Re: third-party packages adding apt sources

On Sat, May 21, 2016 at 8:32 PM, Adam Borowski wrote: > This looks wrong to me: a vast majority of machines these days have a single > user, thus pwning root gives you little additional gain. Getting further into a system (user -> root -> GRUB -> MBR -> boot firmware -> peripheral firmware)

Upcoming stable point release (8.5)

Hi, The next point release for "jessie" (8.5) is scheduled for Saturday, June 4th. Processing of new uploads into jessie-proposed-updates will be frozen during the preceding weekend. Cheers, Julien

Upcoming oldstable point release (7.11)

Hi, The next (and last) point release for "wheezy" (7.11) is scheduled for Saturday, June 4th. Processing of new uploads into wheezy-proposed-updates will be frozen during the preceding weekend. Cheers, Julien

Re: third-party packages adding apt sources

On Sat, May 21, 2016 at 01:47:41PM +0800, Paul Wise wrote: > On Thu, May 19, 2016 at 11:18 PM, Daniel Pocock wrote: > > > More and more frequently I'm encountering systems where third-party > > repositories have been added into /etc/apt/sources.list or > > /etc/apt/sources.list.d, usually put

Re: third-party packages adding apt sources

On Samstag, 21. Mai 2016 10:53:34 CEST Vincent Bernat wrote: > ❦ 21 mai 2016 10:24 +0200, Martin Steigerwald : > > Still, the turn around time between upstream and debian release would be > > quite high for Debian stable users, but maybe part of such a > > collaboration

Re: third-party packages adding apt sources

On Samstag, 21. Mai 2016 11:13:41 CEST Lars Wirzenius wrote: > On Sat, May 21, 2016 at 10:07:43AM +0200, Martin Steigerwald wrote: > > I wonder about a landing page for upstreams interested in working with the > > Debian project to provide packages within the official Debian repos. > > Is

Re: third-party packages adding apt sources

❦ 21 mai 2016 09:40 +0200, Ole Streicher  : >>> Providing a proper Debian source package is also a lot more work than >>> writing some kind of ad-hoc build system that spits out a .deb or >>> three. >> >> Totally agree. Our standards are far too high for many upstreams. > >

Re: third-party packages adding apt sources

❦ 21 mai 2016 10:24 +0200, Martin Steigerwald  : > Still, the turn around time between upstream and debian release would be > quite > high for Debian stable users, but maybe part of such a collaboration could be > to also provide newer releases via backports. Also… if

shortlisting ready-to-run server derivatives

Has anybody made a comparison or evaluation of any of the ready-to-run server solutions, such as Turnkey Linux (based on Debian jessie) and ClearOS (based on CentOS 7)? -- http://danielpocock.com

Re: third-party packages adding apt sources

On Sat, May 21, 2016 at 10:07:43AM +0200, Martin Steigerwald wrote: > I wonder about a landing page for upstreams interested in working with the > Debian project to provide packages within the official Debian repos. Is https://wiki.debian.org/UpstreamGuide the kind of page you mean? It is not

Re: third-party packages adding apt sources

On Samstag, 21. Mai 2016 10:24:22 CEST Martin Steigerwald wrote: > I wonder about some kind of adopt an upstream within a Debian team kind of > approach. A landing page and mailing list where upstream can write in for > getting help and advice and voicing their needs. And when there are people >

Re: third-party packages adding apt sources

On Samstag, 21. Mai 2016 10:24:06 CEST Lars Wirzenius wrote: > Et cetera. Debian has one set of quality factors it particularly cares > about, and some upstreams think differently. Yes, I seen all those reasons you mentioned. I just wonder how about if upstreams can learn easily how to work

Re: third-party packages adding apt sources

Hello Paul, On Samstag, 21. Mai 2016 14:07:53 CEST Paul Wise wrote: > On Fri, May 20, 2016 at 1:34 PM, Vincent Bernat wrote: > > Totally agree. Our standards are far too high for many upstreams. > > I don't understand the disconnect here. Are upstreams not interested > in software quality to the

Re: third-party packages adding apt sources

Vincent Bernat writes: > ❦ 19 mai 2016 18:04 +0100, Ian Jackson  : >>> b) many upstreams appear frustrated about getting their package >>> officially supported in Debian. Sometimes there is good reason their >>> package doesn't belong in

Re: third-party packages adding apt sources

On Sat, May 21, 2016 at 02:07:53PM +0800, Paul Wise wrote: > On Fri, May 20, 2016 at 1:34 PM, Vincent Bernat wrote: > > > Totally agree. Our standards are far too high for many upstreams. > > I don't understand the disconnect here. Are upstreams not interested > in software quality to the extent

Re: third-party packages adding apt sources

❦ 21 mai 2016 14:55 +0800, Paul Wise  : >> For some languages, embedded copies are a pattern. Notably Go. But there >> is also the omnibus stance: the embedded copy could not be in the >> source, but could be in the shipped artifact. This includes Go, JS and >> Java (when using

Re: third-party packages adding apt sources

On Sat, May 21, 2016 at 2:46 PM, Vincent Bernat wrote: > A meta tool "package me this" would be interesting. There is debdry but it got orphaned. > many of those tools are too complex for many upstreams because they > don't want to package each dependency one by one. For example, >

Re: third-party packages adding apt sources

❦ 21 mai 2016 14:07 +0800, Paul Wise  : >> Totally agree. Our standards are far too high for many upstreams. > > I don't understand the disconnect here. Are upstreams not interested > in software quality to the extent we are? Many of them don't consider packaging quality as

Re: third-party packages adding apt sources

On Fri, May 20, 2016 at 1:34 PM, Vincent Bernat wrote: > Totally agree. Our standards are far too high for many upstreams. I don't understand the disconnect here. Are upstreams not interested in software quality to the extent we are? > I am always flabestered by the popularity of fpm to build

Re: third-party packages adding apt sources

On Fri, May 20, 2016 at 1:26 PM, Vincent Bernat wrote: > testing is not suitable for most people because: > > 1. no security support This can be mitigated by adding unstable to your sources.list and using a wrapper around debsecan to automatically pull in packages from unstable when there are