wait a few days to see if it goes away, then I would report a bug
against qa.debian.org if not.
Cheers,
--
Samuel Henrique
ation should get
> removed, now that both of us are DDs?
Good catch, I've just removed the expiration dates!
Cheers,
--
Samuel Henrique
provided subtitles (en, pt-br) and chapter markers for the video on
YouTube:
https://youtu.be/XzNVVILVyUM
Cheers,
--
Samuel Henrique
an:
https://debconf24.debconf.org/talks/93-fixing-cves-on-debian-everything-you-probably-know-already/
Cheers,
--
Samuel Henrique
|source|upload_date|testing_version|unstable_version|rc_bugs|
|--|---|---||---|
|bdfproxy|2018-09-11 21:39:33.000 +0100||0
I will generate that report of packages and their last upload dates so
we can identify packages that require a refresh.
Cheers,
--
Samuel Henrique
ars now,
> the repository has also been archived by upstream [1]. Should we ask
> ftp-master to remove the package?
We should, yes.
Thank you for the list Carlos, I think you accidentally sent all of Helmut's
email as well (top posting).
Regards,
--
Samuel Henrique
n mentors (as you're doing now). This requires a special workflow
for submitting new packaging revisions vs. new upstream releases, but some
people might prefer it this way.
Cheers
--
Samuel Henrique
costs). As few as
4/5 people should be enough to organize something as long as we have a plan of
things to work on.
Cheers,
--
Samuel Henrique
team-owned ones and I have to prioritize those.
That is pretty much a never-ending task, so I rarely have time to do
reviews outside of the team, my own packages, or the people I mentor directly.
Sorry.
Cheers,
--
Samuel Henrique
; and I didn't face all these issues
>
> Am I missing something?
Hmm, how are you building the package?
Here are the steps to reproduce the failure:
git clone https://github.com/gcarmix/HexWalk.git
cd HexWalk/
sed -i "s/stable/unstable/" debian/changelog
origtargz # to generate
pace, but
ayn members added will have permissions across all repos maintained by the
team, so we tend to only add people if needed/after some contributions. This
doesn't stop others from contributing, as anyone is allowed to send an MR doing
a "Team upload" (d/changelog).
Welcome!
--
Samuel Henrique
decision to move libntlm to pkg-security that I wanted to give
> this approach a try first.
Ack, I'm interested in your findings after trying it out for a bit.
Cheers,
--
Samuel Henrique
ave
seen your emails on other threads and it looks like we are aligned on how we
view the issue).
> Samuel Henrique writes:
>
> > Downsides of keeping the packaging under debian/:
> > * Lack of the salsa's view of current opened MRs, as seen on
> > https://salsa.deb
d to do the packaging yourself, if you
prefer, you can open an RFP bug (or turn your RFS into an RFP), this would be a
request for someone to package it.
The only reason I'm saying this is because usually upstreams don't want to get
too much involved in packaging, but if you do, that's great.
Cheers,
--
Samuel Henrique
tps://salsa.debian.org/aquilamacedo/assetfinder
I see that the package is currently in NEW by Josenilson.
Me and you spoke about this but I'm sending this email so we can "close" this
request.
--
Samuel Henrique
t
look like it's pending.
Thank you for contributing!
--
Samuel Henrique
Hello carmix,
> I didn't receive any response from you on my last mail. I added the
> debian material on github.
Sorry, I didn't have time to look into this yet, but it's on my todo list.
Regards,
--
Samuel Henrique
e half of them for
this upload).
Thank you for contributing and for the reminder :)
--
Samuel Henrique
, thus updated it (but
> all patches disabled, as I did not bother yet making them work)
> http://sid.ethz.ch/debian/radare2/
>
> I am interested in joining the team. Actually I would like to join the
> team.
Great, welcome to the team, I've just added you to salsa.
Cheers,
--
Samuel Henrique
would rather we deal with the listed issues first.
The things that I left behind would not be big issues anyway, but here's some:
* I'm not sure everything under d/rules is needed, especially the override on
dh_compress (they might be there as a workaround of another issue).
* The .pem and .crt files shipped: I would like to understand what they are
used for.
* The transition method, which I described in number 6.
Thank you for contributing!
--
Samuel Henrique
t to
github for now, at least.
Regards,
--
Samuel Henrique
huge issue because they can still open MRs, but
the process to contribute becomes a bit more cumbersome.
I have added you to the team on salsa, in any case.
[0] Being able to automatically add all DDs to certain salsa groups could solve
this issue, but I haven't looked into what's needed for that to happen.
Regards,
--
Samuel Henrique
Hello Sven,
> I would be pleased if one of the DDs would review my work and upload
> the package to unstable.
Uploaded, thank you for contributing!
Cheers,
--
Samuel Henrique
the Salsa Team then.
Your fork is missing commits on the pristine-tar and upstream branches, but
other than that, everything looks good.
I agree with the salsa move as well.
Cheers,
--
Samuel Henrique
I want to make sure people's work doesn't get unnoticed in the team.
For Peter and Sven, good luck on your DD exam now :)
Regards,
--
Samuel Henrique
then, we will extend that.
For others reading this, if you're active in the team and would also like to
get access to this role, feel free to reach out (I might have missed you).
Cheers,
--
Samuel Henrique
Thank you for contributing!
--
Samuel Henrique
Hello Peter,
> I have prepared the Debian packaging of a new upstream release of
> ssldump (version 1.8):
Uploaded and pushed.
Thank you for contributing!
--
Samuel Henrique
come to the team! I've just added you as a "Maintainer" to the salsa org.
Thank you for your contributions!
--
Samuel Henrique
big deal for this package (argon2) since there aren't any
backports and you haven't done any stable uploads yet (the conflicts
are also troublesome when updating packages on stable), so there's no
need to change the history, but I suggest considering separating
actual changes from t
ow the
details on that (and it was a few years ago).
Still, if you think there's an issue with this versioning (that
overcomes the benefit of it), Sven, feel free to raise your concerns
and we can drop it if it makes sense.
Cheers,
--
Samuel Henrique
his would allow you to
get upload rights and upload the changes without getting blocked on
salsa admins.
Let me know what you think.
Thank you!
--
Samuel Henrique
on
updates.
Also let me know if you prefer me to send the review of the package to
this list or privately. It's good to have it on the list for others to
see the progress but there's no issue in asking for a private review.
Thank you,
--
Samuel Henrique
ank you for contributing.
--
Samuel Henrique
ree, I can create the repo on salsa and give you permissions,
just let me know what's your username.
Then for sponsors, you can request them on this list and please feel
free to ping me if it takes more than 7 days for a response.
Thank you!
--
Samuel Henrique
n the tags with your GPG key (not needed for commits, only for
tags).
If you use gbp, there's a setting for that:
~/.gbp.conf:
[DEFAULT]
sign-tags = True
Thank you for contributing, I can see you have put a lot of effort into this.
--
Samuel Henrique
no plans to participate in the conference.
Got it.
Just in case you're not aware, DebConf has a bursary request system
where contributos can ask for Debian to pay for their accomodation,
food, and travel costs. It's common for accomodation and food to be
given to all contributors (not guaranteed though) and travel for a
good number of requesters.
Cheers,
--
Samuel Henrique
nterest in
becoming a Debian Developer. I can't say for sure whether I can
advocate yet, but if not, I can help you in what could be missing.
Let me know what you think, and also let me know if you will be
attending DebConf23, by any chance.
Cheers,
--
Samuel Henrique
I see that someone already gave you "Maintainer"[0] access on the
18th, so welcome to the team!
[0] Gitlab's "Maintainer" access level, which is the access that DDs
get on salsa.
Cheers,
--
Samuel Henrique
rdeps so we should follow the
correct process.
Thank you,
--
Samuel Henrique
can push the repo there? Alternatively if someone would
> prefer to create the repo for me I am happy to submit a MR with the packaging.
That's correct, it would be great to have the package co-maintained
within the team.
I've just added you to our salsa group.
Thank you for reaching out!
--
Samuel Henrique
debian.org/src/lgogdownloader/3.11-2/debian/control/?hl=18#L18
[1] https://wiki.debian.org/Teams/ReleaseTeam/Transitions
--
Samuel Henrique
load.
Great, the package is looking good, I have pushed your changes to
salsa and ftp-master.
Thank you for contributing!
--
Samuel Henrique
Hello Håvard,
All of the changes are looking good.
I have uploaded it for you, pushed the commits, and I have also given
you permissions to push to the repo directly.
Thank you for contributing!
--
Samuel Henrique
(no need to archive it).
Done, thanks for the heads up.
Cheers,
--
Samuel Henrique
link is a better approach due to it being
more straightforward.
Regards,
--
Samuel Henrique
s, but I got lucky in seeing the
message in my inbox.
I'll tweak my inbox rules to make sure I don't miss emails from this
address too.
Thank you,
--
Samuel Henrique
e of libewf, if we were to go that route, we could even
consider packaging from the new repo (which is also in "experimental"
stage):
https://github.com/libyal/libewf
Thank you for contributing!
--
Samuel Henrique
see them here, the consensus seems to be on the side of sticking
with the vendored libs:
https://lists.debian.org/debian-security-tools/2021/10/msg00018.html
https://lists.debian.org/debian-security-tools/2020/12/msg00012.html
Thank you for contributing!
--
Samuel Henrique
Hello team,
I just wanted to make you aware that I've started a thread on d-legal
to discuss nmap's license:
https://lists.debian.org/debian-legal/2022/09/msg0.html
You might find it interesting, feel free to share your views there too.
Cheers,
--
Samuel Henrique
y, but the as I
mentioned above, the new upstream release doesn't address the
Replaces+Breaks issue, that's on the packaging side.
I have sponsored the package and pushed the commits (I have done some
changes to the changelog), thanks for contributing!
Regards,
--
Samuel Henrique
#x27;t want to work on the new release, I can upload just a revision
with the current changes you have as they're good (I can change the
Breaks+Replaces if needed).
Thank you for contributing!
[0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016613
--
Samuel Henrique
ure it makes sense to maintain it under the pkg-sec team, it
doesn't seem related to the team at all.
Regards,
--
Samuel Henrique
, I didn't
have time to look at it yet but I trust your judgement anyway.
Thank you!
--
Samuel Henrique
o my build process (debuild) and, if
> possible, use a salsa CI job as well.
I have sponsored the upload for you, thanks a lot for contributing!
Note that I had to rebase your branch on top of the team's repo since
I had merged a change from Janitor, this means you will have to reset
your fork's debian/master branch if you plan on using it further (or
just delete the fork and recreate it when needed in the future).
Regards,
--
Samuel Henrique
be cleared to
go ahead at some point in time (hopefully it will take only a couple
of weeks).
Cheers,
--
Samuel Henrique
w
if you have any questions on how to address this.
3) extended-description-is-probably-too-short:
The description of unhide-gui is too short, you can reuse most of
what's in the unhide package for unhide-gui.
Thanks for all your work, and let me know if you have any questions.
Cheers,
--
Samuel Henrique
cker.debian.org/pkg/openscap-daemon
Regards,
--
Samuel Henrique
nly
mention what is required (which would be totally fine as you're
contributing and whatever you do is still good for Debian).
On a high level, I suggest always making sure lintian gets run on your
build process, preferably with the following parameters: '-i', '-I',
'-E', '--pedantic'.
You don't need to solve all lintian findings, some of them might not
make much sense or just not be doable at all, but it's good to try to
understand at least what's critical so you can make a judgement call.
Let me know if you'd like help on any of this,
Thanks for contributing,
--
Samuel Henrique
it during DebConf, it turns out that there were some people
needing review during the conference and I did theisr first as we were
face-to-face (easy to discuss things).
My todo list right now is:
1) python-wcmatch (from DebConf, which I'll finish today)
2) libewf
3) scap-security-guide
4) unhide
Cheers,
--
Samuel Henrique
or a
lot of behavioral changes, but should be doable.
Thanks for contributing!
Regards,
--
Samuel Henrique
for this issue, then we can make
> collaboration.
You're good to go ahead, I won't have time to do this change myself
anytime soon due to DebConf and other pending tasks.
I'm aware of your request to review the libewf package, which I'll do
in the next few days.
Thanks for contributing!
--
Samuel Henrique
Just for the record, I have replied to the other thread (and confirmed
the upload).
Regards,
--
Samuel Henrique
!
You too, thanks for contributing!
Cheers,
--
Samuel Henrique
hange.
You don't need to work on that, but let us know if you're going to (so
we avoid having two people working on the same thing).
Regards,
--
Samuel Henrique
entry for "Files: *" can be superseded by this single entry (it's
outdated since a few uploads).
The copyright file is a bit outdated in general, so it would be better
to recheck everything, but it's ok if you only want to change this
part.
Everything else looks fine, we can proceed
Thank you for your contributions!
--
Samuel Henrique
than the previous one.
> In addition, as always, I appreciate your feedback.
I have pushed your changes to the official repo and done the sponsor
for you (with some small changes to the changelog), thanks for
following up with the changes!
Cheers,
--
Samuel Henrique
the latest release to salsa if you want.
Cheers,
--
Samuel Henrique
d/rules (and neither d/dirs), you can make use of
d/unhide.install to simplify things.
> I really appreciate your comments on my updates and your patience for my
> slow response.
> Hopefully these changes make sense and are helpful.
I'm happy to help :)
> P.S.
> Salsa CI
ould be fine (I mean d/patch
here). You can start with that (so we upload the package) and then
work on PO later.
Regards,
--
Samuel Henrique
t, it's
fine. I only ask you to use the GUI and try out a few use cases just
to make sure it's working fine.
Thanks for contributing!
--
Samuel Henrique
he patch already has the DEP-3 headers.
Thank you for the patience waiting for the review, I try to always
reply within 7 days but I didn't have a lot of free time lately. As a
rule of thumb, feel free to always ping me after 7 days if you get no
reply.
Cheers,
--
Samuel Henrique
Hello Daichi,
I'll review your changes in the next few days,
Thanks
--
Samuel Henrique
e issues are resolved, let's go to the next step.
Perfect, I have done a few changes on d/changelog, so please have a
look to see what I would suggest (both for d/changelog and for the
commit message).
I appreciate your replies pointing to the commits which made the changes.
I have pushed your commits to the repo and sponsored the upload,
thanks for contributing!
Cheers,
--
Samuel Henrique
d be smart enough
to catch it, but I didn't double check.
Thank you for working on this, I'm sure this will benefit a lot of users :)
--
Samuel Henrique
s as I lost track of it so thanks for the ping.
I'm gonna review it in the next couple of days.
Regards,
--
Samuel Henrique
ithub.com/knownsec/pocsuite3/tags
Cheers,
--
Samuel Henrique
Hello Jan,
Repo created at https://salsa.debian.org/pkg-security-team/binlex.
You have permission to push.
Let us know when the package is ready for review, thanks for your contributions!
Regards,
--
Samuel Henrique
Hello Tian,
> I want to migration pocsuite3 package to testing,
>
> Could you please help me to do a source-only upload, thanks!
Awesome, I've uploaded itr for you,
Thank you for your work!
--
Samuel Henrique
Hello Peter,
> since the end of 2021 is getting close, I would like to ask someone with
> the necessary rights to extend my permissions to push changes to the
> dnstwist repository [0].
I have extended your permissions till the end of 2024.
Thanks a lot for your contributions!
-
Hello Clay,
I started the review during the weekend but ended up not having enough
time, I plan to finish it in the next 3 days.
Thank you!
--
Samuel Henrique
by Monday.
Thanks,
--
Samuel Henrique
detail about
these things but I can help.
Cheers!
--
Samuel Henrique
Hello Jan,
I spotted an issue on d/watch at the very last minute and fixed it
myself to avoid the turnaround.
The package is looking good and I have uploaded it for you!
Thank you for your contributions !
--
Samuel Henrique
changes requested by you, I think the package is
> in a quite good shape already, don't you think so?
I believe there's just one last thing before I can sponsor the upload,
can you add the relevant Vcs-* fields and point to the repo under the
team?
Thank you for your contributions!
--
Samuel Henrique
e case.
Thanks,
--
Samuel Henrique
ging is in a good state, and the tests are much appreciated,
feel free to push your next changes directly to the team's repo.
Thank you for working on this package :)
[0] As usual, if the permission expires before you receive broader
permissions permanently, we can extend that.
[1] https://salsa.debian.org/salsa-ci-team/pipeline#basic-use
[2] And somebody else could also call out a mistake I could make in the review.
[3] That is, unless you have a preference on keeping them, let me know
if that's the case.
--
Samuel Henrique
we do
that after the first review of your packaging, just to have more
flexibility in the way the repo is set up before moving to the team's
org (since we can always reset the repo under your user, if needed).
Welcome!
--
Samuel Henrique
>
> Hello Jan,
.** Maintainenace plan
> I suggest to maintain time-decode inside the pkg-security-team's
> repository on salsa, since most of the packages related to forensics
> live there. However, I am looking for a sponsor for this package -
> ideally a member of the pkg-security-team.
>
I can
Hello everyone,
On Sun, 29 Aug 2021 at 14:41, Samuel Henrique wrote:
> I need help investigating why mdk4 randomly fails to build when in
> parallel, I've been through the build log and couldn't spot anything.
> My guess is there's something wrong in the Makefile'
ies.
Thanks,
[0] https://wiki.debian.org/sbuild#Speeding_up_build_process
--
Samuel Henrique
/rules:10: binary] Error 25
dpkg-buildpackage: error: debian/rules binary subprocess returned exit status 2
The build log is too big for me to add to paste.d.n, so please try to
build it in your machine to reproduce.
Thanks,
--
Samuel Henrique
Hello Francisco,
> I prepared a new version of sleuthkit [1], release 4.11.0+dfsg-1.
Uploaded, thanks for your work!
--
Samuel Henrique
f it's possible for them to
publish the source codes.
For an example of how to compile windows binaries on Debian (with
gcc-mingw-w64-i686), you can look at nmap.
I think this is a good start, I will do a deeper review once we fix
these lintian findings first.
Thank you for your contributions, and don't hesitate to reach out for help.
--
Samuel Henrique
down what those improvements
are[0], and then only upload the packages which have these
improvements. Unfortunately it might be unlikely that someone will
have time to go through all of your packages looking for those
improvements, as basing the packaging on Kali's is already quite a
good baseline.
[0] I suggest sending this summary here as well, as we can help
identify which ones could save the most time.
Thank you,
--
Samuel Henrique
out, though.
Guilherme (who's working on seclists) mentioned he would like to see
what you've done in the other thread.
With regards to contributions, I'm just taking a guess based on my
limited understanding of what you have there, but you could try to
upload one of the packages you've worked on to Debian.
Thank you!
--
Samuel Henrique
roject.
Thank you!
--
Samuel Henrique
Hello all,
> On Sat, 31 Jul 2021, Samuel Henrique wrote:
> > I have created the repo and gave you Salsa's maintainer role:
> > https://salsa.debian.org/pkg-security-team/seclists
> >
> > Can you also apply to join the org on Salsa?
> > https://salsa.debian.or
Oh, I forgot,
Raphaël, could you please add Tian to our org on salsa?
Cheers,
--
Samuel Henrique
we will have to do a source-only upload right after the
first one gets approved by ftp-master (a small limitation of our tools
wrt source-only uploads).
Feel free to reach out if you have any questions.
Thank you for your contributions!
--
Samuel Henrique
1 - 100 of 264 matches
Mail list logo