Re: automatically maintaining/tracking repackaged upstream tarballs

Le 23 avr. 2014 16:10, "Gunnar Wolf" a écrit : > > Paul Wise dijo [Wed, Apr 23, 2014 at 07:09:53AM +0800]: > > > Given all the recent issues with popular packages containing minified > > > JavaScript and other sourceless files, I'm hoping to get feedback from > > > people about how the solution ca

Re: goals for hardening Debian: ideas and help wanted

2014-04-24 4:57 GMT+02:00 Paul Wise : > Hi all, > > I have written a non-exhaustive list of goals for hardening the Debian > distribution, the Debian project and computer systems of the Debian > project, contributors and users. > > https://wiki.debian.org/Hardening/Goals > > If you have more ideas

Re: goals for hardening Debian: ideas and help wanted

On Thu, 2014-04-24 at 02:53 -0007, Cameron Norman wrote: > Would the inclusion of more AppArmor profiles be applicable? Thanks, added along with SELinux/etc. -- bye, pabs http://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part

Re: goals for hardening Debian: ideas and help wanted

El Wed, 23 de Apr 2014 a las 7:57 PM, Paul Wise escribió: Hi all, I have written a non-exhaustive list of goals for hardening the Debian distribution, the Debian project and computer systems of the Debian project, contributors and users. https://wiki.debian.org/Hardening/Goals If you have mor

goals for hardening Debian: ideas and help wanted

Hi all, I have written a non-exhaustive list of goals for hardening the Debian distribution, the Debian project and computer systems of the Debian project, contributors and users. https://wiki.debian.org/Hardening/Goals If you have more ideas, please add them to the wiki page. If you have more

Bug#745673: ITP: wheel -- PEP 427-based built-package format for Python

Package: wnpp Severity: wishlist Owner: Barry Warsaw -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 * Package name: wheel Version : 0.23.0 Upstream Author : Daniel Holth * URL : http://wheel.readthedocs.org/en/latest/ * License : Expat/MIT Programming Lang

Re: About a mass bug report not based on Sid or Jessie.

2014-04-22 22:37 Santiago Vila: Back in the early kfreebsd-* days, there was a server called ftp.gnuab.org where every kind of hack was allowed in the source to make packages build. Moreover, we could make NMUs at will without having to ask the maintainer for permission, because they were for the

Bug#745656: are binary-indep -dev packages really worth the space savings?

Package: general Severity: important looking at recent GCC uploads, I see install ability problems for the build dependencies for GCC packages (triggered by libgcj build dependencies, gtk+2.0). I can't think of any value besides some minor space savings to have -dev packages to be architecture in

Bug#745640: ITP: hazelcast - distributed cache

Package: wnpp Severity: wishlist Owner: Daniel Pocock X-Debbugs-CC: debian-j...@lists.debian.org,debian-devel@lists.debian.org (Would appreciate feedback from other Java users) Brief: Hazelcast claims to be quite simple and powerful at the same time. Well documented. Not using millions of depe

Re: Bug#605090: Proposing amd64-hardened architecture for Debian

On Wed, Apr 23, 2014 at 05:02:03PM +0100, Ben Hutchings wrote: > No, I meant that you might build a single binary package that would > contain the grsec-patched source. That would encourage building custom > kernels with build-time randomisation. I understand that's not the way > you want to go.

Re: Bug#605090: Proposing amd64-hardened architecture for Debian

On Wed, 2014-04-23 at 17:34 +0200, Yves-Alexis Perez wrote: > On Wed, Apr 23, 2014 at 12:45:10PM +0100, Ben Hutchings wrote: > > On Tue, 2014-04-22 at 22:41 +0200, Yves-Alexis Perez wrote: [...] > > The options I see are: > > - Provide a source package based on src:linux that includes only the > >

Re: Bug#605090: Proposing amd64-hardened architecture for Debian

On Wed, Apr 23, 2014 at 12:45:10PM +0100, Ben Hutchings wrote: > On Tue, 2014-04-22 at 22:41 +0200, Yves-Alexis Perez wrote: > [...] > > NOTE: I don't want to dismiss Mempo attempts, especially the > > reproducible build part, and I also think it's valuable to provide our > > users a grsec kernel a

new netcdf packages: first review

Hi all, as noted earlier, I'm working on moving the long-outdated netCDF version in Debian . This is not entirely trivial since upstream as decided to split netcdf in three separate packages, supporting C (the basis package), Fortran, and C++. I've b

Re: automatically maintaining/tracking repackaged upstream tarballs

Hi, Am Mittwoch, den 23.04.2014, 09:10 -0500 schrieb Gunnar Wolf: > Just note that, in order for Files-Excluded to work, you have to > declare the current version of the copyright format. Some days ago, I > had quite a bit of head scratching after I added this header to > Collabtive¹, only to find

Bug#745627: ITP: django-testproject -- Django test project support

Package: wnpp Severity: wishlist Owner: Neil Williams * Package name: django-testproject Version : 0.1.2 Upstream Author : Zygmunt Krynicki * URL : https://pypi.python.org/pypi/django-testproject * License : LGPL Programming Lang: Python Description :

Re: automatically maintaining/tracking repackaged upstream tarballs

Paul Wise dijo [Wed, Apr 23, 2014 at 07:09:53AM +0800]: > > Given all the recent issues with popular packages containing minified > > JavaScript and other sourceless files, I'm hoping to get feedback from > > people about how the solution can be generalized to help as many > > developers as possibl

Re: Glom DEBIAN packaging

This looks like the relevant part of the log file: On Wed, 2014-04-23 at 14:21 +0200, Oscar Tark wrote: > You need to install postgresql-server-dev-X.Y for building a server-side > extension or libpq-dev for building a client-side application. > ./configure: line 19641: /pg_ctl: No such file or

Re: Bug#605090: Proposing amd64-hardened architecture for Debian

On Tue, 2014-04-22 at 22:41 +0200, Yves-Alexis Perez wrote: [...] > NOTE: I don't want to dismiss Mempo attempts, especially the > reproducible build part, and I also think it's valuable to provide our > users a grsec kernel as part of the distribution, just that I prefered > to go the featureset w

Re: automatically maintaining/tracking repackaged upstream tarballs

On Wed, Apr 23, 2014 at 12:58:40PM +0200, Jonas Smedegaard wrote: > Please file bugreports about such details, instead of posting to d-devel > (or if you must then least in addition to - mentioning the bug number). Or better yet, provide patches. I did, on IRC, to Adam. A few lines of patch to im

Re: automatically maintaining/tracking repackaged upstream tarballs

Quoting Daniel Pocock (2014-04-23 10:48:29) > On 23/04/14 10:07, Adam D. Barratt wrote: > > On 2014-04-23 8:27, Daniel Pocock wrote: > >> - uscan is only for existing packages > > > > No, it's not. > > >From the man page: > > > SYNOPSIS >uscan [options] [path-to-debian-source-packages ..

Re: Question about binNMU and transition, how can this package NOT segfault?

> Il Mercoledì 23 Aprile 2014 10:29, Julien Cristau ha > scritto: > > On Wed, Apr 23, 2014 at 09:10:26 +0100, Gianfranco Costamagna wrote: > >> Another package (just an example) is this one, gambas3 [2] that uses sdlgfx > as B-D >> that has been uploaded on unstable on >> [2014-04-11] Acc

Re: Question about binNMU and transition, how can this package NOT segfault?

On Wed, Apr 23, 2014 at 09:48:35 +0100, Gianfranco Costamagna wrote: > > > > Il Mercoledì 23 Aprile 2014 10:29, Julien Cristau ha > > scritto: > > > > On Wed, Apr 23, 2014 at 09:10:26 +0100, Gianfranco Costamagna wrote: > > > >> Another package (just an example) is this one, gambas3 [2] tha

Re: automatically maintaining/tracking repackaged upstream tarballs

On 23/04/14 10:07, Adam D. Barratt wrote: > On 2014-04-23 8:27, Daniel Pocock wrote: >> - uscan is only for existing packages > > No, it's not. >From the man page: SYNOPSIS uscan [options] [path-to-debian-source-packages ...] could be more verbose: uscan [options] [path-to-debian-sour

Re: Arm64 port live on debian-ports

Am 20.04.2014 03:27, schrieb Wookey: > There are about 270 pending arm64 bugfixes, some of which will be for those > build failures: > https://bugs.debian.org/cgi-bin/pkgreport.cgi?users=debian-...@lists.debian.org;tag=arm64 note that more recent bug reports for autoconf related arm64 build failu

Re: Question about binNMU and transition, how can this package NOT segfault?

On Wed, Apr 23, 2014 at 09:10:26 +0100, Gianfranco Costamagna wrote: > Another package (just an example) is this one, gambas3 [2] that uses sdlgfx > as B-D > that has been uploaded on unstable on > [2014-04-11] Accepted 3.5.2-2 in unstable (low) > gambas3 has no runtime dependency on sdlgfx. Do

Question about binNMU and transition, how can this package NOT segfault?

Hi Debian Developers, A while ago sdlgfx [1] package changed the API/ABI, and for this reason we started a transition from .23 to .25 release the new package has been uploaded on unstable (after two experimental releases), on [2014-04-07] Accepted 2.0.25-3 in unstable (medium) so after that ti

Re: automatically maintaining/tracking repackaged upstream tarballs

On 2014-04-23 8:27, Daniel Pocock wrote: - uscan is only for existing packages No, it's not. - should it be generalized to also read directly from watch files that are not in a source package? $ cat tempwatch version=3 http://ftp.gnome.org/pub/GNOME/sources/anjal/([\d\.]+)/anjal-([\d\.]+)\.

Re: automatically maintaining/tracking repackaged upstream tarballs

Hi, Am Mittwoch, den 23.04.2014, 09:27 +0200 schrieb Daniel Pocock: > On 23/04/14 01:09, Paul Wise wrote: > > On Wed, Apr 23, 2014 at 4:40 AM, Daniel Pocock wrote: > > > >> Given all the recent issues with popular packages containing minified > >> JavaScript and other sourceless files, I'm hoping

Re: automatically maintaining/tracking repackaged upstream tarballs

On 23/04/14 01:09, Paul Wise wrote: > On Wed, Apr 23, 2014 at 4:40 AM, Daniel Pocock wrote: > >> Given all the recent issues with popular packages containing minified >> JavaScript and other sourceless files, I'm hoping to get feedback from >> people about how the solution can be generalized to hel