Re: [pkg-go] Bug#1010648: marked as pending in golang-github-pierrec-lz4.v4
Hi Eric! Eric Evans writes: > This is now a blocker on a recent upstream release of > golang-github-gocql-gocql as well. I understand the argument about > excluding test data, but there is probably a point at which users would be > better served by a golang-github-pierrec-lz4.v4 without (complete) test > coverage, than they would be without syncthing, or a modern gocql driver. > I agree 100%. > Perhaps we move forward with a repackaged upstream tarball while waiting > for upstream to fix these issues? > I did this 06 June 2022, where it waited for review until 06 Oct and was rejected with specious rationale--namely that a Go reimplementation of the C reference implementation of xxHash was a derived work under the license of the reference implementation. This is contrary to Debian expectations, contrary to the consensus of the debian-legal mailing list (speculating about license is a liability), and contrary to legal precedent established in American courts (algorithms are patentable but not copyrightable, APIs are neither)... The ftpmaster reviewing this package also expected me to misattribute the Go reimplementation to the author of the reference implementation, under the BSD-2-clause license of the reference implementation. All of this should be archived on the Debian Golang mailing list. I think you'll need to contact ftpmasters about this issue, and about how it now blocks gocql, because frankly I doubt the package will be reviewed before the freeze. https://ftp-master.debian.org/new/golang-github-pierrec-lz4.v4_4.1.14+dfsg-1.html Feel free to make any changes; it's a team package, and my free time ran out in September. Kind regards, Nicholas signature.asc Description: PGP signature ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#1013819: timeline for enforcing dependencies for gopsutil v3 breaking changes
Package: syncthing Version: 1.18.6~ds1-1~bpo11+1 Severity: normal Control: affects -1 golang-github-shirou-gopsutil Dear Maintainer, The upload of golang-github-shirou-gopsutil/3.21.10-1 introduced the following breaking changes: https://github.com/shirou/gopsutil/blob/master/README.md#v3-migration https://github.com/shirou/gopsutil/blob/master/_tools/v3migration/v3Changes.md Upstream writes "from v3.20.10, gopsutil becomes v3 which breaks backwards compatibility". Our gopsutil package dependencies do yet enforce the compatibility break. Affected packages are as follows: consul golang-github-satta-ifplugo ncbi-entrez-direct nomad nomad-driver-lxc nomad-driver-podman packer slinkwatch syncthing Please verify that your package is ready for gopsutil v3. If the version in sid/unstable is v3-ready, then please set "fixed -1 sourcepkgname/version" for this bug. If not, the latest upstream release may already support it, in which case, please import it! If the latest release is not ready, please contact that upstream without delay, because some may be reticent to keep pace with changing libraries. It may be worth mentioning to them that the v2 series is EOL: https://github.com/shirou/gopsutil/blob/master/README.md#v3-migration * Contains the upstream statement v2 is gone. https://pkg.go.dev/github.com/shirou/gopsutil/v3#readme-v3-migration * Also available here. https://github.com/shirou/gopsutil/blob/v2 * (404 error) Three weeks from now (18 July) I will increase severity to important as a gentle reminder. Around 17 September I will upload to experimental. The 15 October I will increase severity to RC. To justify downgrading severity at that time, please add the forwarded tag the bug, with a URL that shows that upstream is working towards solving this issue before 2023. Either the first week of December, or the first week of January 2023 (at the latest), the compatibility break will be enforced with an upload of gopsutil to unstable. I hope that everyone affected feels that these deadline are fair, and prefers to have a roadmap rather than vague "at some point" guesturing followed by stresssful surprises at the worst times. Best wishes, Nicholas -- System Information: Debian Release: 11.3 APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-14-rt-amd64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_WARN, TAINT_UNSIGNED_MODULE Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), LANGUAGE=en_CA:en Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages syncthing depends on: ii init-system-helpers 1.60 ii libc62.31-13+deb11u3 syncthing recommends no packages. syncthing suggests no packages. -- no debconf information ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#1013801: timeline for enforcing dependencies for gopsutil v3 breaking changes
Source: golang-github-satta-ifplugo Severity: normal Control: affects -1 golang-github-shirou-gopsutil Dear Maintainer, The upload of golang-github-shirou-gopsutil/3.21.10-1 introduced the following breaking changes: https://github.com/shirou/gopsutil/blob/master/README.md#v3-migration https://github.com/shirou/gopsutil/blob/master/_tools/v3migration/v3Changes.md Upstream writes "from v3.20.10, gopsutil becomes v3 which breaks backwards compatibility". Our gopsutil package dependencies do yet enforce the compatibility break. Affected packages are as follows: consul golang-github-satta-ifplugo ncbi-entrez-direct nomad nomad-driver-lxc nomad-driver-podman packer slinkwatch syncthing Please verify that your package is ready for gopsutil v3. If the version in sid/unstable is v3-ready, then please set "fixed -1 sourcepkgname/version" for this bug. If not, the latest upstream release may already support it, in which case, please import it! If the latest release is not ready, please contact that upstream without delay, because some may be reticent to keep pace with changing libraries. It may be worth mentioning to them that the v2 series is EOL: https://github.com/shirou/gopsutil/blob/master/README.md#v3-migration * Contains the upstream statement v2 is gone. https://pkg.go.dev/github.com/shirou/gopsutil/v3#readme-v3-migration * Also available here. https://github.com/shirou/gopsutil/blob/v2 * (404 error) Three weeks from now (18 July) I will increase severity to important as a gentle reminder. Around 17 September I will upload to experimental. The 15 October I will increase severity to RC. To justify downgrading severity at that time, please add the forwarded tag the bug, with a URL that shows that upstream is working towards solving this issue before 2023. Either the first week of December, or the first week of January 2023 (at the latest), the compatibility break will be enforced with an upload of gopsutil to unstable. I hope that everyone affected feels that these deadline are fair, and prefers to have a roadmap rather than vague "at some point" guesturing followed by stresssful surprises at the worst times. Best wishes, Nicholas -- System Information: Debian Release: 11.3 APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-14-rt-amd64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_WARN, TAINT_UNSIGNED_MODULE Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), LANGUAGE=en_CA:en Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#1013800: timeline for enforcing dependencies for gopsutil v3 breaking changes
Package: golang-github-hashicorp-consul-dev Severity: normal Control: affects -1 golang-github-shirou-gopsutil Dear Maintainer, The upload of golang-github-shirou-gopsutil/3.21.10-1 introduced the following breaking changes: https://github.com/shirou/gopsutil/blob/master/README.md#v3-migration https://github.com/shirou/gopsutil/blob/master/_tools/v3migration/v3Changes.md Upstream writes "from v3.20.10, gopsutil becomes v3 which breaks backwards compatibility". Our gopsutil package dependencies do yet enforce the compatibility break. Affected packages are as follows: consul golang-github-satta-ifplugo ncbi-entrez-direct nomad nomad-driver-lxc nomad-driver-podman packer slinkwatch syncthing Please verify that your package is ready for gopsutil v3. If the version in sid/unstable is v3-ready, then please set "fixed -1 sourcepkgname/version" for this bug. If not, the latest upstream release may already support it, in which case, please import it! If the latest release is not ready, please contact that upstream without delay, because some may be reticent to keep pace with changing libraries. It may be worth mentioning to them that the v2 series is EOL: https://github.com/shirou/gopsutil/blob/master/README.md#v3-migration * Contains the upstream statement v2 is gone. https://pkg.go.dev/github.com/shirou/gopsutil/v3#readme-v3-migration * Also available here. https://github.com/shirou/gopsutil/blob/v2 * (404 error) Three weeks from now (18 July) I will increase severity to important as a gentle reminder. Around 17 September I will upload to experimental. The 15 October I will increase severity to RC. To justify downgrading severity at that time, please add the forwarded tag the bug, with a URL that shows that upstream is working towards solving this issue before 2023. Either the first week of December, or the first week of January 2023 (at the latest), the compatibility break will be enforced with an upload of gopsutil to unstable. I hope that everyone affected feels that these deadline are fair, and prefers to have a roadmap rather than vague "at some point" guesturing followed by stresssful surprises at the worst times. Best wishes, Nicholas -- System Information: Debian Release: 11.3 APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-14-rt-amd64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_WARN, TAINT_UNSIGNED_MODULE Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), LANGUAGE=en_CA:en Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages golang-github-hashicorp-consul-dev depends on: pn golang-github-armon-go-metrics-dev pn golang-github-armon-go-radix-dev pn golang-github-hashicorp-go-bexpr-dev pn golang-github-hashicorp-go-cleanhttp-dev pn golang-github-hashicorp-go-hclog-dev pn golang-github-hashicorp-go-memdb-dev pn golang-github-hashicorp-go-msgpack-dev pn golang-github-hashicorp-go-rootcerts-dev pn golang-github-hashicorp-go-uuid-dev ii golang-github-hashicorp-golang-lru-dev 0.5.4-2 pn golang-github-hashicorp-hcl-dev pn golang-github-hashicorp-hil-dev pn golang-github-hashicorp-memberlist-dev pn golang-github-hashicorp-raft-boltdb-dev pn golang-github-hashicorp-raft-dev pn golang-github-hashicorp-serf-dev pn golang-github-hashicorp-yamux-dev pn golang-github-inconshreveable-muxado-dev pn golang-github-miekg-dns-dev pn golang-github-mitchellh-cli-dev pn golang-github-mitchellh-copystructure-dev pn golang-github-pascaldekloe-goe-dev ii golang-golang-x-sys-dev0.0~git20210124.22da62e-1 golang-github-hashicorp-consul-dev recommends no packages. golang-github-hashicorp-consul-dev suggests no packages. ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#941825: syncthing: 2Gb index-v0.14.0.db
Control: tag -1 -moreinfo Hi Sergio, First, sorry it took me so long to follow up on this bug! [this reply has been sitting in my drafts folder for almost two years :/] With the info you've provided it looks like the issue has been resolved. Rebuilding the index was a good idea :-) That said, did the problem ever come back, or do you think it was fixed as early as Syncthing 1.1.4~ds1-5 ? If it came back, but then went away again, then maybe this bug can be closed as fixed with 1.12.1~ds1-4, or possibly as late as 1.18.6~ds1-1. If I remember correctly there was another round of database optimisations and fixes in between these two versions. Regards, Nicholas signature.asc Description: PGP signature ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
Re: [pkg-go] Bug#1010648: marked as pending in golang-github-pierrec-lz4.v4
Control: tag -1 -pending Upload rejected because ftpmasters did not accept that the public domain works had been implicitly relicensed by upstream as BSD-3-clause, because I missed one Linux kernel image file in the test data (which needs source to be DFSG free and for license compliance; this one is admittedly serious), and because there was some incredulity about the licensing of other test data. With the exception of the Linux kernel image (absent in v2), the licensing of same test data was not considered a problem for golang-github-pierrec-lz4 (v2). So for now progress towards fulfilling this ITP is blocked, and thus progress towards Syncthing 1.19.2 is blocked. I believe it would be unwise to exclude all test data from a +dfsg orig tarball (and disable the tests), because this would expose Syncthing users' data to greater potential risk than using an older version of Syncthing with a golang-github-pierrec-lz4 (v2) with CI coverage. On the upside, upstream received notification that shipping kernel images as test data carries with it the obligation to provide source for those GPL-2-only image, so now progress towards license-compliance (whether by removing the image or providing source) can be made upstream--which seems to be a win for the community. Now for the wait... Regards, Nicholas signature.asc Description: PGP signature ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#1004648: Please import upstream v1.18.6
Nicholas D Steeves writes: > I made some progress towards this, and our repository is currently at > 1.19.1, but I am currently blocked by some failing tests with "no test > files" and have run out of energy. > > Please lend assistance so that we can continue to make progress. Please > note that you'll need to build and add to a local repo the following > -dev package: > > g...@salsa.debian.org:go-team/packages/golang-github-pierrec-lz4.v4.git Oh, and here's the build log I forgot to attach: syncthing_1.19.1~ds1-1_amd64-2022-05-14T02:06:02Z.build.xz Description: build log signature.asc Description: PGP signature ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#1004648: Please import upstream v1.18.6
I made some progress towards this, and our repository is currently at 1.19.1, but I am currently blocked by some failing tests with "no test files" and have run out of energy. Please lend assistance so that we can continue to make progress. Please note that you'll need to build and add to a local repo the following -dev package: g...@salsa.debian.org:go-team/packages/golang-github-pierrec-lz4.v4.git signature.asc Description: PGP signature ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#1004648: Please import upstream v1.18.6
Control: retitle -1 Please import upstream v1.19.2 Control: block 884575 by -1 Syncthing Tray 1.1.17 requires Syncthing 1.19.2. No immediate rush, since I still need to upload one more dependency, but it would be nice to see Syncthing 1.19.2 imported in April :-) Regards, Nicholas signature.asc Description: PGP signature ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#1004648: Please import upstream v1.18.6
Control: retitle -1 Please import upstream v1.19.1 I imported 1.18.6 into the repo, and plan to upload when the blocking bug is resolved. That said, I decided to reuse this bug for upstream v1.19.1, so have correspondingly retitled it; I won't close this bug from the changelog of 1.18.6~ds1-1. Cheers, Nicholas signature.asc Description: PGP signature ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#975042: syncthing: consider providing a backport
Hello Simon, and anyone else reading: Quick progress update for anyone reading this thread: I've updated my fork to 1.8.6, it builds, and CI passes. That said, I'm not 100% positive that I didn't miss something when repacking the source. Git diff --stat didn't reveal anything obvious. I didn't push to the team namespace for this reason, and because Alexandre usually handles importation of new upstream versions. I was also happy to find that 1.8.0-to-1.8.6 wasn't as painful as past releases, and that no new dependencies have to pass through the NEW queue; to those unfamiliar with Debian processes, in addition to the time it takes to carefully package and review new software, the ftpmaster QA and legal review represents a significant delay. The latter process is one of the reasons why Debian is a very high quality and reliable distribution. Repo available for review here: https://salsa.debian.org/sten/syncthing.git Reply follows inline. Simon Frei writes: > On 31/01/2022 03:04, Nicholas D Steeves wrote: >> Aloïs Micard writes: >> >>> On Wed, 18 Nov 2020 11:10:44 +0100 =?utf-8?B?RsOpbGl4?= Sipma >>> wrote: >>> Version 1.18.0 has been uploaded on testing, I will take a look >>> at the amount of work needed for a bullseye-backport, but I'm pretty >>> sure the magnitude of work will be consequent. >>> >> As you know, I've also been working on this :-) My three questions are: >> >> Would you like to help maintain the backport? >> Would you like to start now, or wait for 1.18.6? >> How would you like to divide up the work? > I am not the adressee here, but taking the liberty to respond anyway as > it fits: > I am an upstream maintainer and Debian user. I'd be very interested in > helping out with this packaging. Wow, I didn't expect my email to each Syncthing upstream :-) Welcome! > As a full disclosure: I will keep > directing users reaching us (upstream) to use our own apt repo, because > the highly outdated (by design) packages debian stable, which also > aren't actively maintained (as in bugfixes backported), provide a poorer > experience to users. However the package exists, so I'd love to help > make it better. > That's wonderful news; although, I must warn you that the learning curve is a bit steep ;-) Debian stable is actively maintained. Security fixes are backported. Were a bug serious and grave enough to cause data loss (or a similarly bad situation) then the release team would authorise a bugfix release. An interesting question is if the release team would authorise importing the version in testing into stable-updates were the version in stable to no longer interoperate with Syncthing for Android (or Syncthing-fork). For feature enhancements and minor bug fixes we have stable-backports. New versions are upload to sid/unstable. Now that's that's cleared up, are you interested in helping with packaging new Syncthing versions in sid/unstable (along with new dependencies), or in doing formal backports? https://wiki.debian.org/BuildingFormalBackports > I have dabbled in some packaging, but with emphasis on dabbled (mostly > bugs, few small patches). I did provide a few patches for important > problems on syncthing before bullseye, and have a branch with a lot > more. However response times were pretty slow and when I once did a PR > directly, I somehow didn't follow the right packaging flow (I looked at > some team documentation). > Basically at this point I am willing to invest time in the syncthing > package, but as a non-DD/DM I need a DD/DM that wants me to do that and > is willing to tell me how they want my contributions. As in how should > the source/git be organised. My personal preference would be git only > (what tree/source/patch format?), but I am willing to send patches or do > other stuff if that's preferred. > Please share a URL for review so I can direct you to the pertinent documentation. > And I am missing Alexandre Viau in this email discourse so far - he is > the one doing most of the work on Syncthing so far. And thus it's > probably mainly him who needs to express in what form I or any other > contributor could/should chip in. Thus sending this to him too. > Agreed, and thank you! Alexandre's written on the record that he appreciates help with the dependencies, by the way, so it may be worthwhile to practise using Debian Go Packaging Team tooling. This work targets sid/unstable, which migrates to testing, where it becomes eligible for stable-backports. If you're interested in this, you'll want to read the following doc, and will eventually need to read all the docs it links to: https://www.debian.org/devel/join/newmaint > Please
[pkg-go] Bug#975042: Bug#975042: syncthing: consider providing a backport
Hi Félix, Félix Sipma writes: > Hi, > > Having a backport of syncthing would be great, but unfortunately I > won't have a lot time to invest in it: a baby, a farm and involvement > in other non-profit organisations do not let me as much time as I would > like for Debian, sorry! > > Have a nice day, > > -- > Félix No worries! :-) Sorry my email wasn't clear; that section was intended for Aloïs. Progress update is in the next email. Cheers, Nicholas signature.asc Description: PGP signature ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#975042: syncthing: consider providing a backport
Hi Félix and Aloïs, Aloïs Micard writes: > On Wed, 18 Nov 2020 11:10:44 +0100 =?utf-8?B?RsOpbGl4?= Sipma > wrote: >> >> It would be nice to have a backport of syncthing. In particular, recent >> versions contain several db optimisations. >> I didn't know about these db optimisations, but this seems like something that would be especially welcome on laptops :-) It's something I'm now looking forward to! > > Version 1.18.0 has been uploaded on testing, I will take a look > at the amount of work needed for a bullseye-backport, but I'm pretty > sure the magnitude of work will be consequent. > As you know, I've also been working on this :-) My three questions are: Would you like to help maintain the backport? Would you like to start now, or wait for 1.18.6? How would you like to divide up the work? For the last of these, a simple approach might be to build, see what's missing, and each claim half of the list, but of course that doesn't take care of interrelated dependency chains...but on the upside, if one of us ends up having to block while waiting for the other then it would feel more like a team effort haha Best, Nicholas signature.asc Description: PGP signature ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#1004648: Please import upstream v1.18.6
Source: syncthing Severity: normal X-Debbugs-Cc: s...@debian.org Hi Alexandre! Would you please import v1.18.6 into the repo? After that, I'll start taking a look at what needs to be done, and I'm sure Aloïs will also help out. Cheers, Nicholas ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#968103: Please package stable tagged release v1.0.0
Subject: Please package stable tagged release v1.0.0 Source: golang-github-inconshreveable-mousetrap Severity: normal Hi, While investigating alternatives to "Afterwriting", a nodejs fountain2pdf converter with a nightmare dependency chain, I found "Wrap", which has much more reasonable deps. It requires mousetrap v1.0.0. "rkt" appears to be the only package that would be affected ( https://codesearch.debian.net/search?q=golang-github-inconshreveable-mousetrap-dev&literal=1 ) Regards, Nicholas ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#915649: Update raven-go to latest upstream version (0.1.0)
Control: tag -1 +patch I've filed an MR for each branch here: https://salsa.debian.org/go-team/packages/golang-raven-go/-/merge_requests Note that this update is still blocked by #966583. Best, Nicholas signature.asc Description: PGP signature ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#940413: syncthing: Please update to version 1.2.2
Hi Simon, Simon Frei writes: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > Upfront: The below is written from the perspective of a upstream > maintainer and debian user (and very minor contributor if at all), I do > not have much packaging experience - please excuse obvious oversights ;) > Of course, gladly! :-) > On 21/07/2020 20:20, Nicholas D Steeves wrote: >> Alexandre Viau writes: >>> On Sun, Jul 19, 2020 at 10:57 PM Nicholas D Steeves >>>> It seems to me that the most expedient path forward is to jump from >>>> 1.2.x to 1.4.x. ACK? >>> >>> Right, it looks like we will have too. >>> >>> I was trying to avoid it at first because it is a lot of work. I >>> suggest that we move slowly and try to find the lowest version that >>> works for now. > What's the reason to expect more work when skipping more versions? My > naive view is that it is more work to do more steps (e.g. because on > every step you need to make sure all versions in debian are compatible). > At the least I can strongly recommend to jump to the latest respective > patch version (e.g. v1.7.1 is a minimal hotfix for an annoying issue in > v1.7.0). > >> In other news, I can confirm that 1.4.0 ftbfs with the same qtls error >> as 1.2.x. > The quic dependency is unfortantely quite a moving target. As the > version in debian is very recent (0.17) you'll need Syncthing >=1.6.0 or > probably patches from > https://github.com/syncthing/syncthing/commit/ac7338f1f2f10f67f16aa98b35fc97b4e043b7e5 > (no guarantees that's all, that's what came time to mind - untested and > I'd anyway expect updating to be not much more of a pain than patching). > Thank you for confirming this; this saves a lot of time! :-D I opened #966466 to start building a picture of how much work it would be to jump straight to v1.7.1. For v1.6.1 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964363 For v1.7.1 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966466 > In general I am happy to help out with packaging - it just seemed that > delays recently were mostly due to new dependencies, where I do not have > any proficience thus my involvement would probably slow stuff down > instead of speeding it up. Feel free to prod me anytime if there is > useful task I can do or for any questions where I might have expertise :) > Thank you for your openness and willingness to help :-) By the way, if ever you're interested in packaging here is a list of relevant resources: https://www.debian.org/social_contract (essential) https://www.debian.org/doc/debian-policy (read relevant sections) * note that compliance with 100% of Policy is essential https://go-team.pages.debian.net/ (obviously relevant) https://www.debian.org/doc/devel-manuals (a nice overview of available docs) https://mentors.debian.net/intro-maintainers/ (another nice overview) * includes solutions to common challenges https://www.debian.org/doc/manuals/maint-guide/ (optional but recommended) https://www.debian.org/doc/manuals/debmake-doc/ (optional but recommended) https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ * recommended, probably required for Go Team policy To be accepted into unstable, packages must pass through the NEW queue. Here, packages require review by an ftpmaster. Their criteria is thus: https://ftp-master.debian.org/REJECT-FAQ.html https://ftp-master.debian.org/NEW-checklist.html Other resources are debian-ment...@lists.debian.org and #debian-ment...@irc.oftc.net I'd be happy to check your work and provide guidance if you can't find anyone else! Another way to help out would be manually check the diff in go.mod between upstream/1.1.4_ds1 and upstream/1.7.1_ds1 for Bug #966466. For this you'll need a sid/unstable chroot and may use 'apt search', 'apt policy', 'rmadison', plus the Debian bug tracker to see if there are any missing deps that haven't been documented yet. NEW packages will have bugs filed against 'wnpp' and version upgrade requests are filed against their respective packages. The next step for my work at https://salsa.debian.org/sten/syncthing will be to do this check, and then to remove any dependencies revealed as "dropped" by the diff go.mod step from from debian/control. If you'd like to work on that, please let me know soon. The initial investment of time and effort for NEW packages is really high, but translating upstream deps to Debian deps is much faster and easier--and also work that tends to need to be done for *every* new upstream golang package release. Cheers, Nicholas signature.asc Description: PGP signature ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#966467: please package 3.1.10 or newer
Source: golang-github-go-ldap-ldap Version: 2.5.1-4 Severity: normal Control: block 966466 by -1 Sorry for the delay filing this bug. I identified the blocking issue for Syncthing ≥ 1.5.0 but was slow to file it. ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#966466: tracking bug for syncthing 1.7.1 deps
Package: syncthing Version: 1.1.4~ds1-5 Severity: normal Control: block -1 by 915649 966427 I was working on 1.5.1, but decided to do a quick check of what it would take to jump straight to 1.7.1. My initial investigation showed the trip through NEW for blobloom would probably be the greatest delaying factor. Next I'll diff go.mod between 1.2.0~ds1 and my WIP 1.7.1~ds1 and will manually check versions in sid, since I don't yet know a better way. I'm also looking forward to the improvements in reducing the high load issues that impact desktop interactivity (fixed in 1.6.x) :-) Cheers, Nicholas ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#940413: syncthing: Please update to version 1.2.2
Update re: 1.5.0 This version requires golang-github-go-ldap-ldap-dev 3.1.7 and sid has 2.5.1. Is there pkg-go team tooling to parse go.mod:require() and run rmadison against each dep? blocked again. signature.asc Description: PGP signature ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#956117: Syncing git repos is unreliable and cause undefined git repo state
Hi Simon, Thank you for replying, and sorry for the delay in my own. On Tue, Apr 07, 2020 at 06:00:11PM +0200, Simon Frei wrote: > Syncing a git repository, i.e. .git not the staging area, is prone to > break: Git has an elaborate structure that needs to stay consistent, > while Syncthing just sees a huge bunch of files changing very often. If > e.g. just a part of changed files are synced before a disconnect, that > immediately renders the git repo in an inconsistent state. For more info > see e.g. > https://forum.syncthing.net/t/can-syncthing-reliably-sync-local-git-repos-not-github/8404 > It's probably also mentioned in the linked thread above: Regardless of > technical limitations, it feels wrong to sync .git. Git is already > designed to sync changes, i.e. you should use git to sync git. Generally > stacking sync tools on top of sync tools is quite risky. Agreed. Let's keep this bug open until the Debian package contains documentation warning against this :-) Best, Nicholas signature.asc Description: PGP signature ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#940413: syncthing: Please update to version 1.2.2
Hi Alexandre, Alexandre Viau writes: > On Sun, Jul 19, 2020 at 10:57 PM Nicholas D Steeves > wrote: >> It seems to me that the most expedient path forward is to jump from >> 1.2.x to 1.4.x. ACK? > > Right, it looks like we will have too. > > I was trying to avoid it at first because it is a lot of work. I > suggest that we move slowly and try to find the lowest version that > works for now. > > By the way I take notes here: > - > https://salsa.debian.org/go-team/packages/syncthing/-/blob/master/debian/README.Debian > Thank you for the reminder, I've copied this URL into my notes, and I'll use this bug to communicate everything I've tested below 1.6.1. If I hit 1.6.1, then I'll update this bug and switch to #964363. In other news, I can confirm that 1.4.0 ftbfs with the same qtls error as 1.2.x. In the interest of distributing the labour I've forked your project here: g...@salsa.debian.org:sten/syncthing.git https://salsa.debian.org/sten/syncthing.git https://salsa.debian.org/sten/syncthing Here I've imported 1.4.0, rebased the patches, and added new deps; Thankfully all seem to be already in sid, at least leading up to the qtls error. Cheers! Nicholas signature.asc Description: PGP signature ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#940413: syncthing: Please update to version 1.2.2
Hi Alexandre, On Mon, Sep 16, 2019 at 01:46:06AM +0300, Giorgos Skafidas wrote: > Package: syncthing > Version: 1.0.0~ds1-1+b11 > Severity: wishlist > > Dear Maintainer, > > please consider updating Syncthing to its latest upstream version, 1.2.2. > > Thank you for your efforts! I'm not familiar with Go, so might be misinterpreting the ftbfs of the master branch of Syncthing's Debian packaging, but from what I've read: src/github.com/syncthing/syncthing/lib/connections/quic_dial.go:90:14: session.Close undefined (type quic.Session has no field or method Close) src/github.com/syncthing/syncthing/lib/connections/quic_dial.go:97:22: cannot use &quicTlsConn literal (type *quicTlsConn) as type tlsConn in field value: *quicTlsConn does not implement tlsConn (wrong type for ConnectionState method) have ConnectionState() qtls.ConnectionState want ConnectionState() tls.ConnectionState that, in combination with quic's upstream commit messages seems to indicate that they migrated from tls.ConnectionState to qtls.ConnectionState. If I'm not wrong, then this means that Syncthing 1.2.0~ds1 is too old and doesn't support qtls.ConnectionState from golang-github-lucas-clemente-quic-go-dev/0.17.2-1. Syncthing 1.2.0~ds1's go.mod and go.sum declare a dep on v0.11.2, which is consistent with this hypothesis. It seems to me that the most expedient path forward is to jump from 1.2.x to 1.4.x. ACK? Sincerely, Nicholas signature.asc Description: PGP signature ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#915649: Update raven-go to latest upstream version (0.1.0)
Control: block 964363 by -1 Hi, On Wed, Dec 05, 2018 at 08:47:12PM +0530, Pirate Praveen wrote: > Package: golang-github-getsentry-raven-go-dev > Version: 0.0~git20150721.0.74c334d-4 > Severity: wishlist > > gitlab-workhorse 8.4 has the following in vendor.json > > "checksumSHA1": "hL8smC/vjdkuE1twM8TKpuTiOmw=", > "path": "github.com/getsentry/raven-go", > "revision": > "3033899c76deb3fb6570d9c4074d00443aeab88f", > "revisionTime": "2018-10-23T13:08:49Z", > "version": "v0.1", > "versionExact": "v0.1.0" > Alexandre, today I discovered the notes I had taken when I attempted to update syncthing to 1.4.0 back in March. I hope you'll agree that it's useful to set blocking bugs, but if not, please let me know and I won't do it again :-) Regards, Nicholas signature.asc Description: PGP signature ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#962843: please package new upstream version 1.0.0 or later
Package: go-mtpfs Severity: normal Hi, Upstream released v1.0.0 several months ago. Please package this version or newer. Thanks! Nicholas P.S. My old died, and the replacement doesn't support MSC, which is why I'm reviewing the available options for MTP support in Debian. ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#941825: syncthing: 2Gb index-v0.14.0.db
Control: tag -1 moreinfo Hi Sergio, Thank you for the bug report, reply follows inline: On Sun, Oct 06, 2019 at 04:28:03AM +0300, sergio wrote: > Package: syncthing > Version: 1.1.4~ds1-4 > Severity: normal > > Dear Maintainer, > > % du -sh .config/syncthing/index-v0.14.0.db > 2.2G .config/syncthing/index-v0.14.0.db > > % ls -1 .config/syncthing/index-v0.14.0.db | wc -l > 938 It's not yet possible to say if this is a regression, so I've tagged this bug "moreinfo". With syncthing 1.0.0~ds1-1+b11 I get: $ du -hc ~/.config/syncthing/index-v0.14.0.db/ 385Mindex-v0.14.0.db/ $ ls -1 .config/syncthing/index-v0.14.0.db | wc -l 228 $ du -hc big-dir0 big-dir1 # There are more, but these are the big ones 37G total $ find big-dir0 big-dir1 | wc -l 507138 Please provide similar info, because it may be that your dataset is so large and has so many files that a 2.2G index is normal :-) The maintainer of this package might also ask you to enable Syncthing's collection of stats, and to provide those--but I'm not sure if those are required, and I wouldn't enable any of them unless asked. Regards, Nicholas signature.asc Description: PGP signature ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
[pkg-go] Bug#956117: Syncing git repos is unreliable and cause undefined git repo state
Package: syncthing Version: 1.0.0~ds1-1+b11 Severity: normal I thought it would be neat to sync all my Debian work between my desktop and laptop with syncthing, but ran into the following issue: Steps to reproduce: 1. Setup two nodes, and add a ~/devel filled with git repos as a sync target. 2. Wait for everything to sync. 3. Git rebase one repo on one node (A). 4. Syncthing picks up the changes and syncs to remote node (B). 5. Git repo on remote node (B) ends up in inconsistent state. Workaround: On the node that rebased (A), $ mv ~/devel/foobar-repo ~/devel/foobar-repo_rebased This forces a full sync to (B) allowing one to continue working. At a minimum I think this limitation should be documented somewhere. I'm not sure if `git rebase --committer-date-is-author-date` could be detected...if it could be detected then that would be the ideal fix. so I'll leave cloning this bug into a documentation or an upstream fix bug up to you ;-) Best, Nicholas ___ Pkg-go-maintainers mailing list Pkg-go-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
