Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Dear Release Team, I just did a QA upload of apt-build/0.12.45. The upload fixes https://bugs.debian.org/659015 which recently has been bumped to RC severity. >From the changelog entry: * Use per-repo "deb [trusted=yes] ..." instead of global "-o Apt::Get::AllowUnauthenticated=true". (Closes: #659015) This required multiple changes: + Bump versioned apt dependency to 0.8.16~exp3 for trusted=yes the option trusted=yes in sources.list files has been introduced with this apt version, hence apt-build won't work with earlier versions anymore. + Automatically add [trusted=yes] to existing generated file /etc/apt/sources.list.d/apt-build.list in postinst. First tests showed that the obvious way to fix it only fixes it for new installations of apt-build, but with an upgrade, -o Apt::Get::AllowUnauthenticated=true is no more used, but [trusted=yes] has not been added. So an additional sed call was needed in postinst. + Use "grep -F" instead of "grep" to search for the whole "deb" line in postinst to avoid the brackets around trusted=yes being parsed as character class. Previous postinst used plain grep to check for existing apt-build sources.list entries. But since the new sources.list entry contains square brackets, "grep -F" instead of "grep" is required. * Update Vcs-* URLs to current canonical forms and use collab-maint repository instead of the apt-build project one's while being under QA maintenance to allow write access to all DDs. I left the original Vcs-* headers in there as comments, but since neither me nor most QA uploads doing DDs have write-permissions to the apt-build project's Git repository and I didn't want to stop using a Vcs, I created a copy of the original repo under collab-maint and let the Vcs-* headers point there -- with the current canonical forms. Full source debdiff: diff -Nru apt-build-0.12.44/apt-build apt-build-0.12.45/apt-build --- apt-build-0.12.44/apt-build 2012-04-11 23:11:12.000000000 +0200 +++ apt-build-0.12.45/apt-build 2015-04-01 00:28:20.000000000 +0200 @@ -582,8 +582,7 @@ if(@pkgs && !($conf->build_only)) { update() if $conf->update; - system($conf->apt_get . " -t apt-build @apt_args \\ - -o Apt::Get::AllowUnauthenticated=true install @pkglist"); + system($conf->apt_get . " -t apt-build @apt_args install @pkglist"); wait; } return 1; diff -Nru apt-build-0.12.44/debian/changelog apt-build-0.12.45/debian/changelog --- apt-build-0.12.44/debian/changelog 2012-11-27 18:43:26.000000000 +0100 +++ apt-build-0.12.45/debian/changelog 2015-04-01 02:56:35.000000000 +0200 @@ -1,3 +1,20 @@ +apt-build (0.12.45) unstable; urgency=medium + + * QA upload + * Use per-repo "deb [trusted=yes] ..." instead of global "-o + Apt::Get::AllowUnauthenticated=true". (Closes: #659015) + + Bump versioned apt dependency to 0.8.16~exp3 for trusted=yes + + Automatically add [trusted=yes] to existing generated file + /etc/apt/sources.list.d/apt-build.list in postinst. + + Use "grep -F" instead of "grep" to search for the whole "deb" line + in postinst to avoid the brackets around trusted=yes being parsed as + character class. + * Update Vcs-* URLs to current canonical forms and use collab-maint + repository instead of the apt-build project one's while being under QA + maintenance to allow write access to all DDs. + + -- Axel Beckert <a...@debian.org> Wed, 01 Apr 2015 02:42:19 +0200 + apt-build (0.12.44) unstable; urgency=low * QA upload. diff -Nru apt-build-0.12.44/debian/config apt-build-0.12.45/debian/config --- apt-build-0.12.44/debian/config 2012-10-15 23:46:03.000000000 +0200 +++ apt-build-0.12.45/debian/config 2015-04-01 00:28:20.000000000 +0200 @@ -88,7 +88,7 @@ # run loop to prevent errors if some sources does not exist for source in "$sourceslist" "$sourcesparts"*.list ; do if [ -e "$source" ] ; then - if grep -Eq "^[[:space:]]*deb file:$repository_dir apt-build main" "$source" ; then + if grep -Eq "^[[:space:]]*deb \[trusted=yes\] file:$repository_dir apt-build main" "$source" ; then db_set apt-build/add_to_sourceslist "true" break fi diff -Nru apt-build-0.12.44/debian/control apt-build-0.12.45/debian/control --- apt-build-0.12.44/debian/control 2012-04-11 23:11:12.000000000 +0200 +++ apt-build-0.12.45/debian/control 2015-04-01 01:12:04.000000000 +0200 @@ -4,12 +4,14 @@ Maintainer: Debian QA Group <packa...@qa.debian.org> Build-Depends: debhelper (>= 9), po4a, po-debconf Standards-Version: 3.9.3 -Vcs-Git: git://git.debian.org/git/apt-build/apt-build.git -Vcs-Browser: http://git.debian.org/?p=apt-build/apt-build.git +#Vcs-Git: git://anonscm.debian.org/apt-build/apt-build.git +#Vcs-Browser: https://anonscm.debian.org/cgit/apt-build/apt-build.git +Vcs-Git: git://anonscm.debian.org/collab-maint/apt-build.git +Vcs-Browser: https://anonscm.debian.org/cgit/collab-maint/apt-build.git Package: apt-build Architecture: any -Depends: ${misc:Depends}, ${shlibs:Depends}, ${perl:Depends}, apt (>= 0.5), gcc, g++, dpkg-dev (>= 1.9), libappconfig-perl (>= 1.5), libapt-pkg-perl (>= 0.1.11), debconf | debconf-2.0, devscripts, apt-utils +Depends: ${misc:Depends}, ${shlibs:Depends}, ${perl:Depends}, apt (>= 0.8.16~exp3), gcc, g++, dpkg-dev (>= 1.9), libappconfig-perl (>= 1.5), libapt-pkg-perl (>= 0.1.11), debconf | debconf-2.0, devscripts, apt-utils Pre-Depends: dpkg (>= 1.15.7.2~) Recommends: fakeroot, build-essential Description: frontend to apt to build, optimize and install packages diff -Nru apt-build-0.12.44/debian/postinst apt-build-0.12.45/debian/postinst --- apt-build-0.12.44/debian/postinst 2012-10-15 23:46:46.000000000 +0200 +++ apt-build-0.12.45/debian/postinst 2015-04-01 02:12:40.000000000 +0200 @@ -67,7 +67,7 @@ eval $(apt-config shell sourceslist Dir::Etc::sourcelist/f) eval $(apt-config shell sourcesparts Dir::Etc::sourceparts/d) aptbuildsource="$sourcesparts"apt-build.list - debline="deb file:$repository_dir apt-build main" + debline="deb [trusted=yes] file:$repository_dir apt-build main" src_enabled="false" # run loop to prevent errors if some sources does not exist @@ -84,6 +84,13 @@ fi done + # Fixup previous /etc/apt/sources.list.d/apt-build.list to cope + # without Apt::Get::AllowUnauthenticated=true + if [ -e "$aptbuildsource" ] ; then + deblineold="`echo "$debline" | sed -e 's|deb \[trusted=yes\] file|deb file|'`" + sed -i -e "s|^$deblineold|$debline|" "$aptbuildsource" + fi + # do not modify anything if source entry is already enabled if [ "$add_to_sourceslist" = "true" ] && [ $src_enabled = "false" ] ; then if [ ! -e "$sourcesparts" ] ; then @@ -94,7 +101,7 @@ echo "$debline" > "$aptbuildsource" fi - if grep -q "$debline" "$aptbuildsource" ; then + if grep -qF "$debline" "$aptbuildsource" ; then # modify only first occurrence of $debline to prevent duplicate entries sed -i -e "0,\|^.*$debline|s||$debline|" "$aptbuildsource" else diff -Nru apt-build-0.12.44/man/po/apt-build.pot apt-build-0.12.45/man/po/apt-build.pot --- apt-build-0.12.44/man/po/apt-build.pot 2012-04-11 23:15:08.000000000 +0200 +++ apt-build-0.12.45/man/po/apt-build.pot 2015-04-01 01:50:41.000000000 +0200 @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" -"POT-Creation-Date: 2012-04-11 23:15+0300\n" +"POT-Creation-Date: 2015-04-01 01:50+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <l...@li.org>\n" So please unblock apt-build/0.12.45 -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (990, 'unstable'), (600, 'testing'), (110, 'experimental'), (109, 'buildd-unstable'), (109, 'buildd-experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.19.0-trunk-amd64 (SMP w/4 CPU cores) Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
