While I do think that PM generating a PGP key by default is a good
thing. Even if they are compromised, it is still better than no
encryption for the vast majority of user *as long as they are not used
for something else*.
The problem for us is that it is not possible to upload subkeys to PM,
On Mon, Sep 25, 2023 at 7:15 AM Steve Langasek wrote:
>
> So can you tell me where in that specification this "flat text file" format
> is actually described? The specification is not on the page that includes
> this quote. The text does not link to the place in the spec where this
> format is
On Fri, Sep 22, 2023 at 11:11 AM Steve Langasek wrote:
>
>
> SPDX defines an xml format only. They lost before they'd even started.
>
> debian/copyright is supposed to be human-readable first and foremost. XML
> need not apply.
Not true. From [1]:
> Shall be in a human readable form.
> [...]
Hi,
please go with python-control for the source package name. This is
required for consistency with https://repology.org/.
Regards,
Stephan
On Fri, Sep 22, 2023 at 12:30 AM Kurva Prashanth
wrote:
>
> On 2023-09-21 23:50, Christoph Biedl wrote:
> > Kurva Prashanth wrote...
> >
> >> * Package
I think it's a good idea now that dpkg supports it [1]. Ubuntu already
did it years ago [2], and some non-deb based distros as well (e.g.
Fedora, Arch).
Cheers,
Stephan
[1]: https://bugs.debian.org/892664
[2]: https://balintreczey.hu/blog/hello-zstd-compressed-debs-in-ubuntu/
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-Cc: debian-devel@lists.debian.org, stephanlach...@debian.org
* Package name: python-moddb
Version : 0.8.1
Upstream Contact: Clement Julia
* URL : https://github.com/ClementJ18/moddb/
* License
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-Cc: debian-devel@lists.debian.org, stephanlach...@debian.org
* Package name: clad
Version : 1.1
Upstream Contact: Vassil Vassilev
* URL : https://github.com/vgvassilev/clad
* License : LGPL-3.0
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-Cc: debian-devel@lists.debian.org, stephanlach...@debian.org
* Package name: vkroots
Version : git
Upstream Contact: Joshua Ashton
* URL : https://github.com/Joshua-Ashton/vkroots
* License
You can try to take a look at the GitHub API, e.g. [1].
Inside is an `prerelease` entry. Not sure how easy this is to
implement in uscan though.
Cheers,
Stephan
[1]: https://api.github.com/repos/lutris/lutris/releases?per_page=100
On Mon, Oct 17, 2022 at 5:29 PM Sam Hartman wrote:
>
> I think the minimal solution here, which I'm not volunteering to do, is
> for tracker.debian.org to gain salsa sso support instead of client cert
> support.
Can point out the tracker.d.o code? Maybe I'll take a look, I find this topic
On Mon, Oct 17, 2022 at 11:57 AM Bastian Blank wrote:
>
> Everyone coming up with solutions, please review the old thread about
> that
> https://lists.debian.org/msgid-search/20200405184610.ga581...@waldi.eu.org
Keycloak also provides OpenID Connect / OAuth2 and can connect to LDAP
servers - so
On Sun, Oct 16, 2022 at 7:23 PM Enrico Zini wrote:
>
> I would welcome better single sign-on systems for Debian than Salsa, and
> sso.debian.org is not it.
I think Keycloak [1] is quite nice and used more and more by other
FOSS projects (it is RedHat sponsored after all). Opinions about using
On Sun, Oct 9, 2022 at 7:06 PM Volans wrote:
>
> I've encountered the same problem and come out with a version of the watch
> file using the GitHub APIs. In my case I also needed to download the PGP
> signature. I've add some comments to the watch file for an easier
> understanding.
>
> The
On Tue, Sep 20, 2022 at 10:36 AM Samuel Henrique
wrote:
> On Tue 20 Sept 2022, 01:39 Paul Wise, wrote:
>
> On Mon, 2022-09-19 at 18:54 +0200, Andrea Pappacoda wrote:
>
> > Hi, what I usually do with GitHub is to use its API, since it has the
> > advantage of not breaking uscan when they do
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-Cc: debian-devel@lists.debian.org, stephanlach...@debian.org,
gor...@chronitis.net, g...@debian.org
* Package name: cppzmq
Version : 4.8.1
Upstream Author : Gudmundur Adalsteinsson
* URL : https
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-Cc: debian-devel@lists.debian.org, stephanlach...@debian.org,
pkg-gnome-maintain...@lists.alioth.debian.org
* Package name: gnome-shell-extension-proxy-switcher
Version : 1.5.1
Upstream Author : Tom Flannaghan
On Sat, Mar 26, 2022 at 2:36 AM M. Zhou wrote:
>
> Indeed supporting number crunching programs on ancient
> hardware is not meaningful, but the demand on Debian's
> support for number crunching is not that strong according
> to my years of observation.
>
> For popular applications that can take
Hi Andrea,
This sounds really cool and useful to have in Debian!
Do you need a sponsor? If so, I would be willing to sponsor it.
Regards,
Stephan
On Sat, Mar 19, 2022 at 8:09 PM Andrea Pappacoda wrote:
>
> Package: wnpp
> Severity: wishlist
> Owner: Andrea Pappacoda
> X-Debbugs-Cc:
On Fri, Mar 4, 2022 at 12:47 PM Baptiste Beauplat wrote:
>
> My debian address is also affected, and probably others that did not
> setup DKIM for their @debian.org address.
>
> As a reminder debian.org addresses does support DKIM. After
> configuration on your mail server, you can publish your
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-Cc: debian-devel@lists.debian.org, stephanlach...@debian.org
* Package name: python-headerparser
Version : 0.4.0
Upstream Author : John T. Wodder II
* URL : https://github.com/jwodder/headerparser
FYI, I started working on a SPDX->DEP5 and DEP5->SPDX converter tool,
the code (or rather a basic concept) is here [1].
My goal is to produce an internal representation that collects
copyright information on a per-file basis, and convert between
SPDX/DEP5 and this format.
Regards,
Stephan
[1]
On Thu, Feb 10, 2022 at 2:10 PM Simon McVittie wrote:
>
> On Thu, 10 Feb 2022 at 11:59:11 +0100, Stephan Lachnit wrote:
> > No, you don't have to master SPDX! That's the point: you don't
> > interact with it at all. It's created by tools, and shipped to satisfy
> > the leg
On Thu, Feb 10, 2022 at 12:49 PM Holger Levsen wrote:
>
> So what do you all think?
>
> I'm leaning towards explaining the basics in devref (mostly by copying bits
> from the wiki page) and adding a pointer to the wiki page, but if there's
> consensus that the wiki page is supposed to be made
On Tue, Feb 8, 2022 at 8:45 PM Russ Allbery wrote:
>
> I recommend thinking about how to generate an existing debian/copyright
> file and putting the SPDX-formatted one in a different location. You're
> going to want to decouple the new work from any transition that requires
> other people
The easy solution would just be allow both. Either only a single file with
verbatim text or an SPDX document with licenses in a separate folder.
Regards,
Stephan
On Tue, 8 Feb 2022, 19:12 Scott Kitterman, wrote:
> On Tuesday, February 8, 2022 12:53:22 PM EST Stephan Lachnit wrote:
> &g
Hi Jonas,
On Tue, Feb 8, 2022 at 4:39 PM Jonas Smedegaard wrote:
>
> I am sceptical towards this proposal.
>
> An important feature to me with current machine-readable format is that
> really it is machine-and-human-readable.
Thank you for your input! I'm aware of this concern, however I think
On Mon, Jan 31, 2022 at 10:47 AM Jonathan Carter wrote:
>
> As for getting legal advice, we do have an existing contract with Aaron
> K. Williamson of Williamson Legal, PLLC (https://www.akwlc.com/). His
> specialty is Open Source softwware, technology, licensing and contracts,
> so he would be a
On Sun, Jan 30, 2022 at 8:35 PM Russ Allbery wrote:
>
> I do think that the amount of effort that the project puts into this
> pre-screening is of sufficiently high magnitude that it would be worth
> paying a lawyer for a legal opinion about whether or not we need to do
> it. The savings to the
On Fri, Jan 28, 2022 at 9:42 AM Phil Morrell wrote:
>
> On Thu, Jan 27, 2022 at 11:27:45AM +0100, Stephan Lachnit wrote:
> > On Thu, Jan 27, 2022 at 12:39 AM Phil Morrell wrote:
> > >
> > > TLDR: I think REUSE.software is a bad idea that is worse than what
On Thu, Jan 27, 2022 at 12:39 AM Phil Morrell wrote:
>
> TLDR: I think REUSE.software is a bad idea that is worse than what
> Debian already invented with Machine-readable debian/copyright file. I
> guess if upstream uses it, there's no reason not to ignore that as a
> source of copyright
On Wed, Jan 26, 2022 at 1:59 PM Max Mehl wrote:
>
> FWIW, as you may have already noticed, REUSE makes use of DEP-5 as well,
> as one (and honestly the least preferred) of the three ways how you can
> label your files. We have a better file-based format in the works [^3],
> and would probably
On Wed, Jan 26, 2022 at 11:43 AM Adam Borowski wrote:
>
> On Tue, Jan 25, 2022 at 09:38:01PM +0100, Vincent Bernat wrote:
> >
> > I think we should forego the NEW queue. If people want to check
> > packages, they can do it once they are in unstable with regular bugs.
>
> Without the NEW queue,
information consistent with REUSE.
Relationship: SPDXRef-DOCUMENT describes
SPDXRef-3c8056cd1f4f60322830f1e79d55ea13
FileName: ./update_copyright_years.py
SPDXID: SPDXRef-3c8056cd1f4f60322830f1e79d55ea13
FileChecksum: SHA1: 65fc75079eb9d85953b39c6fb832e86c7b7e113a
LicenseConcluded: NOASSERTION
LicenseInfoIn
On Mon, Jan 24, 2022 at 8:15 AM Andreas Tille wrote:
>
> However, my point was that I want to know what policy ftpmaster applies
> to new binary names and to focus on this topic. I really want to know
> that policy of ftpmaster and I really would like to see that documented
> and I'm afraid that
On Fri, Jan 21, 2022 at 7:04 PM Paul Gevers wrote:
>
> It's not only the copyright that the ftp-master are responsible for. New
> binaries fill a place in the Debian namespace and they *are* the keepers
> of that.
One could say that for new binaries packages whose src is already in
Debian, the
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-CC: debian-devel@lists.debian.org
Control: block 1003321 by -1
Control: block -1 by 1003326 1003329 1003334
* Package name: node-grunt-timer
* Version : 0.6.0
* Upstream Author : Lee Crossley
* URL : http
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-CC: debian-devel@lists.debian.org
Control: block 1003321 by -1
* Package name: node-functional.js
* Version : 0.8.0
* Upstream Author : Lee Crossley
* URL : https://github.com/functionaljs/functional-js
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-CC: debian-devel@lists.debian.org
Control: block 1003321 by -1
* Package name: node-bash-color
* Version : 0.0.4
* Upstream Author : mykola bilokonsky
* URL : https://github.com/mbilokonsky/bash-color
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-CC: debian-devel@lists.debian.org
Control: block 1003321 by -1
* Package name: node-duration
* Version : 0.2.2
* Upstream Author : Mariusz Nowak
* URL : https://github.com/medikoo/duration#readme
* License
On Sat, Dec 4, 2021 at 3:34 AM Paul Wise wrote:
>
> Repology gets you mappings for all the source packages in Debian in one
> download (assuming it has an export of the mappings, that may need to
> be added), while the Anitya mapping requires a human to manually add a
> mapping for each of the
On Thu, Dec 2, 2021 at 11:52 PM Paul Wise wrote:
>
> On Thu, 2021-12-02 at 23:36 +0100, Stephan Lachnit wrote:
>
> > If I understand correctly, release-monitoring already offers such a
> > mapping [1].
>
> It seems like the Ayanita distro mapping needs to be done
On Thu, 2 Dec 2021, 23:17 Paul Wise, wrote:
> At minimum we would need a way to map from release-monitoring.org
> package names to Debian source package names. Assuming they use Fedora
> source package names, then the Repology service provides such a mapping
> and we could presumably could get a
On Thu, Dec 2, 2021 at 12:51 AM Paul Wise wrote:
>
> It might be a idea to look at how other distributions do checking for
> new upstream releases and adopt some of their improvements.
>
> I note Fedora uses a service (that isn't Fedora specific) for this:
>
> https://release-monitoring.org
>
On Thu, Nov 18, 2021 at 4:16 PM Simon Richter wrote:
>
> On 11/18/21 4:08 PM, Stephan Lachnit wrote:
>
> > I guess this raises the (maybe already answered) question if the
> > additional license QA from NEW is for the end-product (i.e. Debian
> > stable) or for the
On Thu, Nov 18, 2021 at 3:28 PM Andrey Rahmatullin wrote:
>
> On Thu, Nov 18, 2021 at 02:52:56PM +0100, Stephan Lachnit wrote:
> > I don't know if that has been proposed before, but how about waiving
> > the NEW queue requirement for experimental packages as a start?
> &
On Thu, Nov 18, 2021 at 11:52 AM Gard Spreemann wrote:
>
> Every time I see stories like this, I wonder what the consequences of
> the NEW queue's current workings are. This is *not* criticism of the
> heroic work of the FTP Masters, nor is it criticism of the objectives
> they have in processing
I tried to remove a package from NEW with `dcut rm package.deb`, `dcut
rm package.changes` and `dcut cancel package.changes`, but nothing
worked.
Is there even a way to remove a package from NEW?
Regards,
Stephan
On Fri, Aug 20, 2021 at 11:03 AM Andrey Rahmatullin wrote:
> If you mean keeping unstable as is and uploading stuff for testing into
> t-p-u, that's was always called a bad idea, as nobody tests stuff in
> t-p-u.
If you don't change anything else, then you're right. If you enable
t-p-u by
On Tue, Aug 17, 2021 at 10:32 AM Pirate Praveen
wrote:
> Problem: Currently uploading new upstream versions to unstable during freeze
> is discouraged. It means users using unstable don't get new updates and
> developers are forced to upload to experimental. Using experimental directly
> is
On Mon, Jul 19, 2021 at 3:37 AM Guillem Jover wrote:
> What I've also said multiple times, is that
> merged-usr-via-moves-and-symlink-farms could have been implemented in
> a fully automated way, by debhelper, w/o requiring any maintainer scripts,
> all with full cooperation and managed by dpkg,
Today I discovered a relatively new project called "Debian User Repository" [1].
It's similar to the AUR, and much more than just in principle. Packages are
defined as PKGBUILD files and built via makepkg [2], the tool used in the AUR.
The packages are then converted to binary debs using makedeb
On Mon, Jun 14, 2021 at 6:01 PM Jeremy Stanley wrote:
>
> On 2021-06-14 16:22:31 +0200 (+0200), Stephan Lachnit wrote:
> [...]
> > How about sending a digest of a potential debian-itp to d-d on a
> > weekly basis? I think we wouldn't lose any reviews with this, I
>
On Fri, Jun 11, 2021 at 4:26 PM Steve McIntyre wrote:
>
> Jon Dowland wrote:
> >
> >I think the ITP mails can make reading the rest of the list difficult
> >without extra local filtering or steps. Some times they are the
> >majority of the list traffic. I think it would be better if
> >ITP mail
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-Cc: debian-devel@lists.debian.org, stephanlach...@debian.org
* Package name: libliftoff
Version : 0.0.0~git20210430.799
Upstream Author : Simon Ser <~emersion/public-in...@lists.sr.ht>
* URL :
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-Cc: debian-devel@lists.debian.org, stephanlach...@debian.org.com
* Package name: gamescope
Version : 3.8.1
Upstream Author : Pierre-Loup A. Griffais
* URL : https://github.com/Plagman/gamescope
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-Cc: debian-devel@lists.debian.org, stephanlach...@debian.org
* Package name: vc
Version : 1.4.1
Upstream Author : Matthias Kretz
* URL : https://github.com/VcDevel/Vc
* License : BSD 3-Clause
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-Cc: debian-devel@lists.debian.org, stephanlach...@debian.org
* Package name: vecgeom
Version : 1.1.14
Upstream Author : Geant4 Collaboration
* URL : https://gitlab.cern.ch/VecGeom/VecGeom
* License
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-Cc: debian-devel@lists.debian.org, stephanlach...@debian.org
* Package name: veccore
Version : 0.7.0
Upstream Author : Guilherme Amadio
* URL : https://github.com/root-project/veccore
* License
On 4/8/21 12:50 PM, Dominik George wrote:
The argument raised earlier, that although these games are DFSG-free, they do
not fulfill the requirement for Debian main being self-contained holds,
imho
(lutris ignores the Debian packages and installs copies of the games from
who-knows-where).
> Why does the toxic woman want to destroy reputations?
If you refer to Jonathan Carter, that isn't even the person that
started the vote, nor an original author of the open letter. Do your
research, tbh to me it seems like you are a complete outsider.
> Destroy nobody - Or destroy everybody!
> We are contributors to Debian
>
> The contribution of every one of us makes the name Debian respectable
If you were, why do you try to destroy it with this attempt?
> Please stop! Delete all fascism and defamation about any volunteer that has
> been instigated from Debian in any form
Hi Doinik,
I'm the Lutris Maintainer for Debian, and I completely agree with you.
However, at least for Lutris, there is no choice since we recommend
winetricks. Thus, I simply copied the copyright comment from
winetricks.
For winetricks it is a bit more tricky as it can download non-free
dlls
On Tue, Mar 30, 2021 at 10:17 AM Dmitry Smirnov wrote:
> Cancel "culture" arrived in Debian and it threatens the project:
>
> * https://www.debian.org/vote/2021/vote_002
>
> Cancel "culture" activists want Debian to sign a petition regarding
> Richard Stallman's membership in the Board of
I had a discussion with someone who wants to contribute to Debian,
but doesn't want to publish their real name in fear of getting doxed.
I never really thought of this, and I'm not sure how much one can
contribute to Debian without posting some kind of real name
(sorry if that is already answered
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-Cc: debian-devel@lists.debian.org, stephanlach...@protonmail.com,
debian-scie...@lists.debian.org
* Package name: root
Version : 6.22.06
Upstream Author : CERN <https://root.cern/>
* URL :
Hi all,
maybe you already have heard it, CentOS is basically dead now. It used to be an
exact RHEL clone, but now it's kind of an RHEL beta [1].
Now what does that have to do with Debian?
When we look into why people use CentOS, the reason is pretty simple: it is (or
was) binary-compatible
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-Cc: debian-devel@lists.debian.org
* Package name : reuse
* Version : 0.11.1
* Upstream Author : Free Software Foundation Europe <https://fsfe.org/>
* URL : https://github.com/fsfe/reuse-tool
* L
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
X-Debbugs-Cc: debian-devel@lists.debian.org, stephanlach...@protonmail.com
Package name: geant4
Version : 10.6.2
Upstream Author : CERN
URL : http://geant4.web.cern.ch/
License : a custom (MIT-like
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
Package name: symfit
Version : 0.5.2
Upstream Author : Martin Roelfs
URL : https://github.com/tBuLi/symfit
License : GPLv2
Programming Lang: python3
Description : Symbolic Fitting in Python
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
Package name: gamehub
Version : 0.16
Upstream Author : Anatoliy Kashkin
URL : https://github.com/tkashkin/GameHub
License : GPL-3.0
Programming Lang: Vala
Description : unified library
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
Package name: vkbasalt
Version : >0.3.1
Upstream Author : Georg Lehmann <https://github.com/DadSchoorse>
URL : https://github.com/DadSchoorse/vkBasalt
License : Zlib
Programmin
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
Package name: editorconfig-checker
Version : 2.0.3
Upstream Author : editorconfig-checker team <https://github.com/editorconfig-
checker>
URL : https://github.com/editorconfig-checker/editorconfig-
c
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
Package name: goverlay
Version : 0.3.1
Upstream Author : Benjamimg Gois
URL : https://github.com/benjamimgois/goverlay
License : GPL v3
Programming Lang: Pascal (project uses Lazarus
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
Package name: setzer
Version : >0.2.1
Upstream Author : cvfosa <https://www.cvfosa.org>
URL : https://github.com/cvfosa/Setzer
License : GPL3+
Programming Lang: Python
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
Package name: mangohud
Version : >0.3.1
Upstream Author : flightlessmango <https://github.com/flightlessmango>
URL : https://github.com/flightlessmango/MangoHud
License : MIT
Programmin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 07 Nov 2019 18:27:18 +0100
Source: piper
Binary: piper
Architecture: source all
Version: 0.3-1
Distribution: unstable
Urgency: medium
Maintainer: Stephan Lachnit
Changed-By: Stephan Lachnit
Description:
piper
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sun, 21 Jul 2019 15:39:35 +0200
Source: gamemode
Architecture: source
Version: 1.4+git20190722.4ecac89-1
Distribution: unstable
Urgency: medium
Maintainer: Jonathan Carter
Changed-By: Stephan Lachnit
Changes:
gamemode (1.4
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
* Package name: psu-targets
Version : 1
Upstream Author : Stephan Lachnit
* URL : https://github.com/stephanlachnit/psu-targets
* License : GPL-3
Package: wnpp
Severity: wishlist
Owner: Stephan Lachnit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
* Package name: intel-undervolt
Version : 1.6
Upstream Author : kitsunyan <https://github.com/kitsunyan>
* URL : https://github.com/kitsunyan/intel-und
79 matches
Mail list logo
