht/~sircmpwn/scdoc * Licenses : MIT Programming Lang : C Section : text scdoc is a tool designed to make the process of writing man pages more friendly. It reads scdoc syntax from stdin and writes roff to stdout, suitable for reading with man(1). It builds those binary packages: * scdoc To access further information about this package, visit the following URL: https://mentors.debian.net/package/scdoc Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/s/scdoc/scdoc_1.9.0-1.dsc Alternatively, you can access package debian/ directory via git from URL: https://salsa.debian.org/bisco-guest/scdoc.git More information about scdoc can be obtained from https://git.sr.ht/~sircmpwn/scdoc Changes since last upload: * New upstream release * Refreshed patch * d/rules: Pass PCDIR to the install target * d/control: Drop Multiarch hint Regards, Birger Schacht
Bug#923406: RFS: hoteldruid/2.3.2-1
Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package "hoteldruid" * Package name: hoteldruid Version : 2.3.2-1 Upstream Author : Marco M. F. De Santis * URL : http://www.hoteldruid.com * License : AGPLv3 Section : web It builds those binary packages: hoteldruid - web-based property management system for hotels or B To access further information about this package, please visit the following URL: https://mentors.debian.net/package/hoteldruid Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/h/hoteldruid/hoteldruid_2.3.2-1.dsc More information about hoteldruid can be obtained from http://www.hoteldruid.com. Changes since the last upload: * New upstream release - Fixes multiple sql injection and XSS vulnerabilities. (Ref: CVE-2019-9084, CVE-2019-9085, CVE-2019-9086, CVE-2019-9087) * Removed patch fix-gestione-utenti (integrated in upstream). Regards, Marco M. F. De Santis
Bug#923405: RFS: pandoc-plantuml-filter/0.1.1-1 [ITP]
Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package "pandoc-plantuml-filter" * Package name: pandoc-plantuml-filter Version : 0.1.1-1 Upstream Author : Timo Furrer * URL : https://github.com/timofurrer/pandoc-plantuml-filter * License : MIT Section : misc It builds those binary packages: pandoc-plantuml-filter - Pandoc filter: converts PlantUML code blocks to PlantUML images To access further information about this package, please visit the following URL: https://mentors.debian.net/package/pandoc-plantuml-filter Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/p/pandoc-plantuml-filter/pandoc-plantuml-filter_0.1.1-1.dsc The package is maintained in git under https://salsa.debian.org/python-team/applications/pandoc-plantuml-filter and will be maintained in the Python Application Packagin Team (also set as maintainer). More information about pandoc-plantuml-filter can be obtained from https://github.com/timofurrer/pandoc-plantuml-filter. Regards, Hanno Stock
Bug#923340: RFS: dwarves-dfsg/1.12-2 (RC)
On Wed, Feb 27, 2019 at 02:10:06PM +0100, Adam Borowski wrote: > On Wed, Feb 27, 2019 at 09:33:43AM +0100, Domenico Andreoli wrote: > > On Tue, Feb 26, 2019 at 08:15:59PM +0100, Adam Borowski wrote: > > > On Tue, Feb 26, 2019 at 06:06:18PM +0100, Domenico Andreoli wrote: > > > > * Package name: dwarves-dfsg > > > > Version : 1.12-2 > > > > > * Update copyright to copyright-format/1.0. Closes: #919356. > > > > The new copyright file contains references to GPL-2.0-only and > > > GPL-2.0-or-later without defining them. > > > > According to https://spdx.org/licenses/ they are defined and supersede > > GPL-2 and GPL-2+ now deprecated (maybe I should file a bug). OTOH I'm > > reading that as long as copyright-format is not updated, new ones should > > not be used. > > SPDX has nothing to the copyright-format. The latter doesn't care about > short names at all, merely that 1. every file has a license, and 2. every > license is defined. > > Thus, "GPL-2", "GPL-2+", "GPL-2.0-only", "GPL-2.0-or-later", "Meow-meow" > and "Cthulhu-fhtagn" have exactly the same meaning: they're merely > identifiers that need to be defined elsewhere in the file. Obviously, > for human readers we still want GPL to mean GPL -- but it's a syntax vs > content distinction. Got it, in my mind the two things were related. There is even a paragraph that says "For SPDX compatibility, versions with trailing dot-zeroes are considered to be equivalent to versions without (e.g., “2.0.0” is considered equal to “2.0” and “2”)." but I cannot ignore the one saying: "Use of a standard short name does not override the Debian Policy requirement to include the full license text in debian/copyright, nor any requirements in the license of the work regarding reproduction of legal notices. This information must still be included in the License field, either in a stand-alone License paragraph or in the relevant files paragraph." > > I spent quite some time in trying to understand what lintian tries > > to tell me here. I verified that reshuffling the file does not help > > either, these errors stay in a similar location, as if lintian had some > > bug somewhere. > > "references a license, for which no standalone license paragraph exists" I evidently read too little and assumed too much. > > I'm uploaded a new version with GPL-2/GPL-2+, should be available shortly. > > I don't see it on mentors yet... I rewrote history and pushed a new 1.12-2 release to mentors. Thanks again for the feedback. Regards, Domenico -- 3B10 0CA1 8674 ACBA B4FE FCD2 CE5B CF17 9960 DE13 signature.asc Description: PGP signature
Bug#923340: RFS: dwarves-dfsg/1.12-2 (RC)
On Wed, Feb 27, 2019 at 09:33:43AM +0100, Domenico Andreoli wrote: > On Tue, Feb 26, 2019 at 08:15:59PM +0100, Adam Borowski wrote: > > On Tue, Feb 26, 2019 at 06:06:18PM +0100, Domenico Andreoli wrote: > > > * Package name: dwarves-dfsg > > > Version : 1.12-2 > > > * Update copyright to copyright-format/1.0. Closes: #919356. > > The new copyright file contains references to GPL-2.0-only and > > GPL-2.0-or-later without defining them. > > According to https://spdx.org/licenses/ they are defined and supersede > GPL-2 and GPL-2+ now deprecated (maybe I should file a bug). OTOH I'm > reading that as long as copyright-format is not updated, new ones should > not be used. SPDX has nothing to the copyright-format. The latter doesn't care about short names at all, merely that 1. every file has a license, and 2. every license is defined. Thus, "GPL-2", "GPL-2+", "GPL-2.0-only", "GPL-2.0-or-later", "Meow-meow" and "Cthulhu-fhtagn" have exactly the same meaning: they're merely identifiers that need to be defined elsewhere in the file. Obviously, for human readers we still want GPL to mean GPL -- but it's a syntax vs content distinction. > Anyway, this is what I get if I switch to GPL-2 and GPL-2+ everywhere: > > W: dwarves-dfsg source: missing-license-paragraph-in-dep5-copyright gpl-2+ > (paragraph at line 102) > N: > N:The files paragraph in the machine readable copyright file references a > N:license, for which no standalone license paragraph exists. > N: > N:Refer to > N:https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ for > N:details. > N: > N:Severity: normal, Certainty: possible > N: > N:Check: source-copyright, Type: source > N: > W: dwarves-dfsg source: missing-license-paragraph-in-dep5-copyright gpl-2 > (paragraph at line 94) So it does if you say "GPL-2.0-only" or "GPL-2.0-or-later"... > I spent quite some time in trying to understand what lintian tries > to tell me here. I verified that reshuffling the file does not help > either, these errors stay in a similar location, as if lintian had some > bug somewhere. "references a license, for which no standalone license paragraph exists" > I'm uploaded a new version with GPL-2/GPL-2+, should be available shortly. I don't see it on mentors yet... Meow! -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋⠀ Have you accepted Khorne as your lord and saviour? ⠈⠳⣄
Re: package versions at mentors
Hi Bart, On 2/23/19 4:55 PM, Bart Martens wrote: > Great platform. A possible improvement: It would be nice if the version of a > package on the overview page is always the version of the first package on the > package detail page. This is the intended behavior for the index page but, apparently it does not work :) I've opened an issue on salsa so we can follow the progress and fix it. https://salsa.debian.org/mentors.debian.net-team/debexpo/issues/52 Regards, -- Baptiste BEAUPLAT - lyknode signature.asc Description: OpenPGP digital signature
Bug#923340: RFS: dwarves-dfsg/1.12-2 (RC)
On Tue, Feb 26, 2019 at 08:15:59PM +0100, Adam Borowski wrote: > On Tue, Feb 26, 2019 at 06:06:18PM +0100, Domenico Andreoli wrote: > > * Package name: dwarves-dfsg > > Version : 1.12-2 > > > Changes since the last upload: > > > > dwarves-dfsg (1.12-2) unstable; urgency=medium > > > > * Convert to dh. > > * Fix Homepage and Vcs-Git. > > * Fix depends on debhelper >= 10. > > * Remove trailing spaces from the Debian changelog. > > * Update copyright to copyright-format/1.0. Closes: #919356. > > Hi! Hi, > The new copyright file contains references to GPL-2.0-only and > GPL-2.0-or-later without defining them. According to https://spdx.org/licenses/ they are defined and supersede GPL-2 and GPL-2+ now deprecated (maybe I should file a bug). OTOH I'm reading that as long as copyright-format is not updated, new ones should not be used. Anyway, this is what I get if I switch to GPL-2 and GPL-2+ everywhere: W: dwarves-dfsg source: missing-license-paragraph-in-dep5-copyright gpl-2+ (paragraph at line 102) N: N:The files paragraph in the machine readable copyright file references a N:license, for which no standalone license paragraph exists. N: N:Refer to N:https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ for N:details. N: N:Severity: normal, Certainty: possible N: N:Check: source-copyright, Type: source N: W: dwarves-dfsg source: missing-license-paragraph-in-dep5-copyright gpl-2 (paragraph at line 94) I spent quite some time in trying to understand what lintian tries to tell me here. I verified that reshuffling the file does not help either, these errors stay in a similar location, as if lintian had some bug somewhere. I also expected they to be repeated as many times as in the files (yes, I'm using --no-tag-display-limit -i) but they are not and so at certain point I gave up. I'm uploaded a new version with GPL-2/GPL-2+, should be available shortly. Thanks for reviewing. Regards, Domenico -- 3B10 0CA1 8674 ACBA B4FE FCD2 CE5B CF17 9960 DE13 signature.asc Description: PGP signature
Bug#923209: RFS: heaptrack/1.1.0+20180922.gitf752536-3.1 [NMU]
Hi Nicholas, > Maybe it's obvious, but perhaps the developer's reference and > wiki/PackageSalvaging would benefit from the addition of "Things to do > before NMUing…for a team maintained package, […] It's a > trivial bit of work I'd be happy to do... Go for it :) Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org chris-lamb.co.uk `-
Re: Looking for a mentor -- multiscale molecular modeling package MMB (and molmodel)
Hi Samuel, On 2019-02-26 18:27, Samuel Flores wrote: > I would like some help packaging MacroMoleculeBuilder (MMB) for distribution > in Debian or Ubuntu. It is a mature piece of code, used to publish many > scientific articles in structural bioinformatics and structural and molecular > biology. It has been downloaded thousands of times. I would gladly help with the packaging of this modeling tool. > I would be happy to change MMB's license to be compatible with this process. You are absolutely right to start with the license check. Debian accepts only those licenses that are compatible with Debian Free Software Guides [1]. You can find (incomplete) list of DFSG-compatible licenses here [2]. [1] http://www.debian.org/social_contract#guidelines [2] https://wiki.debian.org/DFSGLicenses > MMB requires OpenMM, simbody, and SeqAn, I believe all of these are already > packaged. It also requires SimTK molmodel which is not packaged -- I am the > maintainer of molmodel and would like to package this as well. Molmodel is > not hard to compile, but it does use cmake. OpenMM and molmodel are not yet in Debian, AFAIK. Thus they have to be packaged before the MMB. To start with, I would suggest reading the introduction to packaging [3], as Andrey has advised. [3] https://mentors.debian.net/intro-maintainers Best wishes, Andrius -- Andrius Merkys Vilnius University Institute of Biotechnology, Saulėtekio al. 7, room V325 LT-10257 Vilnius, Lithuania