On 07/10/2013 02:56 PM, Raphael Hertzog wrote:
> it looks like this fell through the cracks.
Egad. Sorry, yes, I forgot about this.
> Do you still have plans
> to finish this or shall we just defer this and shove this feature
> in the PTS rewrite GSoC project that I'm mentoring?
Let's put it tha
Hello,
On Thu, 28 Mar 2013, Markus Wanner wrote:
> On 03/18/2013 10:49 AM, Raphael Hertzog wrote:
> > Markus, ideally it would be nice if you could provide some configuration
> > parameters where we can list supplementary keyrings to include for looking
> > up the signatures.
>
> Sorry, I got dis
On 03/18/2013 10:49 AM, Raphael Hertzog wrote:
> Markus, ideally it would be nice if you could provide some configuration
> parameters where we can list supplementary keyrings to include for looking
> up the signatures.
Sorry, I got distracted with other things and won't have time to work on
it fo
On Mon, Mar 18, 2013 at 5:49 PM, Raphael Hertzog wrote:
> Thanks. The patch looks good for me. But we need to get python-gpgme
> installed on the server. We should also ask DSA to mirror the keyring
> on the machine. They do it for many other machines where it's needed.
>
> Paul, can you take care
Hi,
On Wed, 13 Mar 2013, Markus Wanner wrote:
> > I noticed in particular that you used a few times where a simple
> > would have been more appropriate.
>
> I didn't find any place where would have been sufficient.
>
> However, I guess that's also a bit a matter of taste. I prefer
> whenever
On Fri, 2013-03-15 at 08:41 +0100, Markus Wanner wrote:
> What we can do is distinguish three cases, i.e. (just to stick with the
> example above):
Examples look good to me.
> Exactly, so let's keep with "signed by" rather than trying to identify
> what exactly we call sponsorship and what not.
Paul,
On 03/15/2013 03:02 AM, Paul Wise wrote:
> I would have done this:
>
> [2012-05-10] Accepted 1.0-6 in unstable (low) (Markus Wanner, signed
> by Ludovic Brenta)
Looks better, agreed.
> [2012-05-10] Accepted 1.0-6 in unstable (low) (Markus Wanner, signed
> by someone else)
That's utterly
On 03/14/2013 04:39 AM, Paul Wise wrote:
> I guess we should just use a local copy of the keyring via rsync:
>
> http://keyring.debian.org/
>
> I guess we need historical data too, since people have left Debian and
> the plan was to regenerate stuff for old mails?
>
> Often the keyring will be o
On Thu, Mar 14, 2013 at 3:37 AM, Markus Wanner wrote:
> Keep in mind that the public keys must also be available, so we can
> lookup the UIDs of a key by fingerprint. Ideally with dynamic fetching
> from a keyserver. Not sure if that's feasible on quantz or not.
>
> Alternatively, we could / shoul
On 03/13/2013 04:23 AM, Paul Wise wrote:
> Unfortunately python-gpgme isn't installed on quantz yet, so the patch
> can't be applied yet. I'll mail DSA about this.
Keep in mind that the public keys must also be available, so we can
lookup the UIDs of a key by fingerprint. Ideally with dynamic fetc
Hi,
attached is an updated patch. I sanitized the body pseudo-header
parsing, especially when combined with an OpenPGP signature.
On 03/13/2013 08:29 AM, Raphael Hertzog wrote:
>>> In the news.xml file, I replaced the "from" attribute of the news item
>>> with more fine grained "from_address" and
On 03/13/2013 08:29 AM, Raphael Hertzog wrote:
> On Wed, 13 Mar 2013, Paul Wise wrote:
>> Hmmm, not sure what to say there. It seems like a reasonable approach for
>> now.
>
> Yes.
Good.
>> I guess this is needed for the developer.php links, fair enough.
>
> I don't understand your comment. Ma
Hi,
On Wed, 13 Mar 2013, Paul Wise wrote:
> > A public key may have multiple uids and the signature is only specific
> > to the key, not any specific uid. But I only want to display a single
> > uid. The way I implemented this now is: we take the first uid. Only if a
> > later uid has an email end
On Wed, Mar 13, 2013 at 5:34 AM, Markus Wanner wrote:
> motivated by Paus Wise, I scratched my own itch: here's a patch that
> makes PTS parse GPG signatures - therefore being able to display a
> package's sponsor. Please review.
Awesome, thanks! We need more folks working on Debian QA
infrastruc
tags 700515 + patch
thanks
Hi,
motivated by Paus Wise, I scratched my own itch: here's a patch that
makes PTS parse GPG signatures - therefore being able to display a
package's sponsor. Please review.
A few notes and remarks:
I'm using GPGME, or rather its python binding, so python-gpgme become
15 matches
Mail list logo
