Re: Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys

[Jon Dowland]

It would be nice if your initial upload would resolve the multiple issues
that were the cause for the package removal, rather than simply reintroduce
them.


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120816083916.GA8134@debian

Bug#685064: ITP: non-daw -- please package non-things

[rosea grammostolla]

Package: wnpp
Severity: wishlist
Owner: rosea grammostolla 

* Package name: non-daw
  Version : 1.1
  Upstream Author : J. Liles malnour...@gmail.com
* URL : http://non.tuxfamily.org/
* License : GPL
  Programming Lang: C, C++
  Description : please package non-things
The Non DAW is a powerful, reliable and fast modular Digital Audio Workstation
system, released under the GNU General Public License (GPL). It utilizes the
JACK Audio Connection Kit for inter-application audio I/O and the FLTK GUI
toolkit for a fast and lightweight user interface.

The Non Mixer is a powerful, reliable and fast modular Digital Audio Mixer,
released under the GNU General Public License (GPL). It utilizes the JACK Audio
Connection Kit for inter-application audio I/O and the FLTK GUI toolkit for a
fast and lightweight user interface.

The Non Sequencer is a powerful real-time, pattern-based MIDI sequencer for
Linux--released under the GPL. Filling the void left by countless DAWs, piano-
roll editors, and other purely performance based solutions, it is a
compositional tool--one that transforms MIDI music-making on Linux from a
complex nightmare into a pleasurable, efficient, and streamlined process.

The Non Session Manager is a robust session management API and implementation
allowing for faster and vastly simplified workflows in Linux audio. NSM finally
delivers on the broken promise made by LASH et al--for Non anyway. So read the
at API documentation and get to patching your favorite applications so
everybody can feel the relief!


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/20120816091923.19326.41318.reportbug@debian.cc955125-A

Re: Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys

[Thomas Goirand]

On 08/16/2012 09:01 AM, Jerome Benoit wrote:
> Package: wnpp
> Severity: wishlist
> Owner: Jerome Benoit 
>
> * Package name: libpam-ssh
>   Version : 1.97
>   Upstream Author : Akorty Rosenauer
> * URL : http://pam-ssh.sourceforge.net/
> * License : BSD
>   Programming Lang: C
>   Description : Authenticate using SSH keys
>
> This PAM module provides single sign-on behavior for SSH.
> The user types an SSH passphrase when logging in and is
> authenticated if the passphrase successfully decrypts the
> user's SSH private key. In the PAM session phase, an ssh-agent
> process is started and keys are added. For the entire session,
> the user can SSH to other hosts that accept key authentication
> without typing any passwords.
>   
As much as I can see, the package is still in Debian (though removed
from Wheezy).

You shouldn't open an ITP for a package that is already in the archive.
If your intention is to adopt the package, then you should follow the
MIA process, have the package orphaned, then rename the orphaned
bug as ITA (Intention To Adopt) adopt it by uploading new versions.
And for that, there's no need for an ITP.

Thanks for your intention to adopt this package,
Cheers,

Thomas Goirand (zigo)


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/502cbd76.6080...@debian.org

Happy birthday, Debian !!!

[Anatoly Molchanov]

Thanks for your work and help! Congratulations!


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/capvuj0xl+9puye-ssdjzqsisqrkao5daaeszlg2xsrosqog...@mail.gmail.com

Re: Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys

[Jerome BENOIT]

Hello:

On 16/08/12 10:39, Jon Dowland wrote:

It would be nice if your initial upload would resolve the multiple issues
that were the cause for the package removal, rather than simply reintroduce
them.


I am totally agree with you, and I am working on it.
I guess that you understand that I wanted to make a ``reservation'' before
to revisit the Package.


Cheers,
Jerome








--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/502cfdc1.8040...@rezozer.net

Re: Bug#685038: ITP: mailscanner -- email gateway for virus scanning, spam and phishing detection

[Michael Shuler]

On 08/15/2012 07:35 PM, Aaron Schrab wrote:
> Package: wnpp
> Severity: wishlist
> Owner: Aaron Schrab 
> 
> * Package name: mailscanner

You may wish to contact the previous mailscanner maintainer [0][1] and
dig through all the existing/archived bugs [2] to find out why it was
removed from the archive post-squeeze, and if it may be suitable for
debian in the future.

[0] http://packages.debian.org/search?keywords=mailscanner
[1] http://packages.qa.debian.org/m/mailscanner.html
[2]
http://bugs.debian.org/cgi-bin/pkgreport.cgi?archive=both;src=mailscanner

-- 
Kind regards,
Michael Shuler


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/502cfdd0.8040...@pbandjelly.org

Re: Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys

[Jerome BENOIT]

Hello:

On 16/08/12 11:29, Thomas Goirand wrote:

On 08/16/2012 09:01 AM, Jerome Benoit wrote:

Package: wnpp
Severity: wishlist
Owner: Jerome Benoit

* Package name: libpam-ssh
   Version : 1.97
   Upstream Author : Akorty Rosenauer
* URL : http://pam-ssh.sourceforge.net/
* License : BSD
   Programming Lang: C
   Description : Authenticate using SSH keys

This PAM module provides single sign-on behavior for SSH.
The user types an SSH passphrase when logging in and is
authenticated if the passphrase successfully decrypts the
user's SSH private key. In the PAM session phase, an ssh-agent
process is started and keys are added. For the entire session,
the user can SSH to other hosts that accept key authentication
without typing any passwords.


As much as I can see, the package is still in Debian (though removed
from Wheezy).

You shouldn't open an ITP for a package that is already in the archive.
If your intention is to adopt the package, then you should follow the
MIA process, have the package orphaned, then rename the orphaned
bug as ITA (Intention To Adopt) adopt it by uploading new versions.
And for that, there's no need for an ITP.


The situation is ambiguous as I posted before in the 
debian-devel@lists.debian.org list:
the package is not orphaned, was removed but it is still present.
There is a void here, and it is why I asked on the list:
it was suggested to make an ITP since it was removed.

It appears that the Maintainer has retired from Debian.
According to him, his Debian packages are orphaned, and he has no more access 
to his Debian account.



Thanks for your intention to adopt this package,
Cheers,


Best wishes,
Jerome




Thomas Goirand (zigo)



--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/502d002f.9060...@rezozer.net

Re: Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys

[Jerome BENOIT]

Hello:

On 16/08/12 08:40, Neil Williams wrote:

On Thu, 16 Aug 2012 03:01:33 +0200
Jerome Benoit  wrote:


Package: wnpp
Severity: wishlist
Owner: Jerome Benoit

* Package name: libpam-ssh
   Version : 1.97
   Upstream Author : Akorty Rosenauer
* URL : http://pam-ssh.sourceforge.net/
* License : BSD
   Programming Lang: C
   Description : Authenticate using SSH keys

This PAM module provides single sign-on behavior for SSH.
The user types an SSH passphrase when logging in and is
authenticated if the passphrase successfully decrypts the
user's SSH private key. In the PAM session phase, an ssh-agent
process is started and keys are added. For the entire session,
the user can SSH to other hosts that accept key authentication
without typing any passwords.


Is this about using removable media to store the SSH private key to
login to machines which only have the public key?


NO !

That would be useful

(but isn't that covered by existing PAM support?) Is this some form of
hot-desking support?

If not, why is this better than a user having a different password for
login and for the SSH key? Why tie login to one of my SSH private keys?


Let say that I used it to launch ssh-agent when I login (from console or 
desktop).



The homepage doesn't make this clear, it sounds like the module just
maps the user login via a graphical desktop manager to a particular SSH
key the private key for which has to live on the system behind the login
anyway. What's the point?


I am agree that the descriptions on the homepage and within the Debian package 
are confusing:
I will try to improve this part as well.


Thanks,
Jerome
 








--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/502d02fa.8020...@rezozer.net

Re: adopting a recently removed package

[Clint Adams]

On Thu, Aug 16, 2012 at 07:42:52AM +0800, Paul Wise wrote:
> With much more pro-active removals happening these days we tend to get
> a lot of folks wanting to reintroduce removed packages, perhaps we
> need a comprehensive section in devref about this. I will file a bug
> about it.

Or perhaps we should stop these unnecessary "pro-active" removals.


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120816144230.ga15...@scru.org

Re: adopting a recently removed package

[Bernd Zeimetz]

On 08/16/2012 04:42 PM, Clint Adams wrote:
> On Thu, Aug 16, 2012 at 07:42:52AM +0800, Paul Wise wrote:
>> With much more pro-active removals happening these days we tend to get
>> a lot of folks wanting to reintroduce removed packages, perhaps we
>> need a comprehensive section in devref about this. I will file a bug
>> about it.
> 
> Or perhaps we should stop these unnecessary "pro-active" removals.

They are rarely unnecessary. There is no reason to keep unmaintained and
(RC-) buggy packages in Debian - in the current state I doubt it would
have been shipped with wheezy anyway.


-- 
 Bernd ZeimetzDebian GNU/Linux Developer
 http://bzed.dehttp://www.debian.org
 GPG Fingerprint: ECA1 E3F2 8E11 2432 D485  DD95 EB36 171A 6FF9 435F


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/502d0b2b.9090...@bzed.de

Re: Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys

[Antti-Juhani Kaijanaho]

On Thu, Aug 16, 2012 at 04:14:07PM +0200, Jerome BENOIT wrote:
> The situation is ambiguous as I posted before in the 
> debian-devel@lists.debian.org list:
> the package is not orphaned, was removed but it is still present.

There is no ambiguity.  The package is present in unstable and thus is not
"removed" in the sense that word is commonly used without qualifiers.  (The
proper way to describe what happened to the package is "removed from testing" -
a release engineering action that doesn't imply any change in a package's
maintainership.)

> There is a void here, and it is why I asked on the list: it was suggested to
> make an ITP since it was removed.

An ITP is inappropriate so long as the package is present in unstable or
experimental.

> It appears that the Maintainer has retired from Debian.

In that case, the package likely is available for salvaging (that is, for
taking over maintainership without going throug a period of formal ITA or O
period).

-- 
Antti-Juhani Kaijanaho, Jyväskylä, Finland
http://antti-juhani.kaijanaho.fi/newblog/
http://www.flickr.com/photos/antti-juhani/


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120816153138.gb2...@kukkavihko.kaijanaho.fi

Re: Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys

[Antti-Juhani Kaijanaho]

On Thu, Aug 16, 2012 at 05:39:50PM +0200, Jerome BENOIT wrote:
> According to its PTS ( http://packages.qa.debian.org/libp/libpam-ssh.html ):
> [2011-12-03] libpam-ssh REMOVED from testing (Britney)
> [2011-12-02] Removed 1.92-14 from unstable (Alexander Reichle-Schmehl)
> 
> So I guess it must be considered as removed.

Yes, you are right.  Sorry for my careless reading of that page.

In any case, no ambiguity, it seems.  I don't think a package's presence in
stable or oldstable alone is a problem.

-- 
Antti-Juhani Kaijanaho, Jyväskylä, Finland
http://antti-juhani.kaijanaho.fi/newblog/
http://www.flickr.com/photos/antti-juhani/


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120816154232.gd2...@kukkavihko.kaijanaho.fi

Re: Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys

[Cyril Brulebois]

Antti-Juhani Kaijanaho  (16/08/2012):
> There is no ambiguity.  The package is present in unstable and thus is not
> "removed" in the sense that word is commonly used without qualifiers.  (The
> proper way to describe what happened to the package is "removed from testing" 
> -
> a release engineering action that doesn't imply any change in a package's
> maintainership.)

$ ssh release.debian.org dak ls libpam-ssh
libpam-ssh |1.92-14 |stable | source, amd64, armel, i386, ia64, 
kfreebsd-amd64, kfreebsd-i386, mips, mipsel, powerpc, s390, sparc

$ rmadison libpam-ssh
 libpam-ssh | 1.92-14 | squeeze | source, amd64, armel, i386, ia64, 
kfreebsd-amd64, kfreebsd-i386, mips, mipsel, powerpc, s390, sparc

$ wget http://ftp-master.debian.org/removals-2011.txt -q -O - | grep libpam-ssh 
-B 10 -A 1
--- Reason ---
ROM; unmaintained, somewhat obsolete
--
Also closing bug(s): 381023 539727 610827 633152
Also closing WNPP bug(s):
=
=
[Date: Fri, 02 Dec 2011 16:51:17 +] [ftpmaster: Alexander Reichle-Schmehl]
Removed the following packages from unstable:

libpam-ssh |1.92-14 | source
libpam-ssh | 1.92-14+b1 | amd64, armel, i386, ia64, kfreebsd-amd64, 
kfreebsd-i386, mips, mipsel, powerpc, s390, sparc
Closed bugs: 650644

Mraw,
KiBi.


signature.asc
Description: Digital signature

Re: Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys

[Alexander Wirt]

On Thu, 16 Aug 2012, Antti-Juhani Kaijanaho wrote:

> On Thu, Aug 16, 2012 at 04:14:07PM +0200, Jerome BENOIT wrote:
> > The situation is ambiguous as I posted before in the 
> > debian-devel@lists.debian.org list:
> > the package is not orphaned, was removed but it is still present.
> 
> There is no ambiguity.  The package is present in unstable and thus is not
> "removed" in the sense that word is commonly used without qualifiers.  (The
> proper way to describe what happened to the package is "removed from testing" 
> -
> a release engineering action that doesn't imply any change in a package's
> maintainership.)
What let you think this?
rmadison libpam-ssh
 libpam-ssh | 1.92-14 | squeeze | source, amd64, armel, i386, ia64,
 kfreebsd-amd64, kfreebsd-i386, mips, mipsel, powerpc, s390, sparc
 W: Archive maintenance is in progress; database inconsistencies are
 possible.


[Date: Fri, 02 Dec 2011 16:51:17 +] [ftpmaster: Alexander
Reichle-Schmehl]
Removed the following packages from unstable:

libpam-ssh |1.92-14 | source
libpam-ssh | 1.92-14+b1 | amd64, armel, i386, ia64, kfreebsd-amd64,
kfreebsd-i386, mips, mipsel, powerpc, s390, sparc
Closed bugs: 650644


Alex
 


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120816154108.gc5...@snow-crash.org

Re: Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys

[Antti-Juhani Kaijanaho]

On Thu, Aug 16, 2012 at 05:41:08PM +0200, Alexander Wirt wrote:
> What let you think this?

Carelessness in investigating (looked at
http://packages.qa.debian.org/libp/libpam-ssh.html, noticed that the last news
entry was removal from testing and did not read closely enough to notice the
unstable removal notice below it - in retrospect, I should have expected such a
pattern, as removals from testing are often preceded by removals from
unstable).

Sorry for the noise.

(I do not need a personal CC, by the way.  I am subscribed.)

-- 
Antti-Juhani Kaijanaho, Jyväskylä, Finland
http://antti-juhani.kaijanaho.fi/newblog/
http://www.flickr.com/photos/antti-juhani/


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120816155600.ge2...@kukkavihko.kaijanaho.fi

Re: Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys

[Thomas Goirand]

On 08/16/2012 11:42 PM, Antti-Juhani Kaijanaho wrote:
> On Thu, Aug 16, 2012 at 05:39:50PM +0200, Jerome BENOIT wrote:
>   
>> According to its PTS ( http://packages.qa.debian.org/libp/libpam-ssh.html ):
>> [2011-12-03] libpam-ssh REMOVED from testing (Britney)
>> [2011-12-02] Removed 1.92-14 from unstable (Alexander Reichle-Schmehl)
>>
>> So I guess it must be considered as removed.
>> 
> Yes, you are right.  Sorry for my careless reading of that page.
>
> In any case, no ambiguity, it seems.  I don't think a package's presence in
> stable or oldstable alone is a problem.
>   
On my side, I got fooled by reading too fast:
http://packages.debian.org/search?keywords=libpam-ssh&searchon=names&suite=all§ion=all

The package is in SID, but only on few arch.

Which makes me wonder: WHY ? How does such things happen?
Is this because such ports aren't part of official Debian anymore?

Thomas


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/502d1aa1.1010...@goirand.fr

Re: Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys

[Andrei POPESCU]

On Jo, 16 aug 12, 07:40:52, Neil Williams wrote:
> 
> Is this about using removable media to store the SSH private key to
> login to machines which only have the public key? That would be useful
> (but isn't that covered by existing PAM support?) 

Well, by putting the SSH private key on a removable media one can get a 
poor-man's version smart card, similar with libpam-rsa, but you get the 
added benefit of having the key automatically added to the ssh-agent.

Kind regards,
Andrei
-- 
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic


signature.asc
Description: Digital signature

Minified javascript files

[Vincent Bernat]

Hi,

Many packages ship minified versions of Javascript code for things like
jQuery. The usual way to handle this is to not ship the minified code
with the binary package and to request a dependency to libjs-jquery and
replace the file with a symbolic link.

What I didn't know until recently is that the minified version in the
source package should be removed (or the appropriate full version should
be appended).

On the behalf of the FTP master team, Ansgar Burchardt explained me why
the dependency to libjs-jquery is not enough to fulfill the "provide the
sources" part since the source in the archive may not correspond to the
version included in the upstream tarball.

I agree with the rationale. However, here is mine:

 1. The license allows redistribution and modification of the minified
version without having the sources. Therefore, we are only dealing
with DFSG here.
 2. The package does not need the shipped minified version to work
correctly. We replace it with another minified version from another
package. This may mean that from the point of view of the
package, the sources provided in libjs-jquery is "equivalent" to the
sources that would have been provided with the package.
 3. Repacking the original tarball just to remove those files is extra
work.

I know this is tedious but what others think about this matter?
-- 
Don't sacrifice clarity for small gains in "efficiency".
- The Elements of Programming Style (Kernighan & Plauger)


pgpbpIDudLWdI.pgp
Description: PGP signature

Re: Minified javascript files

[Russ Allbery]

Vincent Bernat  writes:

> On the behalf of the FTP master team, Ansgar Burchardt explained me why
> the dependency to libjs-jquery is not enough to fulfill the "provide the
> sources" part since the source in the archive may not correspond to the
> version included in the upstream tarball.

> I agree with the rationale. However, here is mine:

>  1. The license allows redistribution and modification of the minified
> version without having the sources. Therefore, we are only dealing
> with DFSG here.
>  2. The package does not need the shipped minified version to work
> correctly. We replace it with another minified version from another
> package. This may mean that from the point of view of the
> package, the sources provided in libjs-jquery is "equivalent" to the
> sources that would have been provided with the package.
>  3. Repacking the original tarball just to remove those files is extra
> work.

> I know this is tedious but what others think about this matter?

Could this be solved via the Built-Using field?  That indicates that
you're embedding source from another package (in this case, libjs-jquery).

-- 
Russ Allbery (r...@debian.org)   


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87has2agc4@windlord.stanford.edu

Re: Minified javascript files

[Russ Allbery]

Russ Allbery  writes:
> Vincent Bernat  writes:

>> On the behalf of the FTP master team, Ansgar Burchardt explained me why
>> the dependency to libjs-jquery is not enough to fulfill the "provide
>> the sources" part since the source in the archive may not correspond to
>> the version included in the upstream tarball.

>> I agree with the rationale. However, here is mine:

>>  1. The license allows redistribution and modification of the minified
>> version without having the sources. Therefore, we are only dealing
>> with DFSG here.
>>  2. The package does not need the shipped minified version to work
>> correctly. We replace it with another minified version from another
>> package. This may mean that from the point of view of the
>> package, the sources provided in libjs-jquery is "equivalent" to the
>> sources that would have been provided with the package.
>>  3. Repacking the original tarball just to remove those files is extra
>> work.

>> I know this is tedious but what others think about this matter?

> Could this be solved via the Built-Using field?  That indicates that
> you're embedding source from another package (in this case,
> libjs-jquery).

Oh, no, wait, never mind, that's only for binary packages, and the problem
you have is with the source package containing sources that are not in the
preferred form for modification.  Yeah, I don't think there's a good
solution for that.

-- 
Russ Allbery (r...@debian.org)   


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87boiaag9w@windlord.stanford.edu

Re: Minified javascript files

[Marco d'Itri]

On Aug 16, Vincent Bernat  wrote:

> I know this is tedious but what others think about this matter?
This is another case in which the DFSG has become a religion to be 
followed in a literalist interpretation instead of a tool to be used
for the purpose of advancing software freedom.

-- 
ciao,
Marco


--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120816185955.ga1...@bongo.bofh.it

Re: Minified javascript files

[Bernd Zeimetz]

On 08/16/2012 08:59 PM, Marco d'Itri wrote:
> On Aug 16, Vincent Bernat  wrote:
> 
>> I know this is tedious but what others think about this matter?
> This is another case in which the DFSG has become a religion to be 
> followed in a literalist interpretation instead of a tool to be used
> for the purpose of advancing software freedom.

I rarely share Marco's opinion, but this time I do.

A way around removing the files would be to ask upstream to add the original
(big) sources and some way to generate the shipped small files out of them, like
a makefile/whatever which does the job. Then the miniaturized version comes with
their original source (yet another copy of...) and everybody would be happy.


-- 
 Bernd ZeimetzDebian GNU/Linux Developer
 http://bzed.dehttp://www.debian.org
 GPG Fingerprint: ECA1 E3F2 8E11 2432 D485  DD95 EB36 171A 6FF9 435F


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/502d63da.4000...@bzed.de

Re: Minified javascript files

[Charles Plessy]

Le Thu, Aug 16, 2012 at 07:24:32PM +0200, Vincent Bernat a écrit :
> 
> On the behalf of the FTP master team, Ansgar Burchardt explained me why
> the dependency to libjs-jquery is not enough to fulfill the "provide the
> sources" part since the source in the archive may not correspond to the
> version included in the upstream tarball.
> 
> I agree with the rationale. However, here is mine:
> 
>  1. The license allows redistribution and modification of the minified
> version without having the sources. Therefore, we are only dealing
> with DFSG here.
>  2. The package does not need the shipped minified version to work
> correctly. We replace it with another minified version from another
> package. This may mean that from the point of view of the
> package, the sources provided in libjs-jquery is "equivalent" to the
> sources that would have been provided with the package.
>  3. Repacking the original tarball just to remove those files is extra
> work.
> 
> I know this is tedious but what others think about this matter?

Hi Vincent,

I also find this rule tedious and demotivating.  Also, I regularly see people
losing their time uploading repacked sources that are not binary identical to
the ones in our archive (repacking scripts can not guarantee this), or fighting
with pristine-tar branches in Git.  In the case of sourceless redistributable
files, I would prefer to save my time by ignoring them.

Have a nice day,

-- 
Charles Plessy
Debian Med packaging team,
http://www.debian.org/devel/debian-med
Tsurumi, Kanagawa, Japan


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120816212631.ga31...@falafel.plessy.net

Work-needing packages report for Aug 17, 2012

[wnpp]

The following is a listing of packages for which help has been requested
through the WNPP (Work-Needing and Prospective Packages) system in the
last week.

Total number of orphaned packages: 456 (new: 0)
Total number of packages offered up for adoption: 143 (new: 0)
Total number of packages requested help for: 65 (new: 0)

Please refer to http://www.debian.org/devel/wnpp/ for more information.



No new packages have been orphaned, but a total of 456 packages are
orphaned.  See http://www.debian.org/devel/wnpp/orphaned
for a complete list.



No new packages have been given up for adoption, but a total of 143 packages
are awaiting adoption.  See http://www.debian.org/devel/wnpp/rfa_bypackage
for a complete list.



For the following packages help is requested:

   apt-xapian-index (#567955), requested 927 days ago
 Description: maintenance tools for a Xapian index of Debian packages
 Installations reported by Popcon: 54075

   asymptote (#517342), requested 1266 days ago
 Description: script-based vector graphics language inspired by
   MetaPost
 Installations reported by Popcon: 2959

   athcool (#278442), requested 2851 days ago
 Description: Enable powersaving mode for Athlon/Duron processors
 Installations reported by Popcon: 79

   balsa (#642906), requested 326 days ago
 Description: An e-mail client for GNOME
 Installations reported by Popcon: 252

   bastille (#592137), requested 740 days ago
 Description: Security hardening tool
 Installations reported by Popcon: 198

   boinc (#511243), requested 1316 days ago
 Description: BOINC distributed computing
 Installations reported by Popcon: 1609

   cardstories (#624100), requested 479 days ago
 Description: Find out a card using a sentence made up by another
   player
 Installations reported by Popcon: 4

   chromium-browser (#583826), requested 809 days ago
 Description: Chromium browser
 Installations reported by Popcon: 9958

   debtags (#567954), requested 927 days ago
 Description: Enables support for package tags
 Installations reported by Popcon: 2487

   doc-central (#566364), requested 936 days ago
 Description: web-based documentation browser
 Installations reported by Popcon: 197

   elvis (#432298), requested 1865 days ago
 Description: powerful clone of the vi/ex text editor (with X11
   support)
 Installations reported by Popcon: 299

   fbcat (#565156), requested 946 days ago
 Description: framebuffer grabber
 Installations reported by Popcon: 143

   flightgear (#487388), requested 1517 days ago
 Description: Flight Gear Flight Simulator
 Installations reported by Popcon: 739

   freeipmi (#628062), requested 448 days ago
 Description: GNU implementation of the IPMI protocol
 Installations reported by Popcon: 1765

   gnat-4.4 (#539633), requested 1584 days ago
 Description: backport bug fixes from trunk (GCC 4.5)
 Installations reported by Popcon: 1590

   gnat-gps (#496905), requested 1449 days ago
 Description: co-maintainer needed
 Installations reported by Popcon: 408

   gnokii (#677750), requested 61 days ago
 Description: Datasuite for mobile phone management
 Installations reported by Popcon: 2377

   gnupg (#660685), requested 178 days ago
 Description: GNU privacy guard - a free PGP replacement
 Installations reported by Popcon: 120928

   golang (#668870), requested 123 days ago
 Description: Go programming language compiler - metapackage
 Installations reported by Popcon: 260

   gpa (#663405), requested 159 days ago
 Description: GNU Privacy Assistant (GPA)
 Installations reported by Popcon: 499

   gradle (#683666), requested 14 days ago
 Description: Groovy based build system
 Installations reported by Popcon: 31

   grub2 (#248397), requested 3020 days ago
 Description: GRand Unified Bootloader
 Installations reported by Popcon: 111813

   hfsprogs (#557892), requested 995 days ago
 Description: mkfs and fsck for HFS and HFS+ file systems
 Installations reported by Popcon: 1128

   hotkey-setup (#483107), requested 1542 days ago
 Description: auto-configures laptop hotkeys
 Installations reported by Popcon: 3386

   irssi-scripts (#663577), requested 157 days ago
 Description: collection of scripts for irssi
 Installations reported by Popcon: 989

   isdnutils (#661110), requested 174 days ago
 Description: ISDN utilities
 Installations reported by Popcon: 9717

   jove (#470185), requested 1621 days ago
 Description: Jonathan's Own Version of Emacs - a compact, powerful
   editor
 Installations reported by Popcon: 1102

   lesstif2 (#551853), requested 1030 days ago
 Descri

Re: Minified javascript files

[Paul Wise]

On Fri, Aug 17, 2012 at 1:24 AM, Vincent Bernat wrote:

> What I didn't know until recently is that the minified version in the
> source package should be removed (or the appropriate full version should
> be appended).

Do we also require that for say, precompiled DLLs of GTK+ or SDL for
Windows platforms?

-- 
bye,
pabs

http://wiki.debian.org/PaulWise


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CAKTje6GC0=kw=C=y6pjtfcgtzfzsujqmyvnjycfueatvnus...@mail.gmail.com

Re: Minified javascript files

[Thomas Goirand]

On 08/17/2012 01:24 AM, Vincent Bernat wrote:
>  3. Repacking the original tarball just to remove those files is extra
> work.
>   
Yeah, just annoying everyone for a minified jquery in upstream
tarball is, to me, a bit too extreme to my taste as well, as we all know
where it's coming from, and even it would be possible to check that
its hash. However, I do respect this view, and I think you should as well.
I do not agree that this is so much work, once it is automated. Doing it
*once*, for example as a debian/rules target to produce the orig.tar.xz,
makes it manageable. Extra bonus points if on top of this, it makes you
use xz strong compression instead of less compressing gz / bz2.

Cheers,

Thomas


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/502dd449.30...@debian.org