Re: /usr-move: Do we support upgrades without apt?
On Thu, Dec 21, 2023 at 10:41:57AM +0100, Helmut Grohne wrote: > ## Upgrading using dpkg directly? > > We already have quite a number of packages that use Conflicts to prevent > file loss in upgrades in a very similar way to #1058937 (Ben's > libnfsidmap1 bug) even in released versions of Debian. For instance, > dhcpcd-base's Replaces were upgraded to Conflicts, see #1053657. If you > employ dpkg, you can still experience the problem there. > > Is it ok to call upgrade scenarios failures that cannot be reproduced > using apt unsupported until we no longer deal with aliasing? I think so, yes. I don't think it's likely that there are people doing upgrades on running systems not using apt. If there are, they already need to deal with doing the dpkg calls in the right order anyway -- basically doing the apt dependency resolution by hand -- that this is just another corner case that they need to handle; there could be already Conflicts in there for other reasons than /usr-merge. signature.asc Description: PGP signature
Bug#1051302: bookworm-pu: package jekyll/4.3.1+dfsg-3+deb12u1
On Sat, Sep 23, 2023 at 08:32:43PM +0100, Adam D. Barratt wrote: > Control: tags -1 confirmed > > This update fixes processing user configuration that used YAML > > aliases. > > > > [ Impact ] > > User configuration with YAML aliases will cause jekyll to crash while > > parsing it, and therefore jekyll will not work at all. > > > > Please go ahead. Uploaded. signature.asc Description: PGP signature
Bug#1051302: bookworm-pu: package jekyll/4.3.1+dfsg-3+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: jek...@packages.debian.org Control: affects -1 + src:jekyll [ Reason ] This update fixes processing user configuration that used YAML aliases. [ Impact ] User configuration with YAML aliases will cause jekyll to crash while parsing it, and therefore jekyll will not work at all. [ Tests ] The change is trivial, and is already present in testing. [ Risks ] No risks. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] The only change is passing an extra parameter to Psych.safe_load, telling it to allow aliases in the YAML data. [ Other info ] n/a diff --git a/debian/changelog b/debian/changelog index b91ea6e..7ba5630 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +jekyll (4.3.1+dfsg-3+deb12u1) bookworm; urgency=medium + + [ Sébastien Villemot ] + * Allow YAML aliases (Closes: #1050867) + + -- Antonio Terceiro Tue, 05 Sep 2023 19:37:14 -0300 + jekyll (4.3.1+dfsg-2) unstable; urgency=medium * Team upload diff --git a/debian/patches/0016-Drop-usage-of-safe_yaml.patch b/debian/patches/0016-Drop-usage-of-safe_yaml.patch index 90aa06e..6caae5d 100644 --- a/debian/patches/0016-Drop-usage-of-safe_yaml.patch +++ b/debian/patches/0016-Drop-usage-of-safe_yaml.patch @@ -1,6 +1,9 @@ From: Antonio Terceiro Date: Sat, 21 Jan 2023 23:25:30 -0300 Subject: Drop usage of safe_yaml +MIME-Version: 1.0 +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit Squashed commit of the following: @@ -22,6 +25,12 @@ Date: Thu Aug 19 13:42:39 2021 -0300 Use Psych as YAML parser +commit 5afe0f5acbc4cb9880bd2c752f45f39ba4f62835 +Author: Sébastien Villemot +Date: Wed, 30 Aug 2023 11:35:36 -0300 + +Enable YAML aliases + Source: https://github.com/jekyll/jekyll/pull/8772 Additional changes: - Also make the replacement of SafeYAML in lib/jekyll/commands/serve.rb @@ -193,7 +202,7 @@ index d6c5a0b..3757e04 100644 Jekyll.logger.info "Theme Config file:", theme_config_file diff --git a/lib/jekyll/utils.rb b/lib/jekyll/utils.rb -index 2a96527..0dfe2ec 100644 +index 2a96527..252541f 100644 --- a/lib/jekyll/utils.rb +++ b/lib/jekyll/utils.rb @@ -316,6 +316,20 @@ module Jekyll @@ -202,7 +211,7 @@ index 2a96527..0dfe2ec 100644 +# Safely load YAML strings +def safe_load_yaml(yaml) -+ Psych.safe_load(yaml, :permitted_classes => [Date, Time]) ++ Psych.safe_load(yaml, :permitted_classes => [Date, Time], aliases: true) +rescue ArgumentError + # Psych versions < 3.1 had a different safe_load API and used + # problematic language. signature.asc Description: PGP signature
Re: Bug#1050256: autopkgtest fails on debci
On Fri, Sep 01, 2023 at 11:13:11PM +, Mathias Gibbens wrote: > Control: block 1038315 by -1 > Control: block 1042880 by -1 > > I don't think we have a good understanding of the root cause of this > issue. Initially we thought this was a known upstream issue with all- > but very recent versions of apparmor and a corresponding lxc profile > fix [0]. However, it appears this is a different issue that somehow > depends on the interaction of bookworm's versions of the kernel, > apparmor, and/or lxc. > > A minimal reproducer is to install bookworm and create a container > with a systemd service using a hardening option like > PrivateNetwork=yes. With the latest bookworm kernel (6.1.38-4), the > service will fail. But, grab a kernel from testing (6.4.11-1) and then > things work -- with no other changes required. I tried the "oldest" > kernel on snapshot.d.o post 6.1 series (6.3.1+1~exp1 [1]) and the > service works properly with that version as well. So, something changed > in the kernel (either upstream or in Debian's packaging) between 6.1 > and 6.3 that "unbreaks" services within lxc containers. > > Given that simply installing a newer kernel fixes things, I am > hesitant to start making changes to lxc until we actually understand > what's changed when running the newer kernel and how it's affecting > lxc's behavior. Thanks for the investigation. This led to think of something that would work around this issue, but maybe has bigger consequences. I'm wondering whether we should, as a policy, run backports kernels on the ci.debian.net workers. Given the most important use case is testing testing¹, having a kernel that is closest to the one in testing might make sense. ¹ pun intended Of course, this does not prevents having QEMU workers, and I want to provide that at some point. But since we won't be able to have QEMU for all architectures, anyway, I still think running backports kernels in the lxc workers might be a valid strategy. signature.asc Description: PGP signature
Bug#1034497: unblock: jekyll/4.3.1+dfsg-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: jek...@packages.debian.org Control: affects -1 + src:jekyll Please unblock package jekyll [ Reason ] Fix for test failure on some timezones [ Impact ] This has no effect on end users [ Tests ] All tests pass both during build and under autopkgtest [ Risks ] Trivial change [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] n/a unblock jekyll/4.3.1+dfsg-2 diff --git a/debian/changelog b/debian/changelog index dbecdf8..b91ea6e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +jekyll (4.3.1+dfsg-2) unstable; urgency=medium + + * Team upload + * debian/ruby-tests.rake: always run tests under TZ=UTC (Closes: #1034450) + + -- Antonio Terceiro Sun, 16 Apr 2023 18:35:56 -0300 + jekyll (4.3.1+dfsg-1) unstable; urgency=medium * Team upload diff --git a/debian/ruby-tests.rake b/debian/ruby-tests.rake index e926490..26eeaf2 100644 --- a/debian/ruby-tests.rake +++ b/debian/ruby-tests.rake @@ -8,6 +8,8 @@ exclude = %w[ test/test_win_tz.rb ] +ENV["TZ"] = "UTC" + Gem2Deb::Rake::TestTask.new(:test) do |t| t.libs << 'lib' << 'test' if ENV['AUTOPKGTEST_TEST_NEW_COMMAND'] signature.asc Description: PGP signature
Bug#1033573: unblock: ruby3.1/3.1.2-7
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: ruby...@packages.debian.org Control: affects -1 + src:ruby3.1 Please unblock package ruby3.1 [ Reason ] This release updates the openssl bindings, fixing a few regressions that have been identified. [ Impact ] Without these changes, at least gitlab doesn't work correctly. [ Tests ] I had uploaded this to experimental some time ago, and the pseudo excuses against unstable showed no regressions. [ Risks ] The changes are contained to the implementatin of a few openssl methods. I think the risk is low. I had also tried updating to the new upstream release 3.1.3, which includes this change, but thought that contained too many non-critical changes. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] I'm also attaching the actual patch included in this upload as it is easier to read than the diff-in-diff in the debdiff. unblock ruby3.1/3.1.2-7 diff --git a/debian/changelog b/debian/changelog index c6bd035fc..54e474d21 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,15 @@ +ruby3.1 (3.1.2-7) unstable; urgency=medium + + * Upload to unstable + + -- Antonio Terceiro Sat, 25 Mar 2023 14:20:34 -0300 + +ruby3.1 (3.1.2-7~exp) experimental; urgency=medium + + * Update openssl extension to to 3.0.1 (Closes: #1032070) + + -- Antonio Terceiro Sun, 05 Mar 2023 17:13:36 -0300 + ruby3.1 (3.1.2-6) unstable; urgency=medium * Add missing dependencies for pkg-config test diff --git a/debian/patches/openssl-3.0.1.patch b/debian/patches/openssl-3.0.1.patch new file mode 100644 index 0..0762cb65e --- /dev/null +++ b/debian/patches/openssl-3.0.1.patch @@ -0,0 +1,495 @@ +From: Antonio Terceiro +Date: Sun, 5 Mar 2023 17:09:05 -0300 +Subject: openssl 3.0.1 + +This is a combination of several patches for openssl extension that fix +bugs in its version 3.0.0. + +Forwarded: not-needed +--- + ext/openssl/History.md | 40 + + ext/openssl/extconf.rb | 5 +++-- + ext/openssl/lib/openssl/pkey.rb| 8 +++ + ext/openssl/lib/openssl/version.rb | 2 +- + ext/openssl/openssl.gemspec| 2 +- + ext/openssl/ossl_hmac.c| 8 +++ + ext/openssl/ossl_pkey.c| 46 +++--- + ext/openssl/ossl_pkey_ec.c | 4 + ext/openssl/ossl_x509cert.c| 6 ++--- + ext/openssl/ossl_x509crl.c | 6 ++--- + ext/openssl/ossl_x509req.c | 6 ++--- + ext/openssl/ossl_x509revoked.c | 6 ++--- + test/openssl/test_hmac.rb | 8 +++ + test/openssl/test_pkey_dsa.rb | 19 + test/openssl/test_pkey_ec.rb | 25 + + test/openssl/test_pkey_rsa.rb | 5 + + test/openssl/test_ssl.rb | 6 + + 17 files changed, 183 insertions(+), 19 deletions(-) + +diff --git a/ext/openssl/History.md b/ext/openssl/History.md +index 479ec3b..a4f6bd7 100644 +--- a/ext/openssl/History.md b/ext/openssl/History.md +@@ -1,3 +1,27 @@ ++Version 3.0.1 ++= ++ ++Merged changes in 2.1.4 and 2.2.2. Additionally, the following issues are fixed ++by this release. ++ ++Bug fixes ++- ++ ++* Add missing type check in OpenSSL::PKey::PKey#sign's optional parameters. ++ [[GitHub #531]](https://github.com/ruby/openssl/pull/531) ++* Work around OpenSSL 3.0's HMAC issues with a zero-length key. ++ [[GitHub #538]](https://github.com/ruby/openssl/pull/538) ++* Fix a regression in OpenSSL::PKey::DSA.generate's default of 'q' size. ++ [[GitHub #483]](https://github.com/ruby/openssl/issues/483) ++ [[GitHub #539]](https://github.com/ruby/openssl/pull/539) ++* Restore OpenSSL::PKey.read's ability to decode "openssl ecparam -genkey" ++ output when linked against OpenSSL 3.0. ++ [[GitHub #535]](https://github.com/ruby/openssl/pull/535) ++ [[GitHub #540]](https://github.com/ruby/openssl/pull/540) ++* Restore error checks in OpenSSL::PKey::EC#{to_der,to_pem}. ++ [[GitHub #541]](https://github.com/ruby/openssl/pull/541) ++ ++ + Version 3.0.0 + = + +@@ -100,6 +124,12 @@ Notable changes + [[GitHub #342]](https://github.com/ruby/openssl/issues/342) + + ++Version 2.2.2 ++= ++ ++Merged changes in 2.1.4. ++ ++ + Version 2.2.1 + = + +@@ -194,6 +224,16 @@ Notable changes + [[GitHub #297]](https://github.com/ruby/openssl/pull/297) + + ++Version 2.1.4 ++= ++ ++Bug fixes ++- ++ ++* Do not use pkg-config if --with-openssl-dir option is specified. ++ [[GitHub #486]](https://github.com/ruby/openssl/pull/486) ++ ++ + Version 2.1.3 + = + +diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb +index fedcb93..d2d7893 100644 +--- a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb +@@ -13,7 +13,7 @@ +
Bug#1030987: bullseye-pu: package vagrant/2.2.14+dfsg-2
On Sun, Feb 19, 2023 at 06:54:45PM +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Fri, 2023-02-10 at 09:58 +0100, Antonio Terceiro wrote: > > Since VirtualBox is not in stable, people will install it either from > > upstream, and from Fasttrack (https://fasttrack.debian.net/). When a > > new > > version of VirtualBox comes out, vagrant needs change to work with > > it. > > > > [ Impact ] > > stable users can't use vagrant with the latest VirtualBox (7.0). > > > > Please go ahead. Uploaded. signature.asc Description: PGP signature
Bug#1030987: bullseye-pu: package vagrant/2.2.14+dfsg-2
Package: release.debian.org Severity: normal Tags: bullseye User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: vagr...@packages.debian.org Control: affects -1 + src:vagrant [ Reason ] Since VirtualBox is not in stable, people will install it either from upstream, and from Fasttrack (https://fasttrack.debian.net/). When a new version of VirtualBox comes out, vagrant needs change to work with it. [ Impact ] stable users can't use vagrant with the latest VirtualBox (7.0). [ Tests ] The full testsuite passes, plus I got one real user to test on theur system and confirm it works for them. [ Risks ] This is a direct cherry pick, with only 1 line change, from the upstream patch that added VirtualBox 7.0 support. I don't see significant risk. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable I also attached the actual patch so it's easier to read than the diff-in-diff in the debdiff. [ Changes ] The patch adds a new driver for VirtualBox 7.0, plus unit tests for it. [ Other info ] n/a diff --git a/debian/changelog b/debian/changelog index fc3cfcf..a28263d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vagrant (2.2.14+dfsg-2) bullseye; urgency=medium + + * Add support for VirtualBox 7.0 (Closes: #1026227) + + -- Antonio Terceiro Tue, 07 Feb 2023 10:33:52 +0100 + vagrant (2.2.14+dfsg-1) unstable; urgency=medium * New upstream version 2.2.14+dfsg diff --git a/debian/patches/0007-Add-support-for-VirtualBox-7.0.patch b/debian/patches/0007-Add-support-for-VirtualBox-7.0.patch new file mode 100644 index 000..431a3b5 --- /dev/null +++ b/debian/patches/0007-Add-support-for-VirtualBox-7.0.patch @@ -0,0 +1,264 @@ +From: Chris Roberts +Date: Fri, 14 Oct 2022 10:44:49 -0700 +Subject: Add support for VirtualBox 7.0 + +Signed-off-by: Antonio Terceiro +Changes from the original patch: + +- replace `require "rexml"` with `require "rexml/document"` to work with with + the rexml shipped with Ruby 2.7 + +--- + lib/vagrant/errors.rb | 4 + + plugins/providers/virtualbox/driver/meta.rb| 1 + + plugins/providers/virtualbox/driver/version_7_0.rb | 67 + + plugins/providers/virtualbox/plugin.rb | 1 + + templates/locales/en.yml | 5 + + .../virtualbox/driver/version_7_0_test.rb | 109 + + 6 files changed, 187 insertions(+) + create mode 100644 plugins/providers/virtualbox/driver/version_7_0.rb + create mode 100644 test/unit/plugins/providers/virtualbox/driver/version_7_0_test.rb + +diff --git a/lib/vagrant/errors.rb b/lib/vagrant/errors.rb +index 782615b..4329d29 100644 +--- a/lib/vagrant/errors.rb b/lib/vagrant/errors.rb +@@ -940,6 +940,10 @@ module Vagrant + error_key(:virtualbox_broken_version_040214) + end + ++class VirtualBoxConfigNotFound < VagrantError ++ error_key(:virtualbox_config_not_found) ++end ++ + class VirtualBoxDisksDefinedExceedLimit < VagrantError + error_key(:virtualbox_disks_defined_exceed_limit) + end +diff --git a/plugins/providers/virtualbox/driver/meta.rb b/plugins/providers/virtualbox/driver/meta.rb +index c3be8c8..04c130c 100644 +--- a/plugins/providers/virtualbox/driver/meta.rb b/plugins/providers/virtualbox/driver/meta.rb +@@ -65,6 +65,7 @@ module VagrantPlugins + "5.2" => Version_5_2, + "6.0" => Version_6_0, + "6.1" => Version_6_1, ++"7.0" => Version_7_0, + } + + if @@version.start_with?("4.2.14") +diff --git a/plugins/providers/virtualbox/driver/version_7_0.rb b/plugins/providers/virtualbox/driver/version_7_0.rb +new file mode 100644 +index 000..d94e66b +--- /dev/null b/plugins/providers/virtualbox/driver/version_7_0.rb +@@ -0,0 +1,67 @@ ++require "rexml/document" ++require File.expand_path("../version_6_1", __FILE__) ++ ++module VagrantPlugins ++ module ProviderVirtualBox ++module Driver ++ # Driver for VirtualBox 7.0.x ++ class Version_7_0 < Version_6_1 ++def initialize(uuid) ++ super ++ ++ @logger = Log4r::Logger.new("vagrant::provider::virtualbox_7_0") ++end ++ ++# The initial VirtualBox 7.0 release has an issue with displaying port ++# forward information. When a single port forward is defined, the forwarding ++# information can be found in the `showvminfo` output. Once more than a ++# single port forward is defined, no forwarding information is provided ++# in the `showvminfo` output. To work around this we grab the VM configuration ++# file from the `showvminfo` output and extract the port forward informa
Bug#1029728: bullseye-pu: package passenger/5.0.30-1.2+deb11u1
On Sat, Feb 04, 2023 at 06:19:57PM +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Thu, 2023-01-26 at 16:40 -0300, Antonio Terceiro wrote: > > This updates makes it possible for users to use NodeJS binaries newer > > than the ones provided in bullseye. > > > > [ Impact ] > > Users using a NodeJS version can't get passenger to work because it > > fails to start due to use of an invalid global variable. > > > > For some reason this bug never made it to debian-release. > > Please go ahead. Uploaded. signature.asc Description: PGP signature
Re: Shim and secure boot status, leading up to bookworm
On Wed, Jan 25, 2023 at 06:11:45PM +, Steve McIntyre wrote: > Hey all! > > Here's a status update and plans for SB and shim. If any of this is > unclear or you have doubts, please say! > > We currently have *signed* shim *15.4* packages in the archive, for > all of buster, bullseye, bookworm and sid. That works OK at the > moment, but is getting old (July 2021) and needs updating soonish. > > I uploaded shim *15.6* in July 2022 and we attempted to get that > signed too. Reviews were positive, but due to process problems around > Microsoft uploads and then a long delay on getting a needed EV > certificate renewed we never managed to get that signed. :-( > > The MS and cert issues are now both resolved, and I'm now working on a > shim *15.7* upload. There's a little more work and testing to do, but > I'm not far off. Yay? Have the issues with arm64 been fixed? Will this release provide a signed arm64 shim? signature.asc Description: PGP signature
Bug#1029632: unblock: ruby3.1/3.1.2-5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: ruby...@packages.debian.org Control: affects -1 + src:ruby3.1 Please unblock package ruby3.1 This is a trivial bug fix, and even though there is no real block hint in place, this bug report is to save you the time from wondering about the changes. [ Reason ] 3.1.2-4 had a regression. ./configure was being about an explicit pkg-config binary, but pkg-config was not a build dependency. So the pkg-config binary was not really there, so ./configure set the corresponding configuration variable to an empty string making the pkg-config bindings in mkmf.rb not really work. [ Impact ] This makes some packages fail to build from source, namely ruby-augeas and ruby-libvirt. [ Tests ] An autopkgtest to catch similar issues in the future has been added, and it passes while it failed with 3.1.2.4. [ Risks ] None. [ Checklist ] [✓] all changes are documented in the d/changelog [✓] I reviewed all changes and I approve them [✓] attach debdiff against the package in testing [ Other info ] n/a unblock ruby3.1/3.1.2-5 diff --git a/debian/changelog b/debian/changelog index 59fe6c8a1..8e43cb693 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,17 @@ +ruby3.1 (3.1.2-5) unstable; urgency=medium + + * Add autopkgtest to test pkg_config + * Add build dependency on pkg-config from pkgconf. +The absence of this build dependency made the check for whether +pkg-config works fail (because it was not there) at the ./configure +stage, making RbConfig::CONFIG["PKG_CONFIG"] empty, and therefore broke +the usage of pkg_config() in extconf.rb scripts. +This was noticed by Lucas Kanashiro (thanks!) in Ubuntu while rebuilding +all Ruby packages to add ruby3.1 support, where ruby-augeas and +ruby-libvirt failed to build. + + -- Antonio Terceiro Wed, 25 Jan 2023 14:46:18 -0300 + ruby3.1 (3.1.2-4) unstable; urgency=medium * Replace cross pkg-config patch with patches applied upstream diff --git a/debian/control b/debian/control index 2d6602a40..9802975c0 100644 --- a/debian/control +++ b/debian/control @@ -19,6 +19,7 @@ Build-Depends: bison, libyaml-dev, netbase , openssl , + pkg-config (>= 1.8.0-7~), procps , ruby3.1:native , rubygems-integration (>= 1.6) , diff --git a/debian/tests/control b/debian/tests/control index 2b0bab840..bd3c7127a 100644 --- a/debian/tests/control +++ b/debian/tests/control @@ -1,3 +1,3 @@ -Tests: run-all bundled-gems builtin-extensions rubyconfig -Depends: @ +Tests: run-all bundled-gems builtin-extensions rubyconfig pkg-config +Depends: @, libffi-dev Restrictions: allow-stderr diff --git a/debian/tests/pkg-config b/debian/tests/pkg-config new file mode 100755 index 0..ce2bd6e23 --- /dev/null +++ b/debian/tests/pkg-config @@ -0,0 +1,9 @@ +#!/bin/sh + +set -eu + +ruby="${1:-ruby3.1}" +cd "${AUTOPKGTEST_TMP:-/tmp}" + +set -x +$ruby -rmkmf -e 'pkg_config("libffi") or raise "pkg_config does not work"' signature.asc Description: PGP signature
Bug#1026890: transition: ruby3.0-rm
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition X-Debbugs-Cc: ruby-defau...@packages.debian.org Control: affects -1 + src:ruby-defaults Please create a tracker for removing ruby3.0 as a supported version. Ben file (based on ruby2.7-rm from the transition-data repository): title = "ruby3.0-rm"; is_affected = (.depends ~ "ruby3.0" | .depends ~ "libruby3.0") & !.source ~ /^(ruby3.0)$/; is_good = false; is_bad = .depends ~ "ruby3.0" | .depends ~ "libruby3.0"; signature.asc Description: PGP signature
Bug#1023495: transition: ruby3.1
On Wed, Nov 23, 2022 at 05:35:18PM +0100, Sebastian Ramacher wrote: > Hi Antonio > > On 2022-11-23 13:13:37 -0300, Antonio Terceiro wrote: > > On Tue, Nov 22, 2022 at 11:00:57PM +0100, Sebastian Ramacher wrote: > > > On 2022-11-22 21:53:31 +0100, Paul Gevers wrote: > > > > Hi Lucas, > > > > > > > > On 22-11-2022 17:03, Lucas Kanashiro wrote: > > > > > After discussing with Antonio, since our deadline to finish the > > > > > transition is approaching, we decided to already enable ruby3.1 as the > > > > > default and remove ruby3.0 in a single step. > > > > > > > > I may be remembering wrong (it's a bit late), but isn't the change of > > > > the > > > > default a forward rebuild, while removal is a backward rebuild (I mean > > > > in > > > > the dependency tree)? If that's true, I think doing it in two steps is > > > > easier to manage, as packages can then migrate on their own and don't > > > > need a > > > > lock step migration. > > > > > > That's correct. I'd prefer to handle this with two trackers. > > > > Fair enough. I will update ruby-defaults accordingly. Is it OK for us to > > start the transition in unstable? > > I'd like protobuf to migrate first which is currently doing its own > transition. Afer that, we can go ahead with the switch to 3.1 as > default. protobuf migrate a few days ago, so I just uploaded ruby-defaults. Please binNMU these packages: epic5 graphviz ignition-math kamailio klayout kross-interpreters libprelude marisa ngraph-gtk notmuch obexftp redland-bindings subtle subversion vim-command-t weechat xapian-bindings signature.asc Description: PGP signature
Bug#1023495: transition: ruby3.1
On Tue, Nov 22, 2022 at 11:00:57PM +0100, Sebastian Ramacher wrote: > On 2022-11-22 21:53:31 +0100, Paul Gevers wrote: > > Hi Lucas, > > > > On 22-11-2022 17:03, Lucas Kanashiro wrote: > > > After discussing with Antonio, since our deadline to finish the > > > transition is approaching, we decided to already enable ruby3.1 as the > > > default and remove ruby3.0 in a single step. > > > > I may be remembering wrong (it's a bit late), but isn't the change of the > > default a forward rebuild, while removal is a backward rebuild (I mean in > > the dependency tree)? If that's true, I think doing it in two steps is > > easier to manage, as packages can then migrate on their own and don't need a > > lock step migration. > > That's correct. I'd prefer to handle this with two trackers. Fair enough. I will update ruby-defaults accordingly. Is it OK for us to start the transition in unstable? signature.asc Description: PGP signature
Bug#1023495: transition: ruby3.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Hi, I would like to plan the ruby 3.1 transition. As soon as we have the tracker I will perform all the test rebuilds necessary and report any bugs. Ben file: title = "ruby3.1 as default"; is_affected = (.depends ~ /ruby3.0/ | .depends ~ /ruby3.1/) & !.source ~ /^(ruby3.0|ruby3.1|ruby-defaults)$/; is_good = .depends ~ "ruby3.1" | .depends ~ "libruby3.1" | ! (.depends ~ "ruby3.0" | .depends ~ "libruby3.0"); is_bad = ! (.depends ~ "ruby3.1" | .depends ~ "libruby3.1") & (.depends ~ "ruby3.0" | .depends ~ "libruby3.0"); signature.asc Description: PGP signature
Bug#1015207: transitions: ruby3.1-add
Hi, please binNMU: puma thin ruby-bootsnap These failed to build before, but that was probably due to something else down the stack. All three build fine in unstable at the moment. The only missing piece is ruby-mysql2, which I will work on next. signature.asc Description: PGP signature
Bug#1015207: transitions: ruby3.1-add
On Tue, Sep 20, 2022 at 09:04:11AM -0300, Antonio Terceiro wrote: > On Mon, Sep 19, 2022 at 09:07:50AM +0200, Sebastian Ramacher wrote: > > Control: tags -1 = confirmed > > > > On 2022-09-12 15:28:38 -0300, Antonio Terceiro wrote: > > > Hi, > > > > > > On Sun, Jul 17, 2022 at 02:08:14PM -0300, Lucas Kanashiro wrote: > > > > Package: release.debian.org > > > > Severity: normal > > > > User: release.debian@packages.debian.org > > > > Usertags: transition > > > > Tags: moreinfo > > > > > > > > Hi, > > > > > > > > We would like to add support for ruby3.1 in ruby-defaults in unstable > > > > soon. The ben file was already added to the transition tracker as > > > > planned by elbrus. > > > > > > I would like to start this transition, by uploading ruby-defaults > > > enabling building against ruby3.1 to unstable. All the packages listed > > > in the transition page build correctly, except a few ones. They all have > > > bugs reported, and I just raised their severity to serious: > > > > Please go ahead > > Just uploaded. I have a few notes to the list of binNMUs below. Thanks for the initial round of binNMUs. I'm going through the failures and either fixing them or reporting bugs. Please update the transition tracker with the attached patch. From 45cd37e15c3e478e979dada18a7a5d8fe2dfeaab Mon Sep 17 00:00:00 2001 From: Antonio Terceiro Date: Thu, 22 Sep 2022 18:59:16 -0300 Subject: [PATCH] ruby3.1-add: ignore new package that builds only for the default ruby --- ongoing/ruby3.1-add.ben | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ongoing/ruby3.1-add.ben b/ongoing/ruby3.1-add.ben index 5cf29c4..4eeb7a3 100644 --- a/ongoing/ruby3.1-add.ben +++ b/ongoing/ruby3.1-add.ben @@ -1,5 +1,5 @@ title = "ruby3.1-add"; -is_affected = (.depends ~ /ruby3.0/ | .depends ~ /ruby3.1/) & ! .source ~ /^(ruby3\.0|ruby3\.1|ruby-defaults|dislocker|epic5|graphviz|hivex|kamailio|klayout|kross-interpreters|libprelude|marisa|ngraph-gtk|notmuch|obexftp|redland-bindings|rubyluabridge|ruby-standalone|subtle|subversion|uwsgi|vim-command-t|weechat|robot-testing-framework|treil|vim|nbdkit)$/; +is_affected = (.depends ~ /ruby3.0/ | .depends ~ /ruby3.1/) & ! .source ~ /^(ruby3\.0|ruby3\.1|ruby-defaults|dislocker|epic5|graphviz|hivex|kamailio|klayout|kross-interpreters|libprelude|marisa|ngraph-gtk|notmuch|obexftp|redland-bindings|rubyluabridge|ruby-standalone|subtle|subversion|uwsgi|vim-command-t|weechat|robot-testing-framework|treil|vim|nbdkit|ignition-math|)$/; is_good = .depends ~ /ruby3.1/; is_bad = .depends ~ /ruby3.0/ & !.depends ~ /ruby3.1/; notes = "#1015207 "; -- 2.35.1 signature.asc Description: PGP signature
Bug#1015207: transitions: ruby3.1-add
On Mon, Sep 19, 2022 at 09:07:50AM +0200, Sebastian Ramacher wrote: > Control: tags -1 = confirmed > > On 2022-09-12 15:28:38 -0300, Antonio Terceiro wrote: > > Hi, > > > > On Sun, Jul 17, 2022 at 02:08:14PM -0300, Lucas Kanashiro wrote: > > > Package: release.debian.org > > > Severity: normal > > > User: release.debian@packages.debian.org > > > Usertags: transition > > > Tags: moreinfo > > > > > > Hi, > > > > > > We would like to add support for ruby3.1 in ruby-defaults in unstable > > > soon. The ben file was already added to the transition tracker as > > > planned by elbrus. > > > > I would like to start this transition, by uploading ruby-defaults > > enabling building against ruby3.1 to unstable. All the packages listed > > in the transition page build correctly, except a few ones. They all have > > bugs reported, and I just raised their severity to serious: > > Please go ahead Just uploaded. I have a few notes to the list of binNMUs below. > > level 1 > > === > > > > libselinux mecab qdbm raspell protobuf remctl ruby-atomic ruby-augeas > > rrdtool ruby-bcrypt-pbkdf ruby-bcrypt ruby-bindex ruby-bert > > ruby-binding-ninja ruby-byebug ruby-cairo ruby-character-set ruby-cbor > > passenger ruby-charlock-holmes ignition-math ruby-concurrent > > ruby-cool.io ruby-damerau-levenshtein ruby-curses > > ruby-dataobjects-sqlite3 ruby-debian ruby-dataobjects-postgres ruby-curb > > ruby-debug-inspector ruby-ed25519 ruby-eb ruby-enumerable-statistics > > ruby-escape-utils ruby-exif ruby-fast-blank ruby-fast-stemmer > > ruby-fast-xs ruby-fcgi ruby-eventmachine ruby-ffi-yajl ruby-filesystem > > ruby-ffi ruby-fusefs ruby-god ruby-gpgme ruby-gd ruby-hiredis > > ruby-gitlab-pg-query ruby-jaro-winkler ruby-hitimes ruby-json > > ruby-levenshtein ruby-ldap ruby-liquid-c ruby-libxml ruby-mmap2 > > ruby-murmurhash3 ruby-narray ruby-nfc ruby-ncurses ruby-libvirt > > ruby-odbc ruby-kgio ruby-nio4r ruby-oily-png ruby-pcaprub ruby-ox > > ruby-posix-spawn ruby-oj ruby-pg ruby-prometheus-client-mmap > > ruby-nokogiri ruby-rblineprof ruby-raindrops ruby-rbtree ruby-rdiscount > > ruby-re2 ruby-redcarpet ruby-regexp-property-values ruby-redcloth > > ruby-rinku ruby-rpam-ruby19 ruby-rjb ruby-ruby-magic-static ruby-sdbm > > ruby-rpatricia ruby-sequel-pg ruby-rugged ruby-serialport ruby-shadow > > ruby-rmagick ruby-sigar ruby-sdl ruby-strptime ruby-termios ruby-thrift > > ruby-timfel-krb5-auth ruby-uconv ruby-unf-ext ruby-tokyocabinet > > ruby-tioga ruby-unicode ruby-version-sorter ruby-websocket-driver > > ruby-vmstat ruby-xmlhash ruby-xmlparser ruby-yajl ruby-zoom stfl spglib > > unicorn-engine xapian-bindings Add ruby-prof here, since it was recently fixed. > > level 2 > > === > > > > libsemanage ruby-fftw3 ruby-commonmarker ruby-github-linguist > > ruby-github-markdown ruby-grib ruby-gsl ruby-hamlit ruby-hdfeos5 > > ruby-gnome ruby-http-parser.rb ruby-mpi ruby-msgpack ruby-multibitnums > > ruby-nokogumbo ruby-password ruby-sqlite3 thin libguestfs ruby-lapack > > unicorn grpc Add ruby-bson here, also recently fixed. Thanks. signature.asc Description: PGP signature
Bug#1015207: transitions: ruby3.1-add
Hi, On Sun, Jul 17, 2022 at 02:08:14PM -0300, Lucas Kanashiro wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: transition > Tags: moreinfo > > Hi, > > We would like to add support for ruby3.1 in ruby-defaults in unstable > soon. The ben file was already added to the transition tracker as > planned by elbrus. I would like to start this transition, by uploading ruby-defaults enabling building against ruby3.1 to unstable. All the packages listed in the transition page build correctly, except a few ones. They all have bugs reported, and I just raised their severity to serious: https://bugs.debian.org/1015305 https://bugs.debian.org/1015309 https://bugs.debian.org/1015310 https://bugs.debian.org/1015322 https://bugs.debian.org/1015327 https://bugs.debian.org/1015328 https://bugs.debian.org/1015329 https://bugs.debian.org/1015334 The following binNMUs can be done right after the ruby-defaults is uploaded and built: level 1 === libselinux mecab qdbm raspell protobuf remctl ruby-atomic ruby-augeas rrdtool ruby-bcrypt-pbkdf ruby-bcrypt ruby-bindex ruby-bert ruby-binding-ninja ruby-byebug ruby-cairo ruby-character-set ruby-cbor passenger ruby-charlock-holmes ignition-math ruby-concurrent ruby-cool.io ruby-damerau-levenshtein ruby-curses ruby-dataobjects-sqlite3 ruby-debian ruby-dataobjects-postgres ruby-curb ruby-debug-inspector ruby-ed25519 ruby-eb ruby-enumerable-statistics ruby-escape-utils ruby-exif ruby-fast-blank ruby-fast-stemmer ruby-fast-xs ruby-fcgi ruby-eventmachine ruby-ffi-yajl ruby-filesystem ruby-ffi ruby-fusefs ruby-god ruby-gpgme ruby-gd ruby-hiredis ruby-gitlab-pg-query ruby-jaro-winkler ruby-hitimes ruby-json ruby-levenshtein ruby-ldap ruby-liquid-c ruby-libxml ruby-mmap2 ruby-murmurhash3 ruby-narray ruby-nfc ruby-ncurses ruby-libvirt ruby-odbc ruby-kgio ruby-nio4r ruby-oily-png ruby-pcaprub ruby-ox ruby-posix-spawn ruby-oj ruby-pg ruby-prometheus-client-mmap ruby-nokogiri ruby-rblineprof ruby-raindrops ruby-rbtree ruby-rdiscount ruby-re2 ruby-redcarpet ruby-regexp-property-values ruby-redcloth ruby-rinku ruby-rpam-ruby19 ruby-rjb ruby-ruby-magic-static ruby-sdbm ruby-rpatricia ruby-sequel-pg ruby-rugged ruby-serialport ruby-shadow ruby-rmagick ruby-sigar ruby-sdl ruby-strptime ruby-termios ruby-thrift ruby-timfel-krb5-auth ruby-uconv ruby-unf-ext ruby-tokyocabinet ruby-tioga ruby-unicode ruby-version-sorter ruby-websocket-driver ruby-vmstat ruby-xmlhash ruby-xmlparser ruby-yajl ruby-zoom stfl spglib unicorn-engine xapian-bindings level 2 === libsemanage ruby-fftw3 ruby-commonmarker ruby-github-linguist ruby-github-markdown ruby-grib ruby-gsl ruby-hamlit ruby-hdfeos5 ruby-gnome ruby-http-parser.rb ruby-mpi ruby-msgpack ruby-multibitnums ruby-nokogumbo ruby-password ruby-sqlite3 thin libguestfs ruby-lapack unicorn grpc level 3 === ruby-bootsnap ruby-rbtrace 8<8<8<- There are still bugs to be reported about arch:all packages that FTBFS, and I will be doing that next. signature.asc Description: PGP signature
Bug#1004459: bullseye-pu: package lxc/1:4.0.6-2+deb11u1
On Fri, Jul 01, 2022 at 07:13:24PM +0100, Adam D. Barratt wrote: > On Sun, 2022-02-20 at 19:38 -0300, Antonio Terceiro wrote: > > On Sat, Feb 19, 2022 at 06:53:52PM +, Adam D. Barratt wrote: > > > Control: tags -1 + confirmed > > > > > > On Thu, 2022-01-27 at 21:32 -0300, Antonio Terceiro wrote: > > > > This update fixes the download of container images using the > > > > "download" > > > > template. pool.sks-keyservers.net is not active anymore, so the > > > > patch > > > > (already included in the upstream release present in > > > > sid/bookworm) > > > > changes that to keyserver.ubuntu.com. > > > > > > > > > > + * lxc-download: Switch GPG server. > > > +The default server used to download gpg keys from has ben > > > deprecated, > > > > > > s/ben/been/ > > > > > > Please go ahead. > > > > Uploaded with that typo fixed. Thanks. > > I was just looking through some older p-u bugs, and realised that this > was still open. Looking further, the package never seems to have made > it to stable-new. > > I can't find any mention of the upload in the dak logs on ftp-master, > and all I can see on the upload host is: > > Feb 20 21:55:04 > rm --searchdirs lxc_4.0.6-2+deb11u1_source.changes > Feb 20 21:55:04 Files removed: lxc_4.0.6-2+deb11u1_source.changes > Feb 20 21:55:04 > rm --searchdirs lxc_4.0.6-2+deb11u1.dsc > Feb 20 21:55:04 Files removed: lxc_4.0.6-2+deb11u1.dsc > Feb 20 21:55:04 > rm --searchdirs lxc_4.0.6-2+deb11u1.debian.tar.xz > Feb 20 21:55:04 Files removed: lxc_4.0.6-2+deb11u1.debian.tar.xz > Feb 20 21:55:04 > rm --searchdirs lxc_4.0.6-2+deb11u1_source.buildinfo > Feb 20 21:55:04 Files removed: lxc_4.0.6-2+deb11u1_source.buildinfo Weird. I do have local logs of it being uploaded. Anyway, I have just uploaded again. signature.asc Description: PGP signature
Bug#1009363: bullseye-pu: package ruby-net-ssh/1:6.1.0-2+deb11u1
On Sat, May 28, 2022 at 08:47:53PM +0100, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Tue, 2022-04-12 at 09:40 -0300, Antonio Terceiro wrote: > > OpenSSH 8.8 disables RSA signatures using the SHA-1 hash algorithm, > > and > > that breaks clients that do not support stronger algorithms, which is > > the case of the ruby-net-ssh version in bullseye. > > > > [ Impact ] > > Users of vagrant and capistrano, for example, are not able to connect > > to hosts running OpenSSH 8.8, which includes Debian bookworm but also > > other distributions where OpenSSH 8.8. is already available. > > > [...] > > The patches are backports of the relevant upstream patches. The first > > adds support for client authentication with RSA + SHA-2. The second > > adds > > support for RSA+SHA-2 in host keys. > > > > Please go ahead. Uploaded. signature.asc Description: PGP signature
Bug#1009363: bullseye-pu: package ruby-net-ssh/1:6.1.0-2+deb11u1
Package: release.debian.org Severity: normal Tags: bullseye User: release.debian@packages.debian.org Usertags: pu [ Reason ] OpenSSH 8.8 disables RSA signatures using the SHA-1 hash algorithm, and that breaks clients that do not support stronger algorithms, which is the case of the ruby-net-ssh version in bullseye. [ Impact ] Users of vagrant and capistrano, for example, are not able to connect to hosts running OpenSSH 8.8, which includes Debian bookworm but also other distributions where OpenSSH 8.8. is already available. [ Tests ] All the included unit tests, includind the new ones added by the included patches, pass both during the package build and autopkgtest. This updates was also tested manually on stable by Lucas Nussbaum (see #1008541), who confirmed the fix works. [ Risks ] I don't see much risk in this update. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] The patches are backports of the relevant upstream patches. The first adds support for client authentication with RSA + SHA-2. The second adds support for RSA+SHA-2 in host keys. [ Other info ] I'm also attaching the patches themselves, because they are easier to read than the diff-in-diff in the debdiff. diff --git a/debian/changelog b/debian/changelog index a1f8837f..763e6086 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +ruby-net-ssh (1:6.1.0-2+deb11u1) bullseye; urgency=medium + + * Backport upstream patches to fix authentication against hosts using +OpenSSH 8.8, including but not limited to Debian bookworm +(Closes: #1009155, #1008541) + + -- Antonio Terceiro Fri, 08 Apr 2022 10:06:46 -0300 + ruby-net-ssh (1:6.1.0-2) unstable; urgency=medium [ Cédric Boutillier ] diff --git a/debian/patches/0001-Added-support-for-RSA-client-authentication-with-SHA.patch b/debian/patches/0001-Added-support-for-RSA-client-authentication-with-SHA.patch new file mode 100644 index ..ae350e52 --- /dev/null +++ b/debian/patches/0001-Added-support-for-RSA-client-authentication-with-SHA.patch @@ -0,0 +1,394 @@ +From: Zdenek Zambersky +Date: Thu, 6 May 2021 13:50:20 +0200 +Subject: Added support for RSA client authentication with SHA-2 + +Source: https://github.com/net-ssh/net-ssh/pull/838 +Backported-By: Antonio Terceiro +--- + lib/net/ssh/authentication/certificate.rb | 4 +- + lib/net/ssh/authentication/ed25519.rb | 2 +- + lib/net/ssh/authentication/key_manager.rb | 22 ++-- + lib/net/ssh/authentication/methods/abstract.rb | 10 + lib/net/ssh/authentication/methods/publickey.rb | 66 ++- + lib/net/ssh/authentication/session.rb | 5 +- + lib/net/ssh/transport/openssl.rb| 16 -- + test/authentication/methods/test_publickey.rb | 71 ++--- + test/authentication/test_session.rb | 6 ++- + 9 files changed, 169 insertions(+), 33 deletions(-) + +diff --git a/lib/net/ssh/authentication/certificate.rb b/lib/net/ssh/authentication/certificate.rb +index 82e37e9..95b01ff 100644 +--- a/lib/net/ssh/authentication/certificate.rb b/lib/net/ssh/authentication/certificate.rb +@@ -65,8 +65,8 @@ module Net + ).to_s + end + +-def ssh_do_sign(data) +- key.ssh_do_sign(data) ++def ssh_do_sign(data, sig_alg = nil) ++ key.ssh_do_sign(data, sig_alg) + end + + def ssh_do_verify(sig, data) +diff --git a/lib/net/ssh/authentication/ed25519.rb b/lib/net/ssh/authentication/ed25519.rb +index 0c5530c..1989d1f 100644 +--- a/lib/net/ssh/authentication/ed25519.rb b/lib/net/ssh/authentication/ed25519.rb +@@ -167,7 +167,7 @@ module Net + PubKey.new(@pk) + end + +- def ssh_do_sign(data) ++ def ssh_do_sign(data, sig_alg = nil) + @sign_key.sign(data) + end + +diff --git a/lib/net/ssh/authentication/key_manager.rb b/lib/net/ssh/authentication/key_manager.rb +index 242d5d5..3624550 100644 +--- a/lib/net/ssh/authentication/key_manager.rb b/lib/net/ssh/authentication/key_manager.rb +@@ -159,7 +159,7 @@ module Net + # Regardless of the identity's origin or who does the signing, this + # will always return the signature in an SSH2-specified "signature + # blob" format. +-def sign(identity, data) ++def sign(identity, data, sig_alg = nil) + info = known_identities[identity] or raise KeyManagerError, "the given identity is unknown to the key manager" + + if info[:key].nil? && info[:from] == :file +@@ -171,13 +171,27 @@ module Net + end + + if info[:key] +-return Net::SSH::Buffer.from(:string, identity.ssh_signature_type, +- :mstring, info[:key].ssh_do_sign(data.to_s)).to_s
Bug#1004915: transition: ruby2.7-rm
On Thu, Feb 24, 2022 at 08:56:49AM +0100, Paul Gevers wrote: > Hi Antonio, > > Thanks for taking care. > > On 24-02-2022 02:43, Antonio Terceiro wrote: > > > diaspora-installer can just be removed, it's already on the autoremoval > > > list. > > > > also fails without the new ruby-defaults. > > I'm not seeing that. The 2022-02-24 01:38:19 UTC reference run on amd64 > passed. Yes. I investigated this today and it is an issue that makes diaspora-installer incompatible with ruby3.0: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006547 The fix for that is probably non-trivial, so IMO we should remove diaspora-installer from testing to let the transition complete. Yesterday I also uploaded NMUs for all remaining packages that are in testing. https://release.debian.org/transitions/html/ruby3.0-default.html is now empty when one checks "ignore packages that are not in testing". signature.asc Description: PGP signature
Bug#1004915: transition: ruby2.7-rm
On Sun, Feb 20, 2022 at 02:30:15PM +0100, Paul Gevers wrote: > Hi, > > On 18-02-2022 21:23, Paul Gevers wrote: > > > > Also the autopkgtest regressions don't look pretty yet, did you > > > > already have a look: > > > > https://qa.debian.org/excuses.php?package=ruby-defaults > > > I'll try to take a look at this list and see what's going on. > > coderay seems to have a patch to fix this in Ubuntu: > https://patches.ubuntu.com/c/coderay/coderay_1.1.3-5ubuntu1.patch > > diaspora-installer can just be removed, it's already on the autoremoval > list. also fails without the new ruby-defaults. I retried all the migration reference tests; they will fail and this will stop being a regression from the POV of britney. > jekyll apparently is fixed in unstable, but is on the autoremoval list. > Shall I remove it or are you going to fix ruby-pathutil shortly? I don't see it anymore as a regression so I guess this was already done. > ruby-certificate-authority is a key package, bug #1005448 looks related. I fixed this on the weekend. > ruby-eventmachine is a key package, you'll need to investigate: NameError: > uninitialized constant TestIOStreamer::StreamServer::StringIO I fixed this today. > ruby-jwt, is a key package, you'll need to fix bug #1005426. I fixed this today. > ruby-rack will migrate soon, I removed ruby-rack-mount. This has happened since. signature.asc Description: PGP signature
Bug#1004459: bullseye-pu: package lxc/1:4.0.6-2+deb11u1
On Sat, Feb 19, 2022 at 06:53:52PM +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Thu, 2022-01-27 at 21:32 -0300, Antonio Terceiro wrote: > > This update fixes the download of container images using the > > "download" > > template. pool.sks-keyservers.net is not active anymore, so the patch > > (already included in the upstream release present in sid/bookworm) > > changes that to keyserver.ubuntu.com. > > > > + * lxc-download: Switch GPG server. > +The default server used to download gpg keys from has ben deprecated, > > s/ben/been/ > > Please go ahead. Uploaded with that typo fixed. Thanks. signature.asc Description: PGP signature
Bug#1005288: bullseye-pu: package sphinx-bootstrap-theme/0.7.1-1+deb11u1
On Sat, Feb 19, 2022 at 05:41:40PM +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Tue, 2022-02-15 at 21:33 -0300, Antonio Terceiro wrote: > > Control: reopen -1 > > > > > On Thu, Feb 10, 2022 at 11:44:24AM -0300, Antonio Terceiro wrote: > > > > [ Reason ] > > > > Version 0.8.0-1 contains a bug caused by extra whitespace in > > > > src="" > > > > attributes of
Bug#1005288: bullseye-pu: package sphinx-bootstrap-theme/0.7.1-1+deb11u1
Control: reopen -1 > On Thu, Feb 10, 2022 at 11:44:24AM -0300, Antonio Terceiro wrote: > > Package: release.debian.org > > Severity: normal > > Tags: bullseye > > User: release.debian@packages.debian.org > > Usertags: pu > > > > [ Reason ] > > Version 0.8.0-1 contains a bug caused by extra whitespace in src="" > > attributes of tags that search to be broken. > > > > [ Impact ] > > Documentation generated with sphinx and this theme has a broken search > > functionality. > > > > [ Tests ] > > I confirmed the fix against the lava package, which generates > > documentation using sphinx-bootstrap-theme. > > > > [ Risks ] > > None. The only functional changes are the exact bug fixes, which are > > basically deleting 1 extra space in a few lines. > > > > [ Checklist ] > > [*] *all* changes are documented in the d/changelog > > [*] I reviewed all changes and I approve them > > [*] attach debdiff against the package in (old)stable > > (for your convenience I'm also attaching the patch itself, since > > it's easier to read the diff-in-diff in the debdiff) > > [*] the issue is verified as fixed in unstable > > > > [ Changes ] > > The fix is simple and consists of removing the extra spaces that were > > breaking the reference to the Javascript files. > > > > [ Other info ] > > Nothing. > > Sorry, I made this update against the version that was then in testing > instead of the one in stable. I rebased the changes on stable, but it > seems they are not enough to fix the issue in that case. I'm closing > this now and will open a new PU request if and when I am able to fix it. It turns out my backport was broken; now I got it right and was able to test that the bug is indeed fixed. All the info above in my original bug report still applies, with the attached patches. </pre><pre>diff --git a/debian/changelog b/debian/changelog index 6ebc402..53beb21 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +sphinx-bootstrap-theme (0.7.1-1+deb11u1) bullseye; urgency=medium + + * Fix search functionality +Add a combined backport of 2 upstream commits that remove 1 extra spaces +off of a few lines. + + -- Antonio Terceiro <terce...@debian.org> Tue, 15 Feb 2022 19:18:53 -0300 + sphinx-bootstrap-theme (0.7.1-1) unstable; urgency=low [ Debian Janitor ] diff --git a/debian/patches/Fix-search-functionality.patch b/debian/patches/Fix-search-functionality.patch new file mode 100644 index 000..7794c08 --- /dev/null +++ b/debian/patches/Fix-search-functionality.patch @@ -0,0 +1,50 @@ +From: Antonio Terceiro <terce...@debian.org> +Date: Thu, 10 Feb 2022 11:36:03 -0300 +Subject: Fix search functionality + +The extra spaces at the end of the src="" attibute of those <script> +tags caused search to be broken on generated documentation. This is a +combined backport of the following upstream commits +0d80bffe488da6d5b7b575b964f92adde5026e3e ("BUG: Fix for Sphinx 3.4+ +search") and 19e69c8c46dff011ce24e1718e034decdf319f28 ("Drop spirious +space in script urls"). +--- + sphinx_bootstrap_theme/bootstrap/layout.html | 8 + sphinx_bootstrap_theme/bootstrap/search.html | 5 +++-- + 2 files changed, 7 insertions(+), 6 deletions(-) + +diff --git a/sphinx_bootstrap_theme/bootstrap/layout.html b/sphinx_bootstrap_theme/bootstrap/layout.html +index c21e441..f6d3bfc 100644 +--- a/sphinx_bootstrap_theme/bootstrap/layout.html b/sphinx_bootstrap_theme/bootstrap/layout.html +@@ -52,10 +52,10 @@ + <meta http-equiv='X-UA-Compatible' content='IE=edge,chrome=1'> + <meta name='viewport' content='width=device-width, initial-scale=1.0, maximum-scale=1'> + <meta name="apple-mobile-web-app-capable" content="yes"> +-<script type="text/javascript" src="{{ pathto('_static/js/jquery-1.11.0.min.js', 1) }} "> +- +- +- ++ ++ ++ ++ + {% endblock %} + + {# Silence the sidebar's, relbar's #} +diff --git a/sphinx_bootstrap_theme/bootstrap/search.html b/sphinx_bootstrap_theme/bootstrap/search.html +index 60a6601..92444cc 100644 +--- a/sphinx_bootstrap_theme/bootstrap/search.html b/sphinx_bootstrap_theme/bootstrap/search.html +@@ -10,8 +10,9 @@ + {%- extends "layout.html" %} + {% set title = _('Search') %} + {% block extrahead %} +- +- ++ ++ ++ + {# this is used when loading the search index using $.ajax fails, + such as on Chrome for documents on localhost #} + diff --git a/debian/patches/series b/debian/patches/series index 391ae29..134cab0 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,2 @@ privacy_breach.patch +Fix-search-functionality.patch From: Antonio Terceiro Date:
Bug#1004915: transition: ruby2.7-rm
Hi, On Thu, Feb 03, 2022 at 11:59:30AM -0300, Lucas Kanashiro wrote: > Package: release.debian.org > Severity: normal > User:release.debian@packages.debian.org > Usertags: transition > > Hi, > > We would like to add ruby3.0 as the default and remove ruby2.7 support. > > Ben file: > > title = "ruby2.7-rm"; > is_affected = (.depends ~ /ruby2.7/ | .depends ~ /ruby3.0/) & !.source ~ > /^(ruby2.7|ruby3.0|ruby-defaults)$/; > is_good = ! .depends ~ /ruby2.7/; > is_bad = .depends ~ /ruby2.7/; > > > This part of the transition was already done in Ubuntu, so I do not expect > any blocker, this is the transition tracker page there: > > https://people.canonical.com/~ubuntu-archive/transitions/html/ruby2.7-rm.html > > ruby-defaults/1:3.0~exp1 is already in experimental (which makes ruby3.0 the > default and remove ruby2.7), I'll be waiting for your acknowledgement to > upload it to unstable. ping. :) I saw that this was already added to the list of planned transitions, thanks for that. according to https://release.debian.org/transitions/html/ruby2.7-rm.html the conflicts seem to be small enough to be easily manageable. Or am I missing something? signature.asc Description: PGP signature
Bug#1005288: bullseye-pu: package sphinx-bootstrap-theme/0.8.0-1+deb11u1
Package: release.debian.org Severity: normal Tags: bullseye User: release.debian@packages.debian.org Usertags: pu [ Reason ] Version 0.8.0-1 contains a bug caused by extra whitespace in src="" attributes of tags that search to be broken. [ Impact ] Documentation generated with sphinx and this theme has a broken search functionality. [ Tests ] I confirmed the fix against the lava package, which generates documentation using sphinx-bootstrap-theme. [ Risks ] None. The only functional changes are the exact bug fixes, which are basically deleting 1 extra space in a few lines. [ Checklist ] [*] *all* changes are documented in the d/changelog [*] I reviewed all changes and I approve them [*] attach debdiff against the package in (old)stable (for your convenience I'm also attaching the patch itself, since it's easier to read the diff-in-diff in the debdiff) [*] the issue is verified as fixed in unstable [ Changes ] The fix is simple and consists of removing the extra spaces that were breaking the reference to the Javascript files. [ Other info ] Nothing. </pre><pre>diff --git a/debian/changelog b/debian/changelog index 450e76e..0b40199 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +sphinx-bootstrap-theme (0.8.0-1+deb11u1) bullseye; urgency=medium + + * Fix search functionality +Add a combined backport of 2 upstream commits that remove 1 extra spaces +off of a few lines. + + -- Antonio Terceiro <terce...@debian.org> Thu, 10 Feb 2022 11:38:38 -0300 + sphinx-bootstrap-theme (0.8.0-1) unstable; urgency=medium [ Ondřej Nový ] diff --git a/debian/patches/0002-Fix-search-functionality.patch b/debian/patches/0002-Fix-search-functionality.patch new file mode 100644 index 000..d587944 --- /dev/null +++ b/debian/patches/0002-Fix-search-functionality.patch @@ -0,0 +1,50 @@ +From: Antonio Terceiro <terce...@debian.org> +Date: Thu, 10 Feb 2022 11:36:03 -0300 +Subject: Fix search functionality + +The extra spaces at the end of the src="" attibute of those <script> +tags caused search to be broken on generated documentation. This is a +combined backport of the following upstream commits +0d80bffe488da6d5b7b575b964f92adde5026e3e ("BUG: Fix for Sphinx 3.4+ +search") and 19e69c8c46dff011ce24e1718e034decdf319f28 ("Drop spirious +space in script urls"). +--- + sphinx_bootstrap_theme/bootstrap/layout.html | 8 + sphinx_bootstrap_theme/bootstrap/search.html | 5 +++-- + 2 files changed, 7 insertions(+), 6 deletions(-) + +diff --git a/sphinx_bootstrap_theme/bootstrap/layout.html b/sphinx_bootstrap_theme/bootstrap/layout.html +index 303472d..d29ca4f 100644 +--- a/sphinx_bootstrap_theme/bootstrap/layout.html b/sphinx_bootstrap_theme/bootstrap/layout.html +@@ -52,10 +52,10 @@ + <meta http-equiv='X-UA-Compatible' content='IE=edge,chrome=1'> + <meta name='viewport' content='width=device-width, initial-scale=1.0, maximum-scale=1'> + <meta name="apple-mobile-web-app-capable" content="yes"> +-<script type="text/javascript" src="{{ pathto('_static/js/jquery-1.12.4.min.js', 1) }} "> +- +- +- ++ ++ ++ ++ + {% endblock %} + + {# Silence the sidebar's, relbar's #} +diff --git a/sphinx_bootstrap_theme/bootstrap/search.html b/sphinx_bootstrap_theme/bootstrap/search.html +index 60a6601..cca744a 100644 +--- a/sphinx_bootstrap_theme/bootstrap/search.html b/sphinx_bootstrap_theme/bootstrap/search.html +@@ -10,8 +10,9 @@ + {%- extends "layout.html" %} + {% set title = _('Search') %} + {% block extrahead %} +- +- ++ ++ ++ + {# this is used when loading the search index using $.ajax fails, + such as on Chrome for documents on localhost #} + diff --git a/debian/patches/series b/debian/patches/series index 391ae29..30e0b22 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,2 @@ privacy_breach.patch +0002-Fix-search-functionality.patch From: Antonio Terceiro Date: Thu, 10 Feb 2022 11:36:03 -0300 Subject: Fix search functionality The extra spaces at the end of the src="" attibute of those tags caused search to be broken on generated documentation. This is a combined backport of the following upstream commits 0d80bffe488da6d5b7b575b964f92adde5026e3e ("BUG: Fix for Sphinx 3.4+ search") and 19e69c8c46dff011ce24e1718e034decdf319f28 ("Drop spirious space in script urls"). --- sphinx_bootstrap_theme/bootstrap/layout.html | 8 sphinx_bootstrap_theme/bootstrap/search.html | 5 +++-- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/sphinx_bootstrap_theme/bootstrap/layout.html b/sphinx_bootstrap_theme/bootstrap/layout.html index 303472d..d29ca4f 100644 --- a/sphinx_bootstrap_theme/bootstrap/layout.html +++ b/sphinx_bootstrap_theme/bootstrap/layout.html @@ -52,10 +52,10 @@ <meta http-equiv='X-UA-Compatible' content='IE=edge,chrome=1'&g
Bug#1004459: bullseye-pu: package lxc/1:4.0.6-2+deb11u1
Package: release.debian.org Severity: normal Tags: bullseye User: release.debian@packages.debian.org Usertags: pu [ Reason ] This update fixes the download of container images using the "download" template. pool.sks-keyservers.net is not active anymore, so the patch (already included in the upstream release present in sid/bookworm) changes that to keyserver.ubuntu.com. [ Impact ] Creating containers with the lxc-download template (`-t download`) does not work because the key that signs the images cannot be retrieved. [ Tests ] This has been tested on lxc and was verified to fix the issue. The patch is trivial. [ Risks ] None. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] Replace pool.sks-keyservers.net with keyserver.ubuntu.com. diff --git a/debian/changelog b/debian/changelog index 6a5c2db..e6bcbc6 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,13 @@ +lxc (1:4.0.6-2+deb11u1) bullseye; urgency=medium + + * lxc-download: Switch GPG server. +The default server used to download gpg keys from has ben deprecated, +and therefore creating containers using the `download` template is now +broken. This is fixed with an upstream patch by Stéphane Graber that +points to a valid server. (Closes: #991615) + + -- Antonio Terceiro Thu, 13 Jan 2022 16:57:39 -0300 + lxc (1:4.0.6-2) unstable; urgency=medium * d/contrib/lxc-net: Add a commented dnsmasq reference for the users to be diff --git a/debian/patches/0005-lxc-download-Switch-GPG-server.patch b/debian/patches/0005-lxc-download-Switch-GPG-server.patch new file mode 100644 index 000..ac7074c --- /dev/null +++ b/debian/patches/0005-lxc-download-Switch-GPG-server.patch @@ -0,0 +1,30 @@ +From: =?utf-8?q?St=C3=A9phane_Graber?= +Date: Sun, 27 Jun 2021 23:42:52 -0400 +Subject: lxc-download: Switch GPG server +MIME-Version: 1.0 +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +Signed-off-by: Stéphane Graber +--- + templates/lxc-download.in | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/templates/lxc-download.in b/templates/lxc-download.in +index d688b8f..2f6cf2a 100644 +--- a/templates/lxc-download.in b/templates/lxc-download.in +@@ -56,11 +56,11 @@ LXC_PATH= + LXC_ROOTFS= + + if [ -z "${DOWNLOAD_KEYSERVER:-}" ]; then +- DOWNLOAD_KEYSERVER="hkp://pool.sks-keyservers.net" ++ DOWNLOAD_KEYSERVER="hkp://keyserver.ubuntu.com" + + # Deal with GPG over http proxy + if [ -n "${http_proxy:-}" ]; then +-DOWNLOAD_KEYSERVER="hkp://p80.pool.sks-keyservers.net:80" ++DOWNLOAD_KEYSERVER="hkp://keyserver.ubuntu.com:80" + DOWNLOAD_GPG_PROXY="--keyserver-options http-proxy=\"${http_proxy}\"" + fi + fi diff --git a/debian/patches/series b/debian/patches/series index f952766..d98fa8f 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -2,3 +2,4 @@ 0005-lxc.service-Starts-after-remote-fs.target.patch 0006-lxc.pc.in-removes-DLOG_LIBS-which-is-not-expanded-up.patch 0007-conf-fix-containers-retaining-CAP_NET_ADMIN.patch +0005-lxc-download-Switch-GPG-server.patch signature.asc Description: PGP signature
Bug#995587: transition: ruby3.0-add
Hi, On Sat, 2 Oct 2021 15:14:39 -0300 Antonio Terceiro wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: transition > > We would like to add support for ruby3.0 in ruby-defaults. This can now be closed. There are 4 unfixed packages in the tracker, but they are all out of testing. Some of them probably need to be removed from the archive entirely, but we will look at them later and give someone who cares a chance to fix them before that. signature.asc Description: PGP signature
Bug#996026: bullseye-pu: package ruby-httpclient/2.8.3-3+deb11u1
On Fri, Dec 03, 2021 at 04:39:06PM +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Sun, 2021-10-10 at 09:40 -0300, Antonio Terceiro wrote: > > ruby-httpclient uses a vendored copy of a CA certificate bundle, and > > that is a ticking time bomb. This update fixes that by removing that > > vendored copy and making it use the system CA certificate bundle by > > default. > > > > [ Impact ] > > The main package affected by this is apt-listbugs, which stopped > > being > > able to download bug data information from bugs.debian.org due to the > > recent expiration of the old Let's Encrypt root certificate. > > > > Please go ahead, thanks. Uploaded. signature.asc Description: PGP signature
Bug#996024: buster-pu: package ruby-httpclient/2.8.3-3+deb10u1
On Sat, Dec 04, 2021 at 05:31:52PM +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Sun, 2021-10-10 at 09:58 -0300, Antonio Terceiro wrote: > > ruby-httpclient uses a vendored copy of a CA certificate bundle, and > > that is a ticking time bomb. This update fixes that by removing that > > vendored copy and making it use the system CA certificate bundle by > > default. > > > > [ Impact ] > > The main package affected by this is apt-listbugs, which stopped > > being > > able to download bug data information from bugs.debian.org due to the > > recent expiration of the old Let's Encrypt root certificate. > > > > Please go ahead, thanks. Uploaded. signature.asc Description: PGP signature
Bug#996584: (some kind of) transition: add python3.10 as a supported python3 version
On Thu, Nov 18, 2021 at 10:01:17AM +0100, Sebastiaan Couwenberg wrote: > On 11/18/21 09:49, Matthias Klose wrote: > > On 11/18/21 06:51, Sebastiaan Couwenberg wrote: > > > On 11/16/21 14:23, Matthias Klose wrote: > > > > I'm planning to upload python3-defaults later tonight, adding 3.10 as a > > > > supported Python version. Packages are able to migrate on their own, > > > > there are > > > > no blockages introduced on other transitions. > > > > > > numpy rdeps (e.g. pyproj) are a bit problematic, they fail with the 3.10 > > > as long > > > as numpy is not built with it yet. > > > > numpy is in stage6 of the transition. so please be a bit patient until all > > the > > binNMUs up to stage6 are built. > > There has been no communication about this transition outside this > bugreport, you should probably follow the example for perl transitions to > alert the developer base about the expected ImportError issues with the new > version until the rebuilds are completed. This Python transition is different from the Perl transitions. Python has multiple simultaneously supported versions, in this case 3.9 and 3.10. The transition involves rebuilding the packages with C extensions so that they carry the associated binary files compiled for both support Python versions. Any errors due to missing support in dependencies affect only people building Python packages. The default Python is still Python 3.9, so users using Python programs are not affected during this transition. Perl, on the other hand, has only a single version at the archive at any time. This is why during the Perl transition, it's possible that users running Perl programs are affected by missing C extensions during the time it takes to rebuild all packages for the new Perl version. signature.asc Description: PGP signature
Bug#995587: transition: ruby3.0-add
On Sat, Oct 30, 2021 at 11:43:35AM +0200, Sebastian Ramacher wrote: > Those have been scheduled. Note that a bunch of them have only built and > installed the extension for the default ruby version, e.g., > ruby-debug-inspector and libprelude. Yes. Please amend the ben file like this: is_affected = (.depends ~ /ruby2.7/ | .depends ~ /ruby3.0/) & ! .source ~ /^(ruby2\.7|ruby3\.0|ruby-defaults|dislocker|epic5|graphviz|hivex|kamailio|klayout|kross-interpreters|libprelude|marisa|ngraph-gtk|notmuch|obexftp|redland-bindings|rubyluabridge|ruby-standalone|subtle|subversion|uwsgi|vim-command-t|weechat|robot-testing-framework|treil|vim|nbdkit)$/ signature.asc Description: PGP signature
Bug#995587: transition: ruby3.0-add
On Thu, Oct 28, 2021 at 11:34:28PM +0200, Sebastian Ramacher wrote: > Control: tags -1 confirmed > > On 2021-10-20 09:45:10 -0300, Antonio Terceiro wrote: > > Control: tag -1 - moreinfo > > > > On Sat, Oct 16, 2021 at 03:46:11PM +0200, Sebastian Ramacher wrote: > > > Control: tags -1 moreinfo > > > > > > On 2021-10-15 06:44:36 -0300, Antonio Terceiro wrote: > > > > Hi, > > > > > > > > On Sat, Oct 02, 2021 at 03:14:39PM -0300, Antonio Terceiro wrote: > > > > > Package: release.debian.org > > > > > Severity: normal > > > > > User: release.debian@packages.debian.org > > > > > Usertags: transition > > > > > > > > > > We would like to add support for ruby3.0 in ruby-defaults. > > > > > > > > > > Ben file: > > > > > > > > > > title = "ruby3.0-add"; > > > > > is_affected = (.depends ~ /ruby2.7 | .depends ~ /ruby3.0/) & !.source > > > > > ~ /^(ruby2.7|ruby3.0|ruby-defaults)$/); > > > > > is_good = .depends ~ /ruby3.0/; > > > > > is_bad = .depends ~ /ruby2.7/ & !.depends ~ /ruby3.0/; > > > > > > > > > > We already did a mass rebuild some time ago, and the results don't > > > > > look > > > > > bad. We should be doing a new one soon, and will come up with a list > > > > > of > > > > > binNMUs > > > > > > > > This is a friendly ping. We would like to make the switch in unstable > > > > soon and start doing binNMUs. > > > > > > > > We have these bugs related to this transition: > > > > https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ruby3.0;users=debian-r...@lists.debian.org > > > > > > > > Most of those bugs are for leaf libraries. We already started fixing the > > > > ones that block a lof of other (e.g. the ones with C extensions that > > > > FTBFS with ruby3.0) so they are ready to be binNMUed. > > > > > > ruby3.0 isn't in testing yet - it currently fails to build on ppc64el. > > > So let's at least wait until it migrated. > > > > ruby3.0 is now in testing. Can we go ahead with this? > > Yes, please go ahead Thanks, we will upload ruby-defaults shortly. Note that we do not necessarily want/need to block involved packages from migrating, as adding ruby3.0 support does not break anything since the default is still unchanged. signature.asc Description: PGP signature
Bug#995587: transition: ruby3.0-add
On Wed, Oct 20, 2021 at 03:12:17PM +0200, Sebastiaan Couwenberg wrote: > On 10/20/21 2:45 PM, Antonio Terceiro wrote: > > On Sat, Oct 16, 2021 at 03:46:11PM +0200, Sebastian Ramacher wrote: > >> On 2021-10-15 06:44:36 -0300, Antonio Terceiro wrote: > >>> On Sat, Oct 02, 2021 at 03:14:39PM -0300, Antonio Terceiro wrote: > >>>> Package: release.debian.org > >>>> Severity: normal > >>>> User: release.debian@packages.debian.org > >>>> Usertags: transition > >>>> > >>>> We would like to add support for ruby3.0 in ruby-defaults. > >>>> > >>>> Ben file: > >>>> > >>>> title = "ruby3.0-add"; > >>>> is_affected = (.depends ~ /ruby2.7 | .depends ~ /ruby3.0/) & !.source ~ > >>>> /^(ruby2.7|ruby3.0|ruby-defaults)$/); > >>>> is_good = .depends ~ /ruby3.0/; > >>>> is_bad = .depends ~ /ruby2.7/ & !.depends ~ /ruby3.0/; > >>>> > >>>> We already did a mass rebuild some time ago, and the results don't look > >>>> bad. We should be doing a new one soon, and will come up with a list of > >>>> binNMUs > >>> > >>> This is a friendly ping. We would like to make the switch in unstable > >>> soon and start doing binNMUs. > >>> > >>> We have these bugs related to this transition: > >>> https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ruby3.0;users=debian-r...@lists.debian.org > >>> > >>> Most of those bugs are for leaf libraries. We already started fixing the > >>> ones that block a lof of other (e.g. the ones with C extensions that > >>> FTBFS with ruby3.0) so they are ready to be binNMUed. > >> > >> ruby3.0 isn't in testing yet - it currently fails to build on ppc64el. > >> So let's at least wait until it migrated. > > > > ruby3.0 is now in testing. Can we go ahead with this? > > There are 169 packages affected by the transition according to the > tracker, the ruby3.0 usertag has 152 unresolved ftbfs bugreports. > > Does it really make sense to start this transition when most rdeps fail > to build? Yes. Those two sets of packages are more or less distinct. The only intersection is of packages that have C extensions (and thus a dependency on the specific ruby versions it was build against) *and* to build against ruby3.0. Most of the FTBFS bugs are against pure-Ruby packages that fail against ruby3.0, and are not even listed in the transition tracker. A good part of the packages that *are* listed in the transition will be good after a binNMU. To fix those we need to have ruby3.0 as a supported version in unstable in the first place. Also as we are "just" adding ruby3.0 support, this has little effect on users since ruby2.7 is still the default. signature.asc Description: PGP signature
Bug#995587: transition: ruby3.0-add
Control: tag -1 - moreinfo On Sat, Oct 16, 2021 at 03:46:11PM +0200, Sebastian Ramacher wrote: > Control: tags -1 moreinfo > > On 2021-10-15 06:44:36 -0300, Antonio Terceiro wrote: > > Hi, > > > > On Sat, Oct 02, 2021 at 03:14:39PM -0300, Antonio Terceiro wrote: > > > Package: release.debian.org > > > Severity: normal > > > User: release.debian@packages.debian.org > > > Usertags: transition > > > > > > We would like to add support for ruby3.0 in ruby-defaults. > > > > > > Ben file: > > > > > > title = "ruby3.0-add"; > > > is_affected = (.depends ~ /ruby2.7 | .depends ~ /ruby3.0/) & !.source ~ > > > /^(ruby2.7|ruby3.0|ruby-defaults)$/); > > > is_good = .depends ~ /ruby3.0/; > > > is_bad = .depends ~ /ruby2.7/ & !.depends ~ /ruby3.0/; > > > > > > We already did a mass rebuild some time ago, and the results don't look > > > bad. We should be doing a new one soon, and will come up with a list of > > > binNMUs > > > > This is a friendly ping. We would like to make the switch in unstable > > soon and start doing binNMUs. > > > > We have these bugs related to this transition: > > https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ruby3.0;users=debian-r...@lists.debian.org > > > > Most of those bugs are for leaf libraries. We already started fixing the > > ones that block a lof of other (e.g. the ones with C extensions that > > FTBFS with ruby3.0) so they are ready to be binNMUed. > > ruby3.0 isn't in testing yet - it currently fails to build on ppc64el. > So let's at least wait until it migrated. ruby3.0 is now in testing. Can we go ahead with this? signature.asc Description: PGP signature
Bug#995587: transition: ruby3.0-add
Hi, On Sat, Oct 02, 2021 at 03:14:39PM -0300, Antonio Terceiro wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: transition > > We would like to add support for ruby3.0 in ruby-defaults. > > Ben file: > > title = "ruby3.0-add"; > is_affected = (.depends ~ /ruby2.7 | .depends ~ /ruby3.0/) & !.source ~ > /^(ruby2.7|ruby3.0|ruby-defaults)$/); > is_good = .depends ~ /ruby3.0/; > is_bad = .depends ~ /ruby2.7/ & !.depends ~ /ruby3.0/; > > We already did a mass rebuild some time ago, and the results don't look > bad. We should be doing a new one soon, and will come up with a list of > binNMUs This is a friendly ping. We would like to make the switch in unstable soon and start doing binNMUs. We have these bugs related to this transition: https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ruby3.0;users=debian-r...@lists.debian.org Most of those bugs are for leaf libraries. We already started fixing the ones that block a lof of other (e.g. the ones with C extensions that FTBFS with ruby3.0) so they are ready to be binNMUed. signature.asc Description: PGP signature
Bug#996026: bullseye-pu: package ruby-httpclient/2.8.3-3+deb11u1
Package: release.debian.org Severity: normal Tags: bullseye User: release.debian@packages.debian.org Usertags: pu (Please provide enough information to help the release team to judge the request efficiently. E.g. by filling in the sections below.) [ Reason ] ruby-httpclient uses a vendored copy of a CA certificate bundle, and that is a ticking time bomb. This update fixes that by removing that vendored copy and making it use the system CA certificate bundle by default. [ Impact ] The main package affected by this is apt-listbugs, which stopped being able to download bug data information from bugs.debian.org due to the recent expiration of the old Let's Encrypt root certificate. [ Tests ] The added autopkgtest test fails without the patch and passes without it. apt-listbugs is now able to fetch bug data information again. [ Risks ] The changes are simple enough and this is a low risk update. [ Checklist ] [*] *all* changes are documented in the d/changelog [*] I reviewed all changes and I approve them [*] attach debdiff against the package in (old)stable [*] the issue is verified as fixed in unstable [ Changes ] The changes are simple enough that I feel copy-pasting from the changelog is enough: * Add simple autopkgtest to check a basic SSL connection * Add patch to use the system certificate store (Closes: #995448) * debian/rules: remove embedded CA certificate store * Add dependency on ca-certificates diff --git a/debian/changelog b/debian/changelog index a164bb1..3708b17 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +ruby-httpclient (2.8.3-3+deb11u1) bullseye; urgency=medium + + * Add simple autopkgtest to check a basic SSL connection + * Add patch to use the system certificate store (Closes: #995448) + * debian/rules: remove embedded CA certificate store + * Add dependency on ca-certificates + + -- Antonio Terceiro Sun, 10 Oct 2021 09:24:03 -0300 + ruby-httpclient (2.8.3-2) unstable; urgency=medium * Team upload. diff --git a/debian/control b/debian/control index e50868f..e38581d 100644 --- a/debian/control +++ b/debian/control @@ -21,6 +21,7 @@ Architecture: all XB-Ruby-Versions: ${ruby:Versions} Depends: ruby | ruby-interpreter, ruby-http-cookie (>= 1.0), + ca-certificates, ${misc:Depends}, ${shlibs:Depends} Description: HTTP client library for ruby diff --git a/debian/patches/0008-Use-system-CA-certificate-store.patch b/debian/patches/0008-Use-system-CA-certificate-store.patch new file mode 100644 index 000..3ec8820 --- /dev/null +++ b/debian/patches/0008-Use-system-CA-certificate-store.patch @@ -0,0 +1,33 @@ +From: Antonio Terceiro +Date: Wed, 6 Oct 2021 10:03:32 -0300 +Subject: Use system CA certificate store + +--- + lib/httpclient/ssl_config.rb | 7 +-- + 1 file changed, 1 insertion(+), 6 deletions(-) + +diff --git a/lib/httpclient/ssl_config.rb b/lib/httpclient/ssl_config.rb +index f6e7ce9..d4e48f2 100644 +--- a/lib/httpclient/ssl_config.rb b/lib/httpclient/ssl_config.rb +@@ -249,7 +249,7 @@ class HTTPClient + # Loads default trust anchors. + # Calling this method resets all existing sessions. + def load_trust_ca +- load_cacerts(@cert_store) ++ set_default_paths + change_notify + end + +@@ -413,11 +413,6 @@ class HTTPClient + nil + end + +-# Use 2048 bit certs trust anchor +-def load_cacerts(cert_store) +- file = File.join(File.dirname(__FILE__), 'cacert.pem') +- add_trust_ca_to_store(cert_store, file) +-end + end + + diff --git a/debian/patches/series b/debian/patches/series index f1a4a0e..3764163 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -4,3 +4,4 @@ 0004-Add-upstream-changelog.patch 0005-tweak-test-dep-change.patch disable-test-proxy-ssl.patch +0008-Use-system-CA-certificate-store.patch diff --git a/debian/rules b/debian/rules index 118221b..bdf2c5b 100755 --- a/debian/rules +++ b/debian/rules @@ -6,3 +6,8 @@ export LANG=C.UTF-8 %: dh $@ --buildsystem=ruby --with ruby + + +override_dh_auto_install: + dh_auto_install + rm --verbose $(CURDIR)/debian/ruby-httpclient/usr/lib/ruby/vendor_ruby/httpclient/*.pem diff --git a/debian/tests/control b/debian/tests/control new file mode 100644 index 000..d5b55a2 --- /dev/null +++ b/debian/tests/control @@ -0,0 +1,2 @@ +Tests: ssl-smoke-test +Restrictions: needs-internet, allow-stderr diff --git a/debian/tests/ssl-smoke-test b/debian/tests/ssl-smoke-test new file mode 100644 index 000..ce81ca0 --- /dev/null +++ b/debian/tests/ssl-smoke-test @@ -0,0 +1,5 @@ +#!/bin/sh + +set -exu + +httpclient get https://bugs.debian.org/ signature.asc Description: PGP signature
Bug#996024: buster-pu: package ruby-httpclient/2.8.3-3+deb10u1
Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu [ Reason ] ruby-httpclient uses a vendored copy of a CA certificate bundle, and that is a ticking time bomb. This update fixes that by removing that vendored copy and making it use the system CA certificate bundle by default. [ Impact ] The main package affected by this is apt-listbugs, which stopped being able to download bug data information from bugs.debian.org due to the recent expiration of the old Let's Encrypt root certificate. [ Tests ] The added autopkgtest test fails without the patch and passes without it. apt-listbugs is now able to fetch bug data information again. [ Risks ] The changes are simple enough and this is a low risk update. [ Checklist ] [*] *all* changes are documented in the d/changelog [*] I reviewed all changes and I approve them [*] attach debdiff against the package in (old)stable [*] the issue is verified as fixed in unstable [ Changes ] The changes are simple enough that I feel copy-pasting from the changelog is enough: * Add simple autopkgtest to check a basic SSL connection * Add patch to use the system certificate store (Closes: #995448) * debian/rules: remove embedded CA certificate store * Add dependency on ca-certificates diff --git a/debian/changelog b/debian/changelog index a164bb1..e6d96d5 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +ruby-httpclient (2.8.3-3+deb10u1) buster; urgency=medium + + * Add simple autopkgtest to check a basic SSL connection + * Add patch to use the system certificate store (Closes: #995448) + * debian/rules: remove embedded CA certificate store + * Add dependency on ca-certificates + + -- Antonio Terceiro Sun, 10 Oct 2021 09:24:03 -0300 + ruby-httpclient (2.8.3-2) unstable; urgency=medium * Team upload. diff --git a/debian/control b/debian/control index e50868f..e38581d 100644 --- a/debian/control +++ b/debian/control @@ -21,6 +21,7 @@ Architecture: all XB-Ruby-Versions: ${ruby:Versions} Depends: ruby | ruby-interpreter, ruby-http-cookie (>= 1.0), + ca-certificates, ${misc:Depends}, ${shlibs:Depends} Description: HTTP client library for ruby diff --git a/debian/patches/0008-Use-system-CA-certificate-store.patch b/debian/patches/0008-Use-system-CA-certificate-store.patch new file mode 100644 index 000..3ec8820 --- /dev/null +++ b/debian/patches/0008-Use-system-CA-certificate-store.patch @@ -0,0 +1,33 @@ +From: Antonio Terceiro +Date: Wed, 6 Oct 2021 10:03:32 -0300 +Subject: Use system CA certificate store + +--- + lib/httpclient/ssl_config.rb | 7 +-- + 1 file changed, 1 insertion(+), 6 deletions(-) + +diff --git a/lib/httpclient/ssl_config.rb b/lib/httpclient/ssl_config.rb +index f6e7ce9..d4e48f2 100644 +--- a/lib/httpclient/ssl_config.rb b/lib/httpclient/ssl_config.rb +@@ -249,7 +249,7 @@ class HTTPClient + # Loads default trust anchors. + # Calling this method resets all existing sessions. + def load_trust_ca +- load_cacerts(@cert_store) ++ set_default_paths + change_notify + end + +@@ -413,11 +413,6 @@ class HTTPClient + nil + end + +-# Use 2048 bit certs trust anchor +-def load_cacerts(cert_store) +- file = File.join(File.dirname(__FILE__), 'cacert.pem') +- add_trust_ca_to_store(cert_store, file) +-end + end + + diff --git a/debian/patches/series b/debian/patches/series index f1a4a0e..3764163 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -4,3 +4,4 @@ 0004-Add-upstream-changelog.patch 0005-tweak-test-dep-change.patch disable-test-proxy-ssl.patch +0008-Use-system-CA-certificate-store.patch diff --git a/debian/rules b/debian/rules index 118221b..bdf2c5b 100755 --- a/debian/rules +++ b/debian/rules @@ -6,3 +6,8 @@ export LANG=C.UTF-8 %: dh $@ --buildsystem=ruby --with ruby + + +override_dh_auto_install: + dh_auto_install + rm --verbose $(CURDIR)/debian/ruby-httpclient/usr/lib/ruby/vendor_ruby/httpclient/*.pem diff --git a/debian/tests/control b/debian/tests/control new file mode 100644 index 000..d5b55a2 --- /dev/null +++ b/debian/tests/control @@ -0,0 +1,2 @@ +Tests: ssl-smoke-test +Restrictions: needs-internet, allow-stderr diff --git a/debian/tests/ssl-smoke-test b/debian/tests/ssl-smoke-test new file mode 100644 index 000..ce81ca0 --- /dev/null +++ b/debian/tests/ssl-smoke-test @@ -0,0 +1,5 @@ +#!/bin/sh + +set -exu + +httpclient get https://bugs.debian.org/ signature.asc Description: PGP signature
Bug#995587: transition: ruby3.0-add
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition We would like to add support for ruby3.0 in ruby-defaults. Ben file: title = "ruby3.0-add"; is_affected = (.depends ~ /ruby2.7 | .depends ~ /ruby3.0/) & !.source ~ /^(ruby2.7|ruby3.0|ruby-defaults)$/); is_good = .depends ~ /ruby3.0/; is_bad = .depends ~ /ruby2.7/ & !.depends ~ /ruby3.0/; We already did a mass rebuild some time ago, and the results don't look bad. We should be doing a new one soon, and will come up with a list of binNMUs signature.asc Description: PGP signature
Re: careless upload of Erlang v24 without a transition tracking with the release team (was: rabbitmq-server fails to start after erlang v24 update)
On Fri, Aug 27, 2021 at 10:26:39PM +0200, Paul Gevers wrote: > Hi, > > Sorry my previous message was weird. > > On 27-08-2021 22:11, Paul Gevers wrote: > > On 27-08-2021 21:58, Antonio Terceiro wrote: > >> One thing that happens when you do this type of change without > >> coordination is that all CI pipelines on unstable where rabbitmq-server > >> is installed are now broken. For example all merge requests against > >> debci at the moment have their tests in "failed" status. This creates > >> unnecessary noise for a lot of people. > > > > rabbitmq-server already got an update, so unstable should be fine (if > > not, shout (or better, file bugs)). I expect you mean testing, as I > > think that the point is that erlang already migrated before the issue > > was detected, otherwise an RC bug would have prevented the migration. > > > > That's why it was suggested earlier that rabbitmq-server should grow an > > autopkgtest as that have would prevented the migration. > > What I should have said: > we could have prevented migration of erlang until the reverse > dependencies were ready by having an RC bug on erlang. That would have > been totally appropriate if it would have lasted an reasonable time. I > *think* rabbitmq-server has problems migrating now *because* erlang > migrated, but that should clear up once the references are tested again. > However, it *also* has issues with being uninstallable. FWIW, I just did that: I made a new rabbitmq-server upload adding a superficial autopkgtest to rabbitmq-server that just checks if the service is running after installation. This should avoid testing being broken because erlang migrated before rabbitmq-server has been fixed. signature.asc Description: PGP signature
Re: careless upload of Erlang v24 without a transition tracking with the release team (was: rabbitmq-server fails to start after erlang v24 update)
On Sun, Aug 22, 2021 at 07:14:30PM +0300, Sergei Golovan wrote: > Hi Thomas, > > On Sun, Aug 22, 2021 at 6:55 PM Thomas Goirand wrote: > > > > Hi Damir, Sergei, the release team, > > > > First of all, thanks for your bug report, Damir. > > > > Debian Bullseye was released on the 14th of Aug. Then Erlang v24 was > > uploaded on the 17th. Looking at: > > > > https://release.debian.org/transitions/ > > > > I cannot see any transition thingy opened for Erlang. This means that > > Erlang was carelessly uploaded to Unstable: > > Uploading new major version of Erlang does not require a transition. > No application needs to be rebuilt against it, and only a minority > breaks (those which use removed deprecated features, and they have to > be updated or patched anyway). I'm sorry that elixir and rabbit-mq > break. > > > > > 1/ Without informing the release team, and defining a schedule for the > > Erlang transition > > I insist that a transition is not necessary. It's OK to break things, and you do not have to wait forever, but you need to give people enough time to react before the packages they work/depend on become instantly broken. One thing that happens when you do this type of change without coordination is that all CI pipelines on unstable where rabbitmq-server is installed are now broken. For example all merge requests against debci at the moment have their tests in "failed" status. This creates unnecessary noise for a lot of people. > > 2/ Without rebuilding any reverse dependency, and more specifically, > > without caring about RabbitMQ which is kind of a high profile server > > application. > > > > Now, we have Erlang v24 in Unstable which looks like a good target for > > RabbitMQ 3.9.4, however, this new version needs a new Elixir release, as > > it has a bound of ">= 1.10.4 and < 1.13.0". Elixir as in unstable (ie: > > 1.10.3) doesn't work, even when trying to convince RabbitMQ it's ok. > > Well, I would say that Elixir in Debian is not in a good shape. It > lags way behind upstream (which is already 1.12.2, quite a few > releases ahead). > > > > > There isn't much I can do now. I'm opening a bug against Elixir, and > > I'll have to wait for it to be solved... > > > > This isn't the first time something like this happen. Could we please > > bring some sanity in the way we do things? Sergei, could you please > > revert your upload of Erlang v24 in Unstable, and open a release team > > bug to get a transition tracker thingy, which is the only sane way to do > > things in Debian? > > > > Not amused... > > I've uploaded Erlang 24 to experimental months ago. If you know that > your software breaks on Erlang upgrade, you could do something > already. experimental is not a communication channel. You need to tell maintainers of your reverse dependencies that this breakage is coming via bug reports in advance, it's not reasonable to expect people to monitor experimental. signature.asc Description: PGP signature
Bug#990074: unblock: auto-apt-proxy/13.3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package auto-apt-proxy This updates fixes a autopkgtest regression (#989776). Starting with debci 3.0, the test beds have auto-apt-proxy preinstalled in them, what breaks some assumptions of the tests, in special that the apt usage in them is the first time auto-apt-proxy is being used. By setting AUTO_APT_PROXY_NO_CACHE, we avoid auto-apt-proxy caching any results from invocations prior to the test run itself. This brings no risk to end users as the only changes are to the test suite. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock auto-apt-proxy/13.3 diff --git a/debian/changelog b/debian/changelog index 2ebd205..7d6e40d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +auto-apt-proxy (13.3) unstable; urgency=medium + + * autopkgtest: cope with auto-apt-proxy being pre-installed (Closes: #989776) + + -- Antonio Terceiro Fri, 18 Jun 2021 22:51:34 -0300 + auto-apt-proxy (13.2) unstable; urgency=medium [ Antonio Terceiro ] diff --git a/debian/tests/apt-cacher-ng.txt b/debian/tests/apt-cacher-ng.txt index 20f0936..0b169a5 100644 --- a/debian/tests/apt-cacher-ng.txt +++ b/debian/tests/apt-cacher-ng.txt @@ -1,2 +1,3 @@ +$ export AUTO_APT_PROXY_NO_CACHE=1 $ auto-apt-proxy http://127.0.0.1:3142 diff --git a/debian/tests/apt-integration b/debian/tests/apt-integration index ea29484..dfdc2fe 100755 --- a/debian/tests/apt-integration +++ b/debian/tests/apt-integration @@ -5,6 +5,7 @@ set -eu cd ${AUTOPKGTEST_TMP:-/tmp} unset no_proxy +export AUTO_APT_PROXY_NO_CACHE=1 apt-get source auto-apt-proxy grep auto-apt-proxy /var/log/apt-cacher-ng/apt-cacher.log signature.asc Description: PGP signature
Bug#986742: unblock: ruby2.7/2.7.3-1
On Sun, Apr 18, 2021 at 09:43:41PM +0200, Sebastian Ramacher wrote: > On 2021-04-17 22:10:19 +0530, Utkarsh Gupta wrote: > > Hi Sebastian, > > > > On Sat, Apr 17, 2021 at 3:08 PM Sebastian Ramacher > > wrote: > > > Thanks, please go ahead and remove the moreinfo tag once the version is > > > available in unstable. > > > > Uploaded to unstable, thanks. And removed the tag as well. > > The builds on armel and armhf failed: > https://buildd.debian.org/status/fetch.php?pkg=ruby2.7=armel=2.7.3-1=1618744303=0 I just uploaded -2 with the following fix: ----8<8<8<- From: Antonio Terceiro Date: Mon, 19 Apr 2021 17:50:12 + Subject: Revert "Make host_* values consistent with target_*" See https://bugs.ruby-lang.org/issues/17021 for the original request. This breaks the build on the 32-bit Debian ARM architectures. Maybe this is specific to the Debian packaging, so this has not been reported upstream yet. --- configure.ac | 7 +-- 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/configure.ac b/configure.ac index da22ab6..73ce534 100644 --- a/configure.ac +++ b/configure.ac @@ -309,14 +309,9 @@ AC_SUBST(CC_VERSION_MESSAGE, $cc_version_message) : ${DLDFLAGS="$LDFLAGS"} RUBY_UNIVERSAL_ARCH -AS_IF([test "$target_cpu" != "$host_cpu" -a "$GCC" = yes -a "$cross_compiling" = no -a "${universal_binary:-no}" = no], [ +AS_IF([test "$target_cpu" != "$host_cpu" -a "$GCC" = yes -a "$cross_compiling" = no -a "$universal_binary" = no], [ RUBY_DEFAULT_ARCH("$target_cpu") ]) -host_os=$target_os -host_vendor=$target_vendor -host_cpu=$target_cpu -host=$target -host_alias=$target_alias AS_CASE(["$target_os"], [darwin*], [ if libtool 2>&1 | grep no_warning_for_no_symbols > /dev/null; then 8<8<8<- signature.asc Description: PGP signature
Bug#986742: unblock: ruby2.7/2.7.3-1
On Sun, 11 Apr 2021 03:04:42 +0530 Utkarsh Gupta wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > X-Debbugs-Cc: debian-r...@lists.debian.org > > Hello, > > Upstream has recently released a bug-fix only release after a > vulnerability, CVE-2021-28965, was discovered. > > Upstream release note: > https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/ > Upstream git logs b/w 2.7.2 and 2.7.3: > https://github.com/ruby/ruby/compare/v2_7_2...v2_7_3 > > This is clearly a bug-fix only release and it'd be *really great* to > have this included in Bullseye. (I'd be sad not to but..) I understand > it's your call to make after analyzing so attaching the debdiff for > your reference and help (snipping ChangeLog entries for noise > reduction). > > Hopefully, it'd be OK to get this included and have an even nicer > ruby2.7 for Bullseye. Thanks. 99 files changed, 39552 insertions(+), 23134 deletions(-) The debian diff looks very big because of 3 generated files: ChangeLog, parse.c, and ext/ripper/ripper.c (the last two being bison/yacc generated parsers). If you filter those out, the result is a lot more palatable: 96 files changed, 3761 insertions(+), 886 deletions(-) Roughtly 1/3 of the insertions are test cases: 32 files changed, 1150 insertions(+), 97 deletions(-) I have reviewed the upstream patches and compared the upstream diff with the debian diff, and indeed all the changes are bug fixes. There was one marked as a "Feature" in the commit message, but it was really a follwup to fix an inconsistency in a feature that has been added in the 2.7 series already. It will cause formerly invalid syntax to be valid, but won't break any currently working code. I think the risk with this update is low, and releasing with the latest available ruby bugfix release will make it easier to provide stable support in bullseye. Full disclosure: I am trying to get ruby into new hands, but I'm still a comaintainer and care a lot about it, so I'm not an uninterested party here. signature.asc Description: PGP signature
Bug#986366: unblock: ruby-kramdown/2.3.0-5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package ruby-kramdown [ Reason ] Fixes a CVE and RC bug #985569 [ Tests ] all autopkgtests of reverse dependencies passed. [ Risks ] The change should not cause regressions on non-malicious code. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock ruby-kramdown/2.3.0-5 commit b80244870c477d90090305f569eea39f7bd2b3f5 Author: Antonio Terceiro Date: Sat Apr 3 10:40:54 2021 -0300 Add upstream patch to fix arbitrary code execution vulnerability This is CVE-2021-28834 Closes: #985569 diff --git a/debian/changelog b/debian/changelog index 088c244..012d553 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +ruby-kramdown (2.3.0-5) unstable; urgency=medium + + * Team upload. + * Add upstream patch to fix arbitrary code execution vulnerability +[CVE-2021-28834] (Closes: #985569) + + -- Antonio Terceiro Sat, 03 Apr 2021 10:39:28 -0300 + ruby-kramdown (2.3.0-4) unstable; urgency=medium * Recommend ruby-rouge, for out-of-the-box syntax highlighting diff --git a/debian/patches/0002-Restrict-Rouge-formatters-to-Rouge-Formatters-namesp.patch b/debian/patches/0002-Restrict-Rouge-formatters-to-Rouge-Formatters-namesp.patch new file mode 100644 index 000..68457a6 --- /dev/null +++ b/debian/patches/0002-Restrict-Rouge-formatters-to-Rouge-Formatters-namesp.patch @@ -0,0 +1,69 @@ +From: Stan Hu +Date: Sun, 14 Mar 2021 11:21:00 -0700 +Subject: Restrict Rouge formatters to Rouge::Formatters namespace + +ff0218a added support for specifying custom Rouge formatters with the +constraint that the formatter be in theRouge::Formatters namespace, but +it did not actually enforce this constraint. For example, this is valid: + +```ruby +Rouge::Formatters.const_get('CSV') +=> CSV +``` + +Adding the `false` parameter to `const_get` prevents this: + +```ruby +Rouge::Formatters.const_get('CSV', false) +NameError: uninitialized constant Rouge::Formatters::CSV +``` +--- + lib/kramdown/converter/syntax_highlighter/rouge.rb | 2 +- + test/test_files.rb | 18 +++--- + 2 files changed, 12 insertions(+), 8 deletions(-) + +diff --git a/lib/kramdown/converter/syntax_highlighter/rouge.rb b/lib/kramdown/converter/syntax_highlighter/rouge.rb +index c799526..ed6a4f8 100644 +--- a/lib/kramdown/converter/syntax_highlighter/rouge.rb b/lib/kramdown/converter/syntax_highlighter/rouge.rb +@@ -70,7 +70,7 @@ module Kramdown::Converter::SyntaxHighlighter + when Class + formatter + when /\A[[:upper:]][[:alnum:]_]*\z/ +-::Rouge::Formatters.const_get(formatter) ++::Rouge::Formatters.const_get(formatter, false) + else + # Available in Rouge 2.0 or later + ::Rouge::Formatters::HTMLLegacy +diff --git a/test/test_files.rb b/test/test_files.rb +index 82ff6b0..3517e55 100644 +--- a/test/test_files.rb b/test/test_files.rb +@@ -21,16 +21,20 @@ begin + end + + # custom formatter for tests +- class RougeHTMLFormatters < Kramdown::Converter::SyntaxHighlighter::Rouge.formatter_class ++ module Rouge ++module Formatters ++ class RougeHTMLFormatters < Kramdown::Converter::SyntaxHighlighter::Rouge.formatter_class + +-tag 'rouge_html_formatters' ++tag 'rouge_html_formatters' + +-def stream(tokens, ) +- yield %() +- super +- yield %() +-end ++def stream(tokens, ) ++ yield %() ++ super ++ yield %() ++end + ++ end ++end + end + rescue LoadError, SyntaxError, NameError + end diff --git a/debian/patches/series b/debian/patches/series index 7d4b5b1..f8d5d26 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,2 @@ fix_manpage_warnings.patch +0002-Restrict-Rouge-formatters-to-Rouge-Formatters-namesp.patch signature.asc Description: PGP signature
Re: ruby-vcr: DFSG violation (Hippocratic license)
On Mon, Mar 08, 2021 at 02:50:18PM +0530, Pirate Praveen wrote: > > > On 2021, മാർച്ച് 8 1:24:48 AM IST, Antonio Terceiro > wrote: [...] > >I don't think that will be needed. I reverted to 5.0.0 locally, added a > >few patches, and at least all of our reverse dependencies seem to pass > >their tests with it: > > > > > >= Testing reverse (build) dependencies > > > > > >rebuild nanoc ... PASS > >rebuild ruby-coveralls ... PASS > >autopkgtest ruby-faraday... PASS > >rebuild ruby-graphlient ... PASS > >rebuild ruby-mixlib-install ... PASS > >rebuild ruby-octokit... PASS > > > >So in principle we could fix this issue without touching anything else. > > Thanks. Are you waiting for an ack from release team to upload it? No, I will upload it soon™. signature.asc Description: PGP signature
Re: ruby-vcr: DFSG violation (Hippocratic license)
On Sun, Mar 07, 2021 at 11:01:16PM +0530, Pirate Praveen wrote: > [adding release team] > > On Sun, Mar 7, 2021 at 10:49 pm, Utkarsh Gupta wrote: > > Hi Praveen, > > > > On Sun, Mar 7, 2021 at 10:15 PM Pirate Praveen > > wrote: > > > It looks like we will have to remove ruby-vcr and we will have to > > > disable tests for the following packages. I don't think there is > > > another way, thoughts? > > > > Maybe worth opening an issue upstream and discuss the cons of this > > change or something? Or if that doesn't work out > > and we need this > > I doubt discussing with upstream will yield any possitive outcome as this is > a specific philosophical movement. > > See https://github.com/vcr/vcr/pull/792 > and > https://github.com/vcr/vcr/issues/804 > > > package or something, would forking be an option? > > https://github.com/vcr/vcr/blob/master/CHANGELOG.md#510-feb-5-2020 > > We will have to go back to 5.0 and someone will have to maintain it > independently. > > Hi Release team, > > Do you think this needs to be fixed before bullseye? If yes, do you agree to > change the reverse dependencies listed in my previous message to this bug? I don't think that will be needed. I reverted to 5.0.0 locally, added a few patches, and at least all of our reverse dependencies seem to pass their tests with it: = Testing reverse (build) dependencies rebuild nanoc ... PASS rebuild ruby-coveralls ... PASS autopkgtest ruby-faraday... PASS rebuild ruby-graphlient ... PASS rebuild ruby-mixlib-install ... PASS rebuild ruby-octokit... PASS So in principle we could fix this issue without touching anything else. signature.asc Description: PGP signature
Re: Podman 3.0 and Debian bullseye
On Sat, Jan 30, 2021 at 05:29:37PM -0500, Reinhard Tartler wrote: > On Sat, Jan 30, 2021 at 5:03 PM Antonio Terceiro > wrote: > > > FWIW I have been using podman 3.0.0~rc1 from experimental for a few days > > and haven't noticed anything wrong with it. I hope we can have that > > version in bullseye. > > > > > Me too. > > Dear release team, do you have any opinion on this topic? Based on previous similar discussions I have seem in the past, my guess is that the RT doesn't care either way, as long as it doesn't' affect the rest of the archive and that the maintainer(s) think it's the best option for the stable release. signature.asc Description: PGP signature
Re: Podman 3.0 and Debian bullseye
On Sun, Jan 24, 2021 at 08:02:26PM -0500, Reinhard Tartler wrote: > Dear release-team, > > I'm proposing to have podman 3.0 in debian/bullseye. As maintainer of the > package, I'm convinced this is a good step for Debian because: > > - podman 3.0 will be included in RHEL 8.4, which will be released in May > 2021. I expect security support for podman in Debian to become > significantly simpler than let's say podman 2.2 > - users have expressed interest in podman 2.2 or late (cf. #978650 and > others) > - podman 3.0 implements enough of docker's REST API to support > docker-compose (cf. https://www.redhat.com/sysadmin/podman-docker-compose) > - the salsa team has expressed interest in exploring podman to facilitate > gitlab maintenance. I'd expect this update to make their lives > significantly easier if included in the next stable release > > Current concerns/risk: > > - Podman 3.0.0~rc1 was only just released, but I expect it to be released > soon. After all, RHEL 8.4 is scheduled for May 2021 > - Podman 3 drops the legacy varlink interface. To the best of my > knowledge, there are no packages in debian/testing that would require > varlink (please correct me if I'm wrong here). Not having to support > varlink in Debian seems a support benefit, there is little to no love > for it upstream. > - I've just uploaded podman 3.0 to debian/experimental, and is ready for > wider testing. Uploading to unstable requires a couple of additional > package updates in sid: >- golang-github-containers-storage >- golang-github-containers-image >- golang-github-containers-common >- golang-github-containers-buildah > > I'm not really sure if this update required formal approval by the release > team, but I'd really appreciate your input in any case. FWIW I have been using podman 3.0.0~rc1 from experimental for a few days and haven't noticed anything wrong with it. I hope we can have that version in bullseye. signature.asc Description: PGP signature
Bug#965334: buster-pu: package ruby-ronn/0.8.0-2
On Sat, Jul 25, 2020 at 05:01:52PM +0100, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Sun, 2020-07-19 at 15:26 -0300, Antonio Terceiro wrote: > > It was discovered that ronn fails to process input that contains UTF- > > 8 characters due to a programming error > > > > Please go ahead. Uploaded, thanks. signature.asc Description: PGP signature
Bug#965334: buster-pu: package ruby-ronn/0.8.0-2
Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu [ Reason ] It was discovered that ronn fails to process input that contains UTF-8 characters due to a programming error [ Impact ] Not having this fix makes it impossible to process input with UTF-8. [ Tests ] I have add an autopkgtest that exposes the issue (fails without this patch, passes with it) [ Risks ] Very low [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] The fix is just removing the "s" flag from a regular expression. It was obtained from upstream at https://github.com/apjanke/ronn-ng/pull/35 -- System Information: Debian Release: bullseye/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.7.0-1-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_WARN Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled diff --git a/debian/changelog b/debian/changelog index 0cf8d08..fd7e234 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +ruby-ronn (0.8.0-2+deb10u1) buster; urgency=medium + + * Team upload. + * Add an autopkgtest that exposes problem in processing UTF-8 input + * Fix handling of UTF-8 content in manpages (Closes: #965294) + + -- Antonio Terceiro Sun, 19 Jul 2020 13:50:53 -0300 + ruby-ronn (0.8.0-2) unstable; urgency=medium * Team upload. diff --git a/debian/patches/fix-utf8-content.patch b/debian/patches/fix-utf8-content.patch new file mode 100644 index 000..9f62756 --- /dev/null +++ b/debian/patches/fix-utf8-content.patch @@ -0,0 +1,24 @@ +From 0dc86b83ee27a20d8a9d7bd85f7022a2db403f2f Mon Sep 17 00:00:00 2001 +From: Matteo Bernardini +Date: Sun, 6 Oct 2019 19:04:04 +0200 +Subject: [PATCH] Fix regex encoding: don't assume Windows-31J encoding + +Source: https://github.com/apjanke/ronn-ng/pull/35 + +--- + lib/ronn/roff.rb | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/ronn/roff.rb b/lib/ronn/roff.rb +index 7c56d2c..f313a95 100644 +--- a/lib/ronn/roff.rb b/lib/ronn/roff.rb +@@ -351,7 +351,7 @@ def quote(text) + def write(text) + return if text.nil? || text.empty? + # lines cannot start with a '.'. insert zero-width character before. +- text = text.gsub(/\n\\\./s, "\n&\\.") ++ text = text.gsub(/\n\\\./, "\n&\\.") + buf_ends_in_newline = @buf.last && @buf.last[-1] == "\n" + @buf << '\&' if text[0, 2] == '\.' && buf_ends_in_newline + @buf << text diff --git a/debian/patches/series b/debian/patches/series index 701d377..ae4940f 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -3,3 +3,4 @@ relax-dependencies.patch rename-to-ronn.patch fix-ordered-lists.patch fix-url-hyphenation.patch +fix-utf8-content.patch diff --git a/debian/tests/control b/debian/tests/control new file mode 100644 index 000..9f8c752 --- /dev/null +++ b/debian/tests/control @@ -0,0 +1,2 @@ +Tests: utf8 +Restrictions: superficial, allow-stderr diff --git a/debian/tests/utf8 b/debian/tests/utf8 new file mode 100644 index 000..913cd36 --- /dev/null +++ b/debian/tests/utf8 @@ -0,0 +1,29 @@ +#!/bin/sh + +set -eu + +cd ${AUTOPKGTEST_TMP:-/tmp} + +cat >> utf8.7.ronn < signature.asc Description: PGP signature
Bug#950655: #950655: buster-pu: package rubygems-integration/1.11+deb10u1
On Tue, Feb 04, 2020 at 02:44:28PM +0100, Antonio Terceiro wrote: > Package: release.debian.org > Severity: normal > Tags: buster > User: release.debian@packages.debian.org > Usertags: pu > > Hello, > > This update is part of a collaboration with upstream on their handling > of deprecations in the rubygems codebase. See > https://github.com/rubygems/rubygems/issues/3068 and the thread starting > at https://lists.debian.org/debian-ruby/2020/01/msg00015.html for > context. > > In short: going forward, they want to only deprecate code on rubygems on > new releases of the ruby interpreter (~ once a year). But for this time, > there was a release where these warnings reached end users. > > This is fixed by this update (patch attached). As you can see the patch > is pretty simple and harmless. > diff --git a/debian/changelog b/debian/changelog > index 272a6dc..b2d099a 100644 > --- a/debian/changelog > +++ b/debian/changelog > @@ -1,3 +1,9 @@ > +rubygems-integration (1.11+deb10u1) buster; urgency=medium > + > + * Replace usage of Gem::ConfigMap with RbConfig::CONFIG > + > + -- Antonio Terceiro Tue, 04 Feb 2020 14:11:57 +0100 > + > rubygems-integration (1.11) unstable; urgency=medium > >[ Cédric Boutillier ] > diff --git a/lib/rubygems/defaults/operating_system.rb > b/lib/rubygems/defaults/operating_system.rb > index 461cfe4..f68f029 100644 > --- a/lib/rubygems/defaults/operating_system.rb > +++ b/lib/rubygems/defaults/operating_system.rb > @@ -7,7 +7,7 @@ class << Gem > >alias :upstream_default_dir :default_dir >def default_dir > -File.join('/', 'var', 'lib', 'gems', Gem::ConfigMap[:ruby_version]) > +File.join('/', 'var', 'lib', 'gems', RbConfig::CONFIG["ruby_version"]) >end > >alias :upstream_default_bindir :default_bindir > @@ -26,8 +26,8 @@ class << Gem >extra_path = File.join('/usr/share/rubygems-integration', '2.2') > end > > -arch = Gem::ConfigMap[:arch] > -api_version = Gem::ConfigMap[:ruby_version] > +arch = RbConfig::CONFIG["arch"] > +api_version = RbConfig::CONFIG["ruby_version"] > > upstream_default_path + [ >"/usr/lib/#{arch}/rubygems-integration/#{api_version}", ping signature.asc Description: PGP signature
Bug#952792: closed by Ivo De Decker (remove chef)
Control: reopen -1 > Date: Sat, 29 Feb 2020 13:25:33 + > From: Ivo De Decker > To: 952792-d...@bugs.debian.org > Subject: remove chef > Message-Id: > > Added removal hint for chef. Hello, I just noticed that I failed to check for reverse (build) dependencies. So please also remove the following packages from testing: foodcritic ohai ruby-cheffish ruby-knife-acl ruby-ridley These are all part of the chef ecosystem, so we are not breaking unrelated software. signature.asc Description: PGP signature
Bug#952792: RM: chef/13.8.7-6
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm X-Debbugs-CC: stefa...@debian.org, debian-r...@lists.debian.org Please remove chef from testing. It's marked for autoremoval due to a RC bug; fixing the RC bug will take a while (needs a new upstream release which needs a few new dependencies to be packaged), it's blocking other stuff from migrating to testing. -- System Information: Debian Release: bullseye/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.4.0-4-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_CRAP Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled signature.asc Description: PGP signature
Bug#950655: buster-pu: package rubygems-integration/1.11+deb10u1
Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu Hello, This update is part of a collaboration with upstream on their handling of deprecations in the rubygems codebase. See https://github.com/rubygems/rubygems/issues/3068 and the thread starting at https://lists.debian.org/debian-ruby/2020/01/msg00015.html for context. In short: going forward, they want to only deprecate code on rubygems on new releases of the ruby interpreter (~ once a year). But for this time, there was a release where these warnings reached end users. This is fixed by this update (patch attached). As you can see the patch is pretty simple and harmless. diff --git a/debian/changelog b/debian/changelog index 272a6dc..b2d099a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +rubygems-integration (1.11+deb10u1) buster; urgency=medium + + * Replace usage of Gem::ConfigMap with RbConfig::CONFIG + + -- Antonio Terceiro Tue, 04 Feb 2020 14:11:57 +0100 + rubygems-integration (1.11) unstable; urgency=medium [ Cédric Boutillier ] diff --git a/lib/rubygems/defaults/operating_system.rb b/lib/rubygems/defaults/operating_system.rb index 461cfe4..f68f029 100644 --- a/lib/rubygems/defaults/operating_system.rb +++ b/lib/rubygems/defaults/operating_system.rb @@ -7,7 +7,7 @@ class << Gem alias :upstream_default_dir :default_dir def default_dir -File.join('/', 'var', 'lib', 'gems', Gem::ConfigMap[:ruby_version]) +File.join('/', 'var', 'lib', 'gems', RbConfig::CONFIG["ruby_version"]) end alias :upstream_default_bindir :default_bindir @@ -26,8 +26,8 @@ class << Gem extra_path = File.join('/usr/share/rubygems-integration', '2.2') end -arch = Gem::ConfigMap[:arch] -api_version = Gem::ConfigMap[:ruby_version] +arch = RbConfig::CONFIG["arch"] +api_version = RbConfig::CONFIG["ruby_version"] upstream_default_path + [ "/usr/lib/#{arch}/rubygems-integration/#{api_version}", signature.asc Description: PGP signature
Bug#929214: release.debian.org - Add package constraint for cloud images
On Wed, Jun 12, 2019 at 09:03:04PM +0200, Paul Gevers wrote: > Hi Bastian, > > [CC adding debian-ci@l.d.o, please drop the bug in the next reply as it > starts to become off-topic there.] > > On 12-06-2019 20:52, Bastian Blank wrote: > > On Wed, Jun 12, 2019 at 08:42:27PM +0200, Paul Gevers wrote: > >> On 12-06-2019 20:01, Bastian Blank wrote: > >>> I'm also not sure if the Debian autopkgtest infrastructure would be able > >>> to do that and build images. The actual testing runs via the Gitlab > >>> CI.[1] > >> You could very probably do it. Depending on how long such a build takes, > > > > One build takes 3 minutes if it runs native and 13 minutes if it runs > > via qemu-user. However it needs awefull amount of network and disk IO. > > I don't believe that should be a problem if that is an *or*. However, > qemu will not work properly, right Antonio? qemu-user probably works; qemu-system might work, but not with kvm acceleration. > > Does the Debian autopkgtest instance support "needs-root" and > > "breaks-testbed"? > > Yes and yes. The only thing we currently do not support *yet* is > isolation-machine. > > > The image build uses loop devices, hence > > "needs-root", which can't be cleaned up properly, hence > > "breaks-testbed". > > That's no problem at all. mounting loop devices would not work. (these tests probably also need isolation-machine) signature.asc Description: PGP signature
Bug#929899: unblock: ruby2.5/2.5.5-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package ruby2.5 2.5.5-3 contains just a patch to make it build on ia64. the diff against the package in testing is attached. unblock ruby2.5/2.5.5-3 -- System Information: Debian Release: 10.0 APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_CRAP Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled diff --git a/debian/changelog b/debian/changelog index 5cab009b..d6eaca0d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +ruby2.5 (2.5.5-3) unstable; urgency=medium + + * ia64: Don't clear register_stack_start (Closes: #928068) + + -- Antonio Terceiro Sun, 02 Jun 2019 10:16:57 -0300 + ruby2.5 (2.5.5-2) unstable; urgency=medium * debian/tests/excludes/: fix exclusion of Rinda tests that depend on diff --git a/debian/patches/0011-ia64-Don-t-clear-register_stack_start.patch b/debian/patches/0011-ia64-Don-t-clear-register_stack_start.patch new file mode 100644 index ..ed43e467 --- /dev/null +++ b/debian/patches/0011-ia64-Don-t-clear-register_stack_start.patch @@ -0,0 +1,25 @@ +From: James Clarke +Date: Fri, 26 Apr 2019 23:32:46 +0100 +Subject: ia64: Don't clear register_stack_start + +r59829 stopped clearing stack_start and enabled the code for +!FIBER_USE_NATIVE, but we need to do the same for register_stack_start +on ia64, otherwise we end up with NULL in cont_save_machine_stack. + +Closes: https://github.com/ruby/ruby/pull/2155 +--- + cont.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/cont.c b/cont.c +index 7b6864a..8ad8207 100644 +--- a/cont.c b/cont.c +@@ -543,7 +543,6 @@ cont_save_thread(rb_context_t *cont, rb_thread_t *th) + sec->machine.stack_end = NULL; + + #ifdef __ia64 +-sec->machine.register_stack_start = NULL; + sec->machine.register_stack_end = NULL; + #endif + } diff --git a/debian/patches/series b/debian/patches/series index e0cb0602..a6319c31 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -8,3 +8,4 @@ 0008-Disable-tests-failing-on-Ubuntu-builders.patch 0009-test-test_pair-fix-deadlock-in-test_connect_accept_n.patch 0010-test-use-larger-keys-for-SSL-tests.patch +0011-ia64-Don-t-clear-register_stack_start.patch signature.asc Description: PGP signature
Bug#928940: unblock: ruby2.5/2.5.5-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package ruby2.5. The latest uploaded fixes the one pending RC bug. The fix is pretty simple, just putting 2 files in the correct location. the diff: 8<8<8<- diff --git a/debian/changelog b/debian/changelog index 370de1ed..5cab009b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +ruby2.5 (2.5.5-2) unstable; urgency=medium + + * debian/tests/excludes/: fix exclusion of Rinda tests that depend on +network availability, by moving the existing excludes files to the correct +location. (Closes: #927122) + + -- Antonio Terceiro Mon, 13 May 2019 10:55:06 -0300 + ruby2.5 (2.5.5-1) unstable; urgency=medium * New upstream version 2.5.5. Includes a series of bug fixes, most notably diff --git a/debian/tests/excludes/any/TestRingFinger.rb b/debian/tests/excludes/any/Rinda/TestRingFinger.rb similarity index 100% rename from debian/tests/excludes/any/TestRingFinger.rb rename to debian/tests/excludes/any/Rinda/TestRingFinger.rb diff --git a/debian/tests/excludes/any/TestRingServer.rb b/debian/tests/excludes/any/Rinda/TestRingServer.rb similarity index 100% rename from debian/tests/excludes/any/TestRingServer.rb rename to debian/tests/excludes/any/Rinda/TestRingServer.rb 8<8<8<- unblock ruby2.5/2.5.5-2 -- System Information: Debian Release: 10.0 APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_CRAP Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled signature.asc Description: PGP signature
Bug#927241: unblock: ruby-concurrent/1.0.5-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package ruby-concurrent This fixes an autopkgtest failure (this is useful if we want to test stable updates after buster is out). the change is trivial and has no effect on the binaries produced. 8<8<8<- diff --git a/debian/changelog b/debian/changelog index bc70f4c..ee87263 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +ruby-concurrent (1.0.5-3) unstable; urgency=medium + + * Team upload. + * debian/control: drop `Testsuite: autopkgtest-pkg-ruby` to let autopkgtest +run only the explicit debian/tests/control in this package, and not also +run the default test produced by autodep8 (Closes: #926782) + + -- Antonio Terceiro Mon, 15 Apr 2019 12:52:29 -0300 + ruby-concurrent (1.0.5-2) unstable; urgency=medium * Team upload diff --git a/debian/control b/debian/control index 5629f73..2f274b3 100644 --- a/debian/control +++ b/debian/control @@ -13,7 +13,6 @@ Standards-Version: 4.0.0 Vcs-Git: https://salsa.debian.org/ruby-team/ruby-concurrent.git Vcs-Browser: https://salsa.debian.org/ruby-team/ruby-concurrent Homepage: http://www.concurrent-ruby.com -Testsuite: autopkgtest-pkg-ruby XS-Ruby-Versions: all Package: ruby-concurrent 8<8<8<- unblock ruby-concurrent/1.0.5-3 -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_CRAP Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled signature.asc Description: PGP signature
Bug#927127: unblock: ruby-websocket/1.2.8-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package ruby-websocket This fixes a file conflict with another package that invades its namespace. The changes are trivial: 8<8<8<- diff --git a/debian/changelog b/debian/changelog index dc5fdfc..d49bace 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +ruby-websocket (1.2.8-2) unstable; urgency=medium + + * Team upload + * Add Breaks/Replaces against ruby-websocker-parser (Closes: #926254) + + -- Antonio Terceiro Sun, 14 Apr 2019 20:23:47 -0300 + ruby-websocket (1.2.8-1) unstable; urgency=medium * New upstream release diff --git a/debian/control b/debian/control index 27f764d..2304613 100644 --- a/debian/control +++ b/debian/control @@ -20,6 +20,8 @@ XB-Ruby-Versions: ${ruby:Versions} Depends: ruby | ruby-interpreter, ${misc:Depends}, ${shlibs:Depends} +Breaks: ruby-websocket-parser (<= 1.0.0-1) +Replaces: ruby-websocket-parser (<= 1.0.0-1) Description: Universal Ruby library to handle WebSocket protocol This library focuses on providing abstraction layer over WebSocket API instead of providing server or client 8<8<8<- unblock ruby-websocket/1.2.8-2 -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_CRAP Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled signature.asc Description: PGP signature
Re: Summary of the Arm ports BoF at DC18
On Sun, Apr 14, 2019 at 11:25:47PM +0200, Mattia Rizzolo wrote: > Hi, > > On Sun, Apr 14, 2019 at 09:20:51PM +0200, Paul Gevers wrote: > > On 07-11-2018 20:15, Steve McIntyre wrote: > > >> Currently all the amd64 CI nodes are VM's on Amazon EC2. There is > > >> currently no arrangement for hosting actual hardware. > > > > > > Right. I didn't realise that. In that case for arm*, would VMs on > > > packet.net or similar work for us then? > > > > While I was at the BSP in Paris, you promised ivodd that you would pass > > us credentials for (I assume) packet.net. I assume you either didn't > > have time yet, or forgot. In the latter case consider this a polite ping. > > I'm assuming you are talking about the packet.net stuff that has been > provided to debian. TBOMK nothing is using those credits atm. I have > admin access to the project and the team, so I can add you > (incidentally, I don't see Steve in the least, so I wouldn't know how he > would do it; there is only zumbi as an "owner", me as an "admin" and a > few other people as "collaborator", including terceiro - so I expected > you as a Debian CI to already have access). > > Could you please check with terceiro? He should have been CCed in a > private thread back then, otherwise feel free to get in touch with me. can you please add Paul? I signed up, but never had the bandwidth to actually do anything, and now with DebConf getting closer I will have even less time. BTW Amazon also has arm64 instances now so maybe it would be easier to use those instead. signature.asc Description: PGP signature
Bug#925923: unblock: ruby2.5/2.5.5-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package ruby2.5. This is a maintainance-only new upstream release that includes fixes for important bugs, and 6 security bugs. Changelog: ruby2.5 (2.5.5-1) unstable; urgency=medium . * New upstream version 2.5.5. Includes a series of bug fixes, most notably for 6 security bugs discovered in Rubygems: - CVE-2019-8320: Delete directory using symlink when decompressing tar - CVE-2019-8321: Escape sequence injection vulnerability in verbose - CVE-2019-8322: Escape sequence injection vulnerability in gem owner - CVE-2019-8323: Escape sequence injection vulnerability in API response handling - CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution - CVE-2019-8325: Escape sequence injection vulnerability in errors * Rebase patches. The following patches were applied upstream and dropped from the Debian package: - 0011-Update-for-tzdata-2018f.patch - 0012-test-update-test-certificate.patch The full diff against the version in testing is attached. It's a bit big, but I have reviewed the changes and there is nothing worrysome from my POV. You will notice that a few functions are renamed, but they are not part of the API or the ABI since they are not exported in the -dev header files. Having this version in buster will make the maintainance in stable a lot easier. unblock ruby2.5/2.5.5-1 -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_CRAP Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled signature.asc Description: PGP signature
Bug#924497: unblock: bundler/1.17.3-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package bundler This update fixes a bug that affects other packages that use bundler. Changelog: bundler (1.17.3-3) unstable; urgency=medium * Add test for locating bundler binaries * Switch to Rubygems installation layout (Closes: #914771) * 0003-Do-not-add-system-path-to-RUBYLIB.patch: dropped, not necessary anymore * 0001-replace-call-to-git-ls-files-with-Dir.glob.patch: fix file listing * debian/install: removed, not necessary anymore -- Antonio Terceiro Sat, 09 Mar 2019 08:41:37 -0300 A diff against the version in testing is attached. unblock bundler/1.17.3-3 -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-3-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_WARN, TAINT_CRAP Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled diff --git a/debian/changelog b/debian/changelog index 63563bc..1cc4472 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,14 @@ +bundler (1.17.3-3) unstable; urgency=medium + + * Add test for locating bundler binaries + * Switch to Rubygems installation layout (Closes: #914771) +* 0003-Do-not-add-system-path-to-RUBYLIB.patch: dropped, not necessary + anymore + * 0001-replace-call-to-git-ls-files-with-Dir.glob.patch: fix file listing + * debian/install: removed, not necessary anymore + + -- Antonio Terceiro Sat, 09 Mar 2019 08:41:37 -0300 + bundler (1.17.3-2) unstable; urgency=medium * Team upload. diff --git a/debian/install b/debian/install deleted file mode 100644 index be41aee..000 --- a/debian/install +++ /dev/null @@ -1 +0,0 @@ -lib/bundler/templates/newgem/travis.yml.tt /usr/lib/ruby/vendor_ruby/bundler/templates/newgem diff --git a/debian/patches/0001-replace-call-to-git-ls-files-with-Dir.glob.patch b/debian/patches/0001-replace-call-to-git-ls-files-with-Dir.glob.patch index 6d52c06..c470fd5 100644 --- a/debian/patches/0001-replace-call-to-git-ls-files-with-Dir.glob.patch +++ b/debian/patches/0001-replace-call-to-git-ls-files-with-Dir.glob.patch @@ -24,7 +24,7 @@ index 26fc322..b68627f 100644 - # we don't check in man pages, but we need to ship them because - # we use them to generate the long-form help for each command. - s.files += Dir.glob("man/**/*") -+ s.files = Dir.glob("lib/**") + Dir.glob("exe/*") + Dir.glob("*.md") + Dir.glob("man/*") ++ s.files = Dir.glob('**/*') - Dir.glob('debian/**/*') # Include the CHANGELOG.md, LICENSE.md, README.md manually s.files += %w[CHANGELOG.md LICENSE.md README.md] # include the gemspec itself because warbler breaks w/o it diff --git a/debian/patches/0003-Do-not-add-system-path-to-RUBYLIB.patch b/debian/patches/0003-Do-not-add-system-path-to-RUBYLIB.patch deleted file mode 100644 index 7735a6f..000 --- a/debian/patches/0003-Do-not-add-system-path-to-RUBYLIB.patch +++ /dev/null @@ -1,47 +0,0 @@ -From: Christian Hofstaedtler -Date: Wed, 13 Jul 2016 15:51:52 + -Subject: Do not add system path to RUBYLIB - -Bundler adds it's own installation path in front of RUBYLIB, but when -this is the system ruby path, this causes system-wide installed gems -to be used before bundler-installed gems. - -Closes: #830958 -Forwarded: not-needed -Origin: vendor - lib/bundler.rb| 6 -- - lib/bundler/shared_helpers.rb | 3 --- - 2 files changed, 9 deletions(-) - -diff --git a/lib/bundler.rb b/lib/bundler.rb -index 1cb3b4f..942f862 100644 a/lib/bundler.rb -+++ b/lib/bundler.rb -@@ -296,12 +296,6 @@ EOF - env["RUBYOPT"] = env["RUBYOPT"].sub "-rbundler/setup", "" - end - -- if env.key?("RUBYLIB") --rubylib = env["RUBYLIB"].split(File::PATH_SEPARATOR) --rubylib.delete(File.expand_path("..", __FILE__)) --env["RUBYLIB"] = rubylib.join(File::PATH_SEPARATOR) -- end -- - env - end - -diff --git a/lib/bundler/shared_helpers.rb b/lib/bundler/shared_helpers.rb -index 3e2fe24..06c1c78 100644 a/lib/bundler/shared_helpers.rb -+++ b/lib/bundler/shared_helpers.rb -@@ -339,9 +339,6 @@ module Bundler - end - - def set_rubylib -- rubylib = (ENV["RUBYLIB"] || "").split(File::PATH_SEPARATOR) -- rubylib.unshift bundler_ruby_lib -- Bundler::SharedHelpers.set_env "RUBYLIB", rubylib.uniq.join(File::PATH_SEPARATOR) - end - - def bundler_ruby_lib diff --git a/debian/patches/series b/debian/patches/series in
Bug#923202: stretch-pu: package ruby2.3/2.3.3-1+deb9u5
On Sat, Mar 09, 2019 at 02:12:26PM +, Adam D. Barratt wrote: > Control: tags -1 -moreinfo +confirmed > > On Sat, 2019-03-09 at 11:01 -0300, Antonio Terceiro wrote: > > On Sat, Mar 09, 2019 at 01:56:02PM +, Adam D. Barratt wrote: > > > Control: tags -1 + moreinfo > > > > > > On Sun, 2019-02-24 at 21:27 -0300, Antonio Terceiro wrote: > > > > this update fixes 2 FTBFS bugs on stretch. All of the changes are > > > > in > > > > the test suite, so there are no functional changes. > > > > > > [...] > > > > ruby2.3 (2.3.3-1+deb9u5) stretch; urgency=medium > > > > > > > > * Backport upstream patches to fix FTBFS due to expired SSL > > > > certificate and > > > > timezone changes (Closes: #91) > > > > - imap: update test certificate > > > > - timezone changes for Japan and Kiritimati > > > > * test/ruby/test_gc.rb: skip entirely; some tests in there can > > > > fail > > > > unpredictably on buildds (Closes: #912740) > > > > > > Does this resolve all of the FTBFS issues that are currently > > > keeping > > > 2.3.3-1+deb9u4 from being accepted into stable-new? (I'm hoping > > > that's > > > what the #912740 does, but would like to be sure.) > > > > Yes > > Thanks for the quick response; please go ahead. Uploaded signature.asc Description: PGP signature
Bug#923202: stretch-pu: package ruby2.3/2.3.3-1+deb9u5
On Sat, Mar 09, 2019 at 01:56:02PM +, Adam D. Barratt wrote: > Control: tags -1 + moreinfo > > On Sun, 2019-02-24 at 21:27 -0300, Antonio Terceiro wrote: > > this update fixes 2 FTBFS bugs on stretch. All of the changes are in > > the test suite, so there are no functional changes. > [...] > > ruby2.3 (2.3.3-1+deb9u5) stretch; urgency=medium > > > > * Backport upstream patches to fix FTBFS due to expired SSL > > certificate and > > timezone changes (Closes: #91) > > - imap: update test certificate > > - timezone changes for Japan and Kiritimati > > * test/ruby/test_gc.rb: skip entirely; some tests in there can fail > > unpredictably on buildds (Closes: #912740) > > Does this resolve all of the FTBFS issues that are currently keeping > 2.3.3-1+deb9u4 from being accepted into stable-new? (I'm hoping that's > what the #912740 does, but would like to be sure.) Yes signature.asc Description: PGP signature
Bug#922300: unblock: chef/13.8.7-3, ohai/13.8.0-1
On Thu, Feb 14, 2019 at 09:42:42AM -0200, Antonio Terceiro wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Hello, > > Please unblock package chef > > Hi, > > The ci.debian.net nodes are managed with chef, and during the weekend I > realized that it was not in testing. There was an RC bug against chef (FTBFS, > 3 > tests broken by an update to the test framework, package just worked > nevertheless) and ruby-cheffish (broken by openssl 1.1.1). I fixed both, and > they were ACCEPTED in unstable Sunday morning within less than one hour of > each > other (ruby-cheffish at 11:53:21 + and chef at 12:34:15 +) > > https://tracker.debian.org/news/1029431/accepted-chef-1387-3-source-into-unstable/ > https://tracker.debian.org/news/1029425/accepted-ruby-cheffish-1310-2-source-into-unstable/ FWIW today I noticed a new item in the chef migration excuses that was not there when I opened this bug, a piuparts regression. I made a new upload with a trivial patch fixing only that. signature.asc Description: PGP signature
Bug#923202: stretch-pu: package ruby2.3/2.3.3-1+deb9u5
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Hi this update fixes 2 FTBFS bugs on stretch. All of the changes are in the test suite, so there are no functional changes. debian/changelog | 11 +++ test/net/imap/cacert.pem | 86 ++ test/net/imap/server.crt | 110 -- test/net/imap/server.key | 43 --- test/ruby/test_gc.rb | 2 +- test/ruby/test_time_tz.rb | 38 -- 6 files changed, 166 insertions(+), 124 deletions(-) Changelog: ruby2.3 (2.3.3-1+deb9u5) stretch; urgency=medium * Backport upstream patches to fix FTBFS due to expired SSL certificate and timezone changes (Closes: #91) - imap: update test certificate - timezone changes for Japan and Kiritimati * test/ruby/test_gc.rb: skip entirely; some tests in there can fail unpredictably on buildds (Closes: #912740) -- Antonio Terceiro Sat, 23 Feb 2019 18:31:45 -0300 The full diff is attached. -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled diff --git a/debian/changelog b/debian/changelog index cb2d07df..76f1e87f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,14 @@ +ruby2.3 (2.3.3-1+deb9u5) stretch; urgency=medium + + * Backport upstream patches to fix FTBFS due to expired SSL certificate and +timezone changes (Closes: #91) +- imap: update test certificate +- timezone changes for Japan and Kiritimati + * test/ruby/test_gc.rb: skip entirely; some tests in there can fail +unpredictably on buildds (Closes: #912740) + + -- Antonio Terceiro Sat, 23 Feb 2019 18:31:45 -0300 + ruby2.3 (2.3.3-1+deb9u4) stretch-security; urgency=high * Non-maintainer upload by the Security Team. diff --git a/test/net/imap/cacert.pem b/test/net/imap/cacert.pem index 70733878..f623bd62 100644 --- a/test/net/imap/cacert.pem +++ b/test/net/imap/cacert.pem @@ -1,66 +1,24 @@ -Certificate: -Data: -Version: 3 (0x2) -Serial Number: -b9:90:a2:bf:62:69:17:9c -Signature Algorithm: sha1WithRSAEncryption -Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=secur...@ruby-lang.org -Validity -Not Before: Jan 3 01:34:17 2014 GMT -Not After : Jan 2 01:34:17 2019 GMT -Subject: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=secur...@ruby-lang.org -Subject Public Key Info: -Public Key Algorithm: rsaEncryption -RSA Public Key: (1024 bit) -Modulus (1024 bit): -00:db:75:d0:45:de:b1:df:bf:71:a0:0e:b0:a5:e6: -bc:f4:1c:9d:e5:25:67:64:c5:7b:cb:f1:af:c6:be: -9a:aa:ea:7e:0f:cc:05:af:ef:40:69:06:b2:c9:13: -9d:7e:eb:a2:06:e2:ea:7d:07:c7:c7:99:c7:fb:d5: -b8:eb:63:77:62:2b:18:12:c3:53:58:d0:f5:c7:40: -0c:01:d1:26:82:34:16:09:e3:dc:65:f4:dc:bb:5d: -a5:41:60:e7:a9:74:ba:d7:4c:b6:a3:9c:c5:8c:89: -af:cb:e8:9f:05:fe:ea:fe:64:24:bf:e7:ed:e3:f6: -d0:fc:d6:eb:fc:06:82:10:fb -Exponent: 65537 (0x10001) -X509v3 extensions: -X509v3 Subject Key Identifier: -E8:7E:58:AC:13:7B:03:22:8D:9E:AF:32:0B:84:89:80:80:0C:1E:C2 -X509v3 Authority Key Identifier: -keyid:E8:7E:58:AC:13:7B:03:22:8D:9E:AF:32:0B:84:89:80:80:0C:1E:C2 -DirName:/C=JP/ST=Shimane/L=Matz-e city/O=Ruby Core Team/CN=Ruby Test CA/emailAddress=secur...@ruby-lang.org -serial:B9:90:A2:BF:62:69:17:9C - -X509v3 Basic Constraints: -CA:TRUE -Signature Algorithm: sha1WithRSAEncryption -8f:77:06:4e:31:72:12:ee:68:09:70:27:d4:31:85:ef:10:95: -f9:0f:2b:66:63:08:37:88:6e:b7:9b:40:3e:18:77:33:86:e8: -61:6a:b7:3c:cb:c7:a6:d6:d5:92:6a:1f:56:d0:9f:5c:32:56: -d3:37:52:fe:0e:20:c2:7a:0d:fe:2d:3c:81:da:b8:7f:4d:6a: -08:01:d9:be:7a:a2:15:be:a6:ce:49:64:90:8c:9a:ca:6e:2e: -84:48:1d:94:19:56:94:46:aa:25:9b:68:c2:80:60:bf:cb:2e: -35:03:ea:0a:65:5a:33:38:c6:cc:81:46:c0:bc:36:86:96:39: -10:7d -BEGIN
Bug#922300: unblock: chef/13.8.7-3, ohai/13.8.0-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hello, Please unblock package chef Hi, The ci.debian.net nodes are managed with chef, and during the weekend I realized that it was not in testing. There was an RC bug against chef (FTBFS, 3 tests broken by an update to the test framework, package just worked nevertheless) and ruby-cheffish (broken by openssl 1.1.1). I fixed both, and they were ACCEPTED in unstable Sunday morning within less than one hour of each other (ruby-cheffish at 11:53:21 + and chef at 12:34:15 +) https://tracker.debian.org/news/1029431/accepted-chef-1387-3-source-into-unstable/ https://tracker.debian.org/news/1029425/accepted-ruby-cheffish-1310-2-source-into-unstable/ ruby-cheffish migrated to testing before the freeze, but chef didn't even though they have a pathological circular build dependency. So ruby-cheffish can't be built in buster at the moment: The following packages have unmet dependencies: builddeps:ruby-cheffish : Depends: chef but it is not installable E: Unable to correct problems, you have held broken packages.' Maybe this a bug in britney; it should have migrated either both or none of them, but not one without the other. I would very much prefer to have this fixed by having chef migrate, since 1) that would make my life maintaining ci.debian.net much easier and 2) it will save a lot of Debian users the pain of not having chef in stable. OTOH I realize chef that the fixes came in late, so if it's unacceptable to have it in buster, ruby-cheffish needs to be removed. So I would ask you to unblock chef/13.8.7-3 unstable ohai/13.8.0-1 (ohai also has a circular dependency with chef and was removed from testing because of chef) OR remove ruby-cheffish/13.1.0-2 -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled signature.asc Description: PGP signature
Re: chef and ruby-cheffish in buster
On Tue, Feb 12, 2019 at 10:11:21PM -0200, Antonio Terceiro wrote: > Hi, > > The ci.debian.net nodes are managed with chef, and during the weekend I > realized that it was not in testing. There was an RC bug against chef > (FTBFS, 3 tests broken by an update to the test framework, package just > worked nevertheless) and ruby-cheffish (broken by openssl 1.1.1). I > fixed both, and uploaded ruby-cheffish Saturday night and chef Sunday > morning. FWIW I just double checked and the actual uploads were both done Sunday morning (11:53:21 + and 12:34:15 +) https://tracker.debian.org/news/1029431/accepted-chef-1387-3-source-into-unstable/ https://tracker.debian.org/news/1029425/accepted-ruby-cheffish-1310-2-source-into-unstable/ signature.asc Description: PGP signature
chef and ruby-cheffish in buster
Hi, The ci.debian.net nodes are managed with chef, and during the weekend I realized that it was not in testing. There was an RC bug against chef (FTBFS, 3 tests broken by an update to the test framework, package just worked nevertheless) and ruby-cheffish (broken by openssl 1.1.1). I fixed both, and uploaded ruby-cheffish Saturday night and chef Sunday morning. ruby-cheffish migrated to testing before the freeze, but chef didn't even though they have a pathological circular build dependency, so ruby-cheffish can't be built in buster at the moment: The following packages have unmet dependencies: builddeps:ruby-cheffish : Depends: chef but it is not installable E: Unable to correct problems, you have held broken packages.' Maybe this a bug in britney; it should have migrated either both or none of them, but not one without the other. This needs to be fixed somehow. I would very much prefer to have chef migrate, since 1) that would make my life maintaining ci.debian.net much easier and 2) it will save a lot of Debian users the pain of not having chef in stable. OTOH I realize chef was fixed too late, so if it's unacceptable to have it in buster, ruby-cheffish needs to be removed. Thanks in advance. signature.asc Description: PGP signature
Re: Proposal: Repository for fast-paced package backports
On Wed, Dec 26, 2018 at 01:04:44PM +0530, Pirate Praveen wrote: > If it has to be completely separate from -backports, it means some packages > will need to be maintained twice, even when they meet the criteria for > backports fully, just because a package in volatile declare a dependency on > them. There is nothing that stops you, or whoever wants to maintain this newn repository from doing it in a way that 1) reuses what's already in backports, even automatically and 2) adds the bits that are not deemed appropriate for backports. signature.asc Description: PGP signature
Bug#909119: stretch-pu: package vagrant/1.9.1+dfsg-1+deb9u1
On Sat, Oct 06, 2018 at 05:50:33PM +0100, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Tue, 2018-09-18 at 10:22 -0700, Antonio Terceiro wrote: > > vagrant from stretch currently refuses to work with VirtualBox 5.2 > > from > > stretch-backports. This update just backports the few changes needed > > to > > make it work. The changes are pretty trivial. > > > > VirtualBox is not in stretch, so users are getting it either from > > stretch-backports or from upstream's .deb package; without this > > update > > vagrant will most likely be broken for most VirtualBox users. It > > would > > be nice if we can release this update. > > > > Please go ahead. Just uploaded, thanks. signature.asc Description: PGP signature
Bug#910371: stretch-pu: package lxcfs/2.0.7-1.1
On Sat, 6 Oct 2018 14:21:45 +0200 Michael Banck wrote: > On Fri, Oct 05, 2018 at 05:18:51PM +0200, Michael Banck wrote: > > Package: release.debian.org > > Severity: normal > > Tags: stretch > > User: release.debian@packages.debian.org > > Usertags: pu > > > > Hi, > > > > I would like to upload a lxcfs NMU to stable, fixing Bug #885542. This > > would be useful for ci.debian.net autopkgtest, as ci.debian.net > > currenlty runs lxc from stable. > > PFA the debdiff. ACK from my part as well. signature.asc Description: PGP signature
Bug#909119: stretch-pu: package vagrant/1.9.1+dfsg-1+deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Hello, vagrant from stretch currently refuses to work with VirtualBox 5.2 from stretch-backports. This update just backports the few changes needed to make it work. The changes are pretty trivial. VirtualBox is not in stretch, so users are getting it either from stretch-backports or from upstream's .deb package; without this update vagrant will most likely be broken for most VirtualBox users. It would be nice if we can release this update. diff against the version in stretch is attached. -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.18.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled diff --git a/debian/changelog b/debian/changelog index 48bff55..04885d8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +vagrant (1.9.1+dfsg-1+deb9u2) stretch; urgency=medium + + * Backport support for VirtualBox 5.2 (available in stretch-backports) +(Closes: #908826) + + -- Antonio Terceiro Sat, 15 Sep 2018 09:23:23 -0300 + vagrant (1.9.1+dfsg-1+deb9u1) stretch; urgency=medium * 0008-Convert-atlas-references-to-vagrant-cloud.patch: backport upstream diff --git a/debian/patches/0009-Backport-support-for-VirtualBox-5.2.patch b/debian/patches/0009-Backport-support-for-VirtualBox-5.2.patch new file mode 100644 index 000..46ec4a9 --- /dev/null +++ b/debian/patches/0009-Backport-support-for-VirtualBox-5.2.patch @@ -0,0 +1,58 @@ +From: Antonio Terceiro +Date: Sat, 15 Sep 2018 09:22:39 -0300 +Subject: Backport support for VirtualBox 5.2 + +Signed-off-by: Antonio Terceiro +--- + plugins/providers/virtualbox/driver/meta.rb| 1 + + plugins/providers/virtualbox/driver/version_5_2.rb | 16 + plugins/providers/virtualbox/plugin.rb | 1 + + 3 files changed, 18 insertions(+) + create mode 100644 plugins/providers/virtualbox/driver/version_5_2.rb + +diff --git a/plugins/providers/virtualbox/driver/meta.rb b/plugins/providers/virtualbox/driver/meta.rb +index 0dd186d..ec457a8 100644 +--- a/plugins/providers/virtualbox/driver/meta.rb b/plugins/providers/virtualbox/driver/meta.rb +@@ -62,6 +62,7 @@ module VagrantPlugins + "4.3" => Version_4_3, + "5.0" => Version_5_0, + "5.1" => Version_5_1, ++"5.2" => Version_5_2, + } + + if @@version.start_with?("4.2.14") +diff --git a/plugins/providers/virtualbox/driver/version_5_2.rb b/plugins/providers/virtualbox/driver/version_5_2.rb +new file mode 100644 +index 000..cd6c0b6 +--- /dev/null b/plugins/providers/virtualbox/driver/version_5_2.rb +@@ -0,0 +1,16 @@ ++require File.expand_path("../version_5_1", __FILE__) ++ ++module VagrantPlugins ++ module ProviderVirtualBox ++module Driver ++ # Driver for VirtualBox 5.2.x ++ class Version_5_2 < Version_5_1 ++def initialize(uuid) ++ super ++ ++ @logger = Log4r::Logger.new("vagrant::provider::virtualbox_5_2") ++end ++ end ++end ++ end ++end +diff --git a/plugins/providers/virtualbox/plugin.rb b/plugins/providers/virtualbox/plugin.rb +index 399747a..090bc50 100644 +--- a/plugins/providers/virtualbox/plugin.rb b/plugins/providers/virtualbox/plugin.rb +@@ -57,6 +57,7 @@ module VagrantPlugins + autoload :Version_4_3, File.expand_path("../driver/version_4_3", __FILE__) + autoload :Version_5_0, File.expand_path("../driver/version_5_0", __FILE__) + autoload :Version_5_1, File.expand_path("../driver/version_5_1", __FILE__) ++ autoload :Version_5_2, File.expand_path("../driver/version_5_2", __FILE__) + end + + module Model diff --git a/debian/patches/series b/debian/patches/series index 102bab3..86a1757 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -6,3 +6,4 @@ 0006-Relax-dependency-resolution.patch 0007-Update-command.rb.patch 0008-Convert-atlas-references-to-vagrant-cloud.patch +0009-Backport-support-for-VirtualBox-5.2.patch signature.asc Description: PGP signature
Re: autopkgtest gating migration, nearly there. But ...
On Fri, Sep 14, 2018 at 10:39:36PM +0200, Paul Gevers wrote: > Dear all, > > We are nearly there to enable migration being gated by autopkgtest > results. Unfortunately I recently realized (after implementation and > deployment of what I thought would be the solution) that the current > situation is possibly not good enough yet. I'd like to solicit for your > help on determining the way forward. > > This e-mail is basically a follow-up of my earlier e-mail [1] about > needed improvements. Before I start with my real issue, let me note that > needs-recommends is now deprecated (it is still supported, but the docs > and lintian warn against it). So I don't bother about it anymore, except > somebody (me) still has to fix autodep8 to not emit it. > > Let me describe the problem and the current status. The migration > software (britney2) is now taking versioned dependencies, breaks and > conflicts of the binary packages from the source package that wants to > migrate into account when requesting the tests. It will add versioned > dependencies that are not in testing and it will add packages from > unstable when their version in testing is broken by (or conflicts with) > anything needed from unstable (recursively). However, it is not having > enough information to do this well (at least, I fear), because of the > following: > > 1) it only knows the Testsuite-Triggers, but it is missing possible > version information of test dependencies. (Possibly fixable by > dpkg-source, but that will take time to propagate and then the > Testsuite-Trigger field changes syntax and meaning). > > 2) @builddeps@ is not resolved by dpkg-source, so the migration software > doesn't know if build-depends should be evaluated for the list > (currently the migration software doesn't add them). (Possibly "fixable" > by always evaluating them, or possibly fixable by enhancing dpkg-source). > > 3) test dependencies generated by autodep8 are fully unknown to the > migration software. It seems (but I haven't verified properly) that e.g. > with r packages the test dependencies can be versioned as well. maybe debci could cache the actual test dependencies considered for a given package, including expansion @builddeps@ and stuff produced by autodep8, so that britney2 can query that information to calculate its required tests? a simple action plan would be: - make autopkgtst output the "expanded" control file considered for each test - make debci store that data in the database and expose it via the API (exact format TBD) - make britney2 query that API signature.asc Description: PGP signature
Bug#893765: transition: ruby2.3
On Tue, Mar 27, 2018 at 01:02:53AM +0200, Emilio Pozuelo Monfort wrote: > Control: tags -1 confirmed > > On 22/03/18 03:38, Antonio Terceiro wrote: > > Package: release.debian.org > > Severity: normal > > User: release.debian@packages.debian.org > > Usertags: transition > > > > ruby2.5 has been made the default and the ruby2.5 transition has been > > finished succesfully. there is a pending issue with graphviz on armel, > > but that is beyond what we can do ATM. > > > > So I would like to remove ruby2.3 now. > > Go ahead. Thanks. Please binNMU the following packages (dependency level 1): hivex libselinux qdbm raspell remctl rrdtool ruby-allocations ruby-atomic ruby-augeas ruby-bcrypt ruby-bcrypt-pbkdf ruby-bert ruby-cairo ruby-charlock-holmes ruby-concurrent-ext ruby-curb ruby-curses ruby-dataobjects-mysql ruby-dataobjects-postgres ruby-dataobjects-sqlite3 ruby-debian ruby-debug-inspector ruby-eb ruby-escape-utils ruby-eventmachine ruby-exif ruby-fast-blank ruby-fast-stemmer ruby-fast-xs ruby-fcgi ruby-ferret ruby-ffi ruby-ffi-yajl ruby-filesystem ruby-fusefs ruby-gd ruby-gnome2 ruby-god ruby-google-protobuf ruby-gpgme ruby-hiredis ruby-hitimes ruby-json ruby-kgio ruby-kyotocabinet ruby-ldap ruby-levenshtein ruby-libvirt ruby-libxml ruby-mecab ruby-mmap2 ruby-mysql2 ruby-narray ruby-ncurses ruby-nfc ruby-nio4r ruby-nokogiri ruby-odbc ruby-oily-png ruby-openssl ruby-ox ruby-pcaprub ruby-pg ruby-posix-spawn ruby-prof ruby-prometheus-client-mmap ruby-psych ruby-rblineprof ruby-rdiscount ruby-re2 ruby-redcarpet ruby-redcloth ruby-rinku ruby-rjb ruby-rmagick ruby-rpam-ruby19 ruby-rpatricia ruby-rugged ruby-sdl ruby-sequel-pg ruby-serialport ruby-shadow ruby-sigar ruby-termios ruby-timfel-krb5-auth ruby-tioga ruby-tokyocabinet ruby-uconv ruby-unf-ext ruby-unicode ruby-version-sorter ruby-vmstat ruby-websocket-driver ruby-xmlhash ruby-xmlparser ruby-yajl ruby-zoom stfl xapian-bindings xmms2 signature.asc Description: PGP signature
Bug#893765: transition: ruby2.3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition ruby2.5 has been made the default and the ruby2.5 transition has been finished succesfully. there is a pending issue with graphviz on armel, but that is beyond what we can do ATM. So I would like to remove ruby2.3 now. Ben file: title = "ruby2.3-rm"; is_affected = (.depends ~ /ruby2.3 | .depends ~ /ruby2.5/) & !.source ~ /^(ruby2.3|ruby2.5|ruby-defaults)$/) is_good = ! .depends ~ /ruby2.3/ is_bad = .depends ~ /ruby2.3/ -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.15.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled signature.asc Description: PGP signature
Bug#888531: transition: ruby2.5 - binNMU round #5, and next steps
On Sat, Mar 10, 2018 at 04:26:03AM +0100, Andreas Beckmann wrote: > On Fri, 9 Mar 2018 11:53:17 -0300 Antonio Terceiro <terce...@debian.org> > wrote: > > ruby-pgplot: it's in contrib and has a dependency on a non-free package, > > so it can't be built on buildds. I could do binary uploads myself now, > > or ask someone who cares about it to do that, but then when it's time to > > drop ruby2.3 I would need to do that again, and I would prefer to do it > > just once. I just reported a serious bugs about this. > > If you have the infrastructure ready to do contrib/non-free binNMUs (and > some experience with it), this is not really much work. Uploaded a +b1 > binNMU. Please ping me once you need the ruby2.5-only binNMU. I have neither the infra ready nor the experience, so thank you lot for your help with this! :-) signature.asc Description: PGP signature
Bug#888531: transition: ruby2.5 - binNMU round #5, and next steps
Hi, Please binNMU: obexftp ruby-bcrypt-pbkdf Now we need to discuss what to do wrt the few pending packages. weechat: #892072 [S|+| ] [src:weechat] weechat: build against ruby2.5 uwsgi: #892074 [S | ] [src:uwsgi] uwsgi: FTBFS with ruby2.5 as default graphviz: is missing on armel, because guile-2.2-dev is missing on armel. I asked on #debian-buildd and Julien told me that guile-2.2-dev brings the buildds down. ruby-prof: I just uploaded an update that will make it build fine on s390x. ruby-pgplot: it's in contrib and has a dependency on a non-free package, so it can't be built on buildds. I could do binary uploads myself now, or ask someone who cares about it to do that, but then when it's time to drop ruby2.3 I would need to do that again, and I would prefer to do it just once. I just reported a serious bugs about this. My suggestion would be to remove weechat, uwsgi and ruby-pgplot from testing, remove graphviz from testing on armel, and unblock the transition. But, of course, this is your call. signature.asc Description: PGP signature
Bug#888531: transition: ruby2.5 - binNMU round #4
Hi, I just uploaded ruby-defaults 1:2.5.0 making the switch in unstable. Binaries should be available in a few hours from now. Please binNMU the following packages: broccoli-ruby dislocker geos graphviz kross-interpreters libprelude marisa nbdkit ngraph-gtk notmuch redland-bindings rubyluabridge ruby-standalone subtle subversion treil vim vim-command-t Pending: obexftpneeds a fix to be released in gem2deb 0.38 uwsgi #892074 [S | ] [src:uwsgi] uwsgi: FTBFS with ruby2.5 as default weechat#892072 [S|+| ] [src:weechat] weechat: build against ruby2.5 signature.asc Description: PGP signature
Bug#888531: transition: ruby2.5 - binNMU round #3
On Sun, Feb 25, 2018 at 02:57:37PM +0100, Emilio Pozuelo Monfort wrote: > On 25/02/18 14:43, Antonio Terceiro wrote: > > Hi, > > > > On Wed, Feb 21, 2018 at 09:33:44AM +0100, Emilio Pozuelo Monfort wrote: > >> On 07/02/18 01:21, Antonio Terceiro wrote: > >>> Please binNMU: > >>> > >>> libguestfs > >>> mapserver > >>> passenger > >>> nbdkit > >> > >> Any update here? > > > > Almost all of the the missing packages build for the default version of > > Ruby, so they need to be binNMUed after the switch. > > > > Apart from those, I would like to have ruby-json and ruby-rmagick fixed > > before doing the switch. However I could leave ruby-rmagick to be fixed > > after, but ruby-json has too many reverse dependencies for that. There > > is work underway on ruby-rmagick, and I will look into ruby-json today. > > > > With ruby-json fixed, I would like to go ahead and do the switch. How > > does that sound? > > Definitely fix ruby-json before doing the switch. Fixing ruby-rmagick would be > good too, I think we can wait a bit for those. Thanks for the update. Both are now fixed in unstable, I will switch to ruby2.5 soon. signature.asc Description: PGP signature
Bug#891484: stretch-pu: package vagrant/1.9.1+dfsg-1+deb9u1
On Tue, Feb 27, 2018 at 06:41:01PM +, Adam D. Barratt wrote: > Control: tags -1 -moreinfo +confirmed > > On Mon, 2018-02-26 at 18:36 -0300, Antonio Terceiro wrote: > > On Mon, Feb 26, 2018 at 08:42:56PM +, Adam D. Barratt wrote: > > > Control: tags -1 + moreinfo > > > > > > On Sun, 2018-02-25 at 22:10 -0300, Antonio Terceiro wrote: > > > > The platform from where vagrant downloads images has been > > > > discontinued > > > > and we need to switch the default download location plus > > > > documentation, > > > > usage messages etc to match the new platform. Without this > > > > update, > > > > vagrant is pretty useless. > > > > > > > > > > So far as I can tell, this issue also affects the version of > > > vagrant in > > > unstable and has not yet been fixed there. Assuming that's correct, > > > the > > > bug will need resolving in unstable first. > > > > Ah, I thought I adjusted the bug metadata yesterday, but it seems I > > didn't. > > > > No, unstable is not affected. This has been done upstream for a > > while, > > this update is a backport of the change -- which we already have in > > the > > version in unstable -- to stable. > > Thanks. Please feel free to upload. uploaded. signature.asc Description: PGP signature
Bug#891484: stretch-pu: package vagrant/1.9.1+dfsg-1+deb9u1
On Mon, Feb 26, 2018 at 08:42:56PM +, Adam D. Barratt wrote: > Control: tags -1 + moreinfo > > On Sun, 2018-02-25 at 22:10 -0300, Antonio Terceiro wrote: > > The platform from where vagrant downloads images has been > > discontinued > > and we need to switch the default download location plus > > documentation, > > usage messages etc to match the new platform. Without this update, > > vagrant is pretty useless. > > > > So far as I can tell, this issue also affects the version of vagrant in > unstable and has not yet been fixed there. Assuming that's correct, the > bug will need resolving in unstable first. Ah, I thought I adjusted the bug metadata yesterday, but it seems I didn't. No, unstable is not affected. This has been done upstream for a while, this update is a backport of the change -- which we already have in the version in unstable -- to stable. signature.asc Description: PGP signature
Bug#891484: stretch-pu: package vagrant/1.9.1+dfsg-1+deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu The platform from where vagrant downloads images has been discontinued and we need to switch the default download location plus documentation, usage messages etc to match the new platform. Without this update, vagrant is pretty useless. Changelog: vagrant (1.9.1+dfsg-1+deb9u1) stretch; urgency=medium * 0008-Convert-atlas-references-to-vagrant-cloud.patch: backport upstream patch to download boxes from app.vagrantcloud.com instead of the deprecated atlas.hashicorp.com (Closes: #889873) -- Antonio Terceiro <terce...@debian.org> Sun, 25 Feb 2018 21:54:18 -0300 Diff against package in stretch attached. -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled diff --git a/debian/changelog b/debian/changelog index 39dbcb2..48bff55 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +vagrant (1.9.1+dfsg-1+deb9u1) stretch; urgency=medium + + * 0008-Convert-atlas-references-to-vagrant-cloud.patch: backport upstream +patch to download boxes from app.vagrantcloud.com instead of the +deprecated atlas.hashicorp.com (Closes: #889873) + + -- Antonio Terceiro <terce...@debian.org> Sun, 25 Feb 2018 21:54:18 -0300 + vagrant (1.9.1+dfsg-1) unstable; urgency=medium * New upstream version 1.9.1+dfsg diff --git a/debian/patches/0008-Convert-atlas-references-to-vagrant-cloud.patch b/debian/patches/0008-Convert-atlas-references-to-vagrant-cloud.patch new file mode 100644 index 000..20533be --- /dev/null +++ b/debian/patches/0008-Convert-atlas-references-to-vagrant-cloud.patch @@ -0,0 +1,286 @@ +From: Chris Roberts <c...@chrisroberts.org> +Date: Sun, 25 Feb 2018 21:53:24 -0300 +Subject: Convert atlas references to vagrant cloud + +Backported-by: Antonio Terceiro <terce...@debian.org> +--- + lib/vagrant/shared_helpers.rb | 4 ++-- + plugins/commands/box/command/add.rb | 2 +- + plugins/commands/login/client.rb| 21 - + plugins/commands/login/command.rb | 8 + plugins/commands/login/locales/en.yml | 10 +- + .../commands/login/middleware/add_authentication.rb | 3 ++- + plugins/commands/login/plugin.rb| 2 +- + templates/commands/init/Vagrantfile.erb | 9 + + templates/locales/en.yml| 8 + test/unit/plugins/commands/login/client_test.rb | 4 ++-- + 10 files changed, 34 insertions(+), 37 deletions(-) + +diff --git a/lib/vagrant/shared_helpers.rb b/lib/vagrant/shared_helpers.rb +index ffe61e5..93f4c11 100644 +--- a/lib/vagrant/shared_helpers.rb b/lib/vagrant/shared_helpers.rb +@@ -5,12 +5,12 @@ require "thread" + module Vagrant + @@global_lock = Mutex.new + +- # This is the default endpoint of the Atlas in ++ # This is the default endpoint of the Vagrant Cloud in + # use. API calls will be made to this for various functions + # of Vagrant that may require remote access. + # + # @return [String] +- DEFAULT_SERVER_URL = "https://atlas.hashicorp.com; ++ DEFAULT_SERVER_URL = "https://vagrantcloud.com; + + # This holds a global lock for the duration of the block. This should + # be invoked around anything that is modifying process state (such as +diff --git a/plugins/commands/box/command/add.rb b/plugins/commands/box/command/add.rb +index 5545ea2..d8ae063 100644 +--- a/plugins/commands/box/command/add.rb b/plugins/commands/box/command/add.rb +@@ -40,7 +40,7 @@ module VagrantPlugins + end + + o.separator "" +-o.separator "The box descriptor can be the name of a box on HashiCorp's Atlas," ++o.separator "The box descriptor can be the name of a box on HashiCorp's Vagrant Cloud," + o.separator "or a URL, or a local .box file, or a local .json file containing" + o.separator "the catalog metadata." + o.separator "" +diff --git a/plugins/commands/login/client.rb b/plugins/commands/login/client.rb +index 04b6ee0..fb2dd05 100644 +--- a/plugins/commands/login/client.rb b/plugins/commands/login/client.rb +@@ -86,28 +86,26 @@ module VagrantPlugins + end + + # Reads the access token if there is one. This will first read the +- # `ATLAS_TOKEN` environment variable and then fallback to the stored ++
Bug#888788: stretch-pu: package lxc/1:2.0.7-2+deb9u2
On Fri, Feb 23, 2018 at 04:58:11PM +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Mon, 2018-01-29 at 20:40 -0200, Antonio Terceiro wrote: > > iproute has been a transitional package for a while, but the lxc- > > debian > > template was refering to it. Now that iproute has been finally > > removed, > > creating buster or sid containers fails. > > > > This update replaces iproute with iproute2. I am running it on > > ci.debian.net > > > > Please go ahead. Uploaded. signature.asc Description: PGP signature
Bug#888531: transition: ruby2.5 - binNMU round #3
Hi, On Wed, Feb 21, 2018 at 09:33:44AM +0100, Emilio Pozuelo Monfort wrote: > On 07/02/18 01:21, Antonio Terceiro wrote: > > Please binNMU: > > > > libguestfs > > mapserver > > passenger > > nbdkit > > Any update here? Almost all of the the missing packages build for the default version of Ruby, so they need to be binNMUed after the switch. Apart from those, I would like to have ruby-json and ruby-rmagick fixed before doing the switch. However I could leave ruby-rmagick to be fixed after, but ruby-json has too many reverse dependencies for that. There is work underway on ruby-rmagick, and I will look into ruby-json today. With ruby-json fixed, I would like to go ahead and do the switch. How does that sound? signature.asc Description: PGP signature
Bug#888788: Bug#891221: stretch's lxc fails to create sid container: iproute not found
Control: tags 891221 + confirmed Control: block 891221 by 888788 On Fri, Feb 23, 2018 at 02:12:37PM +, Santiago wrote: > Package: lxc > Version: 1:2.0.7-2+deb9u1 > Severity: important > > Stretch's lxc fails to create a -t debian -- -r sid container, because > it doesn't find the iproute package, not longer included in unstable: > > … > I: Checking component main on http://httpredir.debian.org/debian... > E: Couldn't find these debs: iproute > Failed to download the rootfs, aborting. > Failed to download 'debian base' > failed to install debian > lxc-create: lxccontainer.c: create_run_template: 1297 container creation > template for sid failed > lxc-create: tools/lxc_create.c: main: 318 Error creating container sid > > Changing iproute for iproute2 in /usr/share/lxc/templates/lxc-debian > solves the issue. Yes. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888788 Stable RMs, please review the proposed update to lxc on stretch. signature.asc Description: PGP signature
Bug#888531: transition: ruby2.5 - binNMU round #3
Please binNMU: libguestfs mapserver passenger nbdkit signature.asc Description: PGP signature
Bug#888531: transition: ruby2.5 - binNMU round #2
Hi, Please binNMU the following packages: broccoli-ruby hyperestraier libsemanage notmuch ruby-bson ruby-fftw3 ruby-github-markdown ruby-gnome2 ruby-grib ruby-hdfeos5 ruby-hpricot ruby-http-parser.rb ruby-lapack ruby-mpi ruby-msgpack ruby-multibitnums ruby-netcdf ruby-nokogumbo ruby-password ruby-pgplot ruby-raindrops ruby-rpam-ruby19 ruby-sqlite3 ruby-standalone thin xapian-bindings signature.asc Description: PGP signature
Bug#888531: transition: ruby2.5 - please update tracker
Hi, please update the tracker as follows: Affected: (.depends ~ /ruby2.3 | .depends ~ /ruby2.5/) & !.source ~ /^(ruby2.3|ruby2.5|ruby-defaults)$/) This will exclude the interpreter packages themselves from the list of affected packages. signature.asc Description: PGP signature
Bug#888531: 888531 - transition: ruby2.5 - binNMU round #1
On Thu, Feb 01, 2018 at 10:57:09AM -0200, Antonio Terceiro wrote: > ruby-defaults err, no need to binNMU ruby-defaults signature.asc Description: PGP signature
Bug#888531: 888531 - transition: ruby2.5 - binNMU round #1
Hi, As part of the ruby2.5 transition, please binNMU the following packages: hivex libselinux raspell remctl rrdtool ruby-allocations ruby-atomic ruby-augeas ruby-bcrypt ruby-bert ruby-byebug ruby-cairo ruby-charlock-holmes ruby-concurrent-ext ruby-curb ruby-curses ruby-dataobjects-mysql ruby-dataobjects-postgres ruby-dataobjects-sqlite3 ruby-debian ruby-debug-inspector ruby-defaults ruby-eb ruby-eventmachine ruby-exif ruby-fast-stemmer ruby-fast-xs ruby-fcgi ruby-ferret ruby-ffi ruby-filesystem ruby-fusefs ruby-gd ruby-god ruby-google-protobuf ruby-gpgme ruby-hiredis ruby-hitimes ruby-json ruby-kgio ruby-kyotocabinet ruby-ldap ruby-levenshtein ruby-libvirt ruby-libxml ruby-mecab ruby-mmap2 ruby-mysql2 ruby-narray ruby-ncurses ruby-nfc ruby-nio4r ruby-nokogiri ruby-oily-png ruby-openssl ruby-ox ruby-pcaprub ruby-pg ruby-posix-spawn ruby-psych ruby-rblineprof ruby-rdiscount ruby-re2 ruby-rinku ruby-rjb ruby-rpatricia ruby-rugged ruby-sdl ruby-sequel-pg ruby-serialport ruby-sigar ruby-termios ruby-timfel-krb5-auth ruby-tioga ruby-tokyocabinet ruby-uconv ruby-unf-ext ruby-unicode ruby-version-sorter ruby-vmstat ruby-websocket-driver ruby-xmlhash ruby-xmlparser ruby-zoom stfl xmms2 signature.asc Description: PGP signature
Bug#888531: transition: ruby2.5
On Tue, Jan 30, 2018 at 09:33:11AM -0200, Antonio Terceiro wrote: > On Sat, Jan 27, 2018 at 12:37:46AM +0100, Emilio Pozuelo Monfort wrote: > > Control: forwarded -1 > > https://release.debian.org/transitions/html/ruby2.5.html > > > > On 26/01/18 20:36, Antonio Terceiro wrote: > > > Package: release.debian.org > > > Severity: normal > > > User: release.debian@packages.debian.org > > > Usertags: transition > > > > > > Hi, > > > > > > I would like to start the transition to ruby2.5 in unstable. General > > > information about Ruby transitions can be found in: > > > https://wiki.debian.org/Teams/Ruby/InterpreterTransitions > > > > > > ruby2.5 has been in testing for a while. > > > > > > Building against ruby2.5 has been enabled in experimental, and we > > > already did a test rebuild against it, with pretty good results: > > > https://hackmd.io/EYBghgHA7AjFDMBaCZgE5EBYYCYAmiaEAxhjgKzFQCmAZtGHtTkA > > > > > > So I would like to enable building against ruby2.5 in unstable, and to > > > effectively start the transition. Soon after we have a transition page, > > > I will have a first round of binNMUs to request. > > > > You mention 315 build failures in your report, but I only see 46 bugs > > in [1] and [2] looks empty. Where are the rest of the bugs? Also, > > there are on ~150 packages affected in [3]. How many of those fail to > > build? > > The test rebuild was not made in lavels, so a bunch of packages fail to > build because they are missing ruby2.5 support in a dependency > (ruby-nokogiri being the most common case), so those didn't get a bug > report. > > I checked a sample of the packages listed in the transition page, and > those that failed did it either for unrelated reasons, or due to missing > ruby2.5 support in dependencies. > > Anyway, before I enable ruby2.5 in sid I will do a new rebuild with the > dependency level n available for level n+1, to make sure. So I did such rebuild, and got this: https://people.debian.org/~terceiro/ruby2.5/builds/ 18 failures out of 152. Not bad. 5 of those 18 still don't have appropriate RC bugs filed, this will be done later today. After these bugs are files, I will raise the existing ones to RC, and enable building for ruby2.5 in sid. Then I will come back with the first round of binNMUs. signature.asc Description: PGP signature
Bug#888531: transition: ruby2.5
On Sat, Jan 27, 2018 at 12:37:46AM +0100, Emilio Pozuelo Monfort wrote: > Control: forwarded -1 https://release.debian.org/transitions/html/ruby2.5.html > > On 26/01/18 20:36, Antonio Terceiro wrote: > > Package: release.debian.org > > Severity: normal > > User: release.debian@packages.debian.org > > Usertags: transition > > > > Hi, > > > > I would like to start the transition to ruby2.5 in unstable. General > > information about Ruby transitions can be found in: > > https://wiki.debian.org/Teams/Ruby/InterpreterTransitions > > > > ruby2.5 has been in testing for a while. > > > > Building against ruby2.5 has been enabled in experimental, and we > > already did a test rebuild against it, with pretty good results: > > https://hackmd.io/EYBghgHA7AjFDMBaCZgE5EBYYCYAmiaEAxhjgKzFQCmAZtGHtTkA > > > > So I would like to enable building against ruby2.5 in unstable, and to > > effectively start the transition. Soon after we have a transition page, > > I will have a first round of binNMUs to request. > > You mention 315 build failures in your report, but I only see 46 bugs > in [1] and [2] looks empty. Where are the rest of the bugs? Also, > there are on ~150 packages affected in [3]. How many of those fail to > build? The test rebuild was not made in lavels, so a bunch of packages fail to build because they are missing ruby2.5 support in a dependency (ruby-nokogiri being the most common case), so those didn't get a bug report. I checked a sample of the packages listed in the transition page, and those that failed did it either for unrelated reasons, or due to missing ruby2.5 support in dependencies. Anyway, before I enable ruby2.5 in sid I will do a new rebuild with the dependency level n available for level n+1, to make sure. signature.asc Description: PGP signature
Bug#888788: stretch-pu: package lxc/1:2.0.7-2+deb9u2
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu iproute has been a transitional package for a while, but the lxc-debian template was refering to it. Now that iproute has been finally removed, creating buster or sid containers fails. This update replaces iproute with iproute2. I am running it on ci.debian.net Diff attached. -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled diff --git a/debian/changelog b/debian/changelog index 04e3af6..cd60ca9 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +lxc (1:2.0.7-2+deb9u2) stretch; urgency=medium + + * 0005-debian-Use-iproute2-instead-of-iproute.patch: pull iproute2 instead +of iproute, fixing the creation of testing and unstable containers after +the iproute binary package was dropped. + + -- Antonio Terceiro <terce...@debian.org> Mon, 29 Jan 2018 20:23:36 -0200 + lxc (1:2.0.7-2+deb9u1) stretch; urgency=medium * 0003-lxc-debian-don-t-hardcode-valid-releases.patch: don't diff --git a/debian/patches/0005-debian-Use-iproute2-instead-of-iproute.patch b/debian/patches/0005-debian-Use-iproute2-instead-of-iproute.patch new file mode 100644 index 000..6bc61e4 --- /dev/null +++ b/debian/patches/0005-debian-Use-iproute2-instead-of-iproute.patch @@ -0,0 +1,29 @@ +From: =?utf-8?q?St=C3=A9phane_Graber?= <stgra...@ubuntu.com> +Date: Mon, 29 Jan 2018 18:18:34 -0200 +Subject: debian: Use iproute2 instead of iproute +MIME-Version: 1.0 +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: base64 + +VGhlIHBhY2thZ2UgaGFzIHByZXR0eSBtdWNoIGFsd2F5cyBiZWVuIGlwcm91dGUyIHdpdGggaXBy +b3V0ZSBiZWluZyBhbgphbGlhcyBmb3IgaXQsIHRoZSBhbGlhcyBpcyBub3cgZ29uZSBzbyB3ZSBu +ZWVkIHRvIHVzZSBpcHJvdXRlMi4KClNpZ25lZC1vZmYtYnk6IFN0w6lwaGFuZSBHcmFiZXIgPHN0 +Z3JhYmVyQHVidW50dS5jb20+CkJhY2twb3J0LWJ5OiBBbnRvbmlvIFRlcmNlaXJvIDx0ZXJjZWly +b0BkZWJpYW4ub3JnPgo= +--- + templates/lxc-debian.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/templates/lxc-debian.in b/templates/lxc-debian.in +index 2245770..c927bf6 100644 +--- a/templates/lxc-debian.in b/templates/lxc-debian.in +@@ -271,7 +271,7 @@ dialog,\ + isc-dhcp-client,\ + netbase,\ + net-tools,\ +-iproute,\ ++iproute2,\ + openssh-server + + cache=$1 diff --git a/debian/patches/series b/debian/patches/series index 5e0bb25..587502e 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -2,3 +2,4 @@ lxc-2.0-CVE-2017-5985-Ensure-target-netns-is-caller-owned.patch 0003-lxc-debian-don-t-hardcode-valid-releases.patch 0004-lxc-debian-don-t-write-C.-locales-to-etc-locale.gen.patch +0005-debian-Use-iproute2-instead-of-iproute.patch signature.asc Description: PGP signature
Bug#888531: transition: ruby2.5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Hi, I would like to start the transition to ruby2.5 in unstable. General information about Ruby transitions can be found in: https://wiki.debian.org/Teams/Ruby/InterpreterTransitions ruby2.5 has been in testing for a while. Building against ruby2.5 has been enabled in experimental, and we already did a test rebuild against it, with pretty good results: https://hackmd.io/EYBghgHA7AjFDMBaCZgE5EBYYCYAmiaEAxhjgKzFQCmAZtGHtTkA So I would like to enable building against ruby2.5 in unstable, and to effectively start the transition. Soon after we have a transition page, I will have a first round of binNMUs to request. Ben file: title = "ruby2.5"; is_affected: .depends ~ /ruby2.3 | .depends ~ /ruby2.5/ is_good: .depends ~ /ruby2.5/ is_bad: .depends ~ /ruby2.3/ & !.depends ~ /ruby2.5/ -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled signature.asc Description: PGP signature
Bug#882773: stretch-pu: package auto-apt-proxy/2+deb9u1
Control: tag -1 - moreinfo On Sun, Nov 26, 2017 at 10:11:12PM +0100, Andreas Beckmann wrote: > Control: tag -1 moreinfo > > On Sun, 26 Nov 2017 14:36:06 -0200 Antonio Terceiro > <terce...@debian.org> wrote: > > This fixes a RC bug that has been reported recently, and was just fixed > > in unstable. > > I'm missing the corresponding undo operation in the preinst. > > AFAICS, a >install-remove-install or >install-remove-distupgrade-install > sequence will have that conffile missing afterwards (i.e. it's still in > .disabled state). Yes, you are right. Thanks for catching this. I have made a new upload to unstable fixing this, and cherry-picked the fix into my stretch branch. Attached you will find an updated diff against the version in stretch. diff --git a/debian/changelog b/debian/changelog index 805de64..9ba8e54 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +auto-apt-proxy (2+deb9u1) stretch; urgency=medium + + * Move apt configuration away on removal, and put it back on reinstalls +(Closes: #881751) + + -- Antonio Terceiro <terce...@debian.org> Mon, 27 Nov 2017 13:55:16 -0200 + auto-apt-proxy (2) unstable; urgency=medium * specify `--shell dash` to shellcheck (Closes: #834976) diff --git a/debian/postrm b/debian/postrm new file mode 100644 index 000..e39b370 --- /dev/null +++ b/debian/postrm @@ -0,0 +1,25 @@ +#! /bin/sh + +set -e +aptconf=/etc/apt/apt.conf.d/auto-apt-proxy.conf + +case "$1" in +purge) +rm -f "$aptconf".disabled +;; + +remove|abort-install) +if [ -f "$aptconf" ]; then +mv "$aptconf" "$aptconf".disabled +fi +;; + +upgrade|failed-upgrade|abort-upgrade|disappear) +;; + +*) +echo "postrm called with unknown argument \`$1'" >&2 +exit 1 +esac + +##DEBHELPER## diff --git a/debian/preinst b/debian/preinst new file mode 100644 index 000..6ede705 --- /dev/null +++ b/debian/preinst @@ -0,0 +1,10 @@ +#! /bin/sh + +set -e +aptconf=/etc/apt/apt.conf.d/auto-apt-proxy.conf + +if [ -e "$aptconf".disabled ]; then +mv "$aptconf".disabled "$aptconf" +fi + +##DEBHELPER## diff --git a/debian/tests/control b/debian/tests/control index 79b3cde..dd1fe07 100644 --- a/debian/tests/control +++ b/debian/tests/control @@ -1,2 +1,6 @@ Test-Command: clitest debian/tests/apt-cacher-ng.txt Depends: @, clitest, apt-cacher-ng + +Tests: remove, reinstall +Restrictions: needs-root +Depends: @, clitest diff --git a/debian/tests/reinstall b/debian/tests/reinstall new file mode 100755 index 000..da77c2f --- /dev/null +++ b/debian/tests/reinstall @@ -0,0 +1,13 @@ +#!/bin/sh + +set -e +exec 2>&1 + +action="$(basename "$0")" + +set -x +apt-get remove -qy auto-apt-proxy +apt-get install -qy auto-apt-proxy + +eval "$(apt-config shell proxy Acquire::http::Proxy-Auto-Detect)" +test "$proxy" = '/usr/bin/auto-apt-proxy' diff --git a/debian/tests/remove b/debian/tests/remove new file mode 100755 index 000..b40d4e9 --- /dev/null +++ b/debian/tests/remove @@ -0,0 +1,10 @@ +#!/bin/sh + +set -e +exec 2>&1 + +action="$(basename "$0")" + +set -x +apt-get "$action" -qy auto-apt-proxy +apt-get update signature.asc Description: PGP signature