Hi, Mathias Gibbens <gib...@debian.org> (2025-03-18): > On Wed, 2025-03-12 at 18:09 +0000, Martin Dosch wrote: > > Dear all, > > > > I'd like to see crowdsec in trixie, as I am using it myself. > > Is there any chance to get [1081196] fixed by delivering upstreams > > sshd-logs.yaml? This file is not in the repo and I failed to figure out > > how it is created. > > I initially thought this could be a simple fix, as upstream has had a > fix for quite a while[1]. However, upon further investigation into the > Debian packaging, it looks like there's an offline step of manually > fetching and bundling "data" and "hub" sources (refer to the package's > d/README.source). You might be able to apply the PR as a diff to the > fully extracted Debian source with a bit of massaging, otherwise you'd > have to generate a new hub tarball which would require some sort of > src:crowdsec version bump like "1.4.6+hubx.y.z", but that gets ugly > fast.
I've just done the massaging, tested the resulting package successfully on a trixie host, and uploaded it. Sorry for the delay, and thanks everyone for your interest in getting this reported and fixed… > A better approach would be to unbundle the "data" and "hub" tarballs > and make them into proper Debian packages, which crowdsec could then > properly depend upon. But that's a lot of work, and probably not > feasible before the trixie soft freeze begins. What follows is just a quick backstory (not an excuse or anything like that). Yeah, the whole situation is not ideal, sorry about that. While the hub could possibly be packaged out of their repository, the data part is assembled from various sources so that would be a be weird to have a source package for that. Also, whether you go for a separate package that you build-depend on or whether you go for an extra tarball, you would still have to at least build (via either a binNMU or an upload, respectively) crowdsec again after changing those, so that's why I decided to go for a tarball (one for each component). Over the few years that package has existed, having to update those files has rather be seldom. Usually once per major upstream release. Sorry this got in your (collective) way lately. Cheers, -- Cyril Brulebois -- Debian Consultant @ DEBAMAX -- https://debamax.com/
signature.asc
Description: PGP signature
