Re: Vcs-* and shared repos
Hi, Quoting Iustin Pop (2016-05-28 00:53:18) > If we go that way, they we should make it abstract: introduce Vcs-Path > and Vcs-Layout. Both of these are completely independent of the software > that hosts the code. this would also make it possible to have spaces in the path name without having to introduce and implement some escape mechanism for spaces. Or is it already possible to have spaces in the branch name? > As for branch, we already have it, so I'd leave it like it is. I like your proposal but I would indeed also add a Vcs-Branch field and encourage maintainers to use it instead of -b (easily checked by lintian). The advantage would be to avoid "yet more ad hoc, custom syntax into Debian data files" as already pointed out by Lars Wirzenius elsewhere in this thread. Thanks! cheers, josch signature.asc Description: signature
Bug#828830: ITP: licensecheck -- simple license checker for source files
Package: wnpp Severity: wishlist Owner: Jonas Smedegaard -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 * Package name: licensecheck Version : 3.0.0 Upstream Author : Adam D. Barratt * URL : https://metacpan.org/pod/App::Licensecheck * License : GPL-3+ Programming Lang: Perl Description : simple license checker for source files Licensecheck attempts to determine the license that applies to each file passed to it, by searching the start of the file for text belonging to various licenses. This is the licensecheck script from devsripts, refactored and extended. Upstream code will be maintained in build-common team, and packaging in the Perl team. - Jonas -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBAgAGBQJXcjfIAAoJECx8MUbBoAEh6UUP/jBVWVBcMEZNrkT/I6coyLlm W/IzRdWrS+Q/eMeGGCbHl7YjSMf176qt6x/sKsTX4u8Ewzu12vEDxezez9W70z8E IvmdHIT4xhy758PzTWVlriKP4q4wdmFBclQZpZgXjXNztqT6F9XUnBOl6ia9VdRi pUA9rv1DkpINIWYZiOF4rpKEmnHhEK+zbPOdW2maCTGvonsf9TFsGnljFbsfgu+n ds3Gf8el2hakJFj1XHlWfjQPSD1XmnmyGSTTNZA+pLxUFx1/6fOY63D5r5JvHNIG HKzYv1kcKUVGszPQw1d2fjziyd4lH2ddfElyXy9+1wcNcXJZ5qFItrWn1Cn/uq5j 0clDUzqRSohlF+JD5jb+jITWBzdLmi14PtvtjkCstuT1fduiPo04+pL2y1qogjgC iFLYGdsll77zQLOgwpX3krgFL0DXi9vq/2oXnEGTwR9QSDE+OXWjvTff1elfWMl+ zhUhvAll3BTdT3XeOwVok/2vXmwCUaVe8m7opQeuyhoescjHYymUKefIERxXxAJD ehP1m916tBzpuKHpvsV4yVAaho5TEVBhbB5T/sAUqN/Gj80sGfWXzFOCb8J2PG7U ZKKpcsLdazc3/bjpFS+YZ/EJGQyeuo1gIJ8Qdn0jnpG8coOjfX51n9f1JDz/mTQf YvPYDc3kaklKGcpaODgT =HTyp -END PGP SIGNATURE-
Re: Bug#827907: RFS: evil/1.2.12-1 ITP
> * Dmitry Bogatov , 2016-06-27, 17:32: > >Mercurial upstream repository, and tarballs are named not after > >version, but after hashes. I fail to extract anything useful from this > >page: [1] > > > >[1] https://bitbucket.org/lyro/evil/downloads > This seems to work for me: > version=3 > https://bitbucket.org/lyro/evil/downloads .*/get/([0-9.]+)[.]tar[.]gz Thanks a lot. Pushed. In general, do we have any script, that automates process of writing watch files? Every time I need to write watch file for github, I copy-and-paste from comments in /usr/bin/uscan. If not, it may be useful addition to devscripts. -- Accept: text/plain, text/x-diff Accept-Language: eo,en,ru X-Web-Site: sinsekvu.github.io
Bug#828844: ITP: r-cran-adegenet -- GNU R exploratory analysis of genetic and genomic data
Package: wnpp
Severity: wishlist
Owner: Andreas Tille
* Package name: r-cran-adegenet
Version : 2.0.1
Upstream Author : Thibaut Jombart et al
* URL : https://cran.r-project.org/web/packages/adegenet/
* License : GPL
Programming Lang: GNU R
Description : GNU R exploratory analysis of genetic and genomic data
Toolset for the exploration of genetic and genomic data. Adegenet
provides formal (S4) classes for storing and handling various genetic
data, including genetic markers with varying ploidy and hierarchical
population structure ('genind' class), alleles counts by populations
('genpop'), and genome-wide SNP data ('genlight'). It also implements
original multivariate methods (DAPC, sPCA), graphics, statistical tests,
simulation tools, distance and similarity measures, and several spatial
methods. A range of both empirical and simulated datasets is also
provided to illustrate various methods.
Remark: This package is part of a chain of dependencies to package
r-cran-treescape. It will be maintained by the Debian Med team at
svn://anonscm.debian.org/debian-med/trunk/packages/R/r-cran-adegenet/trunk/
Bug#828849: ITP: powermock -- Testing framework for Java
Package: wnpp Severity: wishlist Owner: Emmanuel Bourg * Package name: powermock Version : 1.6.5 Upstream Author : Johan Haleby * URL : http://www.powermock.org * License : Apache-2.0 Programming Lang: Java Description : Testing framework for Java PowerMock allows you to unit test code normally regarded as untestable. For instance it is possible to mock static methods, remove static initializers, allow mocking without dependency injection and more. PowerMock works by bytecode manipulation. PowerMock also contain some utilities that gives you easier access to an objects internal state. PowerMock can be used to test otherwise untestable code and also to achieve a cleaner separation between test and production code.
Bug#828850: ITP: r-bioc-deseq2 -- R package for RNA-Seq Differential Expression Analysis
Package: wnpp Severity: wishlist Owner: Debian Med team * Package name: r-bioc-deseq2 Version : 1.12.3 Upstream Author : Michael Love * URL : https://bioconductor.org/packages/DESeq2 * License : LGPL-3+ Programming Lang: R Description : R package for RNA-Seq Differential Expression Analysis Differential gene expression analysis based on the negative binomial distribution. Estimate variance-mean dependence in count data from high-throughput sequencing assays and test for differential expression based on a model using the negative binomial distribution. Popular bioinformatics tool/library; team maintained by Debian Med
Bug#828857: ITP: r-cran-distory -- GNU R distance between phylogenetic histories
Package: wnpp Severity: wishlist Owner: Andreas Tille * Package name: r-cran-distory Version : 1.4.2 Upstream Author : John Chakerian and Susan Holmes * URL : https://cran.r-project.org/web/packages/distory * License : BSD Programming Lang: GNU R Description : GNU R distance between phylogenetic histories This GNU R package enables calculation of geodesic distance between phylogenetic trees and associated functions. Remark: This package belongs to a pyramid of dependencies of r-cran-treescape and will be maintained by the Debian Med team at svn://anonscm.debian.org/debian-med/trunk/packages/R/r-cran-distory/trunk/
Bug#828859: ITP: r-cran-fields -- GNU R tools for spatial data
Package: wnpp Severity: wishlist Owner: Andreas Tille * Package name: r-cran-fields Version : 8.4-1 Upstream Author : Douglas Nychka, Reinhard Furrer, John Paige, Stephan Sain * URL : https://cran.r-project.org/web/packages/fields * License : GPL Programming Lang: GNU R Description : GNU R tools for spatial data For curve, surface and function fitting with an emphasis on splines, spatial data and spatial statistics. The major methods include cubic, and thin plate splines, Kriging and compact covariances for large data sets. The splines and Kriging methods are supported by functions that can determine the smoothing parameter (nugget and sill variance) and other covariance parameters by cross validation and also by restricted maximum likelihood. For Kriging there is an easy to use function that also estimates the correlation scale (range). A major feature is that any covariance function implemented in R and following a simple fields format can be used for spatial prediction. There are also many useful functions for plotting and working with spatial data as images. This package also contains an implementation of sparse matrix methods for large spatial data sets. Remark: This package belongs to a pyramid of dependencies for the package r-cran-treescape which will be maintained by the Debian Med team at svn://anonscm.debian.org/debian-med/trunk/packages/R/r-cran-fields/trunk/
Bug#828860: ITP: r-cran-htmlwidgets -- GNU R HTML Widgets
Package: wnpp Severity: wishlist Owner: Andreas Tille * Package name: r-cran-htmlwidgets Version : 0.6 Upstream Author : JJ Allaire * URL : https://cran.r-project.org/web/packages/htmlwidgets * License : MIT Programming Lang: GNU R Description : GNU R HTML Widgets This package provides a framework for creating HTML widgets that render in various contexts including the R console, 'R Markdown' documents, and 'Shiny' web applications. Remark: This package belongs to a pyramid of dependencies for r-cran-treescape and will be maintained by the Debian Med team at https://cran.r-project.org/web/packages/htmlwidgets
Bug#828913: ITP: install-mimic -- overwrite files and preserve their ownership
Package: wnpp Severity: wishlist Owner: Peter Pentchev * Package name: install-mimic Version : 0.1.1 Upstream Author : Peter Pentchev * URL : https://devel.ringlet.net/misc/install-mimic/ * License : BSD-2-clause Programming Lang: Perl Description : overwrite files and preserve their ownership The install-mimic utility copies the specified files to the specified destination (file or directory) similarly to install(1), but it preserves the ownership and access mode of the destination files. This is useful when updating files that have already been installed with locally modified copies that may be owned by the current user and not by the desired owner of the destination file (e.g. root). signature.asc Description: PGP signature
Re: OpenSSL 1.1.0
2016-06-14 13:11 GMT+02:00 Guus Sliepen : > On Sat, Jun 11, 2016 at 02:30:37PM +0200, Kurt Roeckx wrote: > > > The release of OpenSSL 1.1.0 is getting nearer. Some packages > > will no longer build with the new version without changes. Most > > of those changes should be trivial, like you can't allocate some > > structures on the stack anymore and need to use the correct _new() > > and _free() function. > > > > It can also mean that you can't directly access some members of > > those structures anymore and need to use a function instead. > > While I think these changes are very good, upgrading is not trivial. > Especially not if, as an upstream project, you want to stay compatible > with older versions of OpenSSL as well; at least with 1.0.1/1.0.2, > because many distributions use that in their stable releases. > > > Guus Sliepen > >tinc > > Luckily, with tinc I can get away with doing some autoconf checks to see > if BN_GENCB_new()/_free() and RSA_set0_key() exist, and if not provide > my own versions. And I'll have to check compatibility with LibreSSL as > well. It's just so you know that it's not as trivial as you make it > sound. > > The openssl release strategy page [1] states: Version 1.1.0 will be supported until 2018-04-30. Version 1.0.2 will be supported until 2019-12-31 (LTS). Considering the dates, upstream authors using openssl 1.0.2 might not migrate to the new api until 1.0.2 end of life. Is it reasonnable, for security and human resources sake, to carry hundreds of patches for a transition that will happen much more safely and naturally later ? Also in my opinion as well, the required work is not so trivial - qt, nodejs, and also software not in debian like lua's jwt package all require quite some time with probably low-quality results far from what upstream authors would do. Cheers, Jérémy [1] https://www.openssl.org/policies/releasestrat.html
Re: GCC 6 & binutils for the Debian stretch release
On Fri, Jun 24, 2016 at 04:03:44PM +0200, Paul Wise wrote: > On Fri, Jun 24, 2016 at 3:46 PM, Matthias Klose wrote: > > > As announced a year ago [1], GCC 6 will be the default GCC for the Debian > > stretch release. GCC 6 is now available in testing, and can be made the > > default > > by installing the gcc/g++ packages from experimental. Known build failures > > are > > reported at [2] seen on amd64. Build failures for more architectures (but > > done > > for Ubuntu packages) can be seen at [3]. Please help fixing these issues in > > testing/unstable. Some help how to approach build issues can be found at > > [4]. > > Could we have a dd-list of people who will have to fix a bug for this > transition? Attached, based on “bts select users:debian-...@lists.debian.org tag:ftbfs-gcc-6 status:open”. Cheers, -- James GPG Key: 4096R/91BF BF4D 6956 BD5D F7B7 2D23 DFE6 91AE 331B A3DB "Adam C. Powell, IV" elmerfem (U) oce (U) "Natural Language Processing, Japanese" chasen A. Maitland Bottoms sdrangelove splat (U) Adrian Knoth calf (U) jackd2 (U) libdrumstick (U) Agustin Henze crrcsim Aigars Mahinovs re Alan Baghumian dasher (U) Alastair McKinstry ggcov Alessio Treglia ams (U) composite (U) crtmpserver (U) din (U) klick (U) libdrumstick (U) sndobj (U) terminatorx (U) Alexander GQ Gerasiov gxneur xneur Alexey Bychko percona-xtrabackup (U) Ana Beatriz Guerrero Lopez mstflint (U) Andreas Tille adun.app (U) blitz++ (U) disulfinder (U) hyphy (U) idba (U) libbpp-core (U) libgtextutils (U) libmems (U) liborigin2 (U) librg-blast-parser-perl (U) librostlab-blast (U) mrs (U) murasaki (U) prime-phylo (U) proftmb (U) qwtplot3d (U) rate4site (U) relion (U) sitplus (U) sofa-framework (U) swarm-cluster (U) yaml-cpp (U) Andres Mejia crtmpserver (U) Andrew Bartlett samba (U) Andrew Pollock protobuf (U) Andrew Shadura postbooks (U) Andriy Beregovenko crtmpserver (U) Ansgar Burchardt dune-grid (U) Anton Gladky avogadro (U) esys-particle (U) oce (U) paraview (U) Anuradha Weeraman (anu) ncc Apollon Oikonomopoulos mongodb (U) Arnout Engelen libdrumstick (U) Aron Xu fcitx-unikey (U) librime (U) libucimf (U) Aron Xu ucimf-openvanilla (U) Athena Capital Research pion Balint Reczey dasher (U) libcec-platform (U) libv8-3.14 (U) Barak A. Pearlmutter colpack (U) ivtools mldemos Barry deFreese bloboats (U) Barry deFreese libclaw (U) Bastian Blank thin-provisioning-tools (U) xen (U) Bdale Garbee splat Ben Burton regina-normal Ben Hutchings sgt-puzzles Benda Xu scim (U) Benjamin Drung audacity (U) Bernd Zeimetz open-vm-tools Boris Pek elmerfem (U) Bradley Smith galib Bruno "Fuddl" Kleinert scorched3d (U) Bryan Sutula openhpi Carlo Segre fityk objcryst-fox Ceph Maintainers ceph ChangZhuo Chen (陳昌倬) libucimf (U) Charles Plessy libgtextutils (U) Chow Loong Jin libzen slic3r (U) tinyxml2 Chris Butler libcgicc Chris Coulson mozjs Christian M. Amsüss hyperrogue (U) Christian Perrier samba (U) Christian Stalp free42-nologo Christoph Egger fife (U) irrlicht (U) Christophe Prud'homme paraview (U) Christophe Trophime blitz++ (U) Cleto Martín zthreads Craig Small mudlet CrossWire Packages sword Cédric Boutillier gfan (U) Daigo Moriwaki gpsshogi libosl Damyan Ivanov gbgoffice hyperrogue (U) Daniel Glassey clucene-core (U) sword (U) Daniel Jared Dominguez pesign (U) Daniel Kahn Gillmor faketime Daniel Leidert gelemental (U) gnome-chemistry-utils (U) openbabel (U) shelxle (U) Daniel Pocock sipxtapi (U) Daniel Pocock libphonenumber (U) postbooks (U) David Henningsson audacity (U) David Martínez Moreno glob2 David Palacio smokekde (U) smokeqt (U) David Paleino gambas3 (U) David Stone photoprint Debian 3-D Printing Packages <3dprinter-gene...@lists.alioth.debian.org> slic3r Debian Bitcoin Packaging Team bitcoin cgminer litecoin Debian Boost Team boost1.58 Debian Chinese Team fqterm gemanx-gtk2 Debian dsc Maintainer Team dsc-statistics Debian FreeIPA Team dogtag-pki Debian Games Team armagetronad atlas-cpp berusky2 bloboats brainparty chromium-bsu desmume fife freeorion gargoyle-free hyperrogue irrlicht libclaw libtuxcap libwfut nestopia pokerth scorched3d supertransball2 teeworlds warmux Debian GNOME Maintainers dasher Debian Hamradio Maintainers flrig soundmodem Debian Java Maintainers libphonenumber Debian Javascript Maintainers libv8-3.14 nodejs Debian KDE Extras Team hupnp k3b kftpgrabber kvirc
EVP_dss1 replacement? (was: OpenSSL 1.1.0)
On 06/11/2016 02:30 PM, Kurt Roeckx wrote: > There is an upstream wiki page for this at: > https://wiki.openssl.org/index.php/1.1_API_Changes > > If things aren't clear, you have questions, are there are missing > access functions please contact us. I'm currently packaging a piece of software (open-isns, [1]) that uses libcrypto functions internally. While trying to make sure that it will compile against OpenSSL 1.1 (and hence be binNMU-able), most of the things were straight-forward (opaque structures now requiring getters), but I have encountered the following issue that doesn't appear to be completely trivial to me: the software uses DSA+SHA1 as its signature algoritm [2], and effectively boils down to the following code to generate signatures: md_ctx = EVP_MD_CTX_new(); EVP_SignInit(md_ctx, EVP_dss1()); EVP_DigestUpdate(md_ctx, /* stuff */); EVP_SignFinal(md_ctx, signature, &sig_len, pkey); EVP_MD_CTX_free(md_ctx); (Verification is analogous with VerifyInit/VerifyFinal.) The problem is that EVP_dss1() doesn't exist anymore in OpenSSL 1.1. If I understand the man page correctly, EVP_dss1 is a hack in really old OpenSSL versions (how old btw.?) to support SHA1 signatures with DSA, because back then the hash algorithms were tied to the public key algorithms. So is it correct to simply replace EVP_dss1() with EVP_sha1() in the above code and it will still produce DSA signatures? Or do I have to do something else to achieve the same results? Regards, Christian [1] ITP: https://bugs.debian.org/799061 [2] This is demanded by the iSNS protocol, RFC 4171. I know that one would want to use other algorithms today.
